SonicWALL TZ 180 manual Deep Packet Inspection Flow Diagram

Page 17

SonicWALL Deep Packet Inspection

Figure 1 Deep Packet Inspection Flow Diagram

)NPUTP0ACKET

/UTPUT 0ACKET

The following steps describe how the SonicWALL Deep Packet Inspection Architecture functions:

1.Pattern Definition Language Interpreter uses signatures that can be written to detect and prevent against known and unknown protocols, applications and exploits.

2.TCP packets arriving out-of-order are reassembled by the Deep Packet Inspection framework.

3.Deep Packet Inspection engine preprocessing involves normalization of the packet’s payload. For example, a HTTP request may be URL encoded and thus the request is URL decoded in order to perform correct pattern matching on the payload.

4.Deep Packet Inspection engine postprocessors perform actions which may either simply pass the packet without modification, or could drop a packet or reset a TCP connection.

5.SonicWALL’s Deep Packet Inspection framework supports complete signature matching across the TCP fragments without performing any reassembly (unless the packets are out of order). This results in more efficient use of processor and memory for greater performance.

SonicWALL TZ 180 TotalSecure

17

Image 17

Contents Document Scope What is TotalSecure?Introduction Benefits of TotalSecure Every SonicWALL TotalSecure solution includes the followingGAV Overview SonicWALL Gateway Anti-VirusHow Does GAV Work? BenefitsSonicWALL Gateway Anti-Virus/Intrusion Prevention Features SonicWALL GAV Multi-Layered Approach Internal Network Protection Remote Site ProtectionHttp File Downloads Server Protection SonicWALL GAV ArchitectureProtocol Handling Disabling the SonicWALL GAV/IPS EngineSmtp How Does IPS Work? SonicWALL Intrusion Prevention ServiceIPS Overview What is a Zone? Spyware Threat SonicWALL Anti-Spyware Security ServiceSonicWALL Anti-Spyware SonicWALL Anti-Spyware How Does CFS Premium Work? SonicWALL Content Filtering Service PremiumCFS Overview How Does DPI Work? SonicWALL Deep Packet InspectionDPI Overview Deep Packet Inspection Flow Diagram SonicWALL Security Dashboard Security Dashboard Overview SonicWALL Security Dashboard How Does the Security Dashboard Work? What is Security Dashboard?Registering Your Appliance on MySonicWALL Registering Your Appliance on MySonicWALL Registering Your SonicWALL Security Appliance TotalSecure Configuration Task ListApplying SonicWALL GAV Protection on Interfaces Setting Up SonicWALL GAV ProtectionEnabling SonicWALL GAV Edit Zone Applying SonicWALL GAV Protection on Zones SonicOS EnhancedViewing SonicWALL GAV Status Information Enabling Inbound Inspection Updating SonicWALL GAV SignaturesSpecifying Protocol Filtering Enabling Outbound Smtp Inspection Configuring Client Alerts and an Exclusion ListRestricting File Transfers Configuring Client AlertsConfiguring a SonicWALL GAV Exclusion List Displaying Signatures Viewing SonicWALL GAV SignaturesEnabling SonicWALL IPS Navigating the Gateway Anti-Virus Signatures TableBrute-force Baseline Setup Enable IPS LoggingSetting Up SonicWALL Anti-Spyware Protection Enabling SonicWALL Anti-Spyware Specifying Spyware Danger Level Protection Setting Up CFS PremiumGlossary Glossary Related Documentation Solution Document Version History Version Number Date Related Documentation SonicWALL TZ 180 TotalSecure

Related manuals

Manual 34 pages 40.02 Kb

Manual 38 pages 55.88 Kb