SonicWall TZ670 - SonicGuard
SonicWall TZ670The SonicWall TZ670 is the firstdesktop-form-factor next-generationfirewall (NGFW) with 10 GigabitEthernet interfaces.Designed for mid-sized organizationsand distributed enterprise withSD-Branch locations, the TZ670delivers industry-validated securityeffectiveness with best-in-class priceperformance. TZ670 NGFWs addressthe growing trends in web encryption,connected devices and high-speedmobility by delivering a solution thatmeets the need for automated, realtime breach detection and prevention.SonicOS and Security ServicesThe SonicOS architecture is at thecore of TZ NGFWs. TZ670 is poweredby the feature rich SonicOS 7.0operating system with new modernlooking UX/UI, advanced security,networking and managementcapabilities. TZ670 features integratedSD-WAN, TLS 1.3 support, realtime visualization, high-speed virtualprivate networking (VPN) and otherrobust security features.The TZ670 is highly scalable, with highport density of 10 ports. It features bothin-built and an expandable storage of upto 256GB, that enables various featuresincluding logging, reporting, caching,firmware backup and more. An optionalsecond power supply provides addedredundancy in case of failure.Unknown threats are sent toSonicWall’s cloud-based CaptureAdvanced Threat Protection (ATP)multiengine sandbox for analysis.Enhancing Capture ATP is our patentpending Real-Time Deep MemoryInspection (RTDMI ) technology.As one of Capture ATP’s engine,RTDMI detects and blocks malwareand zero-day threats by inspectingdirectly in memory.Deployment of TZ670 is furthersimplified by Zero-Touch Deployment,with the ability to simultaneouslyroll out these devices across multiplelocations with minimal IT support.Built on next-gen hardware, itintegrates firewalling and switchingcapabilities, plus provides singlepane-of-glass management forSonicWall Switches and SonicWaveAccess Points. It allows tightintegration with Capture Client forseamless endpoint security.By leveraging Capture ATP withRTDMI technology, in addition tosecurity services such as ReassemblyFree Deep Packet Inspection (RFDPI),Anti-virus and Anti-spywareProtection, intrusion preventionsystem, Application Intelligence andControl, Content Filtering Services,DPI-SSL, TZ series firewalls stopmalware, ransomware and otheradvanced threats at the gateway. Formore information, refer the SonicOSand Security Services Datasheet.Highlights: 10 GbE interfaces in a desktopform factor SD-Branch ready Secure SD-WAN capability SonicExpress App onboarding Zero-Touch Deployment Single-pane-of-glass-managementthrough cloud or firewall SonicWall Switch, SonicWave AccessPoint and Capture Client integration Built-in and expandable storage Redundant power High port density Cellular failover SonicOS 7.0 TLS 1.3 support Groundbreaking performance High connection count Fast DPI performance Low TCO
DeploymentsSmall to Medium size Business Save space and money with an integrated gatewaysecurity solution with firewalling, switching andwireless capabilities Reduce complexity and get the business runningwithout relying on IT personnel with easy onboardingusing SonicExpress App and Zero-Touch Deployment,and easy management through a single pane of glassTZ670Internet Attain business continuity by providing failover tocellular connectivity Protect network from attacks with a comprehensivesecurity solution that incorporates VPN, IPS, CFS, AVand much morePoE devicesRetail store / small office LAN Leverage high port density to power on multiplePoE devices such as IP phones and IP cameras Boost employee productivity by blockingunauthorized access with traffic segmentationand access policiesDistributed Enterprise with SD-BranchesCapture Security Center Enhance customer experience and adapt to thechanging business needs by enabling next-genbranch connectivity with SD-BranchCloud Securityand Management Drive