When it comes to securing VLANs, the primary use case for SonicWall NSa is VPNs.
Information Security Manager at a manufacturing company with 51-200 employees
Less cumbersome than competitors
Pros and Cons
- "Compared to Cisco, SonicWall NSa is much easier to configure."
- "The implementation for VLANs is a little bit cumbersome. It would be good to make that a little bit easier."
What is our primary use case?
What is most valuable?
Compared to Cisco, SonicWall NSa is much easier to configure. Cisco tends to be cumbersome through the web interface. It's easy through the command line, but when you're troubleshooting something, you're usually not going through the command line. When you're digging through data trying to find if something happened, you're usually digging through the logs, through the web interface, because it should be much easier. In Cisco, the logs are odd and you have to be really particular on what you want. You have to look for specific details.
This process is much easier SonicWall NSa. I want to know where the problem started and where it ended, that's it; and it's really clear in SonicWall NSa. Whereas in Cisco it's just not clear at all.
What needs improvement?
It would be amazing if all of the ports on the throughput devices were 10 gig or 100 gig. That would make it so much easier for me to designate 10 gigs throughout the whole network. Right now, with SonicWall NSa, I'm doing designations like "use 10 gigs through the whole network until you hit firewall." In that case, all of the traffic that has firewall enabled on it drops to one gig.
That causes issues with throughput, especially when you're talking about data stores and Ice Guzzy, or when you're splitting things out with VLANs.
MAC address filtering on the VPN and on the firewall itself would be a good thing to add as well. If it's there, I don't know where it is.
Automation would also be good.
The implementation for VLANs is a little bit cumbersome. It would be good to make that a little bit easier.
For how long have I used the solution?
I've used SonicWall probably on and off for the last couple of years. It depends on which client I'm working with.
Buyer's Guide
SonicWall NSa
October 2024
Learn what your peers think about SonicWall NSa. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
814,649 professionals have used our research since 2012.
What do I think about the stability of the solution?
SonicWall NSa is stable.
What do I think about the scalability of the solution?
Just adding multiple sites is easy. Clustering them is pretty straightforward. But if I needed to expand them in series, that's a little bit more complicated.
How are customer service and support?
I've never used SonicWall tech support.
How was the initial setup?
The initial setup is pretty straightforward.
What other advice do I have?
Hire a network guy or have a service that's going to monitor and manage SonicWall NSa for you.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
President at a tech services company with 1-10 employees
A reliable firewall but other options should be considered
Pros and Cons
- "It's very flexible and meets our customer's needs."
- "You can do zero-trust networking with them, but it's not easy."
What is our primary use case?
Mainly our customers use this solution as a general firewall.
Currently, our most popular firewall is Fortinet FortiGate 40F. We do have all the way up to 100's, but most of our customers are small, medium-sized businesses.
We have a FortiAnalyzer that resides on Azure and we're getting a FortiManager because of the new capability to roll them out based on the serial number
With FortiManager and FortiAnalyzer, you have many more capabilities than you do with SonicWall.
How has it helped my organization?
I wouldn't say that. If it has no impact on them, it's doing its job correctly.
What is most valuable?
There are no specific features that you can say are better than anything else. It's very flexible and it meets our customer's needs.
What needs improvement?
The Fortinet Firewall is not the easiest firewall to maintain, nor is to set up and configure. Checkpoint and Sonos are much easier.
SonicWall, from my point of view is the same category as Fortinet. Checkpoint and Sonos are easier to use, but they don't have as many features as SonicWall.
You can do zero-trust networking with SonicWall, but it's not easy. Also, their desktop anti-virus sucks.
For how long have I used the solution?
I have been using SonicWall since it was Netscreen — which was years ago.
What do I think about the stability of the solution?
What do I think about the scalability of the solution?
When you buy it based on the load that you expect to use, there are no scalability issues, unless you swap them out.
How are customer service and technical support?
SonicWall has exceptional tech support. I would rate checkpoint support best, SonicWall next, and Fortinet would be third. I would give SonicWall's tech support a rating of 7.5 to eight.
The structure of dealing with them is good. Once you get through to a support person, the support is very good. But getting through, getting to the point where you have someone on the line can be difficult.
Overall, they're good at their job and they speak English.
The level of tech support varies: sometimes you get lucky and they're exceptional, and sometimes it's somebody that isn't that good.
How was the initial setup?
If you don't set it up correctly, you are putting your customer's network at risk. They still haven't fixed a lot of the little issues that Dell introduced into the product line, but they're trying.
There are settings that if you don't set them correctly, you could potentially jeopardize your customer's network.
SonicWall is probably easier to set up than Fortinet.
