NSv 10 | NSv 25 | NSv 50 | NSv 100 | NSv 200 | NSv 300 | NSv 400 | NSv 800 | NSv 1600 | |
---|---|---|---|---|---|---|---|---|---|
Firewall General | |||||||||
Operating system | SonicOS1 | SonicOS1 | SonicOS1 | SonicOS1 | SonicOS1 | SonicOS1 | SonicOS1 | SonicOS1 | SonicOS1 |
Supported Hypervisors | VMware ESXi v5.5 / v6.0 / v6.5 / v6.7, Microsoft Hyper-V Win 2012 / 2016, KVM Ubuntu 16.04 / CentOS 7 | VMware ESXi v5.5 / v6.0 / v6.5 / v6.7, Microsoft Hyper-V Win 2012 / 2016, KVM Ubuntu 16.04 / CentOS 7 | VMware ESXi v5.5 / v6.0 / v6.5 / v6.7, Microsoft Hyper-V Win 2012 / 2016, KVM Ubuntu 16.04 / CentOS 7 | VMware ESXi v5.5 / v6.0 / v6.5 / v6.7, Microsoft Hyper-V Win 2012 / 2016, KVM Ubuntu 16.04 / CentOS 7 | VMware ESXi v5.5 / v6.0 / v6.5 / v6.7, Microsoft Hyper-V Win 2012 / 2016, KVM Ubuntu 16.04 / CentOS 7 | VMware ESXi v5.5 / v6.0 / v6.5 / v6.7, Microsoft Hyper-V Win 2012 / 2016, KVM Ubuntu 16.04 / CentOS 7 | VMware ESXi v5.5 / v6.0 / v6.5 / v6.7, Microsoft Hyper-V Win 2012 / 2016, KVM Ubuntu 16.04 / CentOS 7 | VMware ESXi v5.5 / v6.0 / v6.5 / v6.7, Microsoft Hyper-V Win 2012 / 2016, KVM Ubuntu 16.04 / CentOS 7 | VMware ESXi v5.5 / v6.0 / v6.5 / v6.7, Microsoft Hyper-V Win 2012 / 2016, KVM Ubuntu 16.04 / CentOS 7 |
Supported Public Cloud Platforms (Instance Type) | AWS (c5.large), Azure (Std D2 v2) | AWS (c5.large), Azure (Std D2 v2) | AWS (c5.large), Azure (Std D2 v2) | AWS (c5.large), Azure (Std D2 v2) | AWS (c5.large), Azure (Std D2 v2) | N/A | AWS (c5.xlarge), Azure (Std D3 v2) | AWS (c5.2xlarge), Azure (Std D4 v2) | AWS (c5.4xlarge), Azure (Std D5 v2) |
Licensing | BYOL, PAYG2 | BYOL, PAYG2 | BYOL, PAYG2 | BYOL, PAYG2 | BYOL, PAYG2 | BYOL, PAYG2 | BYOL, PAYG2 | BYOL, PAYG2 | BYOL, PAYG2 |
Max Supported vCPUs | 2 | 2 | 2 | 2 | 2 | 3 | 4 | 8 | 16 |
Interface Count (ESXi/Hyper-V/KVM/AWS/Azure) | 8/8/8 | 8/8/8 | 8/8/8 | 8/8/8 | 8/8/8/2/2 | 8/8/8/-/- | 8/8/8/4/4 | 8/8/8/8/8 | 8/8/8/8/8 |
Max Mgmt/DataPlane Cores | 1/1 | 1/1 | 1/1 | 1/1 | 1/1 | 1/2 | 1/3 | 1/7 | 1/15 |
Min Memory3 | 4 GB | 4 GB | 4 GB | 4 GB | 6 GB | 6 GB | 8 GB | 10 GB | 12 GB |
Max Memory4 | 6 GB | 6 GB | 6 GB | 6 GB | 6 GB | 8 GB | 10 GB | 14 GB | 18 GB |
Supported IP/Nodes | 10 | 25 | 50 | 100 | Unlimited | Unlimited | Unlimited | Unlimited | Unlimited |
Minimum Storage | 60 GB | 60 GB | 60 GB | 60 GB | 60 GB | 60 GB | 60 GB | 60 GB | 60 GB |
SSO users | 25 | 50 | 100 | 100 | 500 | 5000 | 10000 | 15000 | 20000 |
Logging | Analyzer, Local Log, Syslog | Analyzer, Local Log, Syslog | Analyzer, Local Log, Syslog | Analyzer, Local Log, Syslog | Analyzer, Local Log, Syslog | Analyzer, Local Log, Syslog | Analyzer, Local Log, Syslog | Analyzer, Local Log, Syslog | Analyzer, Local Log, Syslog |
