SonicWall NSa Reviews

SonicWall prevents and restricts access to websites for employees as well as anyone who comes into the office.

Most firewalls have active/active high-availability mode. If I'm paying for two firewalls, why shouldn't AI utilize both? It would be better if SonicWall came with n active/active feature instead of active/standby.

I've been working with SonicWall NSa for more than five years.

SonicWall NSa is simple to scale. You can easily add more firewalls to the cluster.

SonicWall's sales support is much better than other vendors'. 

Deploying SonicWall NSa is straightforward. A new user can easily configure the firewall. You can usually complete the deployment within a day. Setting up the prerequisites takes about two hours and then it takes some time to deploy the policies. That varies depending on what the customer wants. 

Maintenance is primarily configuration-related stuff, and our customers have their own engineers, but we give them advice. One engineer can maintain the solution.

You don't need to pay an annual fee, but any cost matters to the customer. Let's say SonicWall is giving me a firewall at a certain price, while a FortiGate firewall costs the same but offers added features like free SSL and active/active. Then customers might think it's better to buy a FortiGate.

Competitors provide SSL encryption licenses for free, whereas SonicWall only provides two licenses by default, but you have to pay for the rest of the licenses.
However, when most customers go beyond 20 or so users with SSL licenses, they usually go with a dedicated appliance, so a firewall should provide at least 20 to 25 SSL licenses for free.

I rate SonicWall NSa eight out of 10.

SonicWall has USCS and anti-virus at the gateway level. Everything is filtered, and if it detects an intruder, it drops the line.

We have security as a service, and they make recommendations about adding to the denylist and other things. That part could be more accessible and more user-friendly. I'd like to see SonicWall add a user-friendly interface where our internal team can drag and drop everything. We get the IOCs from the security companies, so these things can be filtered and blocked at the gateway level. They could add a feature where our team uploads the IOCs in an Excel spreadsheet instead of entering them in one at a time. 

We've been using SonicWall for almost seven years.

Yeah, it is much stable and we have been using NSa the previous version before also, the old device. It's all so far okay. It's stable only.

We could expand by another 20 percent, and the product would still cover us. It shouldn't be a problem. We haven't faced many challenges. It's a gateway-level firewall product, and we have 140 users.

SonicWall support is good.

We used Cisco a long time ago, but we moved to SonicWall almost eight years ago.

Setting up SonicWall isn't that complicated, but you need to know the scope — what's allowed and what isn't. But it's not as complex as Cisco. The deployment takes a couple of days, but we could probably do it faster. We upgraded from the older version of SonicWall NSa to the latest appliance in less time. 

It doesn't require a large team for maintenance. If we can manage it, anyone can. We only have three people on our team, and we can manage it without issue. 

We used the local redistributor here in Bahrain. They were knowledgeable and had SonicWall experience, so they didn't face much of a challenge. It was straightforward. The only difference is that we went with high availability — two devices. 

We have a yearly license. SonicWall's price is better than other vendors. We get a discount of about 15 percent off the initial cost.

I rate SonicWall eight out of 10. I recommend it. If you implement SonicWall, it'll be a smooth journey.

We have installed this firewall appliance across cloud and on-premises environments, our clients primarily use the VPN functionality.

If a customer wants to use the firewall, they have to pay more money for the cloud. By having a firewall solution, they can configure the VPN through the firewall, enabling them to avoid the high costs. Once you deploy the firewall in the cloud solution, then you will get protection for the gateway as well.

We are a service-based company and have implemented over 200 appliances for our customers.

The VPN functionality and intrusion prevention service (IPS) are the most valuable features.

I am a technical engineer, I have complete knowledge of SonicWall. I can do all of the configurations for the firewall. We are a service-based company and I handle the different solutions. If they need any requirement or they any action on the firewall then I can do that myself. 

The only thing that needs improvement is the VPN because we need to pay to connect the points.

I have been using SonicWall for 5 years.

We have found the NSa appliance to be stable and is comparable to FortiGate.

We have expanded the solution with several of our customers and this worked great. We have over 200 customers who use SonicWall.

Level 1 and 2 support issues are handled by our in-house team, but for more complex, level 3 issues we utilise the vendor. The call response is great.

The initial setup was straightforward.

We are a service-based provider and implement in-house.

We also implement similar appliances from Fortinet and Sophos.

I would rate it a ten out of ten. It's a good security product, so I wouldn’t give it a lower rating.

SonicWall NSa can be used as a perimeter and ELAN firewall.

The solution has many useful features, such as content management, user management, user filtering, and domain controller connectivity mapping.

