SonicWALL SRA 4200 Datasheet

SECURE REMOTE ACCESS

SonicWALL Secure Remote Access Series for the SMB

Easy-to-use, affordable and clientless secure remote access

n

Seamless integration

behind virtually any

firewall n

Clientless connectivity n

NetExtender technology n

Granular policy

configuration controls n

Personalized Web portal n

Remote support n

Tokenless two-factor

authentication n

Mobile device support n

Application offloading n

Context-sensitive help n

Enhanced layered security

in a SonicWALL

environment

In recent years, there has been an increased dependence on mobile workers. This has prompted a need for providing secure remote access to network resources as well as remote control PC access. SonicWALL® provides a solution that meets the needs of organizations with demanding remote workforce requirements. SonicWALL Secure Remote Access (SRA) solutions are simple to deploy and even easier to use for a fraction of the price of most other products.

Remote access has never been so simple to use. Mobile employees only require a standard browser to log into a portal which provides access to e-mail, files, Web applications and internal Web sites. For even more powerful capabilities such as secure access to any resource on the corporate network including servers and local applications, the appliances transparently push a downloadable thin client (NetExtender) to the user’s desktop or laptop.

Remote support is also easy to implement using SonicWALL Virtual Assist.* It is a clientless tool that enables a technician to assume control of a customer’s computer in order to provide assistance. As a result, service can be provided on-demand while keeping costs low.

Features and Benefits

Seamless integration behind virtually any

firewall enables organizations to leverage the existing network infrastructure.

Clientless connectivity removes the need for a pre-installed VPN client, thus freeing administrators from a tedious and costly task.

NetExtender technology enables network level access to resources, services and applications.

Granular policy configuration controls enable network administrators to create policies that “lock down” a user to specific applications/resources and prevent unauthorized access to them.

A personalized Web portal displays only those resources that are available to the user based on company policy.

Remote support using SonicWALL Virtual Assist* enables technicians to provide secure on-demand assistance to customers while leveraging the existing infrastructure.

Tokenless two-factor authentication provides enhanced protection against key loggers by combining a unique onetime password, generated by the SSL VPN appliance and sent to a remote user’s mobile device or e-mail address, with the user’s network user name and password.

Mobile device support to access an entire intranet as well as Web-based applications provides greater flexibility for a remote workforce.

Application offloading** enables users to access

Web applications securely by leveraging strong authentication and granular access policy features.

Context-sensitive help is provided throughout the administrative interface and end-user portal, increasing management flexibility and ease-of-use.

Enhanced layered security is enabled when deployed alongside a SonicWALL Network Security

Appliance which utilizes powerful deep packet inspection technology to scan traffic for malicious threats such as viruses, worms, Trojans and spyware.

The combined solution is known as SonicWALL Clean VPN.

*Additional license required; only available as a software add-on

module for the SSL-VPN 4000 and SRA 4200

**Available only on the SSL-VPN 4000 and SRA 4200

SonicWALL Secure Remote Access Series for SMB – Any time, anywhere access to resources

Granular Access to Authorized Users

The SonicWALL Secure Remote Access (SRA) Series for small- to medium-sized businesses (SMB) extends secure remote access beyond managed employees to unmanaged remote employees, partners, and customers. A customizable portal enables users to access specific resources via a Web browser as defined by a company’s IT policy.

Employee on Corporate

Laptop in Hotel Files and

Applications

Intranet User

Desktop

Employee on

Home Computer

Tightly Controlled and Managed by

IT Department

Secure remote access that’s easy to deploy, use and won’t break your budget

Awards

(SSL-VPN 200)

Certifications

Employee on

Airport Kiosk

Authorized

Partner

Authorized

Customer

SonicWALL Appliance at Corporate Network

Not Controlled and Managed by

IT Department

Other

Servers and

Applicatons

Citrix Presentation

Servers™ (ICA) and

Microsoft Terminal

Servers

Corporate LAN

Other

Desktops

Broad Access to Resources

SonicWALL SRA solutions for SMB can be used to provide users with access to a broad range of resources.

