rulururu

post Thoughts on Sonicwall Roadshow and E-Class Firewalls

June 3rd, 2008 @ 7:35 am

Filed under: Networking, Planning, Security

Last week, I attended the Sonicwall Roadshow in Atlanta for a look at their E-Class firewalls and other products. I’m looking to implement a new firewall solution in the very near future and have pretty much narrowed it down to the Sonicwall E-Class boxes or Cisco. Here’s a few random thoughts about the Sonicwall products:

  • The integration with Active Directory and ability to apply firewall rules and policies to users is really cool. As far as I’m aware, the Cisco ASA doesn’t do this. The example they showed was rate limiting YouTube to 30kbps for a group of users. It has a coolness factor to it, but, is it practical? Am I really going to rate limit YouTube for specific users? Most likely not.
  • I really like the application level inspection and filtering. Their example was searching for an embedded watermark in a confidential document and preventing it from leaving the network. Examples included looking for it in SMTP and FTP traffic as well as HTTP uploads. I could definitely see a use for this in some businesses. In our environment, it’s not really useful.
  • I’m still not a huge fan of their big confusing web interface - althought I will say it has been improved. I’m sure some users prefer the GUI, but I’d much rather have an easy to use command line
  • We recently phased out our Sonicwall wireless solution in favor of Xirrus WiFi arrays. The biggest problem we had with the Sonicwall access points is once you got several clients connected, clients would randomly get disconnected and RF strength would fluctuate. I observed the exact same thing happening on the presenter’s laptop at the roadshow. I saw the “Now Connected” dialog pop up 3 times during a 30 minute or so presentation - exact same problem we had. This is not really related to the firewall itself, but thought it was worth mentioning.
  • Their VPN client is nice, but there are better VPN clients on the market. We current use Cisco VPN and I am very happy with it.
  • It’s expensive - way more than than the Cisco, which is the opposite of what I expected.

The E-Class/NSA series boxes are a huge improvement over the previous generation firewalls. But, comparing it’s features to our needs, and looking at the cost/performance/features ratio, I’m just not convinced it’s right for our environment. Anyone have any further thoughts?

3 Comments »

  1. Derek,

    I attended the Roadshow event in Charlotte today and was also pretty impressed with the product. I’d say if you’re seeing SonicWALL being more expensive than Cisco, you might not be comparing like devices. I will say I find the full UTM suite to be a bit spendy, but hardware-to-hardware, SonicWALL is pretty competitive from what I’ve seen so far.

    Also, do you really need all the beef of the E-class? The NSA 3500 and 4500 are pretty powerful, especially compared to most other firewalls on the market today. You don’t gain much accept additional CPU cores and a pretty LCD screen in graduating to the E-class.

    Finally, my new NSA 3500 can be managed via HTTP(S) as well as SSH. Seems like a pretty nifty command line, but I haven’t spent a ton of time there.

    Comment by Justin Moore — June 3, 2008 @ 7:54 pm

  2. I’m comparing the Sonicwall NSA E5500 to the Cisco ASA 5520. I could probably use the NSA 5000, but I think anything smaller than that would be an issue.

    I’ve found from previous experience that they exaggerate their through put numbers. You’ll barely see 25% of their rated numbers in a real-world environment. The Cisco can do pretty near it’s rated throughput.

    As far as cost, the cost of the NSA 5000 is about 10% higher than the Cisco 5520 and the NSA E5500 costs more than twice what the Cisco does.

    Comment by Derek — June 4, 2008 @ 3:23 pm

  3. Hi Derek, since you mentioned Active Directory. I have recently installed Cyberoam Identity-based UTM Appliance in our Network, and they are amazing!! I have evaluated both, and Cyberoam offers clearly much more than Sonicwall! Each user can be applied policies from bandwidth management to filtering, to spam - Cyberoam also has an on-appliance reporting tool which is much better than Sonicwall, where earlier I had to wait minimum 4 hrs to get the reports. Also, it saves money too - since Cyberoam provides the reporting solution inbuilt! I suggest you evaluate the difference on its website http://www.cyberoam.com

    Comment by Nirav — June 5, 2008 @ 1:32 am

RSS feed for comments on this post. TrackBack URI

Leave a comment

ruldrurd