Case 5:17-cv-04467-BLF Document 431-4 Filed 03/21/21 Page 1 of 13
`
`Exhibit C
`
`

`

`Case 5:17-cv-04467-BLF Document 431-4 Filed 03/21/21 Page 2 of 13
`SONICW~ LL®
`
`SonicWall SuperMassive Series
`
`Uncompromising, high-performance, next-generation firewall protection for
`your enterprise network.
`
`The SonicWall SuperMassive Series is
`SonicWall's next-generation firewall
`(NGFW) platform designed for large
`networks to deliver scalability, reliability
`and deep security at multi-gigabit
`speeds with near zero latency.
`
`The RFDPI engine delivers full content
`inspection to eliminate various forms of
`malware before they enter the network
`and provides protection against evolving
`threats - without file size, performance
`or latency limitations.
`
`Built to meet the needs of enterprise,
`government, education, retail,
`healthcare and service provider, the
`SuperMassive Series is ideal for securing
`distributed enterprise networks, data
`centers and service providers.
`
`The combination of SonicWall's
`SonicOS operating system, patented*
`Reassembly-Free Deep Packet
`Inspection® (RFDPI) technology and
`massively multi-core, highly scalable
`hardware architecture, the SuperMassive
`9000 Series deliver industry-leading
`application control, intrusion prevention,
`malware protection and TLS/SSL
`decryption and inspection at multi(cid:173)
`gigabit speeds. The SuperMassive
`Series is thoughtfully designed with
`power, space and cooling (PSC) in mind,
`providing the leading Gbps/watt NGFW
`in the industry for high performance
`packet and data processing, application
`control and threat prevention.
`
`The SonicWall RFDPI engine scans
`every byte of every packet across all
`ports, delivering full content inspection
`of the entire stream while providing
`high performance and low latency. This
`technology is superior to proxy designs
`that reassemble content using sockets
`bolted to anti-malware programs,
`which are plagued with inefficiencies
`and the overhead of socket memory
`thrashing, which leads to high latency,
`low performance and file size limitations.
`
`The RFDPI engine also performs full
`decryption and inspection of TLS/SSL
`and SSH encrypted traffic as well as
`non-proxyable applications, enabling
`complete protection regardless of
`transport or protocol. It looks deep
`inside every packets (the header and
`data part) searching for protocol non(cid:173)
`compliance, threats, zero-days, intrusions,
`and even defined criteria to detect and
`prevent attacks hidden inside encrypted
`traffic, cease the spread of infections,
`and thwart command and control (C&C)
`communications and data exfiltration.
`Inclusion and exclusion rules allow total
`control to customize which traffic is
`subject to decryption and inspection
`based on specific organizational
`compliance and/or legal requirements.
`
`Application traffic analytics enable
`the identification of productive and
`unproductive application traffic in real
`time, and traffic can then be controlled
`through powerful application-level
`policies. Application control can be
`exercised on both a per-user and per(cid:173)
`group basis, along with schedules and
`exception lists. All application, intrusion
`prevention and malware signatures are
`constantly updated by the SonicWall
`Capture Labs threats research team.
`Additionally, SonicOS, an advanced
`purpose-built operating system,
`provides integrated tools that allow
`for custom application identification
`and control.
`
`*U.S. Patents 7,310,815; 7,600,257; 7,738,380; 7,835,361
`
`~
`If
`-- ·~;;
`"
`.=-.ti!..
`'
`·'.· oE u8~EB:±l . ,
`
`'
`, - --
`
`SuperMassive 9000 Series
`
`Benefits:
`
`• Get complete breach prevention
`including high performance
`intrusion prevention, low
`latency malware protection and
`cloud-based sandboxing
`
`• Gain full granular application
`identification, control
`and visualization
`
`• Find and block hidden threats with
`decryption and inspection of TLS/
`SSL and SSH encrypted traffic,
`without performance problems
`
`• Scale security performance for
`10/40 Gbps data centers
`
`• Adapt to service-level increases
`and ensure network services
`and resources are available
`and protected
`
`SonicWall-Finjan_00000655
`
`Exhibit #
`
`Striegel 6
`
`11/03/20 - CS
`
`exhibitsticker.com
`
`