n

NetExtender enables native access to corporate network applications such as

Microsoft® Outlook n The Virtual Office portal enables Web-based access to intranet (HTTP, HTTPS), file (FTP, CIFS), desktop (Citrix®*, Terminal Server, VNC), and terminal (Telnet, SSH) resources

Simple to Manage

SonicWALL SSL VPN solutions feature an intuitive Web-based management interface which offers context sensitive help to enhance usability. In addition, multiple products can be centrally managed using the SonicWALL Global Management System (GMS v4.0+). Resource access via the products can be effortlessly monitored using the

SonicWALL ViewPoint reporting tool.

(SSL-VPN 200/4000)

Remote Support

SonicWALL Virtual Assist* can be easily configured and licensed via the administrative interface as a cost effective alternative to traditional remote support tools. Browserbased thin clients are pushed to Technicians and Customers in order to establish a session through the cloud via an SSL VPN product.

(SSL-VPN 4000)

Enhanced Solution

SonicWALL Secure Remote Access appliances integrate seamlessly into virtually any network topology and can be easily deployed alongside any third-party firewall. When deployed with a SonicWALL Network Security/Unified Threat Management

(UTM) firewall appliance running Gateway Anti-Virus, Anti-Spyware and Intrusion Prevention Service along with Application

Firewall, enhanced security benefits are realized. Moreover, endpoint security can be enforced by deploying NetExtender in conjunction with Enforced Client Anti-Virus and Anti-Spyware on managed PCs. Virtual Assist also benefits from the seamless integration by leveraging the appliance’s local and external authentication facilities.

*Available only on the SSL-VPN 4000 and SRA 4200

*Available only on the SSL-VPN 4000 and SRA 4200

3

Personalized

Web Portal

SonicWALL

SRA Appliance

3 Files and

Applications Intranet

User

Desktop

Remote User

SSL Encrypted

Traffic

1

Internet

SonicWALL NSA or

TZ Security Appliances

Decrypted

Traffic

4

Unified Threat

Management

Scanning

Other

Servers and

Applications

Citrix

XenApp and

Microsoft

Terminal Servers

Other

Desktops

Corporate LAN

2

RSA*,

Vasco*,

Active

Directory,

RADIUS,

LDAP or local database

Remote User

3

Personalized

Web Portal

SonicWALL

SRA Appliance

3 Files and


User

Desktop

SSL Encrypted

Traffic

1

SonicWALL SRA Appliance

Traffic

Internet

Customer SonicWALL NSA or

TZ Security Appliances

Decrypted

Traffic

4

2

Technician

3

Personalized

Web Portal

Files and


SonicWALL

SRA Appliance

Remote Access Solution

With an increasingly mobile workforce and greater threats of unexpected disruptions, remote access has become a business necessity. A SonicWALL SRA appliances for the SMB product deployed

Traffic

3

User

Desktop

Personalized

Web Portal

Unified Threat

Management

Scanning

Other

Servers and

Applications

Citrix

XenApp and

Microsoft

Terminal Servers

Other

Desktops

Corporate LAN

2

3 Files and


User

Desktop

SonicWALL

SRA Appliance

1

2

3

4

SonicWALL NSA or corporate network resources from anywhere outside the LAN.

Management

Scanning

SSL Encrypted

Traffic and

Applications

Citrix

XenApp and

Microsoft

Terminal Servers

1

Other

Desktops

RSA*,

Vasco*,

Active

Directory,

RADIUS,


Decrypted

Traffic


2

Technician

Incoming HTTPS traffic is seamlessly forwarded by the SonicWALL NSA or TZ Series network security appliance to the SonicWALL SSL VPN appliance, which decrypts and authenticates network traffic.

Users are authenticated using the onboard database or through third-party authentication methods

4

Remote User

Unified Threat

Management

Scanning

Internet

Other

Servers and

Applications

Citrix

XenApp and

Microsoft

Terminal Servers

Other

Desktops

RSA*,

Vasco*,

Active

Directory,

RADIUS,


NetExtender Client

A personalized Web portal provides access to only those resources that the user is authorized to view based on company policies.