High availability | Active/Passive5 | Active/Passive5 | Active/Passive5 | Active/Passive5 | Active/Passive5 | Active/Passive5 | Active/Passive5 | Active/Passive5 | Active/Passive5 |
Firewall/VPN Performance6 | |||||||||
Firewall Inspection Throughput | 2 Gbps | 2.5 Gbps | 3 Gbps | 3.5 Gbps | 4.1 Gbps | 5.9 Gbps | 7.8 Gbps | 13.9 Gbps | 17.2 Gbps |
Full DPI Throughput (GAV/GAS/IPS) | 450 Mbps | 550 Mbps | 650 Mbps | 750 Mbps | 900 Mbps | 1.6 Gbps | 2.2 Gbps | 4.0 Gbps | 6.4 Gbps |
Application Inspection Throughput | 1 Gbps | 1.25 Gbps | 1.5 Gbps | 1.75 Gbps | 2.3 Gbps | 3.4 Gbps | 4.1 Gbps | 5.5 Gbps | 6.4 Gbps |
IPS Throughput | 1 Gbps | 1.25 Gbps | 1.5 Gbps | 1.75 Gbps | 2.3 Gbps | 3.4 Gbps | 4.1 Gbps | 5.5 Gbps | 6.7 Gbps |
Anti-Malware Inspection Throughput | 450 Mbps | 550 Mbps | 650 Mbps | 750 Mbps | 900 Mbps | 1.6 Gbps | 2.2 Gbps | 4.0 Gbps | 6.6 Gbps |
IMIX Throughput | 750 Mbps | 850 Mbps | 950 Mbps | 1100 Mbps | 1.5 Gbps | 2.3 Gbps | 2.8 Gbps | 4.2 Gbps | 5.3 Gbps |
TLS/SSL DPI Throughput | 650 Mbps | 750 Mbps | 850 Mbps | 950 Mbps | 1.1 Gbps | 1.2 Gbps | 1.8 Gbps | 3.4 Gbps | 5.1 Gbps |
VPN Throughput | 500 Mbps | 550 Mbps | 600 Mbps | 650 Mbps | 750 Mbps | 1.4 Gbps | 1.9 Gbps | 4.2 Gbps | 8.4 Gbps |
Connections per second | 1800 | 5000 | 8000 | 10000 | 13760 | 24360 | 37270 | 75640 | 125000 |
Maximum connections (SPI) | 2500 | 6250 | 12500 | 25000 | 225000 | 1M | 1.5M | 3M | 4M |
Maximum connections (DPI) | 2500 | 6250 | 12500 | 25000 | 125000 | 500000 | 1.5M | 2M | 2.5M |
TLS/SSL DPI Connections | 500 | 1000 | 2000 | 4000 | 8000 | 12000 | 20000 | 30000 | 50000 |
VPN | |||||||||
Site-to-Site VPN Tunnels | 10 | 10 | 25 | 50 | 75 | 100 | 6000 | 10000 | 25000 |
IPSec VPN clients (max) | 10 | 10 | 25 | 25 | 50(1000) | 50(1000) | 2000(4000) | 2000(6000) | 2000(10,000) |
SSL VPN Clients Included | 2 | 2 | 2 | 2 | 2 | 2 | 2 | 2 | 2 |
SSL VPN Clients Maximum | 50 | 50 | 50 | 50 | 100 | 150 | 200 | 300 | 400 |
Encryption/authentication | DES, 3DES, AES (128, 192, 256-bit)/MD5, SHA-1, Suite B, Common Access Card (CAC) | DES, 3DES, AES (128, 192, 256-bit)/MD5, SHA-1, Suite B, Common Access Card (CAC) | DES, 3DES, AES (128, 192, 256-bit)/MD5, SHA-1, Suite B, Common Access Card (CAC) | DES, 3DES, AES (128, 192, 256-bit)/MD5, SHA-1, Suite B, Common Access Card (CAC) | DES, 3DES, AES (128, 192, 256-bit)/MD5, SHA-1, Suite B, Common Access Card (CAC) | DES, 3DES, AES (128, 192, 256-bit)/MD5, SHA-1, Suite B, Common Access Card (CAC) | DES, 3DES, AES (128, 192, 256-bit)/MD5, SHA-1, Suite B, Common Access Card (CAC) | DES, 3DES, AES (128, 192, 256-bit)/MD5, SHA-1, Suite B, Common Access Card (CAC) | DES, 3DES, AES (128, 192, 256-bit)/MD5, SHA-1, Suite B, Common Access Card (CAC) |