`

`Case 5:17-cv-04467-BLF Document 431-4 Filed 03/21/21 Page 3 of 13
`
`Series lineup
`
`The SonicWaH SuperMassive 9000 Series features 4 x 10-GbE SFP+, up to 12 x 1-GbE SFP, 8 x 1-GbE copper and 1 GbE
`management interfaces, with an expansion port for an additional 2x10- GbE 5FP+ interfaces (future release). The 9000 Series
`feat니res hot-swappable fan modules and power s니ppiies.
`
`SuperM저s이ve 9000 Series
`
`LCD
`controls
`
`SD card for 2 x 80Gb
`future 니se
`SSD
`
`12 x 1-GbE 8 x 1-GbE
`SEP ports
`ports
`
`LCD Dual 4 X 10-GbE 8x 1-GbE 8x 1-GbE
`controls USB ports SEP+ ports SEP ports ports
`
`LCD Console D니al USB 1 GbE management 4 x 10-GbE
`display port
`ports
`SEP+ ports
`Interface
`
`D니al hot-
`swappable fans
`
`Expansion bay
`for future 니se
`
`Two hot-swappable,
`
`redundant power supplies
`
`LCD Console
`display port
`
`1 GbE management
`interface
`
`Expansion bay D니al hot-
`for future 니se swappable fans
`
`Two hot-swappable,
`red니πdant power supplies
`
`Capability
`
`Processing cores
`
`Firewa|| throughp니t
`
`Application inspection thro니ghp니t
`
`Intrusion prevention system (IPS) th「。니ghput
`
`9200
`
`24
`
`15 Gbps
`
`5 Gbps
`
`5 Gbps
`
`9400
`
`32
`
`20 Gbps
`
`10 Gbps
`
`10 Gbps
`
`9600
`
`32
`
`9800
`
`64
`
`20 Gbps
`
`31.8 Gbps
`
`11.5 Gbps
`
`23 Gbps
`
`11.5 G b ps
`
`21.3 Gbps
`
`Anti-malware inspection thr〇니ghp니t
`
`3.5 Gbps
`
`4.5 Gbps
`
`5 Gbps
`
`11 Gbps
`
`Maximum DPI connections
`Deployment modes
`
`L2 bridge mode
`
`Wire mode
`
`Gateway/NAT mode
`
`Tap mode
`
`Transparent mode
`
`1.5 M
`9200
`
`Yes
`
`Yes
`
`Yes
`
`Yes
`
`Yes
`
`1.5 M
`9400
`
`Yes
`
`Yes
`
`Yes
`
`Yes
`
`Yes
`
`2.0 M
`9600
`
`Yes
`
`Yes
`
`Yes
`
`Yes
`
`Yes
`
`2.5 M
`9800
`
`Yes
`
`Yes
`
`Yes
`
`Yes
`
`Yes
`
`SON lev\々뉘丄
`
`SonicWall-Finjan_00000656
`
`

`

`Case 5:17-cv-04467-BLF Document 431-4 Filed 03/21/21 Page 4 of 13
`
`Reassembly-Free Deep Packet
`Inspection engine
`
`RFDPI is a single-pass, low latency
`inspection system that performs
`stream-based, bi-directional traffic
`analysis at high speed witho니t proxying
`or b니ffering to effectively 니ncover
`intrusion attempts, malware and identify
`application traffic regardless of port and
`protocol. This proprietary engine relies
`on streaming traffic payload inspection
`in order to detect threats at Layers
`3-7. The RFDPI engine takes network
`streams thro니gh extensive and repeated
`
`normalization and decryption in order
`to ne니tralize advanced obf니scation and
`evasion techniques that seek to conf니se
`detection engines and sneak malicious
`code into the network.
`
`Once a packet undergoes the necessary
`pre-processing, including TLS/SSL
`decryption, it is analyzed against a single
`proprietary memory representation
`of multiple signature databases:
`intrusion attacks, malware, botnet and
`applications. The connection state
`is then advanced to represent the
`
`position of the stream relative to these
`databases 니ntil it enco니nters 허 state of
`attack, or other "match event, at which
`point a preset action is taken. In most
`cases, the connection is terminated
`and proper logging and notification
`events are created. However, the engine
`can also be config니red for inspection
`only or, in the case of application
`detection, to provide Layer 7 bandwidth
`management services for the remainder
`of the application stream as soon as the
`application is identified.
`
`Packet assembly-based process
`
`Reassembly-free Deep Packet Inspection (RFDPI)
`
`Packet
`Proxy Scanning disassembly
`
`SSL
`
`Traffic in
`
`n=1024
`
`SSL
`
`When proxy
`becomes f니|| or
`Inspection time
`1111111111111111111 content too large.
`Less
`files bypass
`More
`scanning,
`
`inspection capacity
`1111111111111111111
`Max
`Min
`
`inspection time
`1111111111111111111
`M 이e
`Less
`
`Inspection capacity
`1111111111111111111
`Max
`Min
`
`Reassembly-free packet
`scanning eliminates proxy
`and content size limitations.
`
`Competitive proxy-based architecture
`
`SonicWaH stream-based architecture
`
`Extensible architect니re for extreme
`scalability and performance
`
`The RFDPI engine is purposely designed
`with a keen foe니s on providing sec니rity
`scanning at a high level of performance,
`to match both the inherently parallel
`and ever growing nature of network
`traffic. When combined with multi-core
`processor systems, this parallelism­
`centric software architecture scales 니p
`perfec비y to address the demands of
`deep packet inspection (DPI) at high
`traffic loads. The SuperMassive platform
`relies on processors that, unlike x86,
`are optimized for packet, crypto and
`network processing while retaining
`flexibility and programmability in the
`field 一 a weak point for ASICs systems.
`
`This flexibility is essential when new code
`and behavior updates are necessary
`to protect against new attacl<s that
`req니ire 니pdated and more sophisticated
`detection techniq니es. Another aspect
`
`of the platform design is the 니niq니e
`ability to establish new connections
`on any core in the system, providing
`니timate scalability and the ability to
`deal with traffic spikes. This approach
`
`delivers extremely high new session
`establishment rates (new conn/sec) while
`deep packet inspection is enabled 一 a
`key metric that is often a bottleneck for
`data center deployments.
`
`12x 1 GbE SFP
`
`4x10GbESFP+
`
`SON lev\々뉘丄
`
`SonicWall-Finjan_00000657
`
`