business growth by investing in next-genappliances with multi-gigabit and advanced securityfeatures, to future-proof against the changingnetwork and security landscape Secure networks from the most advanced attackswith advanced security features and automaticallyblock threats on decrypted traffic using protocolssuch as TLS 1.3Cloud AppSecuritySD-WAN enabled transportSonicWall FirewallZero-Touch Deployment Capable Leverage end-to-end network security withseamless integration of SonicWave access points,SonicWall Switches and Capture ClientSonicWall Switch Ensure seamless communication as stores talkto HQ via easy VPN connectivity which allowsIT administrators to create a hub and spokeconfiguration for the safe transport of databetween all locationsZero-Touch Deployment CapableSonicWave Access PointZero-Touch Deployment CapableIP Phone Scale quickly and effortlessly with SonicExpressApp and Zero-Touch Deployment Maintain compliance with security features, andleverage built-in and expandable storage to storelogs for audit purposes2Access SecurityCamera Improve business efficiency, performanceand reduce costs by leveraging TZ670’s hardwareand software enhancements, plus features suchSD-WAN technology Ensure business continuity by providing failoverto cellular connectivityEdge SecurityCapture ClientLaptopSmartphoneEndpoint Security
WWAN LEDs for USB 5G/LTEX4/X5/X6/X7 RJ45 PortsX2 WAN RJ45 PortX0 LAN RJ45 PortSafeModeButtonGroundingScrewUSB 3.0SuperSpeedPortsPowerLEDs-Test LED-Security LED-Storage LED- LAN/MGMT X0 Port LED- WAN X1 and X2 Port LEDs- X0–X7 RJ45 Port LEDs- X8 / X9 SFP/SFP Port LEDsRJ45ConsolePortX8/X9SFP/SFP PortsX3 RJ45 X1 WANPortRJ45PortPrimary Power InputRedundantPower InputMicro-USBConsole PortSonicWall TZ670 specificationsFIREWALL GENERALTZ670 SERIESOperating systemSonicOS 7.0Interfaces8x1GbE, 2x10GbE, 2 USB 3.0, 1 ConsolePower over Ethernet (PoE) supportN/AExpansionStorage Expansion Slot (Up to 256GB, with 32 GB included)ManagementNetwork Security Manager, CLI, SSH, Web UI, GMS, REST APIsSingle Sign-On (SSO) Users2,500VLAN interfaces256Access points supported (maximum)32FIREWALL/VPN PERFORMANCETZ670 SERIESFirewall inspection throughput15.00 GbpsThreat prevention throughput2.50 Gbps2Application inspection throughput23.0 GbpsIPS throughput3.0 Gbps2Anti-malware inspection throughput22.50 GbpsTLS/SSL inspection and decryption throughput (DPISSL)2800 MbpsIPSec VPN throughput32.10 GbpsConnections per second25,000Maximum connections (SPI)1,500,000Maximum connections (DPI)500,000Maximum connections (DPI SSL)30,000VPNTZ670 SERIESSite-to-site VPN tunnels250IPSec VPN clients (maximum)10 (500)SSL VPN licenses (maximum)Encryption/authentication2 (250)DES, 3DES, AES (128, 192, 256-bit)/MD5, SHA-1, Suite B CryptographyKey exchangeDiffie Hellman Groups 1, 2, 5, 14vRoute-based VPNRIP, OSPF, BGPDead Peer Detection, DHCP Over VPN, IPSec NAT Traversal,Redundant VPN Gateway, Route-based VPNVPN featuresGlobal VPN client platforms supportedMicrosoft Windows 10NetExtenderMobile ConnectSECURITY SERVICESDeep Packet Inspection services3Microsoft Windows 10, LinuxApple iOS, Mac OS X, Google Android , Kindle Fire, Chrome OS, Windows 10 TZ670 SERIESGateway Anti-Virus, Anti-Spyware, Intrusion Prevention, DPI SSL
SonicWall TZ670 specifications, continuedContent Filtering Service (CFS)HTTP URL, HTTPS IP, keyword and content scanning, Comprehensive filtering based on filetypes such as ActiveX, Java, Cookies for privacy, allow/forbid listsComprehensive Anti-Spam ServiceYesApplication VisualizationYesApplication ControlYesCapture Advanced Threat ProtectionYesDNS SecurityYesNETWORKINGIP address assignmentNAT modesRouting protocolsQoSAuthenticationLocal user databaseVoIPStandardsCertifications pendingHARDWAREForm factorPower supplyMaximum power consumption (W)Input voltage & frequencyTotal heat dissipationDimensionsTZ670 SERIESStatic, (DHCP, PPPoE, L2TP