Datasheet
Features
Threat prevention
Feature Description
Application intelligence and control
Feature Description
Gateway anti-malware
CloudAV
Around-the-clock security
updates
SSL inspection
Bi-directional raw TCP
inspection
Extensive protocol support
Application control
Custom application
identification
Application bandwidth
management
On-box/o-box trac
visualization
Granular control
The Dell SonicWALL RFDPI engine scans all inbound, outbound and intra-zone trac for viruses,
Trojans, key loggers and other malware in files of unlimited length and size across all ports and
TCP streams.
A continuously updated database of over 12 million threat signatures resides in the Dell
SonicWALL cloud servers and is referenced to augment the capabilities of the onboard signature
database, providing RFDPI with an extensive coverage of threats.
The Dell SonicWALL Threat Research Team analyzes new threats and releases countermeasures
24 hours a day, 7 days a week. New threat updates are automatically pushed to firewalls in the
field with active security services, and take eect immediately without reboots or interruptions.
Decrypts and inspects SSL trac on the fly, without proxying, for malware, intrusions and data
leakage, and applies application, URL and content control policies in order to protect against
threats hidden in SSL encrypted trac.
The RFDPI engine is capable of scanning raw TCP streams on any port bi-directionally,
preventing attacks that try to sneak by outdated security systems that focus on securing a few
well-known ports.
Identifies common protocols such as HTTP/S, FTP, SMTP, SMBv1/v2 and others, which do not
send data in raw TCP, and decodes payloads for malware inspection, even if they do not run on
standard well known ports.
Controls applications, or individual application features, which are identified by the RFDPI
engine against a continuously expanding database of over 4,300 application signatures, to
increase network security and enhance network productivity.
Controls custom applications by creating signatures based on specific parameters or patterns
unique to an application in its network communications, in order to gain further control over the
network.
Restricts or prioritizes applications or application categories in order to maximize available
bandwidth for critical applications while eliminating or reducing undesired application trac.
Identifies bandwidth utilization and analyzes network behavior with real-time on-box application
trac visualization and o-box application trac reporting via NetFlow/IPFix.
Controls applications, or specific components of an application, based on schedules, users
groups, exclusion lists and a range of actions with full SSO user identification through LDAP/AD/
Terminal Services/Citrix integration.
6