Stonesoft 3202

The Stonesoft 3202 appliance is a versatile and modular Security Engine-powered solution designed to meet the performance and scalability requirements of high-end data centers and large network central sites. It can be used in a Firewall/VPN role (Layer 3) for secure routing, NAT, and IPsec VPN gateway purposes. It can also be used in an IPS role (Layer 2) in an IDS deployment or an inline IPS deployment, or in a

Layer 2 Firewall role. All of these roles are available with a single unified software image and can be adapted just by changing the configuration.

In the Firewall/VPN role, the Stonesoft 3202 appliance provides high performance with unique clustering capabilities for up to 16 nodes. This provides  high IPsec VPN speeds, as well as high-performance content and application inspection where needed.

In the IPS and Layer 2 Firewall roles, the Security Engine becomes transparent to surrounding network devices. The inline IPS and Layer 2 firewall combine flexible deployment, AET-ready network security, and application control into one dedicated appliance.

Built on the the world's first adaptive security platform

The Stonesoft 3202 is built on the Stonesoft Security Engine (NGN) platform, which can transform as your organizational needs change. A unified design that can take on different security roles, and the ability to make deployment changes remotely and automatically via license, helps to cut operating costs and eliminate unnecessary future capital investment rounds.

The Stonesoft Management Center (SMC) gives you the ability to automate workflows, easily define policies, swiftly define and deliver advanced visualizations, and provides class-leading situational awareness. With SMC, security administrators can make rapid policy changes across entire networks and deliver the high speed – and high availability – needed for modern safe and productive business.

Stonesoft 3202 Specifications

Maximum performance	L3 FW/VPN	L2 FW / IPS / IDS
Throughput (UDP 1514 byte packets, no inspection)	50 Gbps	50 Gbps
Throughput (UDP 1514 byte packets, with inspection)	13 Gbps	13 Gbps
64 byte packets per second (no inspection)	24 million	24 million
HTTP inspection (21 kB payload)	4.5 Gbps	4.5 Gbps
SSL/TLS inspection throughput (AES-256)	1.8 Gbps	1.8 Gbps
New TCP connections/sec (no inspection)	300 000	300 000
New inspected HTTP connections/sec (21 kB payload)	25 000	25 000
Concurrent connections	30 million	30 million
Concurrent connections (with inspection)	4 million	4 million
VLANs	Unlimited	Unlimited
VPN throughput (AES-128-GCM)	10 Gbps
VPN tunnels	40 000
Concurrent mVPN Clients	Unlimited
Virtual Engines (default/max)	10 / 100
Licensed Performance	Firewall/VPN 3202 appliance	Firewall/VPN 3202-P appliance
Throughput (UDP 1514 byte packets, no inspection)	20 Gbps	50 Gbps
VPN throughput (AES-128-GCM)	5 Gbps	10 Gbps
Virtual Engines	n/a	n/a
Network interfaces
Fixed	2 x 10/100/1000 Mbps copper **
Module slots	3 (Available modules listed at the product codes section)
Connectors	4 x USB, 1 x serial, VGA, IPMI Ethernet
Measurements
Form factor	2U 19” rack unit
Dimensions (W x H x D)	437 x 89 x 450 mm / 17.2" x 3.5" x 17.7"
Net weight	13.2 kg / 29 lbs (without modules)
Gross weight	21.6 kg / 47.6 lbs (without modules)
Safety/EMC certifications
	CE, FCC, CB, Gost-R, RoHS
Power
Power supply	1+1 Redundant 800W + 800W, AC Input 100-240 VAC, 50-60 Hz
Typical power consumption	300 W
Other
Operating temperature/humidity	+10—+35°C (+50—+95°F) 8%—90%, non condensing humidity (RH)
Storage temperature/humidity	-40—+70°C (-40—+158°F) 5%—95%, non condensing humidity (RH)
MTBF	100 000 hours
Rack mounting	Rack mounting rails APP-RACK3-3200 for 68– 92 cm / 26.8 – 36.2 inches deep rack included by default
Support
Replacement service	15 months or 39 months replacement service for non-complying hardware
Premium support	24/7-call logging via web, email and phone, two-hour response time, software updates, hardware replacement service
Basic support	8/5-call logging via web, email and phone, next business day response time, software updates, hardware replacement service
Product codes *
APP-FW-3202-C1	Stonesoft Firewall/VPN 3202 appliance
APP-FW-3202-C1-P	Stonesoft Firewall/VPN 3202P appliance
APP-IPS-3202-C1	Stonesoft IPS/IDS 3202 appliance
APP-NGN-3202-C1	Stonesoft 3202 Security Engine appliance
Feature pack codes
FP-1Y-AS-1	One year Antispam subscription for NGN-3202, FW-3202, FW-3202P
FP-1Y-AV-12	One year Antivirus subscription for NGN-3202, FW-3202, FW-3202P
FP-1Y-WF2-315	One year Web filtering subscription for FW-3202
FP-1Y-WF2-316	One year Web filtering subscription for FW-3202P and IPS-3202
FP-1Y-WF2-317	One year Web filtering subscription for NGN-3202
FP-1Y-UTM-17	One year UTM subscription bundle (AV, AS, WF) for FW-3202
FP-1Y-UTM-18	One year UTM subscription bundle (AV, AS, WF) for FW-3202P
FP-1Y-UTM-19	One year UTM subscription bundle (AV, AS, WF) for NGN-3202
FP-FW-FDPI-5	Full deep inspection for FW-3202, FW-3202P
FP-NGN-VE-100	Virtual Engine feature pack license 11-100 for NGN-3202
FP-NGN-VE-25-UPG	Virtual Engine feature pack license 11-25 for NGN-3202
FP-NGN-VE-50-UPG	Virtual Engine feature pack upgrade license 26-50 for NGN-3202
FP-NGN-VE-100-UPG	Virtual Engine feature pack upgrade license 51-100 for NGN-3202
Interface modules
MOD-EM1-GE-4	Four Port Gigabit Ethernet Copper Module
MOD-EM1-GE-8	Eight Port Gigabit Ethernet Copper Module
MOD-EM1-GE-SFP-4	Quad Port SFP Gigabit Ethernet Module
MOD-EM1-10G-SFP-2	Dual Port SFP+ 10GB Module
MOD-EM1-GE-4-B	Quad Port Gigabit Ethernet Copper Bypass Module
MOD-EM1-GE-SX-4-B	Quad Port Gigabit Ethernet Fiber (SX) Bypass Module
MOD-EM1-10G-SR-2-B	Dual Port Fiber (SR) 10GB Bypass Module
MOD-EM1-10G-LR-2-B	Dual Port Fiber (LR) 10GB Bypass Module
Add-on product codes
APP-RACK1-3200	Rack mounting kit for two post telco rack
APP-RACK2-3200	Rack mounting rails for 50 – 68 cm / 19.7 – 26.8 inches deep rack
SP-PSU-DC-3200	DC  power supply for 3200 series appliance

* -R license codes are without strong encryption (DES only)