NSA 3600 appliance offers an extensive array of advanced security and networking features in an accessible and affordable platform that is easy to deploy and manage in a wide variety of environments.
As a Next-Generation Firewall for growing small to medium businesses, the Dell™ SonicWALL™ Network Security Appliance (NSA) 3600 delivers security and performance without compromise. Coupled with Dell’s patented Reassembly-Free Deep Packet Inspection® (RFDPI) single-pass threat prevention engine, all Dell SonicWALL Next-Generation Firewalls provide industry leading protection, performance, and scalability with the highest number of concurrent connections, lowest latency, no file size limitations and superior connections per second in their class.
The NSA 3600 appliance offers an extensive array of advanced security and networking features in an accessible and affordable platform that is easy to deploy and manage in a wide variety of environments.
The NSA 3600 provides intrusion prevention, application control, gateway anti-malware, SSL decryption and inspection, and URL filtering on a high performance platform through its comprehensive and intuitive management interface. This powerful combination ensures state-of-the-art security at a low total cost of ownership.
Dell SonicWALL provides real-time insight and control of network traffic broken down by applications, users and content through intuitive on-board visualization. The ability to prioritize important applications, throttle down unproductive applications and block unwanted application components ensures an efficient and safe network.
The WAN Acceleration Appliance (WXA) Series provides WAN Acceleration to reduce application latency, conserve bandwidth and significantly optimize WAN performance. The WXA Series appliances are provisioned, managed and controlled by existing Dell SonicWALL SuperMassive™ 9000 Series and E-Class Network Security Appliance (NSA), NSA and TZ Series appliances for optimal ease of use and simplified deployment.
Gateway anti-virus and anti-spyware provide high performance protection against millions of unique pieces of malware with near zero latency and no file size limitation. This provides a first layer of defense and stops malware before it can reach systems on your network.
Tightly integrated, signature based network intrusion prevention protects against a comprehensive array of network and application layer threats by scanning packet payloads for attacks and exploits that attack critical internal systems.
SonicWALL Mobile Connect™
SonicWALL Mobile Connect, a single unified client app for Apple® iOS and Google® Android™, provides smartphone and tablet users superior network-level access to corporate and academic resources over encrypted SSL VPN connections.
Virtual Private Networking.
High-performance Virtual Private Networks (VPNs) easily scale to thousands of end points and branch offices. And Dell SonicWALL Clean VPN™ technology protects the integrity of both your IPSec and SSL VPN traffic, securing your remote access tunnels and decontaminating the traffic running over it.
Dell SonicWALL’s patented Reassembly-Free Deep Packet Inspection engine combined with the NSA 3600’s 6-core security platform is capable of inspecting hundreds of thousands of simultaneous connections across all ports. Deep Packet Inspection is provided across all interfaces with nearly zero latency and without file size limitation.
SonicOS provides key features designed to ensure the security of your network with an intuitive graphical user interface for increased functionality and ease of use.
Deep Packet Inspection firewall.
Dell SonicWALL Reassembly-Free Deep Packet Inspection® technology scans against multiple application types and protocols to protect against internal and external threats at both the application layer and the network layer.
Deep Packet Inspection for SSL encrypted traffic (DPI-SSL).
DPI-SSL transparently decrypts, inspects and re-encrypts SSL encrypted traffic to allow security services to be applied to all traffic that traverses Dell SonicWALL Next-Generation Firewalls.
SSL VPN remote access.
Integrated SSL VPN technology enables clientless, remote access to email, files, intranets, and applications from a variety of tablet, phone and PC platforms. The SSL VPN client can also be automatically pushed out to the client and auto-configured to provide secure layer 3 connectivity.
Application Traffic Analytics
The Dell SonicWALL Application Traffic Analytics solution provides organizations with powerful insight into application traffic, bandwidth utilization and security threats while providing enhanced troubleshooting and forensics capabilities. Businesses can easily identify non-business applications consuming network resources to modify usage policies accordingly.
Secure network optimization.
Stay ahead of today’s constantly evolving landscape of threats and application-related issues with an advanced security platform that consolidates Dell SonicWALL Next-Generation Firewall features for enterprises along with WAN acceleration for distributed offices to maximize security and control with minimum network latency.
Secure wireless controller.