and PPTP client), Internal DHCP server, DHCP relay1:1, 1:many, many:1, many:many, flexible NAT (overlapping IPs), PAT, transparent modeBGP, OSPF, RIPv1/v2, static routes, policy-based routingBandwidth priority, max bandwidth, guaranteed bandwidth, DSCP marking, 802.1e (WMM)LDAP (multiple domains), XAUTH/RADIUS, SSO, Novell, internal user database, TerminalServices, Citrix, Common Access Card (CAC)250Full H.323v1-5, SIPTCP/IP, UDP, ICMP, HTTP, HTTPS, IPSec, ISAKMP/IKE, SNMP, DHCP,PPPoE, L2TP, PPTP, RADIUS, IEEE a802.3FIPS 140-2 (with Suite B) Level 2, IPv6 (Phase 2), ICSA Network Firewall, ICSA Anti-virus,Common Criteria NDPP (Firewall and IPS)TZ670 SERIESDesktop560W external13.1100-240 VAC, 50-60 Hz55.1 BTU3.5 x 15 x 22.5 (cm)1.38 x 5.91 x 8.85 inWeight0.97 kg / 2.14 lbsWEEE weight1.42 kg / 3.13 lbsShipping weight1.93 kg / 4.25 lbsMTBF @25ºC in yearsEnvironment (Operating/Storage)HumidityREGULATORYMajor regulatory compliance43.932 -105 F (0 -40 C)/-40 to 158 F (-40 to 70 C)5-95% non-condensingTZ670 SERIESFCC Class B, FCC , ICES Class B, CE (EMC, LVD, RoHS), C-Tick, VCCI Class B, UL/cUL, TUV/GS, CB, Mexico DGN notice by UL, WEEE, REACH, BSMI, KCC/MSIP, ANATELTesting Methodologies: Maximum performance based on RFC 2544 (for firewall). Actual performance may vary depending on network conditions and activated services.Threat Prevention/GatewayAV/Anti-Spyware/IPS throughput measured using industry standard Spirent WebAvalanche HTTP performance test and Ixia test tools. Testing done with multipleflows through multiple port pairs. Threat Prevention throughput measured with Gateway AV, Anti-Spyware, IPS and Application Control enabled.3VPN throughput measured using UDP traffic at 1280 byte packet size adhering to RFC 2544. All specifications, features and availability are subject to change.4BGP is available only on SonicWall TZ400, TZ500 and TZ600.5For rack mount, separate rack mount kit available.124
SonicOS 7.0 Feature SummaryApplication identification2Firewall Application control Capture Security Appliance (CSa) support Reassembly-Free Deep Packet Inspection Application bandwidth management Capture Threat Assessment (CTA) v2.0 DDoS attack protection (UDP/ICMP/SYN flood) Custom application signature creation IPv4/IPv6 support Data leakage prevention Biometric authentication for remote access Application reporting over NetFlow/IPFIX DNS proxy Comprehensive application signature database Full API support SonicWall Switch integration SD-WAN scalability SD-WAN Usability Wizard1 SonicCoreX and SonicOS containerization1 Connections scalability (SPI, DPI, DPI SSL)Enhanced dashboard1 Enhanced device view Top traffic and user summary Insights to threats Notification centerTLS/SSL/SSH decryption and inspection TLS 1.3 with enhanced security1 Deep packet inspection for TLS/SSL/SSH Inclusion/exclusion of objects, groupsor hostnames SSL control Enhancements for DPI-SSL with CFS Granular DPI SSL controls per zone or ruleCapture advanced threat protection2Traffic visualization and analytics User activity Application/bandwidth/threat usage Cloud-based analyticsHTTP/HTTPS Web content filtering2 URL filtering Proxy avoidance Keyword blocking Policy-based filtering (exclusion/inclusion) HTTP header insertion Bandwidth manage CFS rating categories Unified policy model with app control Content Filtering Client Secure SD-WAN Auto-provision VPN IPSec VPN for site-to-site connectivity SSL VPN and IPSec client remote access Redundant VPN gateway Mobile Connect for iOS, Mac OS X, Windows,Chrome, Android and Kindle Fire Route-based VPN (OSPF, RIP, BGP)Cloud-based multi-engine analysis Hypervisor level analysis Full system emulation Broad file type examination Automated and manual submission Real-time threat intelligence updates Block until verdict Capture ClientIntrusion prevention2 Industry and global average comparison New UI/UX, Intuitive feature layout1 