SonicWall TZ 205 Series
Unified Threat Management Firewall
Sorry, this product is no longer available, Click the banner above to find an upgrade or purchase support and subscription renewals below.
Overview:
The SonicWall® TZ Series is the most secure Unified Threat Management (UTM) firewall for small businesses, retail deployments, remote sites, branch offices and distributed enterprises. Unlike consumer-grade products, the TZ Series delivers the most effective anti-malware, intrusion prevention, content/URL filtering and application control capabilities along with the broadest most secure mobile platform support for laptops, smartphones and tablets. It provides full deep packet inspection (DPI) at very high performance levels, eliminating the network bottleneck that other products introduce, and enabling organizations to realize increased productivity gains. The TZ Series is the most secure, sophisticated and widely-deployed security platform on the market today.
Additionally, the SonicWall Application Intelligence and Control capabilities in the TZ 215 ensures that bandwidth is available for business-critical applications while throttling or blocking unproductive applications. The TZ 215 also offers advanced application traffic analytics and reporting for deep insight into bandwidth utilization and security threats.
The TZ Series includes additional advanced networking features such as IPSec and SSL VPN, multiple ISP failover, load balancing, optional integrated 802.11n wireless and network segmentation, and also enables PCI compliance. The TZ Series is the only available UTM firewall that provides native VPN remote access client for Apple® iOS, Google® Android™, Windows, Mac OS and Linux. This unique client also supports Clean VPN™, which decontaminates threats from VPN traffic. Providing the most secure support for mobile platforms, only SonicWall delivers full malware scanning of SSL encrypted traffic and application control for Android and iOS devices.
The new TZ Series is an elegant integration of multiple point products, combined into a single solution providing value while reducing complexity.
- Built on the proven security architecture of SonicOS, the TZ Series provides highly effective anti-malware and intrusion prevention to keep networks safe from sophisticated modern threats.
- Highly secure SSL VPN remote access is available natively for Apple iOS, Google Android, Windows, Mac OS and Linux based devices to unleash the potential of a mobile workforce.
- SonicWall content and URL filtering blocks multiple categories of objectionable web content to enable high workplace productivity and reduce legal liability.
- Easy to comprehend and quick to deploy, the graphical user interface in the TZ Series eliminates the choice between ease-of-use and power, driving down total cost of ownership.
* U.S. Patent 7,310,815-A method and apparatus for data stream analysis and blocking.
** Available as an option only on the TZ 210 Series
Features and Benefits:
| SonicWall TZ Series Features: | |
|---|---|
| Intrusion Prevention | |
| Signature-based Scanning | Tightly integrated, signature-based intrusion prevention scans packet payloads for vulnerabilities and exploits that target critical internal systems. |
| Automatic Signature Updates | SonicWall's Research Team continuously updates and deploys an extensive list of over 5,400 IPS signatures covering 52 attack categories. These signatures take immediate effect and do not require reboots or any other interruption in service. |
| Outbound Threat Prevention | The ability to inspect both inbound and outbound traffic ensures that the network will not unwittingly be used in Distributed Denial of Service attacks and will prevent any Command and Control Botnet communication. |
| Intra-Zone IPS Protection | Intrusion prevention can be deployed between internal security zones to protect sensitive servers and to prevent internal attacks. |
| VPN | |
| IPSec VPN for Site-to-site Connectivity | High-performance IPSec VPN allows the firewall to connect remote branch offices to a central location. |
| SSL VPN or IPSec Client Remote Access | Utilize clientless SSL VPN technology or an easy-to-manage IPSec client for easy access to email, files, computers, intranet sites and applications from a variety of platforms. |
| Redundant VPN Gateway | When using multiple WANs, a primary and secondary VPN can be configured to allow seamless automatic failover and failback of all VPN sessions. |
| Route-based VPN | The ability to perform dynamic routing over VPN links ensures continuous uptime in the event of a temporary VPN tunnel failure by seamlessly re-routing traffic between endpoints through alternate routes. |
| Clean VPN | SonicWall Clean VPN™ both secures the integrity of VPN access and decontaminates malicious threats before they can enter the corporate network. |
| Gateway Threat Prevention | |
| Gateway Anti-Malware | SonicWall's patented RFDPI engine scans all ports and protocols for viruses without file size or stream length limitation. SonicLabs Researchers constantly provide updated threat protection, providing faster response times and threat prevention. |
