The SonicWALL® Network Security Appliance (NSA) 3500 is a Unified Threat Management firewall designed for small or midsized central sites, branch offices and distributed environments needing significant capacity and performance. The NSA 3500 integrates multi-core hardware, SonicWALL Reassembly-Free Deep Packet Inspection™, application control, intrusion prevention, SSL VPN, and high availability for real-time protection without compromising performance.
Features
Unified Threat Management.
The NSA 3500 provides application control, gateway anti-malware, intrusion prevention and Web content filtering on a high performance platform through its unified and simple management interface. This powerful combination ensures state-of-the-art security at a low total cost of ownership.
Application Intelligence.
SonicWALL provides real-time insight and control of network traffic broken down by applications, users and content through intuitive on-board visualization. The ability to prioritize important applications, throttle down unproductive applications and block unwanted application components ensures an efficient and safe network.
WAN Acceleration.
The WAN Acceleration Appliance (WXA) Series provides WAN Acceleration to reduce application latency, conserve bandwidth and significantly optimize WAN performance. The WXA Series appliances are provisioned, managed and controlled by existing SonicWALL E-Class Network Security Appliance (NSA), NSA and TZ Series appliances for optimal ease of use and simplified deployment.
Gateway anti-malware.
Gateway anti-virus and anti-spyware provide high performance protection against millions of unique pieces of malware with near zero latency and no file size limitation. This provides a first layer of defense and stops malware before it can reach systems on your network.
Intrusion prevention.
Tightly integrated, signature based network intrusion prevention protects against a comprehensive array of network and application layer threats by scanning packet payloads for attacks and exploits targeting critical internal systems.
SonicWALL Mobile Connect™
SonicWALL® Mobile Connect™, a single unified client app for iOS, provides Apple® iPad®, iPhone®, and iPod touch® users full network-level access to corporate and academic resources over encrypted SSL VPN connections.
Virtual Private Networking.
High-performance Virtual Private Networks (VPNs) easily scale to thousands of end points and branch offices. And SonicWALL Clean VPN™ technology protects the integrity of both your IPSec and SSL VPN traffic, securing your remote access tunnels and decontaminating the traffic running over it.
High performance.
SonicWALL’s patented Reassembly-Free Deep Packet Inspection engine combined with the E3500’s 4 core security platform is capable of inspecting hundreds of thousands of connections simultaneously across all ports. The system provides 240 Mbps of Deep Packet Inspection across 6 GbE copper interfaces with nearly zero latency and without file size limitations.
Specifications
Firewall Overview
| Feature | Value |
| Deep Packet Inspection Firewall | Optional |
| Stateful Packet Inspection Firewall | Standard |
| Unlimited File Size Protection | Standard |
| Protocols Scanned | 50+ |
| ICSA Firewall Certified | Standard |
Security Services Included
| Feature | Value |
| Application Intelligence and Control | Optional |
| Intrusion Prevention | Optional |
| Gateway Anti-Virus and Anti-Spyware | Optional |
| Enforced Client Anti-Virus and Anti-Spyware | Optional |
| Content & URL Filtering (CFS) | Optional |
| Analyzer Reporting | Optional |
| Comprehensive Anti-Spam Service | Optional |
| SSL Inspection (DPI-SSL) | Optional |
Support Services
| Feature | Value |
| Dynamic Support 8×5 | 90 Days |
| Dynamic Support 24×7 | Optional |
Firewall General
| Feature | Value |
| Interfaces | (6) 10/100/ 1000 Copper Gigabit Ports, 1 Console Interface, 2 USB |
| Management | CLI, SSH, GUI, GMS |
| Certifications | EAL4+, FIPS 140-2, VPNC, ICSA Firewall 4.1 |
| Nodes Supported | Unrestricted |
| RAM | 512 MB |
| Flash Memory | 512 MB |
| Site-to-Site VPN Tunnels | 800 |
| Global VPN Clients (Maximum) | 50 (1,000) |
| SSL VPN NetExtender Clients (Maximum) | 2 (30) |
| Unique Malware Threats Blocked | 1,000,000+ |
| Virtual Assist Technicians (Maximum) | 2 (10) |
