SonicWall SuperMassive Series

Uncompromising, high-performance, next-generation firewall protection for our enterprise network

Designed with leading-edge threat inspection technology and hardware processing power, SonicWall SuperMassive high end firewalls support today’s largest, most complex and demanding security use cases. With comprehensive security services including sandboxing, SSL inspection, intrusion prevention, anti-malware, application identification and content filtering, SuperMassive is the ideal next-generation high end firewall for securing large distributed enterprises and data centers.

SuperMassive 9200

Designed to deliver deep security to your enterprise at multi-gigabit speeds

Cores: 24
Memory: 8 GB
Storage: 8 GB

SuperMassive 9400

Designed to deliver deep security to your enterprise at multi-gigabit speeds

Cores: 32
Memory: 16 GB
Storage: 16 GB

SuperMassive 9600

Designed to deliver deep security to your enterprise at multi-gigabit speeds

Cores: 32
Memory: 32 GB
Storage: 32 GB

SuperMassive 9800

Designed to deliver deep security to your enterprise at multi-gigabit speeds

Cores: 32
Memory: 64 GB
Storage: 64 GB

Overview:

High-Performance Network Security

Protect against advanced threats and exploits in real-time
Block evasive intrusions and attacks hiding in encrypted traffic
Monitor and control of application traffic
Centralize security management, analytics and reporting
Thwart command and control communications and data exfiltration

Scale your security for data center modernization

Scale your security for data center modernization To enable the growing digital business, expectations for IT organizations to lead and deliver value, responsiveness and security has reached an all-time high. Innovative services plus increased data and capacity requirements compel IT leaders to address new operational challenges through data center modernization. SonicWall provides a network-based model for scaling network security to solve complex and demanding data center operations - all at a low cost.

Stop advanced threats with network security segments

Modern threats take advantage of all areas of your network to succeed. In order to stop advanced attacks, networks need to be divided into security segments to contain and mitigate threat propagation. However, defining logical segments is only part of the solution. Effective segmentation requires an integrated, dynamic network security approach to comprehensively enforce the integrity of each and every segment, and do so manageably and affordably.

SonicWall SuperMassive Series

Compare Models:

Models:	9200	9400	9600	9800
System Specifications
Operating System	SonicOS
Cores	24	32	32	64
Interfaces	4x10GbE SFP+, 8x1GbE SFP, 8x1GbE, 1GbE Management, 1 Console	4x10GbE SFP+, 8x1GbE SFP, 8x1GbE, 1GbE Management, 1 Console	4x10GbE SFP+, 8x1GbE SFP, 8x1GbE, 1GbE Management, 1 Console	4x10GbE SFP+, 12x1GbE SFP, 8x1GbE, 1GbE Management, 1 Console
Memory (RAM)	8 GB	16 GB	32 GB	64 GB
Storage	8 GB	16 GB	32 GB	64 GB
Expansion	1 Expansion Slot (Rear), SD Card
Management	CLI, SSH, GUI, GMS
SSO users	80,000	90,000	100,000	110,000
Maximum SonicPoints supported	128	128	128	-
Logging	Analyzer, Local Log, Syslog
High availability	Active/Passive with State Sync, Active/Active DPI with State Sync
Firewall/VPN Performance	9200	9400	9600	9800
Firewall Inspection Throughput¹	15 Gbps	20 Gbps	20 Gbps	28 Gbps
Full DPI Performance² (GAV/GAS/IPS)	3 Gbps	4.4 Gbps	4.5 Gbps	9 Gbps
Application Inspection Throughput²	5 Gbps	10 Gbps	11.5 Gbps	20 Gbps
IPS Throughput²	5 Gbps	10 Gbps	11.5 Gbps	18 Gbps
Anti-Malware Inspection Throughput¹	3.5 Gbps	4.5 Gbps	5 Gbps	9 Gbps
IMIX Performance	4.4 Gbps	5.5 Gbps	5.5 Gbps	6 Gbps
SSL inspection and decryption throughput (DPI SSL)²	1.0 Gbps	2.0 Gbps	2.0 Gbps	3 Gbps
VPN Throughput³	5 Gbps	10 Gbps	11.5 Gbps	14 Gbps
Connections/sec.	100,000/sec	130,000/sec	130,000/sec	230,000/sec
Maximum Connections (SPI)	5.0M	7.5M	10.0M	3.0M
Maximum Connections (DPI)	1.5M	1.5M	2.0M	2.5M
SSO User	8,000 (15,500⁶)	10,000 (17,500⁶)	12,000 (22,500⁶)	48,000
VPN	9200	9400	9600	9800
Site-to-site Tunnels	10,000	10,000	10,000	25,000
IPSec VPN Clients	2,000 (4,000)	2,000 (6,000)	2,000 (10,000)	2,000 (10,000)
SSL VPN NetExtender Clients (Maximum)	2 (3,000)	2 (3,000)	50 (3,000)	50 (50)
Encryption/Authentication	DES, 3DES, AES (128, 192, 256-bit)/MD5, SHA-1, Suite B, Common Access Card (CAC)
Key Exchange	Diffie Hellman Groups 1, 2, 5, 14v
Route-based VPN	RIP, OSPF
Networking	9200	9400	9600	9800
IP Address Assignment	Static, DHCP, PPPoE, L2TP and PPTP client, internal DHCP server, DHCP Relay⁴
NAT Modes	1:1, many:1, 1:many, flexible NAT (overlapping IPS), PAT, transparent mode
VLAN Interfaces	512
Routing Protocols	BGP, OSPF, RIPv1/v2, static routes, policy-based routing, multicast
QoS	Bandwidth priority, max bandwidth, guaranteed bandwidth, DSCP marking, 802.1p
Authentication	XAUTH/RADIUS, Active Directory, SSO, LDAP, Novell, internal user database, Terminal Services⁵, Citrix⁵
VoIP	Full H323-v1-5, SIP
Standards	TCP/IP, ICMP, HTTP, HTTPS, IPSec, ISAKMP/IKE, SNMP, DHCP, PPPoE, L2TP, PPTP, RADIUS, IEEE 802.3
Certifications	UC APL⁴ , ICSA Enterprise Firewall, IPV6 Phase 2, VPNC, VPAT, FIPS 140-2⁴ , Common Criteria NDPP⁴ , ICSA Anti-Virus⁴
Hardware	9200	9400	9600	9800
Power Supply	Dual, redundant, hot swappable, 300 W			Dual, redundant, hot swappable, 500 W
Fans	Dual, redundant, hot swappable
Display	Front LED Display
Input Power	100-240 VAC, 60-50 Hz
Maximum Power Consumption (W)	200	200	200	350
MTBF @25ºC in hours	188,719	187,702	186,451	126,144
MTBF @25ºC in years	21.53	21.43	21.28	14.40
Form Factor	1U Rack Mountable	1U Rack Mountable	1U Rack Mountable	2U Rack Mountable
Dimensions	17x19.1x1.75 in (43.3x48.5x4.5 cm)	17x19.1x1.75 in (43.3x48.5x4.5 cm)	17x19.1x1.75 in (43.3x48.5x4.5 cm)	17x24x3.5 in (9x60x43 cm)
Weight	18.1 lb (8.2 kg)	18.1 lb (8.2 kg)	18.1 lb (8.2 kg)	40.5 lb (18.38 kg)
WEEE Weight	23 lb (10.4 kg)	23 lb (10.4 kg)	23 lb (10.4 kg)	49.5 lb (22.4 kg)
Shipping Weight	29.3 lb (13.3 kg)	29.3 lb (13.3 kg)	29.3 lb (13.3 kg)	65 lb (29.64 kg)
Major Regulatory	FCC Class A, CE (EMC, LVD, RoHS), C-Tick, VCCI Class A, MSIP/KCC Class A, UL, cUL, TUV/GS, CB, Mexico CoC by UL, WEEE , REACH, ANATEL, BSMI, CU
Environment	15-40 deg C
Humidity	10-90% non-condensing

Notes:
¹ Testing Methodologies: Maximum performance based on RFC 2544 (for firewall). Actual performance may vary depending on network conditions and activated services.
² Full DPI/Gateway AV/Anti-Spyware/IPS throughput measured using industry standard Spirent WebAvalanche HTTP performance test and Ixia test tools. Testing done with multiple flows through multiple port pairs.
³ VPN throughput measured using UDP traffic at 1280 byte packet.
⁴ Applies to SuperMassive 9200, 9400 and 9600. SuperMassive 9800 UC APL certification is pending.
⁵ Supported on SonicOS 6.1 and 6.2.
⁶ For every 125,000 DPI connections reduced, the number of available DPI SSL connections increases by 750.
*Future use. All specifications, features and availability are subject to change.

