SonicWall NSa Reviews

We are integrators, but for SonicWall, we use it for a specific project in industrial cybersecurity. It was for ransomware recovery and network restoration.

We did the firewall and the configuration for the ransomware prevention.

Our clients were using it to control the SCADA System in their industry.

The most valuable features of this solution are the GUI pre-filtering and the ATP (advanced threat protection). Also, the ATP packet capture is helpful. We used these features during our restoration.

The content ID needs to be improved. If I compare it with Palo Alto, there are more features in Palo Alto that are not included in SonicWall. For example, PDoS is not available in the current version, that I could find.

They do have DLP and Host protection, but not PDoS.

Also, the IPS and the UTM need to be improved.

I haven't found anything regarding the IoT security in the device security on SonicWall.

I have been working with SonicWall for one year.

We are working with NSA 3600, which is the latest version.

We have no complaints about the model.

The scalability level is medium. They are okay with the model, the throughput, and the traffic rate.

We did not require technical support.

Currently, we are running Palo Alto, Check Point, and SonicWall.

Two or three months ago, we were working with Fortinet FortiGate. We have also used Vyatta.

This solution was not implemented properly.

The AV enforcement feature in SonicWall is limited to only one vendor for antivirus, which is Kaspersky. It's the only antivirus solution that we can enforce through the firewall.

Other vendors provide you with multiple options such as Sophos, Kaspersky, Trend Micro, and Bitdefender.

I would rate SonicWall NSA a six out of ten.

We primarily use the solution just for IPsec tunnels. It's two routers between locations with IPsec tunnels, nothing more. We don't use their firewall capabilities.

The functionality is the same whether it is on hardware or a virtual appliance. The interface is the same. It's nice that it's standardized.

The solution is a good product with a good value for money.

The security capabilities and policies are good. They can do a lot of tasks with ease. 

The product is very useful for organizations with many locations. If you've got a lot of locations, the product can save you money as you don't need a physical box at each location.  

The scalability is very good as it really can cover multiple locations.

SonicWall offers NG capabilities in virtual appliances.

It's not as easy to use, as, for example, Palo Alto.

Some of the configurations could be better.

The solution is stable. We haven't had any issues so far.

The scalability is quite good. You can scale well across locations very well for not too much cost. If a company needs to expand, it can do so relatively easily.

Also, cost-wise, it's very affordable to scale up. It's not expensive to add hardware and licenses as needed. They make upgrading very cheap.

We have 200 people on the solution. That said, they are using with IPsec tunnel. They don't use all of the capabilities of the hardware. They are using it just to encrypt tunneling between the sites.

We may not continue to sue the solution as we have found a solution that is better and that can help us get faster than IPsec can. We're looking instead at MACsec.

I've never opened up a technical support case with the product. It's worked quite well, and we haven't run into trouble that would require us to reach out. I can't really speak to how helpful or responsive they are due to the fact that I have no experience with them.

We've also worked with Palo Alto, Barracuda, and Sophos.

Palo Alto is more expensive to use and to scale. Sophos is very easy to set up. Barracuda also has NG capabilities, like SonicWall, and has the same limitations in terms of security policies. It also can take a bit longer to set up.

I have ten years of IT experience, and therefore, for me, the entire implementation process was not overly difficult. They have good manuals that you can read through at the start. It's not a difficult process, especially if you are already comfortable with the technology.

Of course, it's not quite as straightforward as something like Sophos, which you can just plug in and have the vendor configure for you. However, that said, it's not too difficult.

SonicWall still is only a dollar or Euro per gigabit. This means, of the IPsec, it's the cheapest solution. 

Due to the fact that we've got some projects now, we might abandon IPsec, as we had two Blade fibers with separate paths to a secondary location and we will start using MACsec. It's a layer 2 security. Therefore, we don't need IPsec anymore.

Originally, actually, we bought it without any licenses, just boxes with IPsec capabilities.

The pricing, in comparison to some solutions, such as Palo Alto, is much better.

We're just a customer and an end-user.

I'd recommend the solution to other organizations. I tell everybody, if your business is a lot of locations and not so many personal policies, to check the SonicWall portfolio. You can configure it with two boxes and if you need to you can scale it without any trouble into the tens or hundreds.

In general, I would rate the solution at a seven out of ten.

We are end users of this solution and I'm a senior systems administrator.

At the end of the day, all the solutions in this category are more or less alike. They all do the same thing in different ways. I've found the best features of NSA are the graphic interface which is very user friendly and I also find the solution to be very intuitive. The product has more features than I can use. 