| VLAN Interfaces | 50 |
| SonicPoints | 48 |
Performance
| Feature | Value |
| Stateful Throughput | 1.5 Gbps |
| DPI Performance | 240 Mbps |
| Gateway Anti-Virus Throughput | 350 Mbps |
| Intrusion Prevention Throughput | 750 Mbps |
| IMIX Performance | 580 Mbps |
| 3DES/AES VPN Throughput | 625 Mbps |
| Maximum Connections | 325000 |
| Maximum UTM Connections | 175000 |
| New Connections per Second | 7000 |
Features
| Feature | Value |
| Logging | IPFIX, Netflow, Analyzer, Local Log, Syslog |
| Network Traffic Visualization | Standard |
| Netflow/IPFIX Reporting | Standard |
| SNMP | Standard |
| Authentication | XAUTH/ RADIUS, Active Directory, SSO, LDAP, Terminal Services, Citrix, Internal User Database |
| Single Sign-On | Standard |
| Voice over IP (VoIP) Security | Standard |
| PortShield Security | n/a |
| Dynamic Routing | OSPF, RIP |
| Policy-based Routing | Standard |
| Route-based VPN | Standard |
| Dynamic Bandwidth Management | Standard |
| 802.11n Wireless Support via SonicPoints | Standard |
| Integrated Wireless Switch & Controller | Standard |
| Layer 2 Wireless Bridging | Standard |
| Stateful High Availability | Standard |
| Multi-WAN | Standard |
| Load Balancing | Standard |
| Object-based Management | Standard |
| Policy-based NAT | Standard |
| Inbound Load Balancing | Standard |
| IKEv2 VPN | Standard |
| Terminal Services Authentication/Citrix Support | Standard |
| Onboard Quality of Service (QoS) | Standard |
| SSL Control | Standard |
| IPv6 | Standard |
Failover
| Feature | Value |
| Hardware Failover | Optional Active/ Passive with State Sync |
| Multi-WAN Failover | Standard |
| Automated Failover/Failback | Standard |
| Analog Modem Failover | Standard |
| 3G Cellular Modem Failover | Standard |
Unified Threat Management.
The NSA 3500 provides application control, gateway anti-malware, intrusion prevention and Web content filtering on a high performance platform through its unified and simple management interface. This powerful combination ensures state-of-the-art security at a low total cost of ownership.
Application Intelligence.
SonicWALL provides real-time insight and control of network traffic broken down by applications, users and content through intuitive on-board visualization. The ability to prioritize important applications, throttle down unproductive applications and block unwanted application components ensures an efficient and safe network.
WAN Acceleration.
The WAN Acceleration Appliance (WXA) Series provides WAN Acceleration to reduce application latency, conserve bandwidth and significantly optimize WAN performance. The WXA Series appliances are provisioned, managed and controlled by existing SonicWALL E-Class Network Security Appliance (NSA), NSA and TZ Series appliances for optimal ease of use and simplified deployment.
Gateway anti-malware.
Gateway anti-virus and anti-spyware provide high performance protection against millions of unique pieces of malware with near zero latency and no file size limitation. This provides a first layer of defense and stops malware before it can reach systems on your network.
Intrusion prevention.
Tightly integrated, signature based network intrusion prevention protects against a comprehensive array of network and application layer threats by scanning packet payloads for attacks and exploits targeting critical internal systems.
SonicWALL Mobile Connect™
SonicWALL® Mobile Connect™, a single unified client app for iOS, provides Apple® iPad®, iPhone®, and iPod touch® users full network-level access to corporate and academic resources over encrypted SSL VPN connections.
Virtual Private Networking.
High-performance Virtual Private Networks (VPNs) easily scale to thousands of end points and branch offices. And SonicWALL Clean VPN™ technology protects the integrity of both your IPSec and SSL VPN traffic, securing your remote access tunnels and decontaminating the traffic running over it.
High performance.
SonicWALL’s patented Reassembly-Free Deep Packet Inspection engine combined with the E3500’s 4 core security platform is capable of inspecting hundreds of thousands of connections simultaneously across all ports. The system provides 240 Mbps of Deep Packet Inspection across 6 GbE copper interfaces with nearly zero latency and without file size limitations.