| Reassembly-Free Deep Packet (RFDPI) | Reassembly-Free Deep Packet Inspection keeps track of malware regardless of the order or inspection timing with which the packets arrive. This allows for extremely low latency while eliminating file and stream size limitations. This provides greater performance and security than outdated proxy designs which reassemble contents using sockets bolted to traditional anti-virus programs and are plagued with inefficiencies and the overhead of memory thrashing leading to high latency, low performance and size limitations. |
| Cloud Anti-Virus (AV) | Using the built-in RFDI engine, SonicWall can leverage the power of the cloud to provide the most comprehensive set of anti-malware signatures available, while minimizing latency or delay. The SonicWall Cloud Anti-Virus Service provides millions of additional malware signatures for inspection of executable files using the most up-to-date information available. |
| Bi-directional Inspection | RFDPI can be performed on both inbound and outbound connections to provide protection in all network traffic directions. |
| 24x7 Signature Updates | SonicLabs Research Team team creates and updates signature databases that are propagated automatically to the firewalls in the field, with those signatures taking immediate effect without any reboot or service interruption required. |
| Firewall and Networking | |
| Stateful Packet Inspection | All network traffic is inspected, analyzed and brought into compliance with firewall access policies. |
| DOS Attack Protection | SYN Flood protection provides defense against DOS attacks using both layer 3 SYN proxy and layer 2 SYN blacklisting technologies. |
| Flexible Deployment | Can be deployed in traditional NAT and Layer 2 Bridge modes. |
| Policy-based Routing | Create routes based on protocol to direct traffic to a preferred WAN connection with the ability to fail back to a secondary WAN in the event of an outage. |
| High Availability | Supports Active/Passive failover to ensure increased reliability by protecting against hardware or software faults. |
| WAN Load Balancing | Load balance up to four WAN interfaces using Round Robin, Spillover or Percentage based methods. |
| WAN Acceleration | WAN Acceleration decreases latency and increases transfer speeds between remote sites for even higher network efficiency gains. |
| VoIP | |
| Advanced QoS | Guarantee critical communications with 802.1p and DSCP tagging and remapping of VoIP traffic on the network. |
| DPI of VoIP Traffic | Predefined signatures detect and block VoIP specific threats. |
| H.323 Gatekeeper and SIP Proxy Support | Block spam calls by requiring that all incoming calls are authorised and authenticated by H.323 gatekeeper or SIP proxy. |
| Management and Monitoring | |
| Web GUI | An intuitive web-based interface allows quick and convenient configuration in addition to management through SonicWall Global Management System (GMS®), or the CLI. |
| SNMP | SNMP provides the ability to protectively monitor and respond to threats and alerts. |
| Netflow/IPFIX | Export an extended set of data through IPFIX or NetFlow protocols for granular insight into application traffic, bandwidth utilization and security threats in addition to powerful troubleshooting and forensics capabilities. Compatible with SonicWall Scrutinizer and third-party monitoring and reporting applications. (TZ 215 only) |
| Centralized Policy Management | With SonicWall GMS, monitor, configure and report on multiple SonicWall appliances from a single intuitive interface and customize your security environment to suit your individual policies. |
| Application Intelligence and Control | |
| Application Control | Identify and control applications or individual components of an application based on RFDPI technology instead of relying on well-known ports and protocols. |
| Application Bandwidth Management | Allocate bandwidth to critical applications while throttling unproductive application traffic for an efficient and productive network. |
| Custom Application Identification | Create and configure custom application identification based on traffic parameters or on patterns unique to an application in its network communications. |
| Application Trafic Analytics | Provides organizations with granular insight into application traffic, bandwidth utilization and security in addition to powerful troubleshooting and forensics capabilities. (TZ 215 only) |
| Application Signature Database | A continuously expanding database of over 3,500 application signatures ensures that administrators are able to control the usage of all the latest applications on their network at a category or individual level. |
| User Activity Tracking | User identification is seamlessly integrated with Microsoft® Active Directory and other authentication systems enabling tracking and reporting of individual user identification. |
| GeoIP Country Traffic Identification | Identify and control network traffic going to or coming from specific countries. (TZ 215 only) |
Deployment:
Small businesses, retail deployments, government organizations, remote sites and branch offices can benefit from the powerful security and business-class performance of the new SonicWall TZ 205. Unlike consumer grade products, this powerful Unified Threat Management (UTM) firewall combines the most effective intrusion prevention, anti-malware and content/URL filtering with the broadest, most secure mobile platform support for laptops, smartphones and tablets. By providing full deep packet inspection (DPI) at very high performance levels, it eliminates the tradeoff between comprehensive security and performance.
