Internet Security

Skip to Main Content »

Have a Question? We Can Help!
Call Toll-Free 866.403.5305

Welcome to Firewalls.com.

You're currently on:

SonicWALL SonicWALL NSA 3500 SonicWALL NSA 4500 SonicWALL NSA 5000 SonicWALL DPI-SSL SonicWALL NSA 3600 SonicWALL NSA 4600 SonicWALL DPI-SSL For NSA 3500/4500/3600/4600 1062.50

Deep Packet Inspection of Secure Socket Layer (DPI-SSL) extends SonicWALL's Deep Packet Inspection technology to allow for the inspection of encrypted HTTPS traffic and other SSL-based traffic. The SSL traffic is decrypted transparently, scanned for threats and then re-encrypted and sent along to its destination if no threats or vulnerabilities are found. DPI-SSL provides additional security, application control, and data leakage prevention for analyzing encrypted HTTPS and other SSL-based traffic.

The following security services and features are capable of utilizing DPI-SSL:

• Gateway Anti-Virus
• Gateway Anti-Spyware
• Intrusion Prevention
• Content Filtering
• Application Firewall
• Packet Capture
• Packet Mirror

DPI-SSL has two main deployment scenarios:

• Client DPI-SSL: Used to inspect HTTPS traffic when clients on the SonicWALL security appliance's LAN access content located on the WAN.
• Server DPI-SSL: Used to inspect HTTPS traffic when remote clients connect over the WAN to access content located on the SonicWALL security appliance's LAN.

Platforms

The DPI-SSL feature is available in SonicOS Enhanced 5.6. The following table shows which platforms support DPI-SSL and the maximum number of concurrent connections on which the appliance can perform DPI-SSL inspection.

Hardware Model

Max Concurrent DPI-SSL inspected connections

NSA 3500 250
NSA 4500 350
NSA 5000 1000
NSA E5500 2000
NSA E6500 3000
NSA E7500 8000

Client DPI-SSL

The Client DPI-SSL deployment scenario typically is used to inspect HTTPS traffic when clients on the LAN browse content located on the WAN. In the Client DPI-SSL scenario, the SonicWALL UTM appliance typically does not own the certificates and private keys for the content it is inspecting. After the appliance performs DPI-SSL inspection, it re-writes the certificate sent by the remote server and signs this newly generated certificate with the certificate specified in the Client DPI-SSL configuration. By default, this is the SonicWALL certificate authority (CA) certificate, or a different certificate can be specified. Users should be instructed to add the certificate to their browser's trusted list to avoid certificate trust errors.

Server DPI-SSL

The Server DPI-SSL deployment scenario is typically used to inspect HTTPS traffic when remote clients connect over the WAN to access content located on the SonicWALL security appliance's LAN. Server DPI-SSL allows the user to configure pairings of an address object and certificate. When the appliance detects SSL connections to the address object, it presents the paired certificate and negotiates SSL with the connecting client.

Afterward, if the pairing defines the server to be 'cleartext' then a standard TCP connection is made to the server on the original (post NAT remapping) port. If the pairing is not defined to be cleartext, then an SSL connection to the server is negotiated. This allows for end-to-end encryption of the connection.

In this deployment scenario the owner of the SonicWALL UTM owns the certificates and private keys of the origin content servers. Administrator would have to import server's original certificate onto the UTM appliance and create appropriate server IP address to server certificate mappings in the Server DPI-SSL UI.

http://www.firewalls.com/sonicwall-dpi-ssl-for-nsa-3500-4500-5000.html in_stock Yes Products Catalog USD
SonicWALL DPI-SSL For NSA 3500/4500/3600/4600

01-SSC-8934 SonicWALL DPI-SSL For NSA 3500/4500/3600/4600


Finding Lowest
Internet Price...

FREE TRAINING INCLUDED

Purchase this SonicWALL license and receive a free, 30-day membership to our exclusive SonicWALL How-To and Training Videos.