Dell SonicWALL firewalls can be extended with secure wireless access points, SonicPoints, to provide seamless and secure 802.11 a/b/g/n wireless networks protected with the Dell SonicWALL Clean Wireless technology.
Historical reporting on user activity is available through Dell SonicWALL Analyzer software and real-time application analysis through powerful visualization tools.
Centralized policy management
The Dell SonicWALL Global Management System (GMS®) provides flexible, powerful and intuitive tools to manage configurations, view real-time monitoring metrics and integrate policy and compliance reporting, all from a central location.
Your network will continue to operate without interruption even if there is a hardware or software failure with Active/Passive failover. Stateful synchronization across the appliances enables failover without interruption to existing network traffic and VPN tunnels.
|Operating system||SonicOS 5.9||SonicOS 6.1|
|Security Processor||2x 500 MHz||2x 700 MHz||4x 800 MHz||6x 800 MHz||8x 1.1 GHz||10x 1.3 GHz||24x 1.0 GHz|
|Memory (RAM)||512 MB||512 MB||2.0 GB||2.0 GB||2.0 GB||4.0 GB||4.0 GB|
|10 GbE SFP+ interfaces||N/A||N/A||N/A||2||2||2||4|
|1 GbE SFP interfaces||N/A||N/A||N/A||4||4||4||8|
|1 GbE Copper interfaces||7||5||8||12||12||12||8|
|1GbE Copper Management interfaces||N/A||N/A||1||1||1||1||1|
|Expansion||SD Card, USB||Expansion Slot (Rear), SD Card, USB||Expansion Slot (Front), |
SD Card, USB
|Expansion Slot (Rear)|
SD Card, USB
|Firewall inspection throughput||600 Mbps||750 Mbps||1.9 Gbps||3.4 Gbps||6.0 Gbps||9.0 Gbps||12.0 Gbp|
|Full DPI throughput||110 Mbps||130 Mbps||300 Mbps||500 Mbps||800 Mbps||1.6 Gbps||3.0 Gbps|
|Application inspection throughput||195 Mbps||250 Mbps||700 Mbps||1.1 Gbps||2.0 Gbps||3.0 Gbps||4.5 Gbps|
|IPS throughput||195 Mbps||250 Mbps||700 Mbps||1.1 Gbps||2.0 Gbps||3.0 Gbps||4.5 Gbps|
|Anti-malware inspection throughput||115 Mbps||140 Mbps||400 Mbps||600 Mbps||1.1 Gbps||1.7 Gbps||3.0 Gbps|
|IMIX throughput||180 Mbps||210 Mbps||600 Mbps||900 Mbps||1.6 Gbps||2.4 Gbps||3.5 Gbps|
|SSL Inspection and Decryption (DPI SSL)||Available||200 Mbps||300 Mbps||500 Mbps||800 Mbps||1.3 Gbps|
|VPN throughput||150 Mbps||200 Mbps||1.1 Gbps||1.5 Gbps||3.0 Gbps||4.5 Gbps||5.0 Gbps|
|Connections per second||2,200/sec||3,000/sec||15,000/sec||20,000/sec||40,000/sec||60,000/sec||90,000/sec|
|Maximum connections (SPI)||85,000||110,000||225,000||325,000||400,000||562,500||750,000|
|Maximum connections (DPI)||32,000||64,000||125,000||175,000||200,000||375,000||500,000|
|Single Sign On (SSO) Users||250||250||250||500||1000||2500||4000|
|SonicPoints supported (Maximum)||16||16||32||48||64||96||96|
|Site-to-Site VPN Tunnels||25||50||75||800||1500||4000||6000|
|IPSec VPN clients (Maximum)||2(25)||2(25)||10(250)||50 (1,000)||500 (3,000)||2,000 (4,000)||2,000 (6,000)|
