SonicWall NSa Reviews

• Site-to-Site VPN
• Deep Packet Inspection
• Easy routing capabilities
• Stability
• AD integration
• Traffic shaping options
• VLAN options per interface
• APP based rules/filtering

With Site-to-Site VPN we can connect several branch office that we have and with the routing options we can setup a VPN backup route using different ISPs, this is great when the ISP stability is not good. The AD integration is not the best but it works, thru that option we enhance the security of the device in terms of manageability. Deep Packet Inspection helps us to block undesired traffic like p2p activity even in ssl encrypted tunnels, but this is far from being easy to setup. Traffic Shaping options give us the ability to limit interfaces like the "guest wifi interface" however you can setup this per interface, not per VLAN, you have to create a firewall rule then apply "Bandwidth management rule".

Sometimes, the GUI is extremely annoying and you need to implement external tools for better network monitoring.

The GUI needs to be worked on as sometimes it's annoying to configure because the options are separate. For configuring a simple port mapping you have to go to the address object menu, then the NAT menu, then theFirewall menu, and if you want to delete this rule, you have to go backwards.

The AD integration works but in some cases when the connectivity to the AD is lost, SonicWALL also lost the AD synchronization and we had to login using a local user to re-synchronize the appliance with the AD.

Last, but not less important, are the tools for monitoring the network. The appliance has a lot of monitoring tools, but they are not efficient. For example, you cannot see (in real time) what user is accessing what site, consuming bandwidth, etc. but you need external tool to do this. Dell need to take a look at their Kerio control software).

I have been using it for eight months.

None, the deployment was done in conjunction with a Dell partner. They had some difficulties, but all of them related to our specific scenario. In that time we use all the configurations per IP basis and not per zone basis like Dell recommends.

Some, but they were very strange. For example, one of our ISPs gave us an IP address through DHCP, and in two cases the interface won't take a new IP address, even if we reboot the appliance, we have to use another interface to solve this. For other cases, we use LenovoEMC Storage Connector.

That software floods the connections of SonicWALL reaching the 322000 simultaneous connections/sessions. Until we find this software, the SonicWALL becomes very slow almost unresponsive, also we start to losing connection to other networks that are being handled by the SonicWALL. We solved this by applying connection limits but the final solution was uninstalling that Lenovo software.

None, but if you need more you have to pay licenses and if it is no enough that you have to buy a mayor model of SonicWall.

We use our Dell Partner who are slow, but efficient.

Our Dell partner have great technicians and they know the product. However they were slow to solve some problems because the GUI didn´t allow a fluent workflow/management.

We didn't have a solution in place previously.

Because our scenario requirements were complex, the initial setup was somewhat complex.

We used a Dell partner who had a great level of expertise.

You have to look if this device will do the task that you need, and if it does with which license do it. If you haven't got a license, you almost cannot use this equipment. Here you have a license for all, from the device itself to the user VPN license, so you have to be careful with this. Also, the licenses are not perpetual so my advice is talk with a Dell partner, know the product, know the limitations and compare with other brands.

We didn't look at any other options.

SonicWALL offers two operating modes, per IP basis, and per zone basis. You should design your network for work on the per zone basis. It will be easier and effective to manage the device.

We use SonicWall NSA as part of our overall security solution.

This product handles what we're expecting in a box like this.

This product is user-friendly and easy to configure.

The logging is very good, as long as it is configured properly.

It would help us a lot of SonicWall sent us more information about the latest updates and things that are changing.

I would like to have the capability for full active-active mode.

I have been working with SonicWall for about 14 years, since 2007.

This is a stable product.

SonicWall is scalable. Depending on the size of the box that I have, if the demands increase then I can upscale it. These demands are based on the users and their activities. We have between 2,000 and 2,500 users.

The support that I get from SonicWall is good. They have supported us for more than ten years and we haven't faced any issues with them to this point.

I have not worked on any other platforms.

SonicWall NSA is easy to install. I have not personally completed an installation lately, but it used to take me no more than half an hour to move from one box to another. The box can be configured offline and then moved online afterward, which makes it easier.

