NSA 3500 Network Security Appliance

The SonicWALL® Network Security Appliance (NSA) 3500 is a Unified Threat Management firewall designed for small or midsized central sites, branch offices and distributed environments needing significant capacity and performance. The NSA 3500 integrates multi-core hardware, SonicWALL Reassembly-Free Deep Packet Inspection™, application control, intrusion prevention, SSL VPN, and high availability for real-time protection without compromising performance.

Features

Unified Threat Management.
The NSA 3500 provides application control, gateway anti-malware, intrusion prevention and Web content filtering on a high performance platform through its unified and simple management interface. This powerful combination ensures state-of-the-art security at a low total cost of ownership.

Application Intelligence.
SonicWALL provides real-time insight and control of network traffic broken down by applications, users and content through intuitive on-board visualization. The ability to prioritize important applications, throttle down unproductive applications and block unwanted application components ensures an efficient and safe network.

WAN Acceleration.
The WAN Acceleration Appliance (WXA) Series provides WAN Acceleration to reduce application latency, conserve bandwidth and significantly optimize WAN performance. The WXA Series appliances are provisioned, managed and controlled by existing SonicWALL E-Class Network Security Appliance (NSA), NSA and TZ Series appliances for optimal ease of use and simplified deployment.

Gateway anti-malware.
Gateway anti-virus and anti-spyware provide high performance protection against millions of unique pieces of malware with near zero latency and no file size limitation. This provides a first layer of defense and stops malware before it can reach systems on your network.

Intrusion prevention.
Tightly integrated, signature based network intrusion prevention protects against a comprehensive array of network and application layer threats by scanning packet payloads for attacks and exploits targeting critical internal systems.

SonicWALL Mobile Connect™
SonicWALL® Mobile Connect™, a single unified client app for iOS, provides Apple® iPad®, iPhone®, and iPod touch® users full network-level access to corporate and academic resources over encrypted SSL VPN connections.

Virtual Private Networking.
High-performance Virtual Private Networks (VPNs) easily scale to thousands of end points and branch offices. And SonicWALL Clean VPN™ technology protects the integrity of both your IPSec and SSL VPN traffic, securing your remote access tunnels and decontaminating the traffic running over it.

High performance.
SonicWALL’s patented Reassembly-Free Deep Packet Inspection engine combined with the E3500’s 4 core security platform is capable of inspecting hundreds of thousands of connections simultaneously across all ports. The system provides 240 Mbps of Deep Packet Inspection across 6 GbE copper interfaces with nearly zero latency and without file size limitations.

Specifications

Firewall Overview

Feature Value
Deep Packet Inspection Firewall Optional
Stateful Packet Inspection Firewall Standard
Unlimited File Size Protection Standard
Protocols Scanned 50+
ICSA Firewall Certified Standard

Security Services Included

Feature Value
Application Intelligence and Control Optional
Intrusion Prevention Optional
Gateway Anti-Virus and Anti-Spyware Optional
Enforced Client Anti-Virus and Anti-Spyware Optional
Content & URL Filtering (CFS) Optional
Analyzer Reporting Optional
Comprehensive Anti-Spam Service Optional
SSL Inspection (DPI-SSL) Optional

Support Services

Feature Value
Dynamic Support 8×5 90 Days
Dynamic Support 24×7 Optional

Firewall General

Feature Value
Interfaces (6) 10/100/ 1000 Copper Gigabit Ports, 1 Console Interface, 2 USB
Management CLI, SSH, GUI, GMS
Certifications EAL4+, FIPS 140-2, VPNC, ICSA Firewall 4.1
Nodes Supported Unrestricted
RAM 512 MB
Flash Memory 512 MB
Site-to-Site VPN Tunnels 800
Global VPN Clients (Maximum) 50 (1,000)
SSL VPN NetExtender Clients (Maximum) 2 (30)
Unique Malware Threats Blocked 1,000,000+
Virtual Assist Technicians (Maximum) 2 (10)
VLAN Interfaces 50
SonicPoints 48