The reporting and monitoring are a bit complex and should be easier in SonicWall NSa because other firewalls I have experienced have been more simple, such as Palo Alto. We are able to receive a clear view of our network. As a general user with little experience, it would be difficult for them to handle.

I have been using SonicWall NSa for approximately seven years.

I have found SonicWall NSa to be stable.

The solution is scalable.

We have approximately 180 users using this solution.

The support of the solution has been good. We normally go through our partner support but if anything is outside the limits of their knowledge then it gets passed onto the SonicWall support.

The installation is not easy, you should have a basic understanding of your network and what your requirements are. Generally, the implementation is done by the vendor. We have an external party who used to do the basic configuration. However, the new generation firewalls do not take much time and are easier.

We used an outsourced vendor for the implementation of the solution. 

We have approximately two individuals that do the maintenance of the solution.

There is a license required for this solution and you can purchase a one, two, or three year term. Typically businesses choose the one year subscription and then later choose the three year licensing option if they are satisfied.

I have evaluated Palo Alto firewalls.

I would recommend this solution.

I rate SonicWall NSa a seven out of ten.

We primarily use the solution from our firewall endpoint VPN. It does have a spam filter, SSL, DPI, and numerous other security features. We've got the full license suite.

The DPI-SSL is the solution's most valuable aspect. It's handy. It's nice.

The scalability is okay.

The initial implementation isn't too bad, once you get used to the process.

We're not happy with the device itself. We're obviously moving away from it for a reason that they're a Swiss pocket-knife of devices and they do a lot. However, nothing is really done well. They don't specialize in one thing that they excel at. They try instead to do almost everything and end up failing.

We're not particularly fond of the way it generally performs. We are finding ourselves rebooting often. There are freeze-ups and that kind of thing. The stability needs to improve exponentially.

Technical support is pretty slow to respond and escalate matters.

The cost of the solution is quite high.

The solution could use an invisible DPI-SSL or something that doesn't require a certificate rewrite. Most of the other vendors are doing that now. 

The SSL VPN performance-wise is terrible.

We've been using the solution for about three years at this point.

The stability isn't the best. It freezes. We have to reboot a lot. The device just doesn't work very well.

The scalability is okay, It's marginal, however, it is possible.

We have about 300 people on-premises that use the solution.

We've been in touch with technical support, ad currently, we find them to be below average in their support capabilities. Firewall support is just adequate. Right now, with COVID and everything, you are looking at 45 minutes to an hour to get the first technician on the phone. Often it takes two or three days to get it escalated. It's slow.

I personally previously used Cisco devices at another company, and therefore I have some experience with them. 

We're currently migrating away from this solution at the moment. We do not like the way the device performs.

In terms of deployment, there is a bit of a learning curve right off the top, as I come from a Cisco ASA background. It's more object-based, a little bit different. Once you get the knack of it, it's actually pretty nice in some ways.

That said, operationally, I would recommend anybody that deploys one of these to make sure they develop their own SOP for naming conventions, for objects, object groups, object types, service groups, service objects, et cetera, so that it's easier to manage and understand what you're doing. Generally speaking, it's just a best practices kind of process for administrative work. If you've got multiple admins, it's important that everything is contiguous, meaning everybody understands and works under that same parameters. It's like any other operating environment.

In terms of maintenance, there are two of us that generally manage it and maintain it on a fairly regular basis. I'm a network engineer and the department manager, who's not a system engineer, (however, is well-versed), also can perform maintenance as needed.

We handled the implementation in-house. We did not need an integrator or consultant to assist us.

While I don't know the exact amount off the top of my head, I would estimate the licensing package was about $15,000 to $20,000 a year.

Your original purchase includes the purchase of the hardware, licensing, and support. It's not a cheap device. 

We are customers and end-users.

We are currently using the NSA 4600. It's a full security appliance. We're using the latest version of the solution.

It's our primary firewall/VPN endpoint. It's used 24/7, 365. Due to the nature of our work, uptime is critical.

Ultimately, if you were to ask me if I were to recommend this device, I would say no.

I'd rate the solution at a three out of ten, simple due to the fact that the stability isn't there, and it's an expensive solution.

The solution is primarily used as a perimeter firewall for a gateway toward public internet traffic. Basically, it is a gateway between our internal network and public traffic.

Feature wise, the content filtering is good.

The basic firewall rules of the solution are great.

The product has a lot of bugs, actually. We are facing some issues with this product. The DPI SSL feature which is there, it is not working properly.