`

`Case 5:17-cv-04467-BLF Document 431-4 Filed 03/21/21 Page 5 of 13
`
`effect immediately without reboots
`or interruptions. The signat니res on
`the appliances protect against wide
`classes of attacks, covering 니p to tens
`of thousands of individ니al threats with a
`single signat니re.
`
`In addition to the countermeasures on
`the appliance, SuperMassive firewalls
`also have access to the SonicWaH
`CloudAV\ which extends the onboard
`signat니re intelligence with tens of
`millions of signat니res, an더 growing
`by millions ann니ally. This CloudAV
`database is accessed by the firewaH via
`a proprietary, lightweight protocol to
`augment the inspection done on the
`appliance. With Capture Advanced
`Threat Protection', a 이〇니d-based multi­
`engine sandbox, organizations can
`examine s니spicious files and co더e in an
`isolated environment to stop advanced
`threats s니ch as zero-day attacks.
`
`the service, incl니ding scarce, destination
`and a s니mmary plus details of malware
`action once detonated.
`
`Files.SOnned in the last 30 days
`
`Viewing 652 files sccsned.
`
`SONiCVUpLL' I CjoiuieATPBesDfi
`
`*，袖岫
`
`COEAEiBIE
`CDEAEÄSIf
`CI1EAE4B1£
`COEAEIBIE
`
`!0191J1I
`
`IB6.91.H6.
`
`____
`135..16e.tCtt
`佰2 伯허 M
`
`5S!.15a.tM
`
`Capture Labs
`
`The dedicated, in-house SonicWaH
`Capture Labs threats research
`team researches and develops
`countermeasures to deploy to customer
`firewalls for up-to-date protection. The
`team gathers data on potential threat
`data from several s。니rces ind니ding。니r
`award-winning network sandboxing
`service. Capture Advanced Threat
`Protection, as wel| as more than 1 million
`SonicWaH sensors located aro니nd the
`globe that monitor traffic for emerging
`threats. It is analyzed via machine
`learning 니sing SonicWall's Deep
`Learning Algorithms to extract the DNA
`from the code to see if it is related to any
`known forms of malicious code.
`
`SonicWaH NGFW customers with the
`latest security capabilities are provided
`contin니〇니sly updated threat protection
`around the do이＜. New 니pdates take
`
`Requires added subscription
`
`Advanced threat protection
`
`SonicWaH Capture Advanced Threat
`Protection Service' is a clo니d-based
`multi-engine sandbox that extends
`firewa|| threat protection to detect and
`prevent zero-day threats. S니spicious files
`are sent to the cloud for analysis with
`the option to hold them at the gateway
`니ntil a veixlict is determined. The
`multi-engine sandbox platform, which
`inchjdes virtualized sandboxing, f니||
`system em니ation and hypervisor level
`analysis technology, exec니tes s니spido니s
`code and analyzes behavior. When a
`file is identified as malicious, a hash is
`immediately created within Capt니re and
`later a signature is sent to firewalls to
`prevent follow-on attacks.
`
`The service analyzes a broad range
`of operating systems and file types,
`including executable programs, DLL,
`PDFs, MS Office documents, archives,
`JAf3nd APK.
`
`Capt니re provides an at-a-glance threat
`analysis dashboard and reports, which
`detail the analysis results for files sent to
`
`SON lev\々뉘丄
`
`SonicWall-Finjan_00000658
`
`

