SonicWall NSa Reviews

We are integrators, but for SonicWall, we use it for a specific project in industrial cybersecurity. It was for ransomware recovery and network restoration.

We did the firewall and the configuration for the ransomware prevention.

Our clients were using it to control the SCADA System in their industry.

The most valuable features of this solution are the GUI pre-filtering and the ATP (advanced threat protection). Also, the ATP packet capture is helpful. We used these features during our restoration.

The content ID needs to be improved. If I compare it with Palo Alto, there are more features in Palo Alto that are not included in SonicWall. For example, PDoS is not available in the current version, that I could find.

They do have DLP and Host protection, but not PDoS.

Also, the IPS and the UTM need to be improved.

I haven't found anything regarding the IoT security in the device security on SonicWall.

I have been working with SonicWall for one year.

We are working with NSA 3600, which is the latest version.

We have no complaints about the model.

The scalability level is medium. They are okay with the model, the throughput, and the traffic rate.

We did not require technical support.

Currently, we are running Palo Alto, Check Point, and SonicWall.

Two or three months ago, we were working with Fortinet FortiGate. We have also used Vyatta.

This solution was not implemented properly.

The AV enforcement feature in SonicWall is limited to only one vendor for antivirus, which is Kaspersky. It's the only antivirus solution that we can enforce through the firewall.

Other vendors provide you with multiple options such as Sophos, Kaspersky, Trend Micro, and Bitdefender.

I would rate SonicWall NSA a six out of ten.

We use it to secure the perimeter of our company. We use all the integrated features of this Next-Generation Firewall. We are using NSA 3650.

The bandwidth consumption of the company has improved since we took control and restricted the music on YouTube being accessed on office computers. A lot of computers in the company were streaming, and we used the intelligent application control feature to control that.

Deep packet inspection and intelligent application control are the most valuable features. 

It is a very updated solution. It is very current as compared to other brands and vendors.

I would like to have a built-in vulnerability scanner in the firewall. It would be great to have such functionality. Its price could also be better.

It would also be good to have a local warehouse. It doesn't get damaged a lot, but if a customer needs a replacement, currently, it has to come from Miami or Mexico, which can take a few days. It would be better if they have a local warehouse from where we can just pick replacements and quickly solve a client's needs in terms of replacing equipment. It would be great to have it locally instead of waiting for it from Mexico or the USA.

I have been using this solution for approximately seven years.

It is stable. We have been representing SonicWall in Panama for approximately seven years. Our customers usually don't need any help from us. We don't have any customer attacks or downtime because of the lack of features in the product. It has been a very good experience.

SonicWall has 12 different models for enterprises and service providers. They have a wide range of models to meet the needs of customers of all sizes.

We have all kinds of clients. We have service providers, and we have small, medium, and big companies as clients. In the biggest company, there are 25,000 users. It is a university here in Panama.

It is always there when we need it. They have a very good service.

Customers usually had FortiGate or WatchGuard. Those are the two major brands that we have replaced with SonicWall.

SonicWall is being represented by us here in Panama. FortiGate is a very strong solution here in Panama, but we're trying to get them out of our way. Price is the biggest thing that we might use to replace them. 

Support from the vendor is also a big thing here. WatchGuard has no representatives in Panama. They have no presence, so, it is very easy to replace them, but FortiGate is a difficult one to replace.

It is straightforward. It has a wizard, and you just follow the steps. 

It took us one month because our personnel had to be trained. We need two or three people for its deployment. It is not that demanding on services.

We implemented it with the assistance of SonicWall. 

It would be better if it has a better price, but its price is okay considering the benefits that you receive.

The operating system of all boxes is pretty much the same for enterprises as well as small businesses. It has the same behavior from the smallest model to the biggest one, which is a major advantage of SonicWall.

I would rate SonicWall NSA an eight out of ten.

I like that you can run a packet capture from within SonicWall and configure it to automatically upload the packet captures to an FTP server. This is useful when trying to troubleshoot an intermittent issue. It can capture for as long as you have disk space on the FTP server.

We are more aware of security issues since SonicWall can be configured to send e-mail alerts. Server-side Outlook rules and Exchange transport rules (more informational subject lines) can be helpful in sorting and making sense of the many alerts it can generate. We have also configured it to send logs to a syslog server. They also offer SonicWall Analyzer which can reportedly be very helpful when viewing logs but I have no experience with it.

