SonicWall NSa Reviews

We use it to secure the perimeter of our company. We use all the integrated features of this Next-Generation Firewall. We are using NSA 3650.

The bandwidth consumption of the company has improved since we took control and restricted the music on YouTube being accessed on office computers. A lot of computers in the company were streaming, and we used the intelligent application control feature to control that.

Deep packet inspection and intelligent application control are the most valuable features. 

It is a very updated solution. It is very current as compared to other brands and vendors.

I would like to have a built-in vulnerability scanner in the firewall. It would be great to have such functionality. Its price could also be better.

It would also be good to have a local warehouse. It doesn't get damaged a lot, but if a customer needs a replacement, currently, it has to come from Miami or Mexico, which can take a few days. It would be better if they have a local warehouse from where we can just pick replacements and quickly solve a client's needs in terms of replacing equipment. It would be great to have it locally instead of waiting for it from Mexico or the USA.

I have been using this solution for approximately seven years.

It is stable. We have been representing SonicWall in Panama for approximately seven years. Our customers usually don't need any help from us. We don't have any customer attacks or downtime because of the lack of features in the product. It has been a very good experience.

SonicWall has 12 different models for enterprises and service providers. They have a wide range of models to meet the needs of customers of all sizes.

We have all kinds of clients. We have service providers, and we have small, medium, and big companies as clients. In the biggest company, there are 25,000 users. It is a university here in Panama.

It is always there when we need it. They have a very good service.

Customers usually had FortiGate or WatchGuard. Those are the two major brands that we have replaced with SonicWall.

SonicWall is being represented by us here in Panama. FortiGate is a very strong solution here in Panama, but we're trying to get them out of our way. Price is the biggest thing that we might use to replace them. 

Support from the vendor is also a big thing here. WatchGuard has no representatives in Panama. They have no presence, so, it is very easy to replace them, but FortiGate is a difficult one to replace.

It is straightforward. It has a wizard, and you just follow the steps. 

It took us one month because our personnel had to be trained. We need two or three people for its deployment. It is not that demanding on services.

We implemented it with the assistance of SonicWall. 

It would be better if it has a better price, but its price is okay considering the benefits that you receive.

The operating system of all boxes is pretty much the same for enterprises as well as small businesses. It has the same behavior from the smallest model to the biggest one, which is a major advantage of SonicWall.

I would rate SonicWall NSA an eight out of ten.

It's for firewalls and content filtering. It performs pretty much faultlessly for us.

It does what it says it will do; it works and it's pretty reliable.

• Content Filtering
• Sandboxing

The only thing that we would want would be single-pane management, which it has, but the GMS is not very good. It's purely the management of multiple devices for multiple customers, that's the only thing that it's lacking.

It's very stable.

It's very sclable.

Technical support is very, very good.

The setup is straightforward. I'm a fully-certified SonicWall engineer. I have had all the training.

It does everything that they say it does. It works.

The most important factors when choosing a new solution are

• price
• functionality
• security of the device.

I would rate SonicWall a 10 out of 10. It's the only firewall that we predominantly use for our customers.

Our network has 150 users. We have two internet connections, an IPsec VPN, a DHCP server, a DMZ, WiFi, access controls and a load balancer, and two appliances with HA.

It is a good product, but very modular and with native resources which are much lower than its competitors. 

• Web filter
• DHCP
• Monitoring capabilities
• IPsec VPN and other security controls
  
• Integration with the active directory and other security controls (IPS and IDS).

• Load balance algorithms
• Resource usage graphs (throughput, connections, external accesses, and the possibility to export the content of the address object).

Additional resources are too expensive.

• SSL VPN & Application Control
• SSL VPN is important since several people are mobile and need files to access the server in the office. This is convenient, since they don’t need to go back to the office just use the SSL VPN.
• Application control is important to limit the users in the office from consuming bandwidth such as downloads by torrent and games. This also protects us from malicious applications such as anonymous proxy.

• Creating site to site VPN for HQ
• Branch via satellite connection for the branch

Access management port: This needs improving by SonicWall firmware.

We have been using the solution for three years.

We did not encounter any issues with stability.

We had a scalability issue.

Level-3 technical support is good.

We switched because of stability issues when turning on the UTM feature.

The initial setup was simple.

Pricing and licensing are competitive for this product.

We evaluated Sophos, Fortigate, and Stonesoft.

If you looking for a simple site-to-site VPN, stable UTM feature, and easy SSL VPN setup, then this solution is OK.

Used as our Firewall and internet Gateway in our head office and branch office with site to site VPN configured

Improved our corporate security. we have bandwidth management configured, enable app control

I like the solution's configuration, interfaces, and user guides.