`

`6S900000一니函! 十||e/v\이 u。S
`Case 5:17-cv-04467-BLF Document 431-4 Filed 03/21/21 Page 6 of 13
`
`Tl 办/91 NOS
`
`Äi!|iqe|B3s u。!suedx크 XJ〇d
`
`匚N匚皿匚1匚コ
`
`dV ©ABM기u。s
`IKM기u。S
`
`크。d 电!M
`니：>1!MS s©u©s-X
`
`U。!12加戸；x)v
`NVMII2M기u。S
`
`ejniomiSBJ^u|
`p9ßjeAU〇3
`
`----------------------------w® 리。sueつ
`
`lueLuebBUB[/\|
`리 6u!S
`
`SISOD ßUllBJsdo J0M〇1 .
`
`SQi이dujöi *〇d©」
`XOS WJIH 'Qd •
`
`이!e」i iipne
`OAisusqojdiuoQ .
`
`[oj^uoo sseooB 6u。」｝s •
`
`lueLueßeuBLU
`A이。d θ印扫。」妇 •
`
`lueLueßeuBLU
`
`P9Z!|B」1UQ〇 •
`
`s^ipuag
`
`卩|히丄19기아u크 eouBijdujoQ ejnoeg SIND IFM기u〇S
`
`,이$eq a기/\©p-Xq-9기ハ叩 e uo
`ßuißeuBLu 〇; pajedtuoo se si니©lu니〇」!aus
`X^unoas ||BjaA〇 jnoX p iu9lu96bublu
`spXosj-!| β니!ノq』du」!$ X||B〇!5.BUJBjp
`怎FA히 ©oiAjes pUB s©ss©o〇jd ss9U!snq
`Xq X^jnoes :>]jom4©니 ©ße니eu」(가. äbaa
`
`卩捋•何qoD B s9p!A〇jd g|/\j9 $니。!：]・£||”^©」
`め니e!|dしUOつ 아. SDUBLUJOjUOD U! puB
`sujjl. ;qßu sq; ;b's히：기]。d ||baa9JIJ. ；qßu
`9叩. ßu!Ä〇|d9p 니! 9：기」리인：]丄1〇〇 puB 心』!ße
`u!b6 ||!m sssijdjsius ||b 'ucgBU」아睥
`M이p|」〇M 5|/\j9 甲!M *e-iniBsj. u014.BLu01.nB
`M이：p卩。M B qßnojq; sesijdjeius j•〇
`siueLU9J!nb9J iusujsGbublu ößueip
`
`g“，»・"•レ《
`
`»i«-*
`
`X・・*•■■$
`
`■tKWilW
`
`£"■■，처"gp
`EXい，，grや
`
`g *¢6
`
`••«〇«8
`80&«。a9«
`ppf
`OOtlWWWO
`XkttJlÜM
`
`I 핫"■内사KW
`
`*>
`S-MUXR»«
`
` 7
`
`心
`
`gOfCuM««
`5*8£ ，■
`
`娜gf
`oiw*pw
`
`UUK g，
`
`
`
`«**«■«»
`>k«<kq
`qしATnsM
`
`we-nMHV
`Ä，흐>
`
`BSI-1W«W
`
`*ff«〇
`
`aiViO ■
`
`dWlP—k*¢
`
`w< IIMW
`
`***（〇
`
`¢eÄir«s»»s
`
`S«C>SM •
`
`心””“！
`
`(W(6***WD
`g加ft¢ Nina〉■
`
`WHF**5
`x»-*nMe
`msい，*u*
`
`IWM
`
`anoiOvM
`
`<pj,»
`**«¢
`(MIUBl 5“q¢
`ゝtQW>',
`•y»pi"g
`<«i-wuoiiw
`
`*언&* Ww
`*8弓
`
`ss«»〇〇***
`
`*»««J
`
`tw-*ow«w
`
`心£FFW*
`
`ätSIK
`
`vgivHuの
`
`AWtiluめ■
`
`w)*»$ *myi [wv>F«lfr«i3
`
`< FidNm* qi
`
`jo줘uogq 訓・5丄・擀9甘
`
`uoiiduasqns psppe sdJinbay(
`
`||BAA©J!J. ©し卩 SA©しU OS|B 5l/\J9 •如。u」
`pUB Eupod我 l!pnB pUB 90UB!|duJO3
`!5기$니9」(가 pUB S〇!4.Ä|BUB MO|J.
`¢UOQE기니9p! U〇!；B〇!|ddB fS©!；!All.DB
`j©sn !6니UOYU。しu i.u9Ae 이刀!1-戸9」
`fUJSLUSDJOJUS pUB lUGLUSßBUBUJ 人기|od
`p9Z!|ej)니θ：)ßu!pn|D니! *ejn4.3nj;SBJj.ui
`Äiunoös eqijo s?つ©dse f^oqejscIo
`||B UJ©A〇ß pUB 's히귀〉く이dしUCり
`ßui4.ooqs©|qn〇J4. p나e ©시：|•巳门$/!しupe
`eonpej ¢©Dueijdde 心unms |〇
`lUÖLUeßBUBLU aし卩 916[。![〇5나〇3 ÄpSBS
`이. 592卩서」키丄仲 s리qeu© 引/\|£) 使めく기d
`LUBej;s>|j〇M 리qe귀pne puB p카杉用」」〇:)
`B qßnojqi ssip^MS puB s^mod sssddb
`ss히切!M 怎||eMai!扌 INM기u〇S sßeuBLU
`04. し山아4이d 리q!gu카・X© puB sjnoes
`乍，리扌!니n B sj〇4.BJ4.S!U!LUpB s리。!八o」d
`(@SIAID) 」시카WS ；U9UJSßBUBlAl
`|Bq〇|9 iiQM기u〇s |e니〇!]do sq;
`リくβ카・e珥s iu9LU96bublu〉|su p니b
`0。니이|(二|1丄1〇：2，©つue니•饵Aoß Ä4.unoss
`p^：l•B니!pJOoつ Ä||nj. B 9A9!q〇B 01. 6u!：|•니eM
`s니〇!KZ!UBßj〇 p키.비n6sj 而し间니」〇」
`6니!牝|odm」
`pue iu9ujeßeueuj |e디이〇
`
`3斗|카M psseq
`-qsM öAQjnw! ©し卩 Äq p리:|jdしし|!s 电
`|〇HU〇つ pUB ©기J的||카叫 U〇!；BDI|ddB
`jQ lusLusßBUB|/\| ■이|2 4-joddns ©onpsj
`pUB ÄljAjlOnpOjd ©SBSJDUj 3u리■治dx9
`jssn θ屮.ssB9 s©用|!qedeD (055) uo-uEs
`리ßu!S ©jnoes 久||bu〇!귀pp^ s리｝!|!qedeつ
`s기$니ajoj. pUB ßunooqs리qno」].
`injJöMod SB ||3Mse *s^BSjqi Äi.un39s
`pu한 uoi4.BZ!|!4.n 屮piMpueq，키jje妇.
`u〇!ie기gde oiui iqßisui JB|nuBj6 epiAOjd
`[S긴 1시eip 긴丹e」丄 uoiieoiiddv [|eM긴u。$
`
`■어:)9U리][oq souBUjJopsd
`jo s>|〇Bi4.B pun0q4.no jo puno이u!
`|B!4U라•〇서 isuieße sensesしuj카・uncめ
`라お!p9UJしU! ßui|qBU9 Psdde니 Äeq; sb
`s리|eしuo니e 기丹eji sm!j4U9p! u〇!4.BZ!|Bns!A
`위丄りいド©서 s니〇!：|・e기|dde sn6捋ßuep
`시|BRU카Qd〉p이q pUB su〇!K기|dde
`9/\!4기지。〇」서1」11 리14OJ니4 うauoud 559니!訂】이
`uo psseq 이〇」：|丄|〇。u〇!4e:기|dde 리n|¢捋니つs
`니Bこ)Xs니4 os >|JO/\A；9U」!9니4 ßujSJSABJ；
`OIJ.J.BJ； u〇!4Eつ!|d어e 扌〇 sjok丄仰!니!し니pe
`SLUJOJ.U! θ:乂饵E||하心! u〇!；B〇!|dd\/
`|〇珥u。n p니e 9기」96!||91니! 니〇!le기|dd^
`
`

