SonicWall TZ Reviews

In some cases SonicWall is used to outfit a company, replacing existing infrastructure and getting site-to-site VPN set up for easier management. It provides ease of use for VPN setups. We are customers of SonicWall and I'm a senior system analyst. 

The solution offers the right amount of control without being incredibly convoluted and frustrating, or without being too dumbed down where you don't have options to do certain things. It's very to the point with the controls and simplifies things for us. It's great value for money. 

The solution has a lot of robust options and it's easy to use. NSM is a good feature, a single pane of glass security center where you can monitor SonicWall for different clients and troubleshoot without it requiring individual access. The product has good integration with their SMA solution, which we deployed for one of our financial firms, and we've also provided a remote access solution for people with PCs at home who want secure access. It offers good content filtering.

I would probably say their GSM or their Sonic Analyzer could be improved. I have always found it difficult to manage and not very intuitive. I'd like to have better visibility of what each endpoint is doing. That's something Meraki has that is very easy to use.

I've been using this solution for over seven years. 

The solution is stable. We're an MSP, so if our clients have any dated hardware, we'll make a plan to switch to SonicWall, otherwise there can be issues with the internet or configuration where we can't get in and troubleshoot. We need to know we can get into the firewalls and make sure that they're online, as opposed to having to schedule someone to come in and deal with the basic physical connections or troubleshoot.

The scalability is very good because if you know how to work the base model, the old solution or the TZ 105, all the way up to the NSAs, they just scale up in terms of features and functionality and you don't change a whole lot. They have good terminology that sticks throughout, so if you work with one, you can work with them all. It means upgrading and scaling is very easy. We manage about 1300 users or so across about 100 different clients. For the most part, maybe 80% of them are on SonicWall, and we try to push that just because it makes our lives a lot easier.

We don't use the technical support very often, but the last call I had with them, everything was resolved within the hour. I spent more time on hold than I did with the person. It was 15 minutes on hold, for 10 minutes to resolve the issue. Otherwise, it's great. 

The initial setup was very straightforward. Deployment time depends on the client but if we're starting from scratch, you can have it updated and deployed within an afternoon without issue. We have our own techs with experience who can get things set up to the best of our ability. Implementation takes one person who knows what they're doing, but we have a team that can help out and troubleshoot if we run into issues. 

I'm not sure of licensing costs, but the price point isn't bad. In addition, you need to buy the hardware. There is also a standard support license, and they offer an advanced security gateway with other intrusion detection, prevention, content filtering, etc. There are some additional options we usually go with, but things like content filtering are hit and miss, and depend on what the client wants.

I've tried Meraki, but their price points are ridiculous and feature functionality is somewhat lacking. After Dell sold SonicWall, things improved a lot, and they've come a long way. There were some things about Meraki that I liked such as endpoint visibility. You can see the list of connected devices and apply a policy. You can get very low network so that bandwidth is not eaten up if someone is watching Netflix all day but they can still receive emails. Those kinds of things are what's missing in SonicWall. I've never been able to do something like that easily on the firewall side. Unfortunately, the cost of Meraki is really prohibitive. We tried a few other solutions and they just didn't pan out. If you want a good firewall, you have to pay thousands of dollars for what SonicWall does in a way that's easier to manage.

I would recommend trying the product, it's not too difficult, whether it's the setup or the cost. If you're looking for a really low-cost solution, you'll probably end up using something like pfSense which doesn't really compare to SonicWall. There are probably better solutions out there, but there are things that SonicWall does better, it just depends on your budget.

I rate the solution eight out of 10. 

Once we moved the units up to the Gen 6 platform, they could support SSL-DPI. We are huge fans of the DPI. That piece is incredibly easy to implement. I'd say probably the most powerful thing about the solution is that coupled with the captured functionality. 

We've turned the SSL inspection on, and it is a nightmare. It doesn't mean it doesn't work, but it will turn your world upside down for weeks until you tune it and get it right. That's an across the board problem. It's not just TZ. That's TZ's, NSA's, etc. Wherever you're using their implementation of SSL, where you've got to implement a certificate on every machine. Once you even get past that it's still going to be particular and finicky. Banking sites are driven crazy by it every time we turn it on.