Key exchange | Diffie Hellman Groups 1, 2, 5, 14v | Diffie Hellman Groups 1, 2, 5, 14v | Diffie Hellman Groups 1, 2, 5, 14v | Diffie Hellman Groups 1, 2, 5, 14v | Diffie Hellman Groups 1, 2, 5, 14v | Diffie Hellman Groups 1, 2, 5, 14v | Diffie Hellman Groups 1, 2, 5, 14v | Diffie Hellman Groups 1, 2, 5, 14v | Diffie Hellman Groups 1, 2, 5, 14v |
Route-based VPN | RIP, OSPF, BGP | RIP, OSPF, BGP | RIP, OSPF, BGP | RIP, OSPF, BGP | RIP, OSPF, BGP | RIP, OSPF, BGP | RIP, OSPF, BGP | RIP, OSPF, BGP | RIP, OSPF, BGP |
Networking | |||||||||
IP address assignment | Static, DHCP, internal DHCP server, DHCP relay | Static, DHCP, internal DHCP server, DHCP relay | Static, DHCP, internal DHCP server, DHCP relay | Static, DHCP, internal DHCP server, DHCP relay | Static, DHCP, internal DHCP server, DHCP relay | Static, DHCP, internal DHCP server, DHCP relay | Static, DHCP, internal DHCP server, DHCP relay | Static, DHCP, internal DHCP server, DHCP relay | Static, DHCP, internal DHCP server, DHCP relay |
NAT modes | 1:1, many:1, 1:many, flexible NAT (overlapping IPs), PAT | 1:1, many:1, 1:many, flexible NAT (overlapping IPs), PAT | 1:1, many:1, 1:many, flexible NAT (overlapping IPs), PAT | 1:1, many:1, 1:many, flexible NAT (overlapping IPs), PAT | 1:1, many:1, 1:many, flexible NAT (overlapping IPs), PAT | 1:1, many:1, 1:many, flexible NAT (overlapping IPs), PAT | 1:1, many:1, 1:many, flexible NAT (overlapping IPs), PAT | 1:1, many:1, 1:many, flexible NAT (overlapping IPs), PAT | 1:1, many:1, 1:many, flexible NAT (overlapping IPs), PAT |
Max VLAN 7 interfaces | 25 | 25 | 50 | 50 | 128 | 128 | 128 | 128 | 128 |
Routing protocols | BGP, OSPF, RIPv1/v2, static routes, policy-based routing | BGP, OSPF, RIPv1/v2, static routes, policy-based routing | BGP, OSPF, RIPv1/v2, static routes, policy-based routing | BGP, OSPF, RIPv1/v2, static routes, policy-based routing | BGP, OSPF, RIPv1/v2, static routes, policy-based routing | BGP, OSPF, RIPv1/v2, static routes, policy-based routing | BGP, OSPF, RIPv1/v2, static routes, policy-based routing | BGP, OSPF, RIPv1/v2, static routes, policy-based routing | BGP, OSPF, RIPv1/v2, static routes, policy-based routing |
QoS | Bandwidth priority, max bandwidth, guaranteed bandwidth, DSCP marking, 802.1p | Bandwidth priority, max bandwidth, guaranteed bandwidth, DSCP marking, 802.1p | Bandwidth priority, max bandwidth, guaranteed bandwidth, DSCP marking, 802.1p | Bandwidth priority, max bandwidth, guaranteed bandwidth, DSCP marking, 802.1p | Bandwidth priority, max bandwidth, guaranteed bandwidth, DSCP marking, 802.1p | Bandwidth priority, max bandwidth, guaranteed bandwidth, DSCP marking, 802.1p | Bandwidth priority, max bandwidth, guaranteed bandwidth, DSCP marking, 802.1p | Bandwidth priority, max bandwidth, guaranteed bandwidth, DSCP marking, 802.1p | Bandwidth priority, max bandwidth, guaranteed bandwidth, DSCP marking, 802.1p |
