SonicWall smashes speed records

User interface remains the same

While the hardware changes are hugely evident in the performance numbers, the Web-based user interface (which most enterprise network managers will find to be easy to learn) and the underlying firewall feature set are little changed from what we saw in our November UTM test.

The strong extra features of the SonicWall family that the products are known for, such as wireless LAN management system, wireless intrusion-detection system, and VoIP using Session Initiation Protocol support, and high-end diagnostic tools, are all still there and haven't changed significantly from prior versions.

One new feature is that IT can change the scanning parameters for UTM features between "Recommended" and "Performance Optimized" settings. A third setting called "Maximum Security" was also included in the firmware we tested, but it will be removed from the next version. SonicWall engineers say they are making the change because the level of security in the "Recommended" and "Maximum" settings was actually the same. SonicWall told us (the feature is so new it isn't in the documentation yet) that this doesn't turn on and off signatures in the IPS or antivirus parts of the product, but rather optimizes how it scans to look for the most common threats. In our performance testing, we saw some fairly dramatic speed differences when we employed the various security settings.

The higher performance of the E7500 on UTM tasks also led us to upgrade its overall IPS score. The management and coverage of the IPS in the E7500 is largely unchanged from Version 4 of the SonicWall software.

The E7500 does still show signs of SonicWall's SMB heritage. So while some features, such as IPS, are now extremely fast, SonicWall hasn't done much to improve the manageability or control of the firewall or the UTM feature set. For example, tuning the IPS to suppress an alert for a particular system is still very difficult and produces a nearly unmaintainable configuration. Similarly, you still cannot have different UTM configuration sets for different zones or different flows through your network. The result is that while this firewall is capable of handling an immense amount of traffic, it fits best into networks where all the traffic should be handled the same way.

If you already love the SonicWall interface and features, the E7500 will be a great way for you to boost performance. On the other hand, if you're unhappy with SonicWall's feature set or management system before, the E7500 won't give you any reason to change your mind.

Bottom line

SonicWall has garnered tremendous loyalty in its customer base by offering network managers a UTM feature set at a competitive price. One of the Achilles' heels of the product line, though, has always been its UTM performance. With the E7500, SonicWall takes their firewall products up to enterprise speeds.

Snyder is a senior partner at Opus One, a consulting firm in Tucson, Ariz. He can be reached at Joel.Snyder@opus1.com. Snyder is also a member of the Network World Lab Alliance, a cooperative of the premier reviewers in the network industry each bringing to bear years of practical experience on every review. For more Lab Alliance information, including what it takes to become a member, go to www.networkworld.com/alliance.