Corporate LAN

Traffic is passed back to the NSA or TZ Series network security appliance where it is fully inspected for viruses, worms, Trojans, spyware and other sophisticated threats by the SonicWALL

Location 1

*

SonicWALL

SRA Appliance


VPN

Location 2

RSA*,

Vasco*,

Active

Directory,

RADIUS,


Technician

Hub/

Switch Modem

Internet

Customer

Remote Support Solution

Location 3 it is becoming increasingly important for organizations to provide remote

SonicWALL CDP Appliance

Local Area Network

Location 4

Technician

Location 5 support using expensive and cumbersome tools can undermine IT service level agreements and inhibit remote worker productivity. Using a SonicWALL

Customer instantly access a remote device over the Web, transfer files, and chat with the end user, enabling rapid diagnosis and problem resolution, without the need for pre-installed “fat” client.

NetExtender Client running SonicWALL Agent

Disaster Recovery Solution

Disaster recovery can be triggered by a catastrophic event like a hurricane

Local Client or epidemic, or by something as simple as a regional power outage, severe weather, flu outbreaks, or flooding of an office building because of a burst water pipe. Business disruption can mean lost opportunities, revenues, or reputation. SonicWALL SSL VPN and CDP products with a subscription to

SonicWALL CDP Offsite Data Backup Service enable employees that are not able to physically get to the corporate office, access your corporate resources remotely via a secure SSL VPN connection. Corporate resources are always accessible as they are backed up both locally and offsite.

NetExtender Client running SonicWALL Agent

Hub/

Switch

SonicWALL

SRA Appliance

SonicWALL CDP Appliance

Router/

Modem

VPN

Internet

Location 1

Location 2

Location 3

Location 4


Internet

Location 5

Wireless Authentication

The SonicWALL appliance can be configured to authenticate WLAN users, granting these users

WLAN

SonicWALL

SRA Appliance

SonicPoint N access to internal resources while keeping the session secure. The benefit to this method of acccess is “clientless”

Hub/

Switch


Wireless user obtains DHCP lease on the

WLAN network.

Firewall

Location 1

VPN

Clean Wireless Solution NetExtender Client

LAN

Location 2

Encrypted Traffic

Router/

Modem

DMZ/SSLVPN

Internet

SonicWALL

SRA Appliance

Step 2:

When browser is opened, the user is redirected to the appliance and prompted for authentication.

organizations are implementing wireless networks and using SSL

Local Client

Workstations

Location 3

SonicWALL

SRA Appliance

AD Server

SSL VPNs integrate seamlessly with SonicWALL wireless access

VPN solutions. A SonicWALL SSL VPN deployed alongside a SonicWALL

UTM firewall and several SonicPoints ensure that users get access

Step 3:

Location 4

Once authenticated, the user can open a

NetExtender session which will create a

“tunnel all” route from the client’s system to the appliance. The user will be given a from anywhere on campus and the wireless connections are

Router/

Modem

Internet encrypted via the SSL protocol. As an added bonus, remote workers

SSL VPN connection. IT maintains centralized, granular access control

SonicWALL CDP Appliance access internal and external resources.

over who can access what resources from using a single gateway.

Location 4


Location 5

Internet


The SonicWALL appliance can be configured to authenticate WLAN users, granting these users access to internal resources while keeping the session secure. The benefit to this method of acccess is “clientless” access from the WLAN.

WLAN

SonicPoint N

Firewall

LAN

Encrypted Traffic

DMZ/SSLVPN

Step 1:


WLAN network.

Wireless User SonicWALL

SRA Appliance

Workstations AD Server


The SonicWALL appliance can be configured to authenticate WLAN users, granting these users access to internal resources while keeping the session secure. The benefit to this method of acccess is “clientless” access from the WLAN.

Wireless User

Step 1:


WLAN network.

WLAN

SonicPoint N

Internet

Firewall

Step 1:


WLAN network.