What's my experience with pricing, setup cost, and licensing?
The pricing of SonicWall is still in line with Fortinet and Checkpoint. Personally, if I were presented with a decision between SonicWall, Checkpoint, or Fortinet, it would be a no-brainer.
What other advice do I have?
If you're interested in SonicWall, consider checkpoint or Fortinet first.
On a scale from one to ten, I would give this solution a rating of seven.
They don't have independent testing. They haven't been independently rated — or another way to put it: Gardner rates them poorly. Because of this, we can't sell SonicWall to customers as easily as we can sell Fortinet or Checkpoint.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Buyer's Guide
SonicWall NSa
October 2024
Learn what your peers think about SonicWall NSa. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
814,649 professionals have used our research since 2012.
Senior System Administrator at Nous Infosystems
We use this solution for the VPN and to give permissions for on-premises access
Pros and Cons
- "SD-WAN is a good feature."
- "We also use the Sophos Firewall for web configuration, which we don't have in SonicWall. Only Sophos has those options. If SonicWall included that feature, that would be a benefit for us."
What is our primary use case?
We use this solution for the VPN and to give permissions for on-premises access.
We're using the latest update.
The solution is deployed on-premises. There are two people using this solution in my organization.
What is most valuable?
SD-WAN is a good feature.
What needs improvement?
We also use the Sophos Firewall for web configuration, which we don't have in SonicWall. Only Sophos has those options. If SonicWall included that feature, that would be a benefit for us.
We have configured radius configuration. I would like to see an in-built authentication feature that would authenticate results and directly communicate to the cloud. Right now, we have a third party server for that. We are manually configuring it.
If anything goes wrong, sometimes we are unable to bring up that MPS configuration immediately. Our main VPN connection is always authenticated with the MFA option itself. When that happens, we have to revert those changes back as LDAP authentication. That isn't a good recommendation for our organization for VPN purposes. Anybody can connect directly, so they won't get two-factor authentication. It would be great for us if that was an in-built feature included in the Azure authentication.
For how long have I used the solution?
I have used this solution for more than six years.
How was the initial setup?
It's straightforward. There wasn't any kind of complexity. Deployment took one hour.
I would rate the setup as 4.5 out of 5.
We do the maintenance ourselves. Whenever there's any kind of patch release or upgrade release, we do the maintenance from our side. We have a dedicated team for maintenance.
What about the implementation team?
Deployment was done in-house, but we did take some help from SonicWall.
What other advice do I have?
I would rate this solution eight out of ten.
I would recommend that product. If those small features were included, it would be a good, all-in-one product.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Manager at a manufacturing company with 1,001-5,000 employees
Has the features, but overall stability and usability are not there
Pros and Cons
- "The product is working okay. The product is working feature-wise."
- "The stability is not there. The features are there, but they are not stable. They need to improve on this product because I feel that they have launched this product without much R&D."
What is our primary use case?
Our primary use case for SonicWall NSa is as a public firewall, as an interface between our private network and the public network.
What is most valuable?
The product is working okay. The product is working feature-wise.
What needs improvement?
I would rate SonicWall NSa as an average product, not a very highly recommended one. It is an average product.
The stability is not there. The features are there, but they are not stable. They need to improve on this product because I feel that they have launched this product without much R&D.
For how long have I used the solution?
We are using SonicWall NSa for quite a long time, around 10 to 12 years, but that includes the the older model, which was the 5500. Now we have been using the 5600 model for the last two, three years.
What do I think about the stability of the solution?
Performance wise, they are good - not very good, but they're okay, just good.
They are not stable. It is a very unstable product.
For maintenance, we require one engineer from the support partner, one from the tech side, and one from our side, so three engineers and one manager.
What do I think about the scalability of the solution?
At any point in time we have more than 600 users.
We do not have plans to increase the number of users.
How are customer service and support?
Tech support is okay, but the product needs much improvement.
Which solution did I use previously and why did I switch?
We were not using a different solution before. We have always been using SonicWall, just the older model, which was 5500. We upgraded to 5600.
How was the initial setup?
The installation part of the initial setup was a painful experience. I felt at the time that it was not a finished product. They have to do more R&D on this product to improve it.
It took a very long time to set it up, to be honest. It took very long because they had some bugs and fixes. After so many fixes, it took them very long to install this product.
What about the implementation team?
Obviously, no OEM deals directly with them. We have their channel partners who did the installation.
What's my experience with pricing, setup cost, and licensing?
To be very honest, we are not satisfied with the 5600 product.
On a personal level, I would not recommend SonicWall NSa.
On a scale of one to ten, you can rate SonicWall NSa a six.