`

`Case 5:17-cv-04467-BLF Document 431-4 Filed 03/21/21 Page 7 of 13
`
`Feat니 res
`
`Feature
`
`Descri ption
`
`RFDPI engine
`
`Reassembly-Free Deep Packet
`
`This high-performance, proprietary and patente어 inspection engine performs stream-based, bi-directional traffic
`
`Inspectiori (RFDPI)
`
`analysis, without proxying or buffering, to uncover intrusion attempts an어. malware and to identify application traffic
`
`regardless of port.
`
`Bi-directional inspection
`
`Scans for threats in both inbound an어 outbound traffic simultaneou이y to ensure that the network is not use어 to 어istribute
`
`malware and 서oes not become a launch platform for attacks in case an infecteol machine is brought inside.
`
`Stream-based inspection
`
`Proxy-less an어 non-buffering inspection technology provides 니tra-l〇w latency performance for DPI of millions of
`
`simultaneous network streams without intro 서나 ci ng file an 어 stream size limitations, an 서 can be applied on common protocols
`
`as wel| as raw TCP streams.
`
`Highly parallel and scalable
`
`The unique design of the RFDPI engine works with the multi-core architecture to provide high DPI throughput and extremely
`
`high new session establishment rates to deal with traffic spikes in demanding networks.
`
`Single-pass inspection
`
`A single-pass DPI architecture sim니taneously scans for malware, intrusions an너 application identification, drastically reducing
`
`DPI latency and ensuring that al| threat information is correlate어 in a single architecture.
`
`Peature
`
`Description
`
`FirewaH and networking
`
`Threat API
`
`AH the firewa|| to receive and leverage any an어 al! proprietary, original equipment manufacturer an어 thir어-party intelligence
`
`fee어s to combat a어vanced threats such as zero-day, malicious insider, compromise서 credentials, ransomware an어
`
`advance어 persistent threats.
`
`Stateful packet inspection
`
`AH network traffic is inspected, analyzed and brought into compliance with firewaH access policies.
`
`High availability/clustering
`
`The SuperMassive Series supports Active/Passive (A/P) with state synchronization, Active/Active (A/A) DPI an어 Active/
`
`Active clustering high availability modes. Active/Active DPI offloads the deep packet inspection loa서 to cores on the passive
`appliance to boost throughput.
`
`DDoS/DoS attack protection
`
`SYN flood protection provides a defense against DOS attacks using both Layer 3 SYN proxy and Layer 2 SYN blacklisting
`
`technologies. Ad어itionally, it protects against DOS/DDoS through UDP/ICMP fl〇〇어 protection an어 connection rate limiting.
`
`IPv6 support
`
`Internet Protocol version 6 (IPv6) is in its early stages to replace IPv4. With the latest SonicOS 6.2, the har어ware wlH support
`
`filtering an서 wire mode implementations.
`
`Flexible deployment options
`
`The SuperMassive Series can be 어eployed in traditional NAT, Layer 2 bridge, wire and network tap modes.
`
`WAN load balancing
`
`Load-balances m니tiple WAN interfaces using Round Robin, Spillover or Percentage metho어s. Policy-base서 routing Creates
`
`routes base어 on protocol to direct traffic to a preferred WAN connection with the ability to fail back to a secon어ary WAN in
`
`the event of an outage.
`
`Advance서 quality of service (QoS)
`
`Guarantees critical communications with 802.1 p, DSCP tagging, and remapping of VoIP traffic on the network.
`
`H.323 gatekeeper an어. SIP
`
`Blocks spam calls by requiring that al! incoming calls are authorized and authenticated by H.323 gatekeeper or SIP proxy.
`
`proxy support
`
`Single and casca어ed Del! X-Series
`
`Manage security settings of a어ditional ports, including Portshield, HA, POE an서 POE-!-, un서er a single pane of glass using the
`
`network switch management
`
`firewaH management 서ashboard for DelTs X-Series network switch.
`
`Biometric authentication
`
`Supports mobile device authentication such as fingerprint recognition that cannot be easily 어uplicated or share어 to securely
`authenticate the user identity for network access.
`
`Open authentiGation and social login
`
`Enable guest users to use their credential from social networking service such as Facebook, Twitter, or Google-|- to sign in an서
`access the Internet and other g니est services through a host's wireless, LAN or DMZ zones using pass-through a니thentication.
`
`M니ti-서。main authentication
`
`Enables simple an어 fast way to administer sec니rity polices across al! network domains. Manage in어|vi어ual policy to a single
`
`domain or group of 어.。mains.
`
`Management and reporting
`
`Feature
`
`Descri ptIon
`
`Global Management System' (GMS)
`
`SonlcWaH GMS monitors, configures an선 reports on m니tiple SonlcWaH appliances through a single management console with
`an intuitive Interface, reducing management costs and complexity.
`
`Powerful single 서evice management
`
`An Intuitive web-based Interface a 11 ows quick an서 convenient configuration. In a서dition to a comprehensive command-line
`
`Interface an어 support for SNMPv2/3.
`
`IPEIX/NetF!ow application
`
`Exports application traffic analytics and usage data through IFTIX or NetFlow protocols for real-time and historical monitoring
`
`flow reporting
`
`and reporting with tools such as SonlcWaH Scrutinizer or other tools that support IPFIX and NetFlow with extensions.
`
`SON lev\々뉘丄
`
`SonicWall-Finjan_00000660
`
`

