SonicWall Adds SSL Deep Packet Inspection to Firewall LinesBy Ericka Chickowski | Posted 2010-02-16 Email Print
The upgrade aims to thwart bad guys that have begun using encryption technologies against the very security communities that made them popular.
The latest platform iteration for the SonicWall TZ, NSA, and E-Class NSA firewalls, SonicOS 5.6 adds a new deep packet inspection (DPI) engine for SSL encrypted traffic, which has increasingly become a blind spot in many firewall, content filtering and data leak protection schemes today. Bad guys have begun using encryption technologies against the very security communities that made them popular, using encryption to avoid the HTTPS protocol to bypass filters and expose networks to malware attacks.
"Encryption is obviously an essential tool in security. Yet encryption is now being used as a tool to defeat security," said Patrick Sweeney, vice president of product management at SonicWall. "With SonicWALL's DPI-SSL inspection capabilities, companies can ensure that security tools are working for them, not against them. Companies are put back in control of the data that leaves their network while controlling what web sites users access."
The new SSL inspection feature examines all SSL sessions across all ports, independent of protocol without relying on a proxy configuration on the endpoints. Scanning and monitoring can be performed both on outbound connections from the clients and inbound connections to the servers, with protection options available for gateway anti-virus, gateway anti-spyware, intrusion prevention and application control
In addition to deep packet inspection, the latest upgrades to Sonic OS also adds USB 3G and modem failover support to NSA and E-Class NSA series, a feature already included in the TZ line. Also added is a new terminal services agent for transparent authentication of users, as well as dynamic routing over VPN to add a better level of continuity when tunnels are temporarily disabled or undergoing changes.