LAN

Encrypted Traffic

Step 2:


DMZ/SSLVPN

SonicWALL

SRA Appliance


The SonicWALL appliance can be configured to authenticate WLAN users, granting these users

WLAN

SonicPoint N

Workstations AD Server resources while keeping

Step 3: the session secure. The benefit to this method

Once authenticated, the user can open a of acccess is “clientless” access from the WLAN.

“tunnel all” route from the client’s system to the appliance. The user will be given a

Wireless User access internal and external resources.

Internet

Step 2:


Firewall

DMZ/SSLVPN

SonicWALL

SRA Appliance

LAN

Encrypted Traffic

Workstations

Step 3:




NetExtender client subnet and can now access internal and external resources.

AD Server

Step 2:


Step 3:




NetExtender client subnet and can now access internal and external resources.

SonicWALL SSL-VPN 200

(US/Canada) 01-SSC-5946

SonicWALL Dynamic Support

8x5 (1-year)

01-SSC-5642


8x5 (2-year)

01-SSC-6244


8x5 (3-year)

01-SSC-6245


24x7 (1-year)

01-SSC-5643


24x7 (2-year)

01-SSC-6246


24x7 (3-year)

01-SSC-6247

SonicWALL SRA 4200

50 User

01-SSC-5980

SonicWALL Dynamic Support 8x5

Up to 50 users (1-year)

01-SSC-5687



01-SSC-5988



01-SSC-5989



01-SSC-5984



01-SSC-5985



01-SSC-5986

SonicWALL SSL-VPN 4000

(US/Canada)

01-SSC-5960


8x5 (1-year)

01-SSC-6248


8x5 (2-year)

01-SSC-6249


8x5 (3-year)

01-SSC-6250


24x7 (1-year)

01-SSC-6251


24x7 (2-year)

01-SSC-6252


24x7 (3-year)

01-SSC-6253

Specifications

SonicWALL SSL VPN Series

Performance

SSL-VPN 200 Recommended for organizations with 50 or fewer employees

Concurrent User License: Unrestricted

Recommended Maximum

Concurrent Users: 10

SRA 4200 Recommended for organizations with 500 or fewer employees

Maximum allowable concurrent Virtual

Assist technicians: 5


Recommended Maximum


SSL-VPN 4000 Recommended for organizations with 500 or more employees

Maximum allowable concurrent Virtual

Assist technicians: 25


Recommended Maximum


Key Features

Applications Supported

Proxy

NetExtender

Encryption

Citrix (ICA),* HTTP, HTTPS, FTP, SSH, Telnet, RDP,

VNC, Windows® file sharing (Windows SMB/CIFS)

Any TCP/IP based application: ICMP, VoIP, IMAP,

POP, SMTP, etc.

DES (128), 3DES (128, 256), AES (128, 192, 256),

ARC4 (128), MD5, SHA-1

Authentication RSA,* Vasco, One-time Passwords, Internal user database RADIUS, LDAP, Microsoft, Active

Directory, Windows NT Domain

Multiple Domain Support Yes

Fine Grain Access control At the user, user group and network resource level

Session Security

Certificates

Server

Client

Inactivity timeouts prevent unauthorized use of inactive sessions

Self-signed with editable common name and and imported from third parties

Optional client certificates supported*

Cache Cleaner

Client PC Operating Systems

Supported

Proxy

NetExtender

Configurable. Upon logout all cached downloads, cookies and URLs downloaded through the SSL tunnel are erased from the remote computer

All operating systems

Windows 2000, 2003, XP/Vista (32-bit and 64-bit)

Win Mobile 5 (Pocket PC), Win Mobile 6

(Classic/Professional), MacOS 10.4+ (PowerPC and

Intel), Linux Fedora Core 3+ / Ubuntu 7+ / OpenSUSE

Web Browsers Supported

Personalized Portal

Management

Usage Monitoring

Microsoft Internet Explorer, Firefox Mozilla

The remote user sees only those resources that the administrator has granted access to based on company policy