Services & Add-Ons:

Advanced Gateway Security Suite (AGSS)

Leverage SonicWall Advanced Gateway Security Suite (AGSS) to deliver a multi-engine sandbox, powerful anti‐virus, anti‐spyware, intrusion prevention, content filtering, as well as application intelligence and control services. An upgrade over CGSS, this package features Capture Advanced Threat Protection (ATP), a multi-engine sandbox that runs and inspects suspicious files, programs and code in an isolated cloud-based environment.

Comprehensive Gateway Security Suite (CGSS)

Get the most from your deep packet inspection firewall with the SonicWall Comprehensive Security Suite (CGSS) subscription. CGSS includes gateway anti-virus, anti-spyware, intrusion prevention, application intelligence and control service, content/URL filtering and 24x7 support. Combine security, productivity and support in a single, bundled solution that lowers TCO.

Gateway Security Services

Enable your business firewall to provide real-time network threat prevention with SonicWall gateway anti-virus, anti-spyware, intrusion prevention and application intelligence and control. Block the latest blended threats — including viruses, spyware, worms, Trojans, software vulnerabilities and other malicious code. Guarantee bandwidth prioritization and ensure maximum network security and productivity with granular policies for both groups and users.

Capture Advanced Threat Protection

The cloud-based SonicWall Capture Advanced Threat Protection Service scans a broad range of files to detect advanced threats, analyzes them in a multi-engine sandbox, blocks them prior to a security verdict, and rapidly deploys remediation signatures. The result is higher security effectiveness, faster response times and a lower total cost of ownership.

Content Filtering Services

Gain a cost-effective, easy-to-manage way to enforce protection and productivity policies, and block inappropriate, unproductive and dangerous web content in educational, business or government environments. SonicWall Content Filtering Service lets you control access to websites based on rating, IP address, URL and more. You get the ideal combination of control and flexibility to ensure the highest levels of protection and productivity, which you can configure and control from your network security appliance, eliminating the need for a costly, dedicated filtering solution. Extend enforcement of your internal policies to devices located outside the firewall perimeter by blocking unwanted internet content with the content filtering client.

Content Filtering Client

Extend the enforcement of web policies in IT-issued devices outside the network perimeter. Although it doesn’t require a firewall, it can be optionally coupled with SonicWall Content Filtering Service as an ideal combination to keep students and employees off of dangerous or non-productive websites by switching to cloud-enforced policies even when they are using roaming devices.

Support Services

Benefit from advanced technical assistance and ongoing software and firmware updates with SonicWall Dynamic Support. The service includes:

Telephone and web-based support 24x7
Direct access to highly-trained senior support engineers
Advance exchange hardware replacement in the event of a failure
Access to electronic support tools

TotalSecure Hardware & Services Bundle

Enjoy the convenience and affordability of deploying your firewall as a SonicWall TotalSecure solution. This combines the hardware and services needed for comprehensive network protection from viruses, spyware, worms, Trojans, key loggers and more — without the complexity of building your own security package.

Comprehensive Anti-Spam Service

Block threats from your email server and stop spam at the gateway by adding SonicWall Comprehensive Anti-Spam Service (CASS) to your SonicWall firewall. Rapidly deploy your spam firewall software with one-click activation of up to 250 users.

Enforced Client Anti-Virus and Anti-Spyware Software

Execute an innovative, multi-layered, anti-virus internet security strategy with SonicWall firewalls and Enforced Client Anti-Virus and Anti-Spyware software. You get SonicWall Reassembly-Free Deep Packet Inspection anti-malware at the gateway, and enforced anti-virus protection at the endpoints. You can redirect any user with a non-compliant endpoint to a web page to install the latest Enforced Client Anti-Virus and Anti-Spyware software. Provide automatically updated security definitions to the endpoint as soon as they become available. Plus, you can automate enforcement to minimize administrative overhead.

Documentation:

Download the SonicWall SuperMassive Series Datasheet (.PDF)