It is trying to lock down outbound traffic so tightly that you get to sites that are already very security conscious. It's just a battle to get the traffic through. Intentional traffic, the traffic you want to get through, seems to be a problem. It will stop almost everything. Too much in fact. I understand the concept. It's just a little threatening. We just had a client sign off on a 6650. Then we send them a scope of work for implementing it. We specifically put a note in there in enormous bold type: "Note does not include SSL-DPI implementation". That is additional. The client responded that  "That's the one piece I wanted you guys to do. I'm scared of it."

He said, "We're scared of it," and I told him, "We're scared of it too." I said, "I don't know how long it's going to take. And it's going to turn your universe upside down for a week to 10 days to maybe two weeks." He said that he heard that this would be the case. 

My fear is that the client thinks that we'll say it will take four hours and then, when it turns into 40, try to make us give them the submission for free. 

Even tiny environments, for example, 10 user environments, once you turn it on, you will spend days tuning it. The last one we did took us 22 hours to get it perfect. We learned our lesson. We slotted in four to eight hours to do it and it took us 16 to 20.

From a support perspective, if we're talking tech support I think Silver Partners, Gold Partners, Platinum, whatever level, should have a different number to call. End users can call tech support over at SonicWall if they've paid for support as part of their AGSS or whatever services they bought. The end-user can call, or we can call, however, I don't want to be calling the same line that an end user's calling. I don't want the same response time. I need a different level of expertise.

We've been a SonicWall dealer for 21 years approximately. We've been handling the solution since 1999. I personally didn't start using the solution until 2004.

Once you get past all the configuration issues, If you are on a rock-solid GA (Generally Available firmware), I don't know if I want to say it's bulletproof, however, the stability is really, really good. I don't sit and worry, thinking, "Oh, God. We know another one's going to fail today." We never think that way about that type of stuff. It's the odd time where we might get hardware failures or random reboots. We've had a couple of SMA units go sideways. Even SonicWall couldn't solve the problem. However, that said, it's rare.

There's a couple of different ways to answer the question of scalability. They've built the TZ line wide enough so that we've got enough of a selection to be able to fit most bandwidth and user count situations. It's never going to fit everybody and it's not meant to. It shouldn't. It is a little challenging to try to get one of the boxes to do full wire speed. I'm not so sure inside that box, at the price point, you're going to solve that problem.

That's why we sold the 6650. One client has got a one gig fiber line and they're in a school. On an NSA 3600, he can't get over 400 on it. I told him he never would. Some days I'd be surprised to get 400, depending on the user count. The TZ lineup is pretty good, however, I'm not so sure I'd use the word scalable. 

If what we mean by scalable is, "oh, well, I buy a 300 and I buy it for 10 users, but I can scale up to 30 users with that box," the answer to that is no you can't. If you ask "could I scale up to 25 users and move to 200 or 300 or 400 meg?" You can't. We've got somebody in that situation right now and we're quoting a box replacement because it just can't scale that way.

You can't necessarily scale on the appliance. You've got to get the right size. That's the easiest way to scale. If it's the right-sized appliance for the environment with some headroom then I think most situations users are going to be fine. There's going to be some issues where somebody cheaps out. For example, we worked with a law firm. They bought a TZ 300 because they didn't want to spend the money for the 500. Now they're going to have to spend the money for the 500 anyway because they need to scale up. 

I don't think they really separate support from line to line. Maybe if you get all the way up into supermassive issues they do. Between NSA and TZ, it's the same level of service that you get on the other end of the phone. To be quite honest, level one support is not sparkling. Level two is usually really good. Level three is usually a combination. You get to level three, and you're almost talking to development or a combination of a crew that's dealing with development and senior technical expertise. Those guys rarely fail us.