Web GUI (HTTP, HTTPS), Send syslog and heartbeat messages to GMS (4.0 and higher)

Graphical monitoring of memory, CPU, users and bandwidth usage*

Logging Detailed logging in an easy-to-read format,

Syslog supported e-mail alerts

Single-Arm Mode Yes

SonicWALL Virtual Assist* Connection to remote PC, chat, FTP and diagnostic tools

IPv6 Support*

Application offloading*

Basic

Yes

Hardware

Dimensions

SSL-VPN 200

SRA 4200

SSL-VPN 4000

Weight

SSL-VPN 200

SRA 4200

SSL-VPN 4000

Major Regulatory

Compliance

Environment

MTBF

SSL-VPN 200

SRA 4200

SSL-VPN 4000

Hardened Security Appliance

SSL-VPN 200 Yes

SRA 4200

SSL-VPN 4000

Yes

Yes

Cryptographic Hardware Acceleration

SSL-VPN 200

SRA 4200

SSL-VPN 4000

Yes

Yes

Yes

Interfaces

SSL-VPN 200

SRA 4200

SSL-VPN 4000

(5) 10/100 Ethernet

(4) Gigabit Ethernet, (2) USB, (1) Console

(6) 10/100 Ethernet, (1) Serial port

Processors

SSL-VPN 200

SRA 4200

SSL-VPN 4000

Memory (RAM)

SSL-VPN 200

SRA 4200

SSL-VPN 4000

SonicWALL security processor, cryptographic accelerator x86 main processor, cryptographic accelerator

P4 Celeron main processor, cryptographic accelerator

128 MB

2 GB

1 GB

Flash Memory

SSL-VPN 200

SRA 4200

SSL-VPN 4000

Power Supply

SSL-VPN 200

SRA 4200

SSL-VPN 4000

Max Power Consumption

SSL-VPN 200

SRA 4200

SSL-VPN 4000

Total Heat Dissipation

SSL-VPN 200

SRA 4200

SSL-VPN 4000

16 MB

1 GB

128 MB

20W, 12VDC, 1.66A

Internal

Internal

10.4 W

75 W

108 W

35.6 BTU

256.0 BTU

368.3 BTU

7.45 x 4.55 x 1.06 in

18.92 x 11.56 x 2.69 cm

17.00 x 10.13 x 1.75 in

43.18 x 25.73 x 4.45 cm

17.00 x 13.25 x 1.75 in

43.18 x 33.66 x 4.45 cm

3.00 lbs

1.36 kg

15.00 lbs

6.80 kgs

18.50 lbs

8.39 kg

FCC Class A, ICES Class A, CE, C-Tick, VCCI

Class A, MIC, NOM, UL, cUL, TUV/GS, CB

32-105˚ F, 0-40˚ C

Humidity 5-95% RH, non-condensing

9.0 years

8.3 years

9.2 years

* Available only on the SSL-VPN 4000 and SRA 4200

For more information on SonicWALL Secure Remote Access for SMB solutions, visit www.sonicwall.com.

SonicWALL, Inc.

2001 Logic Drive

San Jose, CA 95124

T +1 408.745.9600

F +1 408.745.9300

www.sonicwall.com

©2009 SonicWALL and the SonicWALL logo are registered trademark of SonicWALL, Inc. Other product names mentioned herein may be trademarks and/or registered trademarks of their respective companies. Specifications and descriptions subject to change without notice. 10/09 SW 750

SonicWALL SRA 4200 Datasheet

SonicWALL Secure Remote Access Series for the SMB

Easy-to-use, affordable and clientless secure remote access

Secure remote access that’s easy to deploy, use and won’t break your budget

Specifications

Related manuals

SonicWALL

01-SSC-5947

SonicWALL

01-SSC-6063

SonicWALL

01-SSC-6068

SonicWALL

SMA 100 Series

SonicWALL

SRA 1600 10 U + 2 Yr Secure Upgrade Plus

SonicWALL

01-SSC-8831

SonicWALL

Secure Remote Access Appliances SRA 1200/4200

SonicWALL

01-SSC-8469