`

`Case 5:17-cv-04467-BLF Document 431-4 Filed 03/21/21 Page 8 of 13
`
`Feat니 res
`
`Feature
`
`Description
`
`Virtual private networking (VPN)
`
`Auto-provision VPN
`
`Simplifies and reduces complex distribute어 firewaH deployment 어own to a trivial effort by automating the initial site-to-site VPN
`
`gateway provisioning between SonicWaH firewalls while security and connectivity occurs instantly an너 automatically.
`
`VPN for site-to-site connectivity
`
`High-performance IPSec VPN allows the SuperMassive Series to act as a VPN concentrator for thousands of other large sites,
`
`branch offices or home offices.
`
`SSL VPN orlPSec 이ient
`
`Utilizes clientless SSL VPN technology or an easy-to-manage IPSec client for easy access to email, files, computers, intranet sites
`
`remote access
`
`and applications from a variety of platforms.
`
`Re어|jn어ant VPN gateway
`
`When using multiple WANs, a primary an어 secon어ary VPN can be configure어 to allow seamless, automatic failover an어 fallback
`
`of al! VPN sessions.
`
`Route-based VPN
`
`The ability to perform dynamic routing over VPN links ensures continuous uptime in the event of a temporary VPN tunnel failure,
`by seamlessly re-routing traffic between .en어points through alternate routes.
`
`Feature
`
`Description
`
`Content/context awareness
`
`User activity tracking
`
`User identification and activity are made available through seamless AD/LDAP/Citrix1/Terminal Servicesi SSO integration
`
`combine서 with extensive information obtained through DPI.
`
`GeoIP country traffic
`/허 entification
`
`Identifies an어 controls network traffic going to or coming from specific countries to either protect against attacks from known
`
`or s니specte어 origins of threat activity, orto investigate suspicious traffic originating from the network. Ability to create custom
`
`country an어. Botnet lists to override an incorrect country or Botnet tag associated with an IP address.
`
`Regular expression DPI filtering
`
`Prevents data leakage by i서entifying and controlling content crossing the network through regular expression matching.
`
`Feature
`
`Description
`
`Capture advanced threat protection^
`
`Multi-Engine Sandboxing
`
`The multi-engine sandbox platform, which includes virtualize어 san어boxing, fuH system emulation, and hypervisor level analysis
`
`technology, executes suspicious co서e and analyzes behavior, provi서ing comprehensive visibility to malicious activity
`
`Block Until Verdict
`
`Provides the ability to create custom country an서 Botnet lists to override an incorrect co니ntry or Botnet tag associated with an IP
`
`ad 어 ress.
`
`Broa어 File Type Analysis
`
`S 니 pports analysis of a broa 어 range of file types, in 이 udingexec 니 table programs (PE), DLL, PDFs, MS Office documents, archives, JAR,
`
`and APK plus m니tiple operating systems in시uding Windows, Android, Mac OS and m니ti-browser erivlronments.
`
`Rapi서 Deployment of Signatures When a file Is i서entifie서 as malicious, a signature Is Immediately deployed to firewalls with SonicWaH Capture subscriptions an어
`GRID Gateway Anti-Virus an어 IPS signature databases an어 the URL, IP an어 domain reputation 어atabases within 48 hours.
`
`Feature
`
`Description
`
`Encrypted threat prevention'
`
`TLS/SSL decryption and
`
`Decrypts and inspects SSL/TLS traffic on the fly, without proxying, for malware, intrusions and 어ata leakage, and applies
`
`inspection
`
`application, UF?L and content control policies in order to protect against threats hidden in TLS/SSL encrypted traffic. Inclu어ed with
`security subscriptions for al! models.
`
`SSH inspection
`
`Deep packet inspection of SSH (DPI-SSH) decrypts and inspect 어ata traversing over SSH tunnel to prevent attacks that
`
`leverage SSH.
`
`Feature
`
`Description
`
`Intrusion prevention^
`
`Countermeasure-based
`
`Tighrtly integrate 어 intrusion prevention system (IPS) leverages signatures an어 〇 th er countermeasures to scan packet payloa어s for
`
`protection
`
`vulnerabilities and exploits, covering a broa서 spectrum of attacks and vulnerabilities.
`
`Automatic signature updates
`
`The SonicWaH Threat Research Team iこQntinuou 이 y researches an 어 deploys updates to an extensive list of IPS c〇u nt erm eas u res that
`
`covers more than 50 attack categories. The new updates take effect immediately, without any reboot or service interruption required.
`
`Intra-zone IPS protection
`
`Bolsters internal security by segmenting the network into m니tiple security zones with intrusion prevention, preventing threats
`
`from propagating across the zone boundaries.
`
`Botnet 00mman서 and control
`(CnC) detection an어 blocking
`
`Protocol abuse/anomaly
`
`detection and prevention
`
`identifies and blocks com man어 and control traffic originating from bots on the local network to IPs and domains that are id entifie서
`
`as propagating malware or are known CnC points.
`
`Identifies an어 blocks attacks that abuse protocols in an attempt to sneak past the IPS.
`
`Zero-어ay protection
`