The IRL, when it was installed, had us facing some issues. However, as they kept on uploading the images, the issues are starting to get fixed. 

They already have this feature of advanced capture, set rotation, and so it is a next-generation firewall only. They could improve on their software side. Their software, which is managing the hardware, it's not up to the mark.

We've been using our current particular model (NSA 5600, the most current model) for the last two years. The other firewall we were using, SonicWall 5500 we've used for the last seven or eight years. 

It took some time for us to establish stability within the solution at the beginning. At this point, we find it to be quite stable except for the DPI SSL feature.

We had already scaled from the older version, the 5500, however, the 5600, is quite a new product. They have since changed the OS, so it ended up being a bit complex from the earlier version. The complexity is there, obviously. It's not that easy to manage. You really need to have someone with knowledge right there with you.

It is an internal firewall. All of our traffic, internal traffic, goes through this firewall only. There are somewhere around, at any point in time, 600, 700 users. We have total sync of 2,000 users, 2,000 plus. But at any point in time, 600 users are there, connected. It runs continuously, on a daily basis.

We've never contacted technical support in the past. We go through our vendor. We don't call SonicWall. 

While there are a lot of options on the market, we only use SonicWall at this time. We have used Sophos in the past previously. We found that Sophos Firewall had more flexibility compared to SonicWall, especially in the configuration capabilities.

he initial setup was actually it was done by our vendor partner. And it was not difficult for them. However, during the initial set up, we faced some issues. It was not easy until there were image upgrades, and now those issues are fixed. 

We've also outsourced the maintenance part of the solution's upkeep to our vendor. We only do the followup and we level call. Basic manageability, they do the operation, we manage at our end. Basic operations. But for other calls, we level call with the vendor.

We hired our vendor partner to do the initial implementation for us. We didn't handle it in-house.

I'm not sure what the pricing of the product is. It falls within a middle range in terms of pricing. It' not the cheapest or more expensive. 

The SSL VPN feature, which is what we needed to purchase, is a separate license.

There's a lot of firewalls available, including Cisco, FortiGate, and Juniper firewalls too. There are many alternatives.

We're just a customer. We don't have a business relationship with SonicWall.

I wouldn't recommend the solution, actually. It's hard to set up and the stability takes a while to establish. They need to do better on their software side, and other solutions, like Sophos, have more flexibility in their configuration capabilities.

I'd rate the solution seven out of ten.

NSa is mostly provided to customers who want to secure their perimeter. It is positioned for users above 100.

We are SonicWall partners. We propose NSa to our customers and do integrations with the firewall.

The ease of configuration is excellent. NSA has logging, alarm features, and a very useful knowledge base available on the SonicWall community site.

Certain features like SD-WAN are sometimes confusing to configure. One important feature that should be provided by default is SSL VPN, without needing a separate license.

I have used SonicWall for the past ten years.

The stability is very good. Wherever I've deployed it, there has been a zero RMA.

For scalability, I would rate it nine out of ten.

Technical support was good. The response time and quality were satisfactory.

Positive

The initial setup is simple.

Pricing is reasonable. I would rate it seven out of ten.

We did evaluate Fortinet. Both SonicWall and Fortinet are on par with each other. The choice depends on the customer's existing setup and usage of SD-WAN.

I would recommend the product to other users. I'd rate it nine out of ten overall. 

We use it to activate firewalls, VPN, and traffic analyzer.

The firewall feature is most valuable since my work is to analyze if there is any potential attack. SonicWall NSa gives the perfect analysis.

They need to improve their product information and product highlights because, here in Thailand, customers need to recognize SonicWall NSa. Also, Fortinet’s datasheet has a lot of information, but for SonicWall NSa, that information needs to be included. SonicWall NSa needs to make their product more user-friendly.

Sometimes, customers ask about the configuration and integration of SonicWall. Then I have to download the manual, configuration, and integration guide to explain the procedure. But for other brands, the configuration and integration are more accessible, and they also have a sample for implementation, which is missing for SonicWall.

Another area for improvement is compatibility; sometimes, my customers use SonicWall, and the partner uses some other brand, and there is an issue with compatibility matching. So if SonicWall could give us information about the compatible model and the name of the vendor with whom it is available, that would be helpful.

I have been using SonicWall NSa for two years.

It is a stable solution. I rate it eight to nine out of ten.

It is a scalable solution. I would rate it a seven out of ten.

I have not contacted technical support. The partner has contacted the solution's technical support, as I am not a SonicWall expert.

The price is high. I would rate it four to five out of ten.

I would rate the overall solution a seven out of ten.