Which other solutions did I evaluate?
The license and the hardware both need to be renewed. The annual maintenance contract is there. So they have to renew the licenses.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
IT Manager at a educational organization with 51-200 employees
A stable solution that meets our requirements and has good support
Pros and Cons
- "It is able to fulfill my requirements. It protects our network environment. It has control over IPS, signatures, and it can also manage bandwidth and mapping. It is also stable and has good support."
- "It doesn't require much improvement. The only improvement area is that cloud reporting, assessment reporting, and other reporting features should be available with the subscription. They should provide reporting features with the subscription base, which is currently not there. We bought the reporting tool, but there are some complications. They have made some changes to the application, and now the reporting management is completely on the cloud."
What is our primary use case?
We are using SonicWall NSA 2600 for firewall purposes. We have its latest version.
What is most valuable?
It is able to fulfill my requirements. It protects our network environment. It has control over IPS, signatures, and it can also manage bandwidth and mapping. It is also stable and has good support.
What needs improvement?
It doesn't require much improvement. The only improvement area is that cloud reporting, assessment reporting, and other reporting features should be available with the subscription. They should provide reporting features with the subscription base, which is currently not there. We bought the reporting tool, but there are some complications. They have made some changes to the application, and now the reporting management is completely on the cloud.
For how long have I used the solution?
I have been using this solution for four years.
What do I think about the stability of the solution?
It has been stable. There are no issues with its stability.
What do I think about the scalability of the solution?
It is not scalable. We can upgrade to a new box depending on the subscription. We have a three-year subscription, so we will continue with it for three years. After that, we would look for an alternative tool based on our requirements. Currently, we have approximately 250 plus users.
How are customer service and technical support?
We have a license for support. We can raise a ticket if we need any assistance from their support. They are good, and I am satisfied with their support. They always take care of customer satisfaction. There might be a delay or something, but at the end of the day, they resolve the issues.
Which solution did I use previously and why did I switch?
I have used other solutions. Palo Alto and Sophos are good solutions. FortiGate is also good, and it allows you to see and manage everything from one control. Some of the features available in other solutions might not be available in SonicWall NSA, but it is fulfilling my requirements.
How was the initial setup?
We don't really need any support with the installation. There are a lot of knowledge documents. We also have a license for support, and if required, we can get support.
What about the implementation team?
We have only two people who have been managing it for the last three years or so. We didn't face any challenges.
What's my experience with pricing, setup cost, and licensing?
Its price is okay.
What other advice do I have?
I would recommend this solution to others. I am satisfied with this solution.
I would rate SonicWall NSA an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
IT and Project Manager at Network Secure El Salvador
Affordable, easy to set up, and the sandbox capabilities are good
Pros and Cons
- "The most valuable feature is the sandbox."
- "The content filter needs to be improved."
What is our primary use case?
We use this firewall to protect our perimeter. We create NAT policies and have a DMZ set up.
It is also used to filter the internet for all of our users.
What is most valuable?
The most valuable feature is the sandbox.
What needs improvement?
The content filter needs to be improved. I would also like to see better application filtering.
When we are troubleshooting problems, we find that the logs we see are not sufficient. It makes it difficult to find out what the main issue is. It means that we have to search further or perform another test to see what happened.
Technical support is in need of improvement.
For how long have I used the solution?
We have been using SonicWall for approximately 15 years, and more specifically, SonicWall NSA for the past 10.
What do I think about the stability of the solution?
The stability is fine and we don't have any issues. We have never needed to report a problem.
What do I think about the scalability of the solution?
We have about 20 people in the company who are protected by this product, and I think that the scalability is fine. However, I would say that it is best for small to medium-sized organizations.
How are customer service and technical support?
When we have gone to the vendor for support, I don't think that the quality was very good. I would rate the vendor support a six out of ten.
Which solution did I use previously and why did I switch?
I used to work with Check Point, and they are very good when it comes to application filtering.
How was the initial setup?
The initial setup is easy and the deployment can be completed in between two and four hours. This includes installation and adjustments that need to be made.
What about the implementation team?
We have an in-house SonicWall specialist.
What's my experience with pricing, setup cost, and licensing?
When implemented properly, the total cost of operation is very low.
What other advice do I have?
My advice for anybody who is looking into implementing SonicWall NSA is that they have to be very clear about what it is that they're looking for. It is a good solution for small and medium-sized businesses, and when you are very clear about what you need, you can implement a lot of other security services with a total cost of operation that is very low.
I would rate this solution an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Director of IT at a consultancy with 11-50 employees
Easy to configure and maintain with the capability to scale
Pros and Cons
- "The most valuable aspect of the solution is its ability to work like any other firewall."