Specifications:
| Models: | TZ 105 Series | TZ 205 Series | TZ 215 Series |
|---|---|---|---|
| Firewall | |||
| SonicOS Version | SonicOS 5.8.1 and later | ||
| Stateful Throughput1 | 200 Mbps | 500 Mbps | 500 Mbps |
| IPS Throughput2 | 60 Mbps | 80 Mbps | 110 Mbps |
| GAV Throughput2 | 40 Mbps | 60 Mbps | 70 Mbps |
| UTM Throughput2 | 25 Mbps | 40 Mbps | 60 Mbps |
| Maximum Connections3 | 8,000 | 12,000 | 48,000 |
| Maximum UTM/DPI Connections | 8,000 | 12,000 | 32,000 |
| New Connections/Sec | 1,000 | 1,500 | 1,800 |
| Nodes Supported | Unrestricted | ||
| Denial of Service Attack Protection | 22 classes of DoS, DDoS and scanning attacks | ||
| SonicPoints Supported | 1 | 2 | 16 |
| VPN | TZ 105 Series | TZ 205 Series | TZ 215 Series |
| 3DES/AES Throughput4 | 75 Mbps | 100 Mbps | 130 Mbps |
| Site-to-Site VPN Tunnels | 5 | 10 | 20 |
| Bundled Global VPN Client Licenses (maximum) | 0 (5) | 2 (10) | 2 (25) |
| Bundled SSL VPN Licenses (maximum) | 1 (5) | 1 (10) | 2 (10) |
| Encryption/Authentication/DH Group | DES, 3DES, AES (128, 142, 256-bit), MD5, SHA-1, SHA-2/DH Group 1, 2, 5, 14 | ||
| Virtual Assist Bundled (Maximum) | - | 30-day trial (1) | 30-day trial (2) |
| Key Exchange | IKE, Manual Key, Certificates (X.509), L2TP over IPSec | ||
| Certificate Support | Verisign, Thawte, Cybertrust, RSA Keon, Entrust and Microsoft CA for SonicWall-to-SonicWall VPN, SCEP | ||
| VPN Features | Dead Peer Detection, DHCP Over VPN, IPSec NAT Traversal, Redundant VPN Gateway, Route-based VPN | ||
| Global VPN Client Platforms Supported | Microsoft® Windows XP, Vista 32/64-bit, Windows 7 32/64-bit | ||
| SSL VPN Platforms Supported | Microsoft Windows XP/Vista 32/64-bit/Windows 7, Mac OSX 10.4+, Linux FC3+/Ubuntu 7+/OpenSUSE | ||
| Mobile Connect Platform | Apple® iOS 4.2 or higher, Google® Android™ 4.0 or higher | ||
| Security Services | TZ 105 Series | TZ 205 Series | TZ 215 Series |
| Deep Packet Inspection Services | Gateway Anti-Virus, Anti-Spyware, Intrusion Prevention, Application Intelligence and Control (TZ 215 only) | ||
| Content Filtering Service (CFS) | HTTP URL, HTTPS IP, keyword and content scanning, ActiveX, Java Applet, and cookie blocking bandwidth management on filtering categories, allow/forbid lists | ||
| Enforced Client Anti-Virus and Anti-Spyware | McAfee® | ||
| Comprehensive Anti-Spam Service6 | Supported | ||
| Application Intelligence and Control | Application Control | Application Traffic Visualization and Advanced Application Control | |
| Networking | TZ 105 Series | TZ 205 Series | TZ 215 Series |
| IP Address Assignment | Static, (DHCP, PPPoE, L2TP and PPTP client), Internal DHCP server, DHCP relay | ||