The reporting solution from SonicWall is not the greatest. We have more than two firewalls and I expected we'd get more information from the reporting than we actually do. That area could definitely be improved. I've seen a couple of features on the firewall that I don't have use for because we're not a huge company, we're a 200-user company. The reporting feature is there, it would be nice if it was more detailed. 

The firewall itself has the reporting tool. Obviously, it's not as complete as the solution that they want to sell because they provide it for free. It means that you need to get the software separately in order to get a better understanding of what's going on in your firewall. A good additional feature would be improvement on the firewall reporting feature without needing extra software or extra expense.

I've been using this solution for five years. 

The firmware is very stable and I've never had issues with the stability of the operating system and I was several versions behind until recently. There were some minor bugs but that's because the firmware was not updated. 

The technical support is great. I've never had an issue where I've needed to wait more than a few minutes for them to fix it.

At this office, the firewall was already configured when I started working here, so I only needed to make some adjustments. We have another office that we acquired recently, and I implemented the firewall there. The configuration was pretty straightforward. The graphical interface is very intuitive and that helps. 

Our licensing fees are paid annually. It's on par with whatever is on the market. They are all the same, so it's not high or low. It's on the same level as any other hardware in the same category.

If I knew what I know today and I was starting from scratch with a SonicWall firewall, I'd get a consultant in for some advice. There are a couple of tricks that for me it would have been nice to know from the beginning because there are some rules in the defaults that I would've been happy to have known before. I would recommend getting a consultant to explain how the thing works, even if it's for a couple of hours.

I would rate this solution an eight out of 10. 

My primary use case is web filtering, VPN, and sometimes UTM. I can check a VPN for point-to-point connectivity with this solution.

The features I found most valuable are email security and web filtering.

The features I would like to see improve are the dashboard and the UI.

In the next release, I'd like to see APIs included.

I have been working with SonicWall for approximately two to three years.

I would rate the stability of this solution a nine, on a scale from one to 10, with one being the worst and 10 being the best.

I would rate the scalability of this solution an eight, on a scale from one to 10, with one being the worst and 10 being the best.

I would say the initial setup was easy. I'd rate it an eight, on a scale from one to 10, with one being the worst and 10 being the best.

When deploying, you first use a gateway, ISP terminated in the firewall, and then terminate to the user end. Usually, deployment takes two to three years.

The deployment was done by one or two engineers.

I have experience with Fortinet and I would say this solution is much better suited for SMB customers, while SonicWall is better for large enterprises.

I would recommend this solution to enterprise customers.

Overall, I would rate this solution an eight, on a scale from one to 10, with one being the worst and 10 being the best.

Our primary use case is at the perimeter of all of our customer's sites with all of the security services turned on. That is anti-malware, anti-spyware, geo IP filtering is an important thing for us, web filtering and the Capture ATP. We are looking at preventing downloading of any virus-infected files.

Geo-IP filtering has made a large impact on us and it is very important to us.

The most valuable features to us are the security services which is a critical factor in our deployment. Today we need to have all the security services enabled because firewalls are not enough.

When it comes to security I think all of the features are currently open to improvement.

I have been using SonicWall NSa for the past ten to fifteen years.

Technical support used to be very good and now we are dealing with long response times.  On a scale of one to ten today we are looking at a four or five instead of a nine or ten.

The setup is straightforward however you want to have a good technical support individual involved for proper deployment.

I would rate SonicWall NSa a nine out of ten as an overall solution in security.

• Site-to-Site VPN
• Deep Packet Inspection
• Easy routing capabilities
• Stability
• AD integration
• Traffic shaping options
• VLAN options per interface
• APP based rules/filtering

With Site-to-Site VPN we can connect several branch office that we have and with the routing options we can setup a VPN backup route using different ISPs, this is great when the ISP stability is not good. The AD integration is not the best but it works, thru that option we enhance the security of the device in terms of manageability. Deep Packet Inspection helps us to block undesired traffic like p2p activity even in ssl encrypted tunnels, but this is far from being easy to setup. Traffic Shaping options give us the ability to limit interfaces like the "guest wifi interface" however you can setup this per interface, not per VLAN, you have to create a firewall rule then apply "Bandwidth management rule".

Sometimes, the GUI is extremely annoying and you need to implement external tools for better network monitoring.

The GUI needs to be worked on as sometimes it's annoying to configure because the options are separate. For configuring a simple port mapping you have to go to the address object menu, then the NAT menu, then theFirewall menu, and if you want to delete this rule, you have to go backwards.

The AD integration works but in some cases when the connectivity to the AD is lost, SonicWALL also lost the AD synchronization and we had to login using a local user to re-synchronize the appliance with the AD.