I am not sure if SonicWall has finally addressed this issue but a major area for improvement would be being able to export the settings file in a non-binary readable and editable format. It is not possible to export, make changes and then upload a revised configuration. Since the settings file is binary and non-readable, it seems to always be suspect when any strange issues arise with the appliance. I have had their techical support many times through the years question whether our settings file was corrupt. Of course it would be very easy to know if it was possible to look at it but it’s binary.

Another issue we had was with SonicWall auto-creating firewall rules for VPN tunnels until I learned to disable that feature and not allow it. SonicWall will not let an admin delete an auto-created object. I personally believe an admin should be able to delete anything. We had cases where a VPN tunnel was deleted first and auto-created objects for the tunnel would get abandoned. Other objects can also get abandoned. A time or two I was able to delete abandoned objects by recreating what created them in the first place and then deleting things in the right manner to cause the auto-deletion of the objects. If that doesn’t work, you will need to restore from a backup settings file or live with the abandoned object(s). We made it a policy to always backup the settings before any change and again after the change with the file names of the settings files reflecting what was changed. It also helps to send an e-mail to the team or record in a ticket details on any changes made, e.g. screen shots of all changes. If the settings file becomes corrupt you will need to load a previous settings file. It will be helpful to have a previous version along with a record of all changes made since that settings file was saved. This is another example of how helpful it would be to be able to view the settings file, make changes and delete objects if needed and then reload it. It would be so much easier and faster.

I have used SonicWall products for about eleven years, these models for about eight years. They are near EOL.

Years ago, we would often have problems after firmware upgrades. Once after a firmware upgrade all firewall rules were still present except for HTTP and HTTPS which of course meant our web servers were dead until all the rules were recreated. We began to experience spontaneous reboots after another firmware upgrade. In recent years, they now issue early release firmware, often many versions of it, until they release a new general release. We never upgrade to early release and chose to only use general release after it’s been released for three months (true for all vendor firmware and software) and after we have searched for horror stories on the Internet. You can also open a tech support case and specifically ask the tech if the firmware is still considered a good and stable release. They will usually tell you honestly whether it is or not. We have had technical support tell us early release is tested and just as good as general release firmware while other technical support has told us it is not fully QA-tested and might cause problems. Using only general release firmware, our SonicWall has been rock solid and very stable for many years even when they were newer and had more frequent firmware releases.

We never tried to scale it.

SonicWall technical support is quite good. As with all contact with any technical support, I always document the issue, who I spoke to and their response. This can prove to be very valuable if trying to demonstrate a longstanding issue. It helps to have in hand previous dates, case numbers, names of previous tech support with notes on what they said and details on the previous attempts to fix things. For the most part, SonicWall technical support can quickly identify and resolve most issues.

We had a SonicWall 5060 PRO and upgraded to the SonicWall NSA 4500s. They are near EOL and another upgrade will soon be required.

I built them from scratch since our settings file in the 5060 PRO was suspected to have corruption. I documented all of the settings in the previous firewall and manually created all of the address objects, service objects, firewall and NAT rules to duplicate what was in the SonicWall 5060 PRO. I previously built the 5060 PRO so I knew it was configured correctly.

SonicWall absolutely has the best bang for the buck hands down. Other firewalls are two to three times as expensive both in initial cost and recurring maintenance cost. SonicWall does not require duplicate licenses if you have an HA-pair in Active/Passive mode since only one unit will be active at any given time, which is a big savings in cost compared to other vendors. If you buy a security bundle you get even greater savings. SonicWall does, however, license user VPN access unlike most other vendors.

It’s been so long ago I can’t remember.

At the time of this post SonicWall is now owned by private equity firm Francisco Partners and Elliott Management. I would research those firms and form an opinion as to the possible future of SonicWall and then decide accordingly. If you have already made your purchase, utilize tech support often if needed. They have been invaluable to me through the years and have always helped me in getting answers to any questions. They have always been there to assist me in setting up something new and unfamiliar when needed.

Our primary use case is at the perimeter of all of our customer's sites with all of the security services turned on. That is anti-malware, anti-spyware, geo IP filtering is an important thing for us, web filtering and the Capture ATP. We are looking at preventing downloading of any virus-infected files.

Geo-IP filtering has made a large impact on us and it is very important to us.