I would like to see better integration, the easy of bandwidth monitoring.

We've been using SonicWall NSa for six years.

The solution is stable. We have not had any issues in this domain.

Good

I do have experience with technical support. The last time I interacted with them was fine. They handled and resolved my case. 

The only other solution I have used is Cisco, although not as extensively as SonicWall NSa. This makes it difficult for me to compare solutions. 

The solution is easy to install.

In-house

more than 85%

Cisco, FortiGate

I do recommend the solution, although I have not compared it with other ones. 

There are as many as 50 users making use of the solution in my network or gateways. 

I rate SonicWall NSa as a nine out of ten. 

We have been using the SonicWall NSA firewall to keep our network safe.

The most valuable features are that it is reasonably-priced and works well.

Over time, this solution is becoming more complicated, and when I need support it often is not available. I would like U.S.-based technical support.

VPN functionality needs to be improved. As it is now, I need to combine another SSL VPN with my firewall. I want it to be done very easily. 

I have been using SonicWall for fifteen years.

The stability of SonicWall is fine.

I have had SonicWall for a really long time and I have had people help me to set it up, although I have always understood what has been done. As it has been updated, it has become more involved and more complicated, and things have moved around so I have to spend time finding where things are in the newer versions.

I have been looking at Fortinet and am learning toward it to replace our SonicWall. The main reason that I am switching is that we need something with a built-in VPN.

From what I have learned to so, Fortinet is more expensive but easier to manage.

I would rate this solution a seven out of ten.

Because this is a UTM, we appreciate having a single pane of glass for a firewall, content filtering, and IPS/IDS services. It is much easier to manage and costs less.

In a K-12 environment, internet security is paramount and threats change quickly.

The main improvement for the organization is uptime and the ability to quickly affect security changes.

The second plus is the ability to improve throughput during peak traffic hours.

SonicWall uses a cloud-based database for content filtering. If the NSA cannot contact that online DB, filtering is handled one of two ways. Traffic is either halted completely or it is passed-through totally unfiltered.

In a K-12 school environment, neither is acceptable. It would be better if the DB can reside on the NSA and is used in the event the online DB is unavailable. Other than that, it works fine.

This product has been online for over four years.

On two occasions, we had a 10GB SFP failure. But because we have an HA configuration there was no disruption. 10 GB SFPs seem to be fragile. Other than that, the system is quite stable.

None.

Technical support has been very good, the few times we've needed it.

A Cisco ASA 5500 was used prior to the NSA 6600. We switched to a UTM to have a comprehensive security solution and one interface to manage it.

Initial setup was complex. But that was expected when migrating from three separate security systems into one unified system. There was a basic template for converting some Cisco's ASA command line instructions to those used by SonicOS. Most of the configuration had to be developed or cleaned up in the SonicOS GUI.

ASA has a much better CLI, especially if you’re used to Cisco IOS. SonicOS CLI is mostly used by tech support.

Initially, it was a bit of a learning curve, but the SonicOS GUI is efficient and easy to use, enough for our needs, anyway. Once network and firewall rules (80% of the complexity) were configured, content filtering, IDS/IPS and other security services were enabled with check boxes.

I recommend a 30-day test run in monitor mode. If you decide on this product, spend the extra dollars and get a second unit to setup an HA system. No down time during SonicOS upgrades or major configuration changes.

If you expect to operate at 10GB, keep one or two extra 10GB SFPs as spares, even though they are not cheap.

The NSA series has several suites available depending on your security needs. Pricing and licensing is straightforward based on the suite you choose.

We considered upgrading the ASA to include the IPS module and adding a second unit for HA.

We also considered PaloAlto but at the time considered it too pricey for our needs. As for as an online evaluation, we did not do that. Time and rack space constraints prevented it.

However, a trusted VAR (more than 12 years) helped to ease our decision to go with the SonicWall.

Security and Filtering. We bought this device for security and to filter traffic on our network -- these features are working fine.

I think these are the most important features for anyone who is interested in UTM.

Security and Filtering.

Firmware. Sometimes the integrated certificates get expired and you need to contact support to get these certificates updated on your device -- to let all the services work properly.

Three to four years.

I didn't encounter any issues with stability.

I don't know because we are not using >30% resources of this device.

Good.

This is our first time choosing a UTM.

Complex in Configuring DUAL WAN and VPN Connections because of Routing Config.

If you need DUAL WAN and VPN Config, you need a network professional to set it up.

It's expensive but has worth.

Fortinet, Dreytek.