|SSL VPN licenses (Maximum)||2(15)||2(15)||2(25)||2 (30)||2 (30)||2 (50)||2 (50)|
|Encryption/Authentication||DES, 3DES, AES (128, 192, 256-bit)/MD5, SHA-1|
|Key exchange||Diffie Hellman Groups 1, 2, 5, 14|
|Route-based VPN||RIP, OSPF|
|IP address assignment||Static, (DHCP PPPoE, L2TP and PPTP client), Internal DHCP server, DHCP Relay|
|NAT modes||1:1, many:1, 1:many, flexible NAT (overlapping IPS), PAT, transparent mode|
|Routing protocols||BGP, OSPF, RIPv1/v2, static routes, policy-based routing, multicast|
|QoS||Bandwidth priority, max bandwidth, guaranteed bandwidth, DSCP marking, 802.1p|
|Authentication||XAUTH/RADIUS, Active Directory, SSO, LDAP, Novell, internal user database, Terminal Services, Citrix|
|VoIP||Full H323-v1-5, SIP|
|Standards||TCP/IP, ICMP, HTTP, HTTPS, IPSec, ISAKMP/IKE, SNMP, DHCP, PPPoE, L2TP, PPTP, RADIUS, IEEE 802.3|
|Certifications||VPNC, ICSA Firewall, ICSA Anti-Virus|
|Certifications pending||FIPS 140-2, Common Criteria EAL1+|
|Common Access Card (CAC)||SonicOS 5.9|
|Form factor||Desktop (1U Rack Mountable Kit Available)||1U Rack Mountable|
|Fans||No fan / 1 internal fan||2 Internal fans||Dual, Fixed||Dual, redundant, hot swappable|
|Power Supply (W)||36||36||200||250||250||250||250|
|Maximum power consumption (W)||11 / 15||12 / 16||49.4||74.3||86.7||90.9||113.1|
|Input power||100-240 VAC, 60-50 Hz|
|Dimensions||7.1x1.5x10.5 in (18.1 x 3.8 x 26.7 cm)||1.4 x 7.1 x 10.7 (3.5 x 18 x 27cm)||1.75x10.25x17 in (4.5x26x43 cm)||1.75 x 19.1 x 17 in |
(4.5 x 48.5 x 43.3 cm)
|Weight||1.95 lbs/0.88 kg/2.15 lbs/0.97 kg||3.05 lbs/1.38 kg/3.15 lbs/1.43 kg||10.1 lb /|
|13.56 lb / 6.15 Kg||13.56 lb / 6.15 Kg||13.56 lb / 6.15 Kg||14.93 lb / 6.7 Kg|
|WEEE weight||3.05 lbs/1.38 kg/3.45 lbs/1.56 kg||4.4 lbs/2.0kg/4.65 lbs/2.11 kg||11.0 lb / |
|14.24 lb / 6.46 Kg||14.24 lb / 6.46 Kg||14.24 lb / 6.46 Kg||19.78 lb / 8.97 Kg|
|Shipping weight||4.35 lbs / 4.7 lbs||5.6 lbs / 5.9 lbs||14.3 lb /|
|20.79lb / 9.43 Kg||20.79lb / 9.43 Kg||20.79lb / 9.43 Kg||26.12 lb / 11.85 Kg|
|MTBF (Years)||28 / 15.6||23.4 / 14.1||20.2||16.8||16||15.4||13.3|
|Environment||40-105 F, 0 - 40 C||32-105 F, 0-40 deg C|
|Humidity||5 - 95% non- condensing||10-90% non- condensing|
|Standards||802.11a/b/g/n (WEP, WPA, WPA2, 802.11i, TKIP, PSK,02.1x, EAP-PEAP, EAP-TTLS||Not Available|
|Virtual access points (VAPs)5– antennas (5 dBi Diversity)||External triple, detachable||Not Available|
|Radio power–802.11a/802.11b/802.11g||15.5 dBm max/18 dBm max/17 dBM @ 6 Mbps, 13 dBM @ 54 Mbps||Not Available|
|Radio power–802.11n (2.4GHz)/802.11n (5.0GHz)||19 dBm MCS 0, 11 dBm MCS 15/17 dBm MCS 0, 12 dBm MCS 15||Not Available|
|Radio receive sensitivity–802.11a/802.11b/802.11g||-95 dBm MCS 0, -81 dBm MCS 15/-90 dBm @ 11Mbps/-91 dBm @ 6Mbps, -74 dBm @ 54 Mbps||Not Available|
|Radio receive sensitivity–802.11n(2.4GHz)/802.11n(5.0GHz)||-89 dBm MCS 0, -70 dBm MCS 15/-95 dBm MCS 0, -76 dBm MCS 15||Not Available|