The most valuable features to us are the security services which is a critical factor in our deployment. Today we need to have all the security services enabled because firewalls are not enough.

When it comes to security I think all of the features are currently open to improvement.

I have been using SonicWall NSa for the past ten to fifteen years.

Technical support used to be very good and now we are dealing with long response times.  On a scale of one to ten today we are looking at a four or five instead of a nine or ten.

The setup is straightforward however you want to have a good technical support individual involved for proper deployment.

I would rate SonicWall NSa a nine out of ten as an overall solution in security.

We are system integrators and we install products for our customers. It is mainly used in Universities, for corporate use, and in the government sector as a firewall.

What I like the most is that this is a one-time purchase with no renewal fees.

The stability is better than other products.

The pricing for this product in India is high and the fees should be reduced.

The visual process needs improvement.

Because of the price, our customers prefer PSA. The price is what needs to be addressed in the next release, it's the only that that matters.

I would rate this solution a five out of ten.

I have been using this solution for approximately 22 years.

This solution is stable.

This is a scalable product. As our customer need increases we plan to increase our usage.

Technical support is good and it is available online as well as offline.

Currently, I am using SonicWall and Wildcard.

The setup process was perfect.

It was straightforward and easy. This is not a complex product at all.

We handle the integration for our customers.

SonicWall is a one-time purchase and there is no renewal license.

I would not recommend this solution because the price is too high. More than 30% of our customers prefer PSA because of the price.

In summary, the product is good but the price is too high.

I would rate this solution a five out of ten.

We have two SonicWalls in the High Availability setup with failover configuration.

We use it for the firewalling, for IPS protection and for VPN clients.

With SonicWall we have more insight in the applications that users are using and what they are doing on the internet, so we can monitor better. It gives us better monitoring.

We now have more insight and information; what protocols and what websites users are trying to reach and what is blocked and what is not blocked, so we can better follow the tracks of the users.

The features that I have found most valuable are the firewalling, which is very good and the GUI which is very intuitive. It is easy to use and provides great security.

Overall, I'm quite happy about the product. The configuration and the interface are very good. Maybe the pricing and licensing could be improved.

It is not scalable. If your enterprise is growing hard then you have to buy another, bigger product. Maybe if you use it virtually it is more scalable.

We have been using SonicWall NSa for maybe eight to 10 years.

I work for several companies, and we use the NSa with one of them.

It is very stable.

Scalability is an issue. If you need to scale for more performance you will need another product in a higher range. You cannot scale the product itself. That's not possible.

It is not scalable at all.

We have about 350 users. I do the maintenance on my own.

We use it daily.

We do not have plans to increase at the moment.

Their technical support is very good.

The initial setup is not complex, it is very easy.

In terms of my implementation strategy - at first I write down the case we need. I investigate all the uses we have to implement with the SonicWall, and then I install and configurate it. I think the primary configuration was maybe three or four hours.

It was all done by myself.

You can buy the license for one or three years, and we mostly choose the three year. That's a little bit cheaper.

We looked at the Cisco and we looked at the Palo Alto, but the SonicWall was the most valuable for the pricing, the best product for us. The main difference is the pricing.

SonicWall NSa is a very good product with a very nice price, and it is low-level to use.

It is easy to manage and easy to implement.

On a scale of one to ten, I would give SonicWall NSa a nine because of the stability and the easy-to-use GUI. It's a very nice product.

This solution is used as an IPsec tunnel and DDT.

SonicWall NSa has user-friendly firmware.

In terms of improvement, features like App Control do not work properly.

I have been using SonicWall NSa for eight years.

SonicWall NSa is stable.

It is scalable.

SonicWall NSa has excellent support.

I would recommend SonicWall to anyone.

I would rate this solution an eight out of ten.

We use this solution for network security in our branch office.

One of the main features is the built-in storage capacity. 

The logging, reporting, and storage capacity size could improve in a future release.

I have been using this solution within the last 12 months.

The stability is good in this solution. 

The solution is scalable. There are 200 people using this solution in my companies branch office.

The technical support was very responsive.

I have used SonicWall TZ previously.

The installation was straightforward.

We are on a three-year license for the solution. The price is inexpensive compared to other solutions.

We have evaluated Sophos and Fortinet, SonicWall NSa we found to be much better.

I would recommend this solution to those who have between 150 to 500 users.

I rate SonicWall NSa a seven out of ten.