SonicWall includes SSL VPN as part of the bundle, supporting Windows (32- and 64-bit), Mac, and Linux users through either an SSL Web portal or a downloadable client that can tunnel all or part of the network traffic of the remote device. The portal allows you to add in your own HTML code and bookmarks for RDP, Telnet, HTML/SSL, SSH, file shares (CIFS), and Citrix. The NetExtender client allows routes to be pushed to the remote client to force certain traffic through the SSL VPN. A cool option will remove the NetExtender software upon logout, leaving behind minimal footprints on that Internet café machine you just used.
One of our favorite features is the rules matrix to logically group rules by zone and direction. Zones can be applied to either physical or virtual interfaces (VLANs) using plain vanilla 802.1p tagging. Overall setup can be NAT, transparent (bridged), or routed (RIP or OSPF), with route policies making use of the same address object naming conventions used throughout the firewall.
In the latest generation of SonicOS, SonicWall added a Security Dashboard with both local and global views. The local view shows attacks against the firewall itself, while the global view, based on data collected by SonicWalls around the world, aims to alert you to attacks happening elsewhere that may be heading your way. This is information is best provided to your management in small doses, but can be very useful to distribute when a bonehead questions the need for all those "extra" UTM functions.
Sporting a 16-core Cavium processor, the SonicWall NSA E7500 has the legs to cross into what would normally be called medium to large enterprise. Its easy, wizard-driven setup interface doesn't mean you can safely remain ignorant of security principles, and the power doesn't mean it's a fit for every company, but the combination does make the E7500 suitable for a wide variety of organizations and security needs. It should be pointed out that if you're considering an HA pair, make sure you buy them together as a package. The company offers huge discounts on both the hardware and features licenses.
SonicWall NSA E7500
|Pros||High throughput even when under attack. Dedicated management core ensures responsiveness of management system. Great set of wizards for configuring firewall roles. Excellent protection against vulnerability-based Internet attacks, with the best attack-blocking performance in our test.|
|Cons||Most expensive UTM we tested by a large margin.|
|Cost||Base price: $26,995. Price as tested: $38,990, including TotalSecure. Note that security features can be licensed either bundled or a la carte.|
|Platforms||16-core Cavium-based 1U appliance with 4 Copper Gigabit ports, 4 SFT ports, 1 Copper HA port, firewall, VPN, anti-malware, IDS/IPS, Web content filtering, and spam blocking. SSL-VPN feature was tested with Windows, Mac, and Linux.|
Having trouble installing and setting up Win10? You aren’t alone. Here are many of the most common...
Picking an Android phone can be difficult, but we're here to help. These are the top Android phones you...
Confidence in our power over machines also makes us guilty of hoping to bend reality to our code
From machine learning to digital twins, opportunities abound in emerging (and converging) tech trends
From a webcam cover and laptop lock to a USB port blocker and an encrypted flash drive, here are some...
Slack reached a $1 billion valuation faster than any startup in history. Now it must make key decisions...
With new hardware hacking devices, it's absurdly easy to attack organizations through the USB port of...