Performance

Feature Value
Stateful Throughput 1.5 Gbps
DPI Performance 240 Mbps
Gateway Anti-Virus Throughput 350 Mbps
Intrusion Prevention Throughput 750 Mbps
IMIX Performance 580 Mbps
3DES/AES VPN Throughput 625 Mbps
Maximum Connections 325000
Maximum UTM Connections 175000
New Connections per Second 7000

Features

Feature Value
Logging IPFIX, Netflow, Analyzer, Local Log, Syslog
Network Traffic Visualization Standard
Netflow/IPFIX Reporting Standard
SNMP Standard
Authentication XAUTH/ RADIUS, Active Directory, SSO, LDAP, Terminal Services, Citrix, Internal User Database
Single Sign-On Standard
Voice over IP (VoIP) Security Standard
PortShield Security n/a
Dynamic Routing OSPF, RIP
Policy-based Routing Standard
Route-based VPN Standard
Dynamic Bandwidth Management Standard
802.11n Wireless Support via SonicPoints Standard
Integrated Wireless Switch & Controller Standard
Layer 2 Wireless Bridging Standard
Stateful High Availability Standard
Multi-WAN Standard
Load Balancing Standard
Object-based Management Standard
Policy-based NAT Standard
Inbound Load Balancing Standard
IKEv2 VPN Standard
Terminal Services Authentication/Citrix Support Standard
Onboard Quality of Service (QoS) Standard
SSL Control Standard
IPv6 Standard

Failover

Feature Value
Hardware Failover Optional Active/ Passive with State Sync
Multi-WAN Failover Standard
Automated Failover/Failback Standard
Analog Modem Failover Standard
3G Cellular Modem Failover Standard

Unified Threat Management.
The NSA 3500 provides application control, gateway anti-malware, intrusion prevention and Web content filtering on a high performance platform through its unified and simple management interface. This powerful combination ensures state-of-the-art security at a low total cost of ownership.

Application Intelligence.
SonicWALL provides real-time insight and control of network traffic broken down by applications, users and content through intuitive on-board visualization. The ability to prioritize important applications, throttle down unproductive applications and block unwanted application components ensures an efficient and safe network.

WAN Acceleration.
The WAN Acceleration Appliance (WXA) Series provides WAN Acceleration to reduce application latency, conserve bandwidth and significantly optimize WAN performance. The WXA Series appliances are provisioned, managed and controlled by existing SonicWALL E-Class Network Security Appliance (NSA), NSA and TZ Series appliances for optimal ease of use and simplified deployment.

Gateway anti-malware.
Gateway anti-virus and anti-spyware provide high performance protection against millions of unique pieces of malware with near zero latency and no file size limitation. This provides a first layer of defense and stops malware before it can reach systems on your network.

Intrusion prevention.
Tightly integrated, signature based network intrusion prevention protects against a comprehensive array of network and application layer threats by scanning packet payloads for attacks and exploits targeting critical internal systems.

SonicWALL Mobile Connect™
SonicWALL® Mobile Connect™, a single unified client app for iOS, provides Apple® iPad®, iPhone®, and iPod touch® users full network-level access to corporate and academic resources over encrypted SSL VPN connections.

Virtual Private Networking.
High-performance Virtual Private Networks (VPNs) easily scale to thousands of end points and branch offices. And SonicWALL Clean VPN™ technology protects the integrity of both your IPSec and SSL VPN traffic, securing your remote access tunnels and decontaminating the traffic running over it.

High performance.
SonicWALL’s patented Reassembly-Free Deep Packet Inspection engine combined with the E3500’s 4 core security platform is capable of inspecting hundreds of thousands of connections simultaneously across all ports. The system provides 240 Mbps of Deep Packet Inspection across 6 GbE copper interfaces with nearly zero latency and without file size limitations.