Dashboard Device information, application, threats Topology view Simplified policy creation and management Policy/Objects usage statistics1 Used vs Un-used Active vs Inactive Global search for static data Storage support1 Internal and external storage management1 WWAN USB card support (5G/LTE/4G/3G) Network Security Manager (NSM) support Web GUI Command line interface (CLI) Zero-Touch registration & provisioningNetworking PortShield Jumbo frames Path MTU discovery Enhanced logging VLAN trunking Port mirroring (NSa 2650 and above) Layer-2 QoS Port security SonicExpress mobile app support SNMPv2/v3 Centralized management and reporting withSonicWall Global Management System (GMS)2 Logging Netflow/IPFix exporting Cloud-based configuration backup BlueCoat security analytics platform Application and bandwidth visualization IPv4 and IPv6 management CD management screen Dell N-Series and X-Series switchmanagement including cascaded switchesDebugging and diagnostics Enhanced packet monitoring SSH terminal on UIWireless Signature-based scanning Dynamic routing (RIP/OSPF/BGP) SonicWave AP cloud management Automatic signature updates SonicWall wireless controller WIDS/WIPS Bi-directional inspection Policy-based routing (ToS/metric and ECMP) Rogue AP prevention Granular IPS rule capability NAT Fast roaming (802.11k/r/v) GeoIP enforcement DHCP server 802.11s mesh networking Botnet filtering with dynamic list Auto-channel selection Regular expression matching A/P high availability with state sync RF spectrum analysis Inbound/outbound load balancing Floor plan view High availability - Active/Standby withstate sync Topology view Gateway anti-spyware L2 bridge, wire/virtual wire mode, tap mode,NAT mode Beamforming Bi-directional inspection Asymmetric routing No file size limitation Common Access Card (CAC) supportAnti-malware2 Stream-based malware scanning Gateway anti-virus Cloud malware databaseBandwidth managementVoIP Granular QoS control Bandwidth management DPI for VoIP traffic H.323 gatekeeper and SIP proxy supportNew feature, available on SonicOS 7.02Requires added subscription5 New design or template CSC Simple Reporting1VPN Real-Time Deep Memory Inspection Virtualized sandboxing1Management, monitoring and support Stateful packet inspection Band steering AirTime fairness Bluetooth Low Energy MiFi extender RF enhancements and improvements Guest cyclic quota
ProductSKUTZ670 with 1-year TotalSecure Essential Edition02-SSC-5640TZ670 with 3-year Secure Upgrade Plus Essential Edition02-SSC-5660TZ670 High Availability02-SSC-5654ServicesSKUEssential Protection Service Suite - Capture ATP, Threat Prevention, Content Filtering, Anti-Spam and 24x7 Support(1-year)02-SSC-5053Capture Advanced Threat Protection for TZ670 (1-year)02-SSC-5035Gateway Anti-Virus, Intrusion Prevention and Application Control (1-year)02-SSC-5059Content Filtering Service (1-year)02-SSC-5047Comprehensive Anti-Spam Service (1-year)02-SSC-504124x7 Support (1-year)02-SSC-5029AccessoriesSKUSonicWall TZ670/570 Series FRU Power Supply02-SSC-3078SonicWall TZ670/570 Series Rack Mount Kit02-SSC-3112SonicWall 32GB Storage Module for TZ670/570 Series02-SSC-3114SonicWall 64GB Storage Module for TZ670/570 Series02-SSC-3115SonicWall 128GB Storage Module for TZ670/570 Series02-SSC-3116SonicWall 256GB Storage Module for TZ670/570 Series02-SSC-311710GB-SR SFP Short Reach Fiber Module Multi-Mode No Cable01-SSC-978510GB-LR SFP Long Reach Fiber Module Single-Mode No Cable01-SSC-978610GB SFP Copper with 1M Twinax Cable01-SSC-978710GB SFP Copper with 3M Twinax Cable01-SSC-97881GB-SX SFP Short Haul Fiber Module Multi-Mode No Cable01-SSC-97891GB-LX SFP Long Haul Fiber Module Single-Mode No Cable01-SSC-97901GB-RJ45 SFP Copper Module No Cable01-SSC-9791SonicWall SFP 10GBASE-T Transceiver Copper RJ45 Module02-SSC-1874SonicWall Micro USB Console Cable for TZ670/570 Series02-SSC-5173Regulatory model