Security // Risk Management
08:25 PM
Connect Directly
Repost This

SonicWall, WatchGuard Launch Next-Generation Firewalls

The firewalls allow greater control over applications, can identify applications based on telltale signatures, and apply granular usage policies.

SonicWall and WatchGuard are rolling out next-generation firewalls at Interop 2011. Both companies say the devices can identify applications based on telltale signatures and apply granular usage policies, providing comprehensive control over applications on the network, such as Web-based apps.

For example, the marketing department could be allowed to access Facebook to run campaigns and monitor customer sentiment, but not to play games such as "Mafia Wars" or "FarmVille." Other departments could be allowed access at lunchtime or during off-work hours. By contrast, traditional stateful inspection firewalls can only allow or deny network access based on port and protocol use; if a firewall allows HTTP, it must allow every app that uses that protocol. The next-generation firewall concept of application signatures was pioneered by Palo Alto Networks but has become more widely adopted in the security market.

The SonicWall NSA E8510 is the latest entry in SonicWall's next-generation firewall line. It's a 1U device with a potential throughput of 10 Gbps. The firewall's application intelligence feature uses deep packet inspection and signatures created by SonicWall to identify specific applications. The company says it has 3,500 application signatures at present. The firewall can also allocate bandwidth to ensure that nonbusiness apps don't consume too much bandwidth.

The NSA E8510 offers multiple functions, including intrusion prevention and anti-malware capabilities, in addition to the application intelligence feature. The various features will affect throughput: Running in stateful inspection mode, the E8510 can sustain 8 Gbps, SonicWall says. Running full application intelligence and intrusion prevention drops that rate to 2.2 Gbps.

SonicWall also announced a WAN acceleration product line, WXA. Available as appliances that connect directly to the NSA E8510 and other SonicWall security appliances, the WXA line performs TCP acceleration to reduce traffic between branch offices and headquarters. The WXA can also cache Windows-based files. As with other WAN optimization products, a WXA device must sit at both ends of the connection and be connected to a SonicWall security appliance.

WatchGuard Technologies also launched a next-generation firewall at Interop. The XTM 2050 provides multiple security features, including application intelligence for fine-grained control over application access and use on the network. WatchGuard licenses its application signature database of 1,800 applications from BroadWeb.

The new firewall also includes IPS capabilities to prevent exploits, IPSec, and SSL VPN, and bandwidth control. WatchGuard says the firewall offers throughput of up to 20 Gbps for stateful inspection firewall, and 10 Gbps for application intelligence and IPS. The product starts at $39,995 and will ship in June.

Comment  | 
Print  | 
More Insights
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Elite 100 - 2014
Our InformationWeek Elite 100 issue -- our 26th ranking of technology innovators -- shines a spotlight on businesses that are succeeding because of their digital strategies. We take a close at look at the top five companies in this year's ranking and the eight winners of our Business Innovation awards, and offer 20 great ideas that you can use in your company. We also provide a ranked list of our Elite 100 innovators.
Twitter Feed
Audio Interviews
Archived Audio Interviews
GE is a leader in combining connected devices and advanced analytics in pursuit of practical goals like less downtime, lower operating costs, and higher throughput. At GIO Power & Water, CIO Jim Fowler is part of the team exploring how to apply these techniques to some of the world's essential infrastructure, from power plants to water treatment systems. Join us, and bring your questions, as we talk about what's ahead.