I used to work on SonicWall regularly. Now, I am working as an IT analyst and my job is to check the SonicWall configuration and test it. For example, I have to check the policy and then audit which ports are open.

The pricing and value are good.

SonicWall fulfills our requirements and it does it well. My advice for anybody who is considering this product is to properly understand their requirements. As long as SonicWall meets the needs, I can recommend it.

I would rate this solution a nine out of ten.

We use SonicWall as the primary firewall for the internet connectivity of a multi-site educational organization. It is a private multi-site wide area network for an educational institution with around six sites. There are currently about 3000 users in this client's organization.

It has excellent stability. 

The filter settings are confusing and overly complicated. The user interface can be improved. 

I have been using SonicWall NSA for a little bit over 10 years.

Stability is excellent. 

Scalability is marginal. SonicWall is currently tied to hardware, so the only way to scale is with new hardware. 

The initial setup was straightforward. 

I would recommend this solution, but I would suggest allocating time to become familiar with the interface.

I would rate SonicWall NSA a seven out of ten. I would like to see usability enhancement, specifically around the filters.

The primary use cases for this solution are protection and for a VPN.

My former company is a SonicWall distributor and I am looking to work with this solution in future projects.

I really like the performance; there are no delays and no latency, which is a unique quality in firewalls nowadays.

• The cloud services may be in need of some improvement.
• ADR needs to be added to the portfolio.
• Some next-generation features are not included in the product.

This is a very stable solution and I have heard no objections from customers about it.

It is very scalable.

We have had no interaction with their technical support.

The initial setup of this product is very easy.

Two engineers are required for deployment and maintenance.

I have implemented this solution many times. Some of these were on my own, while in some cases I obtained the help of a consultant. The consultants are great. They are well educated and know how to use the product.

The pricing and licensing are the best part. SonicWall is great compared to competitors, such as Palo Alto, and it has the same features. Considering the market, I believe that the price of this solution is great. 

This product is not as well known as some others because it is not marketed as well as it could be.

My advice for others who are implementing the solution is to do the sizing well. If it is done correctly then there will not be any problems.

I would rate this solution a seven out of ten.

Because this is a UTM, we appreciate having a single pane of glass for a firewall, content filtering, and IPS/IDS services. It is much easier to manage and costs less.

In a K-12 environment, internet security is paramount and threats change quickly.

The main improvement for the organization is uptime and the ability to quickly affect security changes.

The second plus is the ability to improve throughput during peak traffic hours.

SonicWall uses a cloud-based database for content filtering. If the NSA cannot contact that online DB, filtering is handled one of two ways. Traffic is either halted completely or it is passed-through totally unfiltered.

In a K-12 school environment, neither is acceptable. It would be better if the DB can reside on the NSA and is used in the event the online DB is unavailable. Other than that, it works fine.

This product has been online for over four years.

On two occasions, we had a 10GB SFP failure. But because we have an HA configuration there was no disruption. 10 GB SFPs seem to be fragile. Other than that, the system is quite stable.

None.

Technical support has been very good, the few times we've needed it.

A Cisco ASA 5500 was used prior to the NSA 6600. We switched to a UTM to have a comprehensive security solution and one interface to manage it.

Initial setup was complex. But that was expected when migrating from three separate security systems into one unified system. There was a basic template for converting some Cisco's ASA command line instructions to those used by SonicOS. Most of the configuration had to be developed or cleaned up in the SonicOS GUI.

ASA has a much better CLI, especially if you’re used to Cisco IOS. SonicOS CLI is mostly used by tech support.

Initially, it was a bit of a learning curve, but the SonicOS GUI is efficient and easy to use, enough for our needs, anyway. Once network and firewall rules (80% of the complexity) were configured, content filtering, IDS/IPS and other security services were enabled with check boxes.

I recommend a 30-day test run in monitor mode. If you decide on this product, spend the extra dollars and get a second unit to setup an HA system. No down time during SonicOS upgrades or major configuration changes.

If you expect to operate at 10GB, keep one or two extra 10GB SFPs as spares, even though they are not cheap.

The NSA series has several suites available depending on your security needs. Pricing and licensing is straightforward based on the suite you choose.

