Traditional stateful packet inspection firewalls focus on blocking network layer threats by evaluating the ports and protocols used by network layer traffic. The latest next-generation firewalls (NGFWs) utilize deep packet inspection
to scan the entire packet payload to provide advanced intrusion prevention, antimalware, content filtering and anti-spam. Many applications are delivered over the web sharing common ports and HTTP or HTTPS protocols. This effectively leaves traditional firewalls blind to these applications and unable to prioritize productive and secure versus unproductive and potentially insecure traffic. Next-generation firewalls provide insight into the applications themselves, providing a critical capability for networking professionals
1st cool thing:
Control the applications allowed on the network
Application visualization lets you “see” which browsers are being used before you create the policy.
You want to make sure all of your employees are using the latest version of your selected web browser.
2nd cool thing:
Manage the bandwidth for critical applications
Many mission-critical applications, such as Live Meeting, Salesforce.com® and SharePoint®, are cloud-based, or run across geographically dispersed networks. Ensuring that these applications have priority over unproductive web sur ng improves business productivity.
3rd cool thing:
Block peer-to-peer applications.
Unproductive peer-to-peer (P2P) applications such as BitTorrent are often used to download unlicensed versions of copyrighted media, and can quickly consume bandwidth or transmit malware. However, the creation of new P2P applications, or simple changes (e.g., version numbers) to the existing P2P applications happen all the time so it is difficult to manually block any single P2P application.
SonicWall continuously updates the application intelligence and control database to add new P2P apps as soon as they are available. Now you can simply create one policy to block all P2P apps going forward.
4th cool thing:
Block unproductive components of applications
Social networking applications such as Facebook, Instagram and YouTube have become new channels of communications for individuals and for companies. While it might be counterproductive to block all social networking applications, you may want to control how they can be used in the workplace.
For example, you may want to let marketing personnel update the company’s Facebook page, but not allow them to play Facebook games like Candy Crush or Mafia Wars. With application intelligence and control, you can create a policy to allow access to Facebook, but block games.
You could also allow chat but block file transfers within chat.
5th cool thing:
Visualize your application traffic
What’s happening on my network? Who’s wasting my bandwidth? Why is my network so slow? Have you ever asked yourself any of these questions? You could use a combination of separate tools to try to get answers, but this process is time consuming, and will only provide you with information after-the-fact. With SonicWall’s real-time visualization of application traffic, you can answer these questions instantly, quickly diagnose issues, detect out-of-compliance network usage, create appropriate policies and immediately see the effectiveness of these policies.
6th cool thing:
Manage bandwidth for a group of users
What do you do if your CEO complains that the business news videos that
he wants to watch every morning are choppy and won’t play correctly? After investigation, you determine that it’s due to a company-wide bandwidth management policy that you implemented for all streaming video? You could ease off on the bandwidth restrictions for everyone, but now there is a better answer: group-based bandwidth management.
7th cool thing:
Block ransomware attacks and breaches
Network security must be at the forefront of any IT administrator’s focus. The ability to block attacks such as ransomware and breaches that are delivered through malware and intrusion attempts relieves the organization from great risk and spares potentially wasted resources. SonicWall security services, running on the high-performance and ultra-low-latency architecture of SonicWall next-generation firewalls, are capable of blocking millions of known and unknown threats from entering the network, before they become a danger to your organization. SonicWall Capture extends the threat prevention capabilities of the firewall by detecting and preventing unknown and zero-day attacks through a cloud-based, multi-engine sandboxing service.
8th cool thing:
Identify connections by country
Is a connection to an IP in a foreign country from your local neighborhood office or a branch site just a benign connection from somebody browsing on the web, or is it a botnet activity? You can use application intelligence as a powerful forensics tool to identify exactly what’s happening on your network and from where the activity is coming.
9th cool thing:
Prevent data leaks over email
In some companies, outbound email does not pass through their email security system, or that system does not check the content of email attachments. In either case “company confidential” attachments can easily leave the organization. Since outbound network traffic goes through your firewall, you can detect and block this “data-in-motion.”
10th cool thing:
Prevent data leaks over web mail
Now let’s assume your existing anti-spam protection can detect and block a normal outbound email that contains “company confidential” information. But what if an employee uses a web mail service, such as Yahoo® or Gmail®, to send out “Company Confidential” information?
11th cool thing:
Bandwidth manage streaming audio and video
Access to streaming video from sites such as YouTube.com is sometimes useful, but is often abused. Blocking these sites might work, but a preferable approach is to limit the total bandwidth given to streaming video, regardless of where it comes from. This also applies to streaming audio sites such as online music radio stations and music streaming services like Spotify and Apple Music. This traffic doesn’t necessarily need to come from well-known sites, but can also be hosted by blogs. Thus, the goal is to identify this traffic by what it is, rather by its origin. Deep Packet Inspection excels at this process.