`Protects the network against zero-day attacks with constant updates against the latest exploit methods an어 techniques that cover
`
`thousan어s of individual exploits.
`
`Anti-evasion technology
`
`Extensive stream normalization, decoding and other techniques ensure that threats 어〇 not enter the network undetected by
`
`utilizing evasion techniques in Layers 2-7.
`
`SON lev\々뉘丄
`
`SonicWall-Finjan_00000661
`
`

`

`Case 5:17-cv-04467-BLF Document 431-4 Filed 03/21/21 Page 9 of 13
`
`Feat니 res
`
`Feature
`
`Description
`
`Th real prevention^
`
`Gateway anti-malware
`
`The RFDPI engine scans al! inbound, outbound an어 intra-zone traffic for viruses, Trojans, key loggers an어 other malware in fi 1 es of
`
`unlimited length an어 size across al! ports and TCP streams.
`
`CloudAV malware protection
`
`A continuously up서ate서 서atabase of tens of millions of threat signatures reskies in the SonicWaH 이oud servers an서 is referenced to
`
`augment the capabilities of the onboard signature database, provi어ing RFDPI with extensive coverage of threats.
`
`Around-the-이〇ck security
`
`New threat updates are automatically pushe어 to firewalls in the field with active security services, and take effect immediately
`
`updates
`
`without reboots or interruptions.
`
`Bi-directional raw TCP
`
`The RFDPI engine is capable of scanning raw TCP streams on any port bi-어irectionally preventing attacks that they to sneak by
`
`inspection
`
`out서ate서 security systems that focus on securing a few well-known ports.
`
`Extensive protocol support
`
`Identifies common protocols such as HTTP/S, FTP, SMTP, SMBv1/v2 an어 others, which 서〇 not send data in raw TCP, an서 decodes
`
`payloads for malware inspection, even if they 어o not r니n on starKJard, well-known ports.
`
`Feature
`
`Description
`
`Application intelligence and controP
`
`Application control
`
`Control applications, or individual application features, that are i어entifie어 by the RFDPI engine against a continuou이y expanding
`
`서atabase of over thousands。f application signatures, to increase network security an서 enhance network productivity.
`
`Custom application
`
`identification
`
`Control custom applications by creating signatures based on specific parameters or patterns unique to an application in its
`
`network comm니nications, in order to gain further control overthe network.
`
`Application bandwidth
`
`Granularly allocate and regulate available bandwidth for critical applications or application categories while inhibiting nonessential
`
`management
`
`application traffic.
`
`Granular control
`
`Control applications, or specific components of an application, based on schedules, user groups, exclusion lists and a range of
`
`actions with fuH SSO user identification through LDAP/AD/Terminal Services/Citrix integration.
`
`Feature
`
`Description
`
`Content filtering^
`
`Insi서e/outsi서econtent filtering
`
`Enforce acceptable use policies an서 block access to websites containing information or images that are objectionable or
`unproductive with Content Filtering Service.
`
`Enforce어 content filtering client
`
`Exten어 policy enforcement to block internet content forWindows, Mac OS, .Androi어 an서 Chrome 어evices located outsi어e the
`
`firewall perimeter.
`
`Granular controls
`
`Block content using the predefine서 categories or any combination of categories. Filtering can be sche서ule어 by time of 어ay, such
`
`as 어uring school or business hours, an어 applie어 to in어|vi어|jal users or groups.
`
`Web caching
`
`URL ratings are cache어 locally on the SonicWaH firewaH so that the response time for subsequent access to frequently visited sites
`
`is only a fraction of a secon어.
`
`Feature
`
`Description
`
`Enforced anti-virus and anti-spyware'
`
`M니ti-layere어 protection
`
`Utilize the firewaH capabilities as the first layer of 어efense at the perimeter, couple어 with endpoint protection to block, viruses
`
`entering network through laptops, thumb drives and other unprotected systems.
`
`Automate어 enforcement option
`
`Ensure every computer accessing the network has the most recent version of anti-virus and anti-spyware signatures installe어 and
`active, eliminating the costs commonly associated with desktop anti-virus and anti-spyware management.
`
`Automated 어eployment an어
`
`Machine-by-machine deployment an어 installation of anti-virus an어 anti-spyware clients is automatic across the network,
`
`installation option
`
`minimizing administrative overhead.
`
`Always on, automatic virus
`
`Frequent anti-virus and anti-spyware updates are 어elivered transparently to al! desktops and file servers to improve end user
`
`protection
`
`productivity an어 decrease security management.
`
`Spyware protection
`
`Powerful spyware protection scans and blocks the installation of a comprehensive array of spyware programs on 어esktops an서
`
`laptops before they transmit confidential data, providing greater desktop security and performance.
`
`Requires added subscription
`
`SON lev\々뉘丄
`
`SonicWall-Finjan_00000662
`
`