| NAT Modes | 1:1, 1:many, many:1, many:many, flexible NAT (overlapping IPs), PAT, transparent mode | ||
| VLANs | 5, Portshield | 10, Portshield | 10, Portshield |
| DHCP | Internal server, relay | ||
| Routing | OSPF, RIP v1/v2, static routes, policy-based routing, multicast | ||
| Authentication | LDAP, Local DB, RADIUS, XAUTH, X-Forwarders8 | ||
| Single sign-on | AD, eDirectory, RADIUS Accounting, NTLM, X-Forwarders8 | AD, eDirectory, RADIUS Accounting, NTLM, X-Forwarders8, Terminal Server and Citrix | |
| Local User Database | 150 users | ||
| VoIP | Full H.323v1-5, SIP, gatekeeper support, outbound bandwidth management, VoIP over WLAN,deep inspection security, full interoperability with most VoIP gateway and communications devices | ||
| System | TZ 105 Series | TZ 205 Series | TZ 215 Series |
| Zone Security | Yes | Yes | Yes |
| Schedules | Yes | Yes | Yes |
| Object-based/Group-based Management | Yes | Yes | Yes |
| DDNS | Dynamic DNS providers include: dyndns.org, yi.org, no-ip.com and changeip.com | ||
| Management and Monitoring | Local CLI, Web GUI (HTTP, HTTPS), SNMP v3; Global management with SonicWall GMS | ||
| Logging and Reporting | Analyzer, Scrutinizer, GMS, Local Log, Syslog, Solera Networks, NetFlow v5/v9 (TZ 215), IPFIX with Extensions (TZ 215), Real-time Visualization (TZ 215 only) | ||
| Hardware Failover | - | Active/Passive | Active/Passive |
| Anti-Spam | RBL support, Allowed/Blocked Lists, Optional SonicWall Comprehensive Anti-Spam Service6 | ||
| Load Balancing | Yes, Outgoing and Incoming | ||
| Standards | TCP/IP, UDP, ICMP, HTTP, HTTPS, IPSec, ISAKMP/IKE, SNMP, DHCP, PPPoE, L2TP, PPTP, RADIUS, IEEE 802.3 | ||
| WAN Acceleration Support7 | Yes, with SonicWall WXA appliances | ||
| Built-in Wireless LAN | TZ 105W Series | TZ 205W Series | TZ 215W Series |
| Standards | 802.11b/g/n | 802.11a/b/g/n (3x3) | 802.11a/b/g/n (3x3) |
| Wireless Security Standards | WEP, WPA, WPA2, 802.11i, TKIP, PSK,02.1x, EAP-PEAP, EAP-TTLS | ||
| Virtual Access Points (VAPs) | Up to 8 | ||
| Antennas | Double, detachable, dual | Triple: 2 external detachable, 1 internal | Triple, detachable, external |
| Radio Power: 802.11b/802.11g/802.11n | 18 dBm max/18 dBm @ 6Mbps, 15 dBm @ 54Mbps | 15.5 dBm max/18 dBm max/17 dBM @ 6 Mbps, 13 dBM @ 54 Mbps | |
| Radio Power: 802.11a/802.11b/802.11g/802.11n | - | 15.5 dBm max/18 dBm max/17 dBM @ 6 Mbps, 13 dBM @ 54 Mbps | |
| Radio Power: 802.11n (2.4GHz)/802.11n (5.0GHz) | 19 dBm MCS 0, 12 dBm MCS 15 | 19 dBm MCS 0, 11 dBm MCS 15/17 dBm MCS 0, 12 dBm MCS 15 | |
| Radio Receive Sensitivity: 802.11a/802.11b/802.11g |