- "We still get phishing emails that manage to come through from time to time."
What is our primary use case?
We primarily use the solution for just securing our users and creating a LAN through VPN tunnels. We use it to provide remote access to a cloud service.
How has it helped my organization?
It has allowed us to work remotely when the order to shelter in place went into effect in March of this year due to COVID-19.
What is most valuable?
The most valuable aspect of the solution is its ability to work like any other firewall.
The product is pretty easy to configure. It's easy to maintain and it works well with Windows.
There are features that offer 3G, 4G, failover, wireless, and things like that are very good. I'm not a firewall expert, however, in my opinion, the solution pretty much covers the needs of small and medium businesses.
What needs improvement?
Currently, I just have the basic modules turned on. I'd love to see how it works in terms of preventing more malware from getting through.
We still get phishing emails that manage to come through from time to time.
The solution could use a bit more security.
We had issues with the VPN tunnel between two sites. It wouldn't stay up. That was a problem for us. They need to fix it if they find it happens across the board to other customers.
For how long have I used the solution?
This company has been using the solution for good three years.
What do I think about the stability of the solution?
The solution is stable. I've had one running for a little over 300 days without any problem. There aren't bugs or glitches. It doesn't crash or freeze. It's reliable.
What do I think about the scalability of the solution?
The scalability is pretty good. I can scale out and add a firewall within a new office if I need to. If an organization wants to scale, they should be able to do so with no problems. Everyone working in our office uses the solution. Anybody that has a work laptop that needs to remote work from outside the office can do so as well. It's 100% used across the board.
How are customer service and technical support?
I had to call support when one of my VPNs was failing. The VPN tunnel between two sites wouldn't stay up and they had us use a different security protocol.
They were very helpful. I found them to be quite responsive and knowledgeable. I don't think the problem with the VPN should have been there in the first place, however, that said, they did help us. I'd rate them, overall, at a nine out of ten.
How was the initial setup?
The initial setup isn't too complex. My understanding is that it's straightforward. I didn't set it up myself, however, it's got configuration wizards to walk a user through. This no doubt is quite helpful and makes it pretty simple in terms of implementation.
What's my experience with pricing, setup cost, and licensing?
The pricing is pretty reasonable. We don't find it to be overly expensive.
What other advice do I have?
The version we are using is NSA 20 or 60.
If a company is looking for a good product that's easy to configure, I would suggest they consider SonicWall.
I'd rate the solution nine out of ten. If we didn't have that trouble with the VPN tunnel, I would give it a perfect score.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Senior IT Consultant at a tech consulting company with 51-200 employees
Weak firewall. Licensing mechanism is a trap. Woefully inadequate VPN clients and methods. Look elsewhere
Pros and Cons
- "It allows us to block applications, i.e., websites by application type category. It is far more capable than content filtering alone."
- "Support has improved dramatically since their separation from Dell."
- "Setup is easy. Anyone with basic firewall experience can do it."
- "The anti-spam requires a specific Java version on the server side (do not update it, otherwise it will break)."
- "They are not ready for managed security services. Their Cloud GMS product is weak, barely out of beta (buggy)."
- "Do not even consider NetExtender - probably one of the most horrific, nightmare grade Java-based VPN clients. We have but all given up trying to make it work reliably."
What is our primary use case?
Firewall/VPN appliance for SMB clients. Firewall provides advanced threat protection to internal hosts. It also provides a secure mechanism for remote access.
How has it helped my organization?
For the average SMB, this firewall does the job. Granular user controls, firewall and NAT rules that you would expect. Licensed features provide application control, content filtering, antivirus, and anti-malware all in a single appliance. Be aware that their ATP is poorly implemented (stops downloads, forcing users to wait and click again). Also be aware that the IPS/IDS, and Gateway Antivirus will do very little for modern threats such as ransomware. We have had emotet trojans easily pass the firewall, connect to international foreign (and obviously) some kind of C&C without stopping it. So little to no protection against modern threats, no HTTPS proxy as an option, poorly implemented ATP - it makes the case for a SonicWall very difficult to justify. This vendor is frustratingly slow at adapting, evolving or improving their product. They are unable to keep up with competition.
What is most valuable?
Application control: It allows us to block applications, i.e., websites by application type category. It is far more capable than content filtering alone.
What needs improvement?
SonicWall has weaknesses. During its tenure with Dell, it was severely damaged (its reputation, innovation, etc.). It is now recovering, but it may take time to get competitive again. They are clueless in some regards, which is unfortunate as they have the potential.