Last, but not less important, are the tools for monitoring the network. The appliance has a lot of monitoring tools, but they are not efficient. For example, you cannot see (in real time) what user is accessing what site, consuming bandwidth, etc. but you need external tool to do this. Dell need to take a look at their Kerio control software).

I have been using it for eight months.

None, the deployment was done in conjunction with a Dell partner. They had some difficulties, but all of them related to our specific scenario. In that time we use all the configurations per IP basis and not per zone basis like Dell recommends.

Some, but they were very strange. For example, one of our ISPs gave us an IP address through DHCP, and in two cases the interface won't take a new IP address, even if we reboot the appliance, we have to use another interface to solve this. For other cases, we use LenovoEMC Storage Connector.

That software floods the connections of SonicWALL reaching the 322000 simultaneous connections/sessions. Until we find this software, the SonicWALL becomes very slow almost unresponsive, also we start to losing connection to other networks that are being handled by the SonicWALL. We solved this by applying connection limits but the final solution was uninstalling that Lenovo software.

None, but if you need more you have to pay licenses and if it is no enough that you have to buy a mayor model of SonicWall.

We use our Dell Partner who are slow, but efficient.

Our Dell partner have great technicians and they know the product. However they were slow to solve some problems because the GUI didn´t allow a fluent workflow/management.

We didn't have a solution in place previously.

Because our scenario requirements were complex, the initial setup was somewhat complex.

We used a Dell partner who had a great level of expertise.

You have to look if this device will do the task that you need, and if it does with which license do it. If you haven't got a license, you almost cannot use this equipment. Here you have a license for all, from the device itself to the user VPN license, so you have to be careful with this. Also, the licenses are not perpetual so my advice is talk with a Dell partner, know the product, know the limitations and compare with other brands.

We didn't look at any other options.

SonicWALL offers two operating modes, per IP basis, and per zone basis. You should design your network for work on the per zone basis. It will be easier and effective to manage the device.

We use SonicWall as the primary firewall for the internet connectivity of a multi-site educational organization. It is a private multi-site wide area network for an educational institution with around six sites. There are currently about 3000 users in this client's organization.

It has excellent stability. 

The filter settings are confusing and overly complicated. The user interface can be improved. 

I have been using SonicWall NSA for a little bit over 10 years.

Stability is excellent. 

Scalability is marginal. SonicWall is currently tied to hardware, so the only way to scale is with new hardware. 

The initial setup was straightforward. 

I would recommend this solution, but I would suggest allocating time to become familiar with the interface.

I would rate SonicWall NSA a seven out of ten. I would like to see usability enhancement, specifically around the filters.

In the main office we have set up a SonicWall TZ device, and then from the branches, we have set up a lower branch model, the SonicWall, and then created site-to-site VPN. We then deployed the VoIP between those branches to the main office. We also deployed the firewall and the URL filtering between sites and the main office. So, we just enabled and created the different DMZ zones from the devices.

We have utilized all the features. The most valuable are the:

• URL filtering by category,
• DMZ zoning
• Load balancing
• The site-to-site VPN.
  

Because this is an old device, the throughput needs to improve. Right now, the only problem is that since it eight years devices had to keep up with the latest technology. Most of the devices are now linked to the plants. That is one thing that can be improved. 

We also need to increase the throughput because the other devices are slower. The throughput will become slow. Since we're using VoIP, it tends to affect the voice quality. Even if you're using a quality service, it tends to decrease.

We're going to replace them. Since this is already eight years old, so we're going to replace the hardware but with a different brand.

We have been using this solution for ten years. 

It's deployed from the main office to the site office. So, we're using site-to-site VPN between project sites since we are a construction company.

There is no problem with the stability. Since the very start, I have not experienced any problem yet until recently during the quarantine, but the problem is now resolved. Since the requirement is to have a voice quality, we're using a platform like MS Team, Zoom, and it does not perform well when using those applications.

We have around 100 to 200-people using it. Most of them are users. It's on around 10 projects or 10 branches.

We only require one staff member for the deployment and maintenance. 

I have never called support. I only called when we first purchased it, if I had a question. I have not found any difficulties when contacting them, or just because I contacted only lower support. Then since it is a user-friendly solution, I didn't experience any problems with the device.

We used Fortinet and Juniper NetScreen, but we already replaced them.

After seven years or five years, the performance degraded. Then we sourced from our local suppliers and got a recommendation from them and er also checked IT Central Station to compare each product. 

It's not hard to configure, it's user-friendly. It's very user-friendly. It's just the performance that's an issue because it has already aged out. It is already old.

The quality and security support should be improved in the next release.

I would rate SonicWall NSA an eight out of ten.