-90 dBm @ 11Mbps/-91 dBm @ 6 Mbps, -74 dBm @54 Mbps | -95 dBm MCS 0, -81 dBm MCS 15/-90 dBm @ 11Mbps/-91 dBm @ 6Mbps, -74 dBm @ 54 Mbps | |
| Radio Receive Sensitivity: 802.11n (2.4GHz)/802.11n (5.0GHz) |
-89 dBm MCS 0, -70 dBm MCS 15 | -89 dBm MCS 0, -70 dBm MCS 15/-95 dBm MCS 0, -76 dBm MCS 15 | |
| Hardware | TZ 105 Series | TZ 205 Series | TZ 215 Series |
| Interfaces | (5) 10/100 Fast Ethernet, 1 USB, 1 Console | (5) 10/100/1000 Copper Gigabit, 1 USB, 1 Console | (7) 10/100/1000 Copper Gigabit, 2 USB, 1 Console |
| Processor | Single-Core | Dual-Core | Dual-Core |
| Flash Memory/RAM | 32 MB/256 MB | 32 MB/256 MB | 32 MB/512 MB |
| 3G Wireless/Modem5 | Supported with approved adapters5 | ||
| USB Ports | 1 | 1 | 2 |
| Power Input | 100 to 240 VAC, 50-60 Hz, 1 A | ||
| Max Power Consumption | 5.2W/7.0W | 6.4W/10.5W | 9.0W/12.0W |
| Total Heat Dissipation | 17.8 BTU/23.7 BTU | 21.9 BTU/35.8 BTU | 30.6 BTU/41.4 BTU |
| Certifications | VPNC, ICSA Firewall 4.1 | ||
| Certifications Pending | EAL4+, FIPS 140-2 Level 2, IPv6 Phase 1, IPv6 Phase 2 | ||
| Dimensions | 5.555 x 1.42 x 7.48 in (14.1 x 3.6 x 19 cm) |
5.555 x 1.42 x 7.48 in (14.1 x 3.6 x 19 cm) |
7.125 x 1.5 x 10.5 in (18.1 x 3.81 x 26.67 cm) |
| Weight | 0.75 lbs/0.34 kg 0.84 lbs/0.38 kg |
0.75 lbs/0.34 kg 0.84 lbs/0.38 kg |
1.95 lbs/0.97 kg 2.15 lbs/0.97 kg |
| Major Regulatory Compliance | FCC Class A, CES Class A, CE, C-Tick, VCCI, Compliance MIC, NOM, UL, cUL, TUV/GS, CB, NOM, WEEE, RoHS | ||
| Environment/Humidity | 40-105° F, 0-40° C/ 5-95% non-condensing | ||
| MTB | 28 years/15 years | ||
1 Testing Methodologies: Maximum performance based on RFC 2544 (for firewall). Actual performance may vary depending on network conditions and activated services.
2 UTM/Gateway AV/Anti-Spyware/IPS throughput measured using industry standard Spirent WebAvalanche HTTP performance test and Ixia test tools. Testing done with multiple flows through multiple port pairs.
3 Actual maximum connection counts are lower when DPI services are enabled.
4 VPN throughput measured using UDP traffic at 1280 byte packet size adhering to RFC 2544.
5 3G card and modem are not included. See http://www.sonicwall.com/us/products/cardsupport.html for supported USB devices.
6 The Comprehensive Anti-Spam Service supports an unrestricted number of users but is recommended for 250 users or less.
7 With SonicWall WXA Series Appliances.
8 Web proxy using X-Forwarded-For
Documentation:
Download the SonicWall TZ Series Datasheet (.PDF)
Pricing Notes:
- All Prices are Inclusive of GST
- Pricing and product availability subject to change without notice.
Our Price: $101.54
Our Price: $435.77
Our Price: $699.49
Our Price: $101.54
Our Price: $435.77
Our Price: $699.49