numbersTZ670APL62-0F7Partner Enabled ServicesNeed help to plan, deploy or optimize your SonicWall solution? SonicWall Advanced Services Partners are trained to provideyou with world class professional services. Learn more at www.sonicwall.com/PES.About SonicWallSonicWall delivers Boundless Cybersecurity for the hyper-distributed era and a work reality where everyone is remote, mobileand unsecure. By knowing the unknown, providing real-time visibility and enabling breakthrough economics, SonicWall closes thecybersecurity business gap for enterprises, governments and SMBs worldwide. For more information, visit www.sonicwall.com.SonicWall, Inc.1033 McCarthy Boulevard Milpitas, CA 95035Refer to our website for additional information.www.sonicwall.com 2020 SonicWall Inc. ALL RIGHTS RESERVED. SonicWall is atrademark or registered trademark of SonicWall Inc. and/or its affiliatesin the U.S.A. and/or other countries. All other trademarks and registeredtrademarks are property of their respective owners.Datasheet-TZ670-US-KJ-1983
SonicWall Switches and SonicWave Access Points. It allows tight integration with Capture Client for seamless endpoint security. SonicOS and Security Services The SonicOS architecture is at the core of TZ NGFWs. TZ670 is powered by the feature rich SonicOS 7.0 operating system with new mo
SonicWall University utilizes an online proctoring solution to proctor the SonicWall certification exams. The ProctorFree online proctoring software allows . SonicWall University students to take their certification exams anywhere, anytime using facial recognition software to verify a test taker's identity and proctor exams. SonicWall .
SonicWALL Content Filtering feature. A Web browser is used to access the SonicWALL Management interface, and the commands and functions of Content Filtering. The following sections are in this chapter: Accessing the SonicWALL using a Web browser Enabling Content Filtering and Blocking Customizing Content Filtering
SonicWall Global Management System 9.1 Getting Started Guide Introduction to GMS 1 5 Introduction to GMS SonicWall Global Management System (GMS) is a Web‐based application that can configure and manage thousands of SonicWall firewall appliances and NetMonitor non‐SonicWall appliances from a central location.
SonicWall Product Lines Table of Contents SonicWall SuperMassive 9000 series 2 SonicWall NSA series 3 SonicWall TZ series 4 . 4 For every 125,000 DPI connections reduced, the number of available DPI SSL connections increases by 750. *Future use. All specifications, features and availability are subject to change. 4
SonicWall Product Lines Contents SonicWall SuperMassive E10000 series 2 SonicWall SuperMassive 9000 series 3 SonicWall NSA series 4 . SSL Inspection and Decryption (DPI SSL)2 200 Mbps 300 Mbps 500 Mbps 800 Mbps 1.3 Gbps VPN throughput3 1.1 Gbps 1.5 Gbps 3.0 Gbps 4.5 Gbps 5.0 Gbps
10/100 1-8 SonicWALL TZ 190 Appliance Front Feature Description PC Card Slot Location to insert your WWAN PC Card modem. For use only with SonicWALL approved PC cards.* Power LED Indicates the SonicWALL TZ 190 appliance is powered on. Test LED Solid: Indicates that the SonicWALL TZ 190 appliance is in test mode. Blinking: The unit is first .
SonicWALL SSL-VPN 200. Registering and Enabling Support . to set up your SonicWALL TZ 180 security appliance for the first time. For additional setup information, refer to the "Basic SonicWALL Security Appliance Setup" section in the . Save all files on a secure network resource that is backed up on a regular basis. Refer to .
C. FINANCIAL ACCOUNTING STANDARDS BOARD In 1973, an independent full-time organization called the Financial Accounting Standards Board (FASB) was established, and it has determined GAAP since then. 1. Statements of Financial Accounting Standards (SFAS) These statements establish GAAP and define the specific methods and procedures for