SonicWALL DPI-SSL For NSA 3500/4500/3600/4600

Double click on above image to view full picture

Zoom Out
Zoom In

More Views

Deep Packet Inspection of Secure Socket Layer (DPI-SSL) extends SonicWALL's Deep Packet Inspection technology to allow for the inspection of encrypted HTTPS traffic and other SSL-based traffic. The SSL traffic is decrypted transparently, scanned for threats and then re-encrypted and sent along to its destination if no threats or vulnerabilities are found. DPI-SSL provides additional security, application control, and data leakage prevention for analyzing encrypted HTTPS and other SSL-based traffic.

The following security services and features are capable of utilizing DPI-SSL:

• Gateway Anti-Virus
• Gateway Anti-Spyware
• Intrusion Prevention
• Content Filtering
• Application Firewall
• Packet Capture
• Packet Mirror

DPI-SSL has two main deployment scenarios:

• Client DPI-SSL: Used to inspect HTTPS traffic when clients on the SonicWALL security appliance's LAN access content located on the WAN.
• Server DPI-SSL: Used to inspect HTTPS traffic when remote clients connect over the WAN to access content located on the SonicWALL security appliance's LAN.

Platforms

The DPI-SSL feature is available in SonicOS Enhanced 5.6. The following table shows which platforms support DPI-SSL and the maximum number of concurrent connections on which the appliance can perform DPI-SSL inspection.

Hardware Model

Max Concurrent DPI-SSL inspected connections

NSA 3500 250
NSA 4500 350
NSA 5000 1000
NSA E5500 2000
NSA E6500 3000
NSA E7500 8000

Client DPI-SSL

The Client DPI-SSL deployment scenario typically is used to inspect HTTPS traffic when clients on the LAN browse content located on the WAN. In the Client DPI-SSL scenario, the SonicWALL UTM appliance typically does not own the certificates and private keys for the content it is inspecting. After the appliance performs DPI-SSL inspection, it re-writes the certificate sent by the remote server and signs this newly generated certificate with the certificate specified in the Client DPI-SSL configuration. By default, this is the SonicWALL certificate authority (CA) certificate, or a different certificate can be specified. Users should be instructed to add the certificate to their browser's trusted list to avoid certificate trust errors.

Server DPI-SSL

The Server DPI-SSL deployment scenario is typically used to inspect HTTPS traffic when remote clients connect over the WAN to access content located on the SonicWALL security appliance's LAN. Server DPI-SSL allows the user to configure pairings of an address object and certificate. When the appliance detects SSL connections to the address object, it presents the paired certificate and negotiates SSL with the connecting client.

Afterward, if the pairing defines the server to be 'cleartext' then a standard TCP connection is made to the server on the original (post NAT remapping) port. If the pairing is not defined to be cleartext, then an SSL connection to the server is negotiated. This allows for end-to-end encryption of the connection.

In this deployment scenario the owner of the SonicWALL UTM owns the certificates and private keys of the origin content servers. Administrator would have to import server's original certificate onto the UTM appliance and create appropriate server IP address to server certificate mappings in the Server DPI-SSL UI.

Additional Information

Manufacturer SonicWALL
Subscription Service DPI-SSL

Additional Product Images:

BUY WITH CONFIDENCE

 Dreaming Tree Technology, Inc. BBB Business Review

checkmark

Fast Delivery

Free, same day shipping when ordered before 3PM EST.


checkmark

Easy Returns

Comprehensive 30-day return policy on all hardware purchases.


checkmark

Secure Checkout

» 2048-bit encryption
» Certified Authorize merchant
» Our security is verified daily.


checkmark

Best Price Assured

We offer you the best price. If you find it cheaper let us know.


checkmark

Payment Options

credit cards accepted
» PayPal & Google Checkout
» Company purchase orders
» Company check
» Wire transfers