Produktbeskrivning
The SonicWall Capture Security appliance (CSa) brings Capture Advanced Threat Protection (ATP) and sandboxing malware analysis to on-premises deployment scenarios for customers with compliance and policy restrictions against sending files to cloud analysis, or who prefer for all of their data to remain inside their organization. The CSa 1000 can analyze suspicious files coming from other SonicWall products to provide rapid, high-accuracy detection of previously unseen threats with the customer retaining custody of their files. Additionally, the REST API functionality on the CSa opens up the benefits of this highly effective file analysis capability to threat intelligence teams, third-party security systems and any software stack that can integrate with published APIs. The CSa uses a combination of reputation-based checks, static file analysis and SonicWall's patented Real-Time Deep Memory Inspection (RTDMI) engine for dynamic analysis to ensure that it provides not only the perfect detection rate of malicious files, but also does this efficiently, in short times. The SonicWall ecosystem of security products, already fully integrated with the cloud-delivered Capture ATP analysis, is able to enforce inline security with features, such as Block Until Verdict.
Egenskaper
RTDMISonicWall's Real-Time Deep Memory Inspection (RTDMI) file analysis engine is an advanced method of analyzing suspicious files by monitoring the behavior of an application in memory. RTDMI can see through any obfuscation or encryption techniques that modern malware may deploy to evade network and sandbox analysis, yielding extremely high accuracy detection of attacks borne by documents, executables, archive files and a variety of other file types.
Real-time protectionThe combination of reputation and global intelligence checks, statics analysis and RTDMI technology operate in concert to deliver results quickly enough to enable technologies like Block Until Verdict in SonicWall products. This capability allows for a file inspection policy on the firewall to prevent suspicious files from being downloaded by the end user until the full inspection is completed and a verdict is reached by Capture ATP or CSa.
Broad-type file analysisCSa supports analysis for a broad range of file types, including executable programs (PE), DLL, JAR, PDFs and MS Office documents, plus multiple operating systems, including Windows, Android and multi-browser environments.
Easy administration and reportingEasy-to-understand reports clearly show why something was blocked, detailing the analysis results for files sent to the service including frequency, sources, verdicts and other insights around files submitted for analysis.
Multiple deployment optionsDeploy CSa in your main datacenter and/or have it referenced by multiple locations via IP address, FQDN or with the REST API. Alternatively, manually upload files into CSa for quick analysis and results.
Teknisk specifikation
Allmänt
| Typ av enhet | Säkerhetsfunktion |
|---|
| Servicepaket | 3 års intelligensuppdateringar och supportpaket |
|---|
| Höjd (U-format) | 1U |
|---|
| Inbyggda enheter | Status-LCD |
|---|
| Bredd | 43 cm |
|---|
| Djup | 41.5 cm |
|---|
| Höjd | 4.5 cm |
|---|
| Vikt | 8.3 kg |
|---|
Processor / Minne / Lagring
| Hårddisk | SSD 1 TB x 2 |
|---|
| RAID-nivå | RAID 1 |
|---|
Nätverksfunktioner
| Formfaktor | Kan monteras i rack |
|---|
| Anslutningsteknik | Kabelansluten |
|---|
| Datalänkprotokoll | Gigabit Ethernet, 10 Gigabit Ethernet |
|---|
| Protokoll för administration på distans | HTTPS, SSH |
|---|
| Prestanda | Rykte och globalt genomslag för hotsökning: 12000 filer per timme
Filmixgenomströmning i verkligheten: 2500 filer per timme
Dynamisk analys (RTDMI) genomströmning: 300 filer per timme |
|---|
| Kapacitet | Max filstorlek (MB): 100
Maximalt arkivskanningsdjup: 3 |
|---|
| Statusindikatorer | Testläge, alarm, SSD-aktivitet, ström 1, ström 2 |
|---|
| Funktioner | 3 fläktar, svartlista, vitlista, Real-Time Deep Memory Inspection (RTDMI) |
|---|
| Krypteringsalgoritm | AES-NI |
|---|
Expansion/Anslutning
| Gränssnitt | 6 x 1000Base-T - RJ-45
2 x USB - Type A
1 x konsol - RJ-45
1 x administration - RJ-45
2 x 10GBase-X - SFP+ |
|---|
Diverse
| MTBF (genomsnittstid mellan fel) | 129,601 timmar |
|---|
| Standarder som följs | UL, TUV GS, VCCI, C-Tick, BSMI, CB, CCC, MIC, FCC, RoHS, FIPS 140-2, WEEE, ICES, China RoHS |
|---|
Strömtillförsel
| Nätdel | Intern strömförsörjning - hot-plug |
|---|
| Installerat antal | 2 |
|---|
| Max antal som stöds | 2 |
|---|
| Redundant ström | Ja |
|---|
| Nätspänning | AC 120/230 V (50/60 Hz) |
|---|
| Energiförbrukning vid drift | 114 Watt |
|---|
Miljöparametrar
| Min temperatur vid drift | 0 °C |
|---|
| Max temperatur vid drift | 40 °C |
|---|