`

`Case 5:17-cv-04467-BLF Document 431-4 Filed 03/21/21 Page 10 of 13
`
`Feature summary
`
`FirewaH
`
`Application identification^
`
`• Stateful packet inspection
`
`• Application control
`
`• NAT
`
`• DHCP server
`
`• Reassembly-Free Deep
`
`• Application traffic visualization
`
`• Bandwidth management
`
`Packet Inspection
`
`• DDoS attack protection
`
`(UDP/ICMP/SYN flood)
`
`•
`
`IPv4/IPv6 support
`
`• Biometric a니thenticati〇π for
`
`rem ote access
`
`• DNS proxy
`
`• Threat API
`
`• Application component blocking
`
`• Link aggregation (static and dynamic)
`
`• Application bandwidth managem ent
`
`• Port redundancy
`
`• Custom application signat니re creation
`
`• A/P high availability with state sync
`
`• Data leakage prevention
`
`• A/A clustering
`
`• Application reporting over
`
`NetPlow/IPFIX
`
`• lnb〇니nd/o니tb〇니nd load balancing
`
`• L2 bridge, wire/virt니al wire mode, tap
`
`• User activity tra아くing (SSO)
`
`mode, NAT mode
`
`SSL/SSH decryption and inspection^
`
`• Deep packet inspection forTLS/SSL/SSH
`
`•
`
`In이usi〇n/exd니si〇π of objects, groups
`
`or hostnames
`
`• SSL Control
`
`• Comprehensive application
`
`signat니re database
`
`Web content filtering^
`
`• URL filtering
`
`• Anti-proxy technology
`
`• Keyword blocking
`
`• 3G/4G WAN failover (not on
`
`SiiperMassive 9800)
`
`• Asymmetric r〇니ting
`
`• Common Access Card (CAC) s니pp〇rt
`
`Witless
`
`• MU-MIMO
`
`Capture advanced threat protection^
`
`• Bandwidth management for
`
`• Wireless planning to©|
`
`• Clo니d-based multi-engine analysis
`
`GPS categories
`
`• Virtualized sandboxing
`
`• Unified policy model with app control
`
`• Hypervisor level analysis
`
`• Content Filtering Client
`
`• F니H system em니ation
`
`• Broad file type examination
`
`VPN
`
`• Band steering
`
`• Beam fo rming
`
`• AirTime fairness
`
`• MiFi extender
`
`• Automated and manual submission
`
`• Real-time threat intelligence 니pdates
`
`•
`
`IPSec VPN for site-to-site connectivity
`
`• SSL VPN and IPSEC client remote access
`
`• Auto-provision VPN
`
`• G니est cyclic q니。ta
`
`• Redundant VPN gateway
`
`• Mobile Connect for iOS, Mao OS
`
`X, Windows, Chrome, Android and
`
`Kin에e Fire
`
`• Route-based VPN (OSRF, RIR, BCR)
`
`Networking
`
`VoIP
`
`• Granular QoS control
`
`• Band