Authentication | XAUTH/RADIUS, Active Directory, SSO, LDAP, Novell, internal user database, Terminal Services, Citrix | XAUTH/RADIUS, Active Directory, SSO, LDAP, Novell, internal user database, Terminal Services, Citrix | XAUTH/RADIUS, Active Directory, SSO, LDAP, Novell, internal user database, Terminal Services, Citrix | XAUTH/RADIUS, Active Directory, SSO, LDAP, Novell, internal user database, Terminal Services, Citrix | XAUTH/RADIUS, Active Directory, SSO, LDAP, Novell, internal user database, Terminal Services, Citrix | XAUTH/RADIUS, Active Directory, SSO, LDAP, Novell, internal user database, Terminal Services, Citrix | XAUTH/RADIUS, Active Directory, SSO, LDAP, Novell, internal user database, Terminal Services, Citrix | XAUTH/RADIUS, Active Directory, SSO, LDAP, Novell, internal user database, Terminal Services, Citrix | XAUTH/RADIUS, Active Directory, SSO, LDAP, Novell, internal user database, Terminal Services, Citrix |
VoIP | SIP | SIP | SIP | SIP | SIP | SIP | SIP | SIP | SIP |
Standards | TCP/IP, ICMP, HTTP, HTTPS, IPSec, ISAKMP/IKE, SNMP, DHCP, PPPoE, L2TP, PPTP, RADIUS | TCP/IP, ICMP, HTTP, HTTPS, IPSec, ISAKMP/IKE, SNMP, DHCP, PPPoE, L2TP, PPTP, RADIUS | TCP/IP, ICMP, HTTP, HTTPS, IPSec, ISAKMP/IKE, SNMP, DHCP, PPPoE, L2TP, PPTP, RADIUS | TCP/IP, ICMP, HTTP, HTTPS, IPSec, ISAKMP/IKE, SNMP, DHCP, PPPoE, L2TP, PPTP, RADIUS | TCP/IP, ICMP, HTTP, HTTPS, IPSec, ISAKMP/IKE, SNMP, DHCP, PPPoE, L2TP, PPTP, RADIUS | TCP/IP, ICMP, HTTP, HTTPS, IPSec, ISAKMP/IKE, SNMP, DHCP, PPPoE, L2TP, PPTP, RADIUS | TCP/IP, ICMP, HTTP, HTTPS, IPSec, ISAKMP/IKE, SNMP, DHCP, PPPoE, L2TP, PPTP, RADIUS | TCP/IP, ICMP, HTTP, HTTPS, IPSec, ISAKMP/IKE, SNMP, DHCP, PPPoE, L2TP, PPTP, RADIUS | TCP/IP, ICMP, HTTP, HTTPS, IPSec, ISAKMP/IKE, SNMP, DHCP, PPPoE, L2TP, PPTP, RADIUS |
Max SD-WAN groups | 12 | 12 | 18 | 32 | 38 | 38 | 70 | 102 | 102 |
Max SD-WAN members per product | 24 | 24 | 36 | 64 | 76 | 76 | 140 | 204 | 204 |
(1) ジャンボフレームを使ったメモリの無効化。
(2) ジャンボフレームを使ったメモリの有効化。追加メモリはジャンボフレームを有効にする必要があります。
(3) 高可用性のVMware ESXiプラットフォームが利用可能
(4) 公開されたパフォーマンスの数値は仕様によって異なります。また実際のパフォーマンスはハードウェア、ネットワークの状態(ファイアウォールの設定およびアクティブなサービス)により異なる場合があります。パフォーマンスと容量は仮想化インフラストラクチャによって異なる場合があります。パフォーマンスと容量の要件を合致させるために、ご自身の環境内での追加テスティングを推奨致します。 パフォーマンス・メトリックはVMware vSphere 6.5を使用したSonicOSv 6.5.0.2で実行されているIntel Xeon W プロセッサ (W-2195 2.3GHz, 4.3GHz Turbo, 24.75M Cache)を使って計測されました。
最大パフォーマンスはRFC2544(ファイアウォール)に基づいています。フルDPI/ゲートウェイAV/スパイウェア対策/IPSのスループットは、業界標準のSpirent WebAvalanche HTTP パフォーマンステストおよびIxiaテストツールを使用して測定しています。
測定は複数のポートペアに対する複数フローを用いて行いました。
VPNスループットは、RFC 2544準拠のパケットサイズ1418バイトのUDPトラフィックを用いて測定しました。すべての仕様、機能については変更されることがあります。