CPU: The CPUs are not able to compete with a similar price point to the Fortinet, WatchGuard, or Palo Alto product. Compare with the need to get 1Gbps throughput with full security (common nowadays), you are looking at NSA 5700.
Wireless: What a disaster this has been historically. The new SonicWall will tell you it has been resolved and improved. It has improved - it actually works now, but performance is substandard. It is a terrible strategy to have a firewall act as an AP controller, in any case. Perhaps for an SMB, the integrated WiFi in their TZ series has a niche.
Anti-spam: Do not even consider it. It leaks like a shower head. What a mess that offering is. It requires a specific Java version on the server side (do not update it, otherwise it will break). In any case, a firewall doing anti-spam might be a low cost solution, but it is not your best strategy.
Logging/reporting: You need their analyzer to properly generate reports. This is an expensive, licensed feature, with a complex application or appliance back-end.
MSP: They are not ready for managed security services. Their Cloud GMS product is weak, barely out of beta (buggy).
VPN: Site-to-site is another problem area - Client-based VPN is another hot mess. Global VPN client issues and mobile connect issues. Do not even consider NetExtender - probably one of the most horrific, nightmare grade Java-based VPN clients. We have but all given up trying to make it work reliably. If VPN is important for you - look elsewhere. You have to pay for licenses (most competitive vendors include this by default). You will have 4 different methods, 3 different clients, 2 licenses and all of this to have a horrible VPN connectivity. No proper or modern 2FA for additional security. AVOID!
AGSS / ATP: This is poorly implemented. A user will click to download a new type of file, and nothing happens. They have to wait an indeterminate amount of time, and try again to see if it works. It is so annoying, most clients avoid this capability, just nullifying the whole purpose of it.
App Control: Be aware that either due to firmware updates, or bugs - app control will behave poorly (cause packet loss, or outright blocking) with normal and legitimate activities. Resetting and re-configuring it is the work-around (super annoying).
For how long have I used the solution?
More than ten years.
What do I think about the stability of the solution?
Yes. The VPN client connectivity and licensing has been a major complaint, especially during COVID-19
What do I think about the scalability of the solution?
Yes. The CPUs are very weak.
How are customer service and technical support?
During the Dell years, support was terrible. It has since improved.
Which solution did I use previously and why did I switch?
No. We have always only deployed SonicWall.
How was the initial setup?
Setup is easy. Anyone with basic firewall experience can do it.
What about the implementation team?
In-house only. Level 2 techs can handle most tasks.
What's my experience with pricing, setup cost, and licensing?
All advanced features are licensed capabilities, such as Advanced Gateway Security Suite or Comprehensive Gateway Security Suite. VPN clients are licensed, and you have to choose a type of license you want (how ridiculous is that).
Which other solutions did I evaluate?
We have evaluated Sophos, Fortinet, Palo Alto, Barracuda, WatchGuard and now CheckPoint
What other advice do I have?
Avoid this company. They have no idea what they are doing, except a slick marketing campaign. They don't listen to their customers. The only evolution of the product in the last few years was a slight redesign of the web interface and DNS proxy. They will push their SonicWall "Capture" but this has nothing to do with the Firewall product itself, it is a windows based NextGen A/V based on Sentinal with ATP.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free SonicWall NSa Report and get advice and tips from experienced pros
sharing their opinions.
Updated: October 2024
Product Categories
FirewallsPopular Comparisons
Fortinet FortiGate
Netgate pfSense
OPNsense
Cisco Secure Firewall
Sophos XG
Meraki MX
Zscaler Internet Access
Palo Alto Networks NG Firewalls
Check Point NGFW
WatchGuard Firebox
SonicWall TZ
Sophos UTM
Palo Alto Networks WildFire
Juniper SRX Series Firewall
Fortinet FortiGate-VM
Buyer's Guide
Download our free SonicWall NSa Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Are you satisfied with Sonicwall NSA4600 in your installation?
- What is your opinion about these SonicWall Next-Generation firewalls: TZ and NSa series?
- Best Firewall for 300 user organisation: Sonicwall NSA 3650 vs. Sophos XG 310
- Which firewall to choose for a medium-sized company with 150 users: Sophos XGS 2100 or SonicWall 2700?
- What do you recommend for a corporate firewall implementation?
- Comparison of Barracuda F800, SonicWall 5600 and Fortinet
- Sophos XG 210 vs Fortigate FG 100E
- Which is the best network firewall for a small retailer?
- When evaluating Firewalls, what aspect do you think is the most important to look for?
- Cyberoam or Fortinet?
Bill, would your team like to share their experience with SonicWall on our platform? I would appreciate it if you could make the introductions :)