We considered upgrading the ASA to include the IPS module and adding a second unit for HA.

We also considered PaloAlto but at the time considered it too pricey for our needs. As for as an online evaluation, we did not do that. Time and rack space constraints prevented it.

However, a trusted VAR (more than 12 years) helped to ease our decision to go with the SonicWall.

SonicWall NSa's most valuable features are the ease of configuration and the GUI. It's a web-based application, so we can easily configure all we want in the browser.

An area for improvement would be SonicWall NSa's integration with antiviruses. In the next release, SonicWall should include a wireless solution so we can implement the firewall in our networks and for wireless users and access points.

I've been using SonicWall NSa for about two years.

SonicWall NSa is a stable system that's really easy to handle and communicate with.

SonicWall's technical support is very responsive and helpful whenever we need support from them.

Positive

Previously, I worked with PMG Firewall, but SonicWall has a higher level of compatibility, and the integration between the software and hardware gives us more speed in traffic and processing the data over the firewall.

The initial setup was easy - we could implement rules for mapping, network traffic, and network address translation easily on our firewall. I would rate the ease of the setup as four out of five.

SonicWall NSa is a great choice for any growing company - it's really helpful, and it's suitable for networks with limited or unlimited users. I would rate SonicWall NSa as eight out of ten.

Our operation depends heavily on Internet access and we depend on a solution that can provide us with productivity and security for the continuity of our business.
With this need, we implemented a SonicWall NSA firewall to control all access to and from the Internet.

With the deployment of the SonicWall NSA solution, we never suffered a problem due to invasion or contamination of any kind.

The solution always responded very efficiently, delivering us:

• High productivity in our operation through access control capabilities;
• Security for our information with advanced deep inspection features, including SSL traffic.

This solution has always delivered us security features with great efficiency like:

• Web content filter with a very extensive and always updated database;
• IPS with an extensive list of signature attacks;
• Anti-virus system with cloud sandbox that inspects 'file-less' attacks and delivers only after the verdict;
• Real time flow inspection system;
• Application Control with an extensive list of signatures;
• DPI-SSL inspection in the data layer;
• SSO with LDAP directory services.

The solution was deployed to suit all areas of the company.

This product is unable to secure access to endpoints for our external employees. Our next plan will be to deploy a solution for visibility and control of 'shadow IT' applications and also to provide security for accesses outside our company. We plan to use another solution from SonicWall, such as Cloud App Security (CASB), to meet the needs of our external employees.

The solution has always been very stable and efficient.

My impression is that the solution is quite scalable.

Support services are categorized by the criticality level. We had a few critical events, but each was attended quickly and efficiently.

Before this solution, we used Microsoft Forefront TMG Server.

We migrated because the solution was proxy-based and did not have the features of NG firewalls.

Initially, we had to review our security policy and this was the stage that involved the highest level of complexity.

With the policy defined according to our needs, the initial configuration of the solution was simple, but obviously, because it is an advanced-level security solution, it must be implemented by a specialized professional.

The solution was implemented by our internal team. Our team participated in an official solution training prior to deployment.

This question is very relative as we are dealing with an asset. But for our business, it was positive for a short period of time.

In our evaluation, we found that the costs of deploying the solution, and also purchasing the hardware and licenses, were very attractive.

The ratio of costs vs efficiency of SonicWall products is very good.

We did not test other solutions.

Our primary use case of NSa is for security. We are customers of SonicWall and I'm an IT administrator. 

The solution is user-friendly with good security and application control which is very important these days. 

The support is severely lacking with very slow response times. There are latency issues with this solution. I'd like to see improved performance and an updated dashboard.

I've been using this product for seven years. 

The stability is fine although there are some security and latency issues. 

The scalability is fine. 

Customer support requires additional engineers because their long response times are problematic. 

Neutral

The initial setup is relatively straightforward. We have several hundred users, predominantly IT specialists, engineers and developers. I'm the maintenance person for this product. 

I rate this solution eight out of 10. 

Licensing costs are reasonable. 

In general, this is a good solution and I rate it eight out of 10.