That's a typical support story. The level one guys will read the scripts and don't necessarily fix anything. We've already run through level one through three on our end with my staff. If they can't fix it, talking to a level one script reader is definitely not going to get it fixed. You should be able to bypass those guys if you're a reseller and a long-standing Silver Partner, like we are.

We've also used Cisco previously. A while back, we used to have Cisco as our primary choice, with SonicWall being our second. That changed when I came to the company in 2004, where SonicWall became our solution of choice. We've got 400 or 500 firewalls out there and we don't plan on changing over to anything else.

We're a Silver Partner.

I'm not an engineer. I was a field engineer for nine years a long, long time ago. However, I'm not typically the one that gets my fingers into stuff, and it would be my engineering and senior engineering staff that do that. That said, I can say that I don't think any of our guys have touched the virtual platform yet.

We use TZ and traditional NSA tech every day. That's our bread and butter.

The current version we're using right now is the 600 series, although we do still have some 350 series. 90% of what we use are Gen 6. They're either TZ 300, 400, 500, 600 or NSA 2600, 3600, 4600. 

We've got a smattering of 2650s that we've rolled out, which have been really, really good. Those are powerful units.

I'd rate the solution eight out of ten. It doesn't warrant more than that. There's plenty of products I'd give a five to out there, however, for the quality of the product offering, I think an eight is a fair mark.

We use it for ATP, the main firewall, and VPN connections to some of our sites.

The VPN is quite useful for us, as well as the ATP. Overall, I would say it's a good solution for small enterprises.

We are currently using a 54.1 version, which, when compared to other solutions like FortiGate or Check Point, needs to improve in many aspects. Even the new SonicWall 7.85 is not safe compared to FortiGate. There is a huge difference.

It has been around four and a half years now. The firmware that we are using is version 6.5.

It's extremely stable, actually one of the best. I would rate it a seven out of ten. 

I would rate it a six out of ten for scalability but for medium to small enterprises. All are remote users. I would rate the solution a six out of ten because there is still room for improvement, and it's not advisable even if the organization has grown.

A lot of users use it. All our email sheets are using it, and users connect via VPN.

The setup was fairly easy once you understood how the device worked. However, I wouldn't recommend it to anyone else anymore.

The licensing options are quite good in terms of what you get. For a small to medium enterprise, it's a good option.

If you are looking at it from a financial level, it's a good option. But I think there are other options out there. If I had found this product already in my organization when I joined, I would not have gone with this product. I would have gone with an entry-level FortiGate or Check Point. It would have been much better or easier, but SonicWall TZ is not bad, either. However, my device has almost reached the end of its life after almost one and a half years, and it's easy to switch to a different product at the end of our licensing period, which is towards the end of this year. So that would have been good for me.

Overall, I would rate the solution a seven out of ten. 

Our primary use case for this solution is connecting offices in different cities together. Also, when the pandemic hit, this solution allowed our remote workforce to connect to the network remotely, from their houses or wherever.

From our point of view, the most valuable feature was the ease of deployment.

I think content filtering is the area this product should improve. It's a little tricky to get put in correctly.

I have been using SonicWall TZ for four years.

I would say the stability of this solution is quite good. However, we did have a few issues.

I cannot comment on the scalability of this solution as we work with mostly small to medium businesses and do not worry about scaling.

The initial setup was quite straightforward.

The deployment does not take long as I can get one out of the box and ready to go for a client in 20 minutes.

The only advice I have for people looking at this solution is to either learn the product or hire someone who knows it very well.

Maintenance of this solution is done mainly by the engineer that sets it up. The only time we really need to use it is to check and make sure that we don't have any vulnerabilities. We keep the firmware up to date. Other than that, if the client needs any changes made, we make those changes. Other than that, you can just set it up and forget about it.

I would rate this solution an eight, on a scale from one to 10, with one being the worst and 10 being the best.

Our customers use SonicWall TZ for network security and also for connectivity, e.g. when our customer is a company with HQ and branches, and they want to secure their branches the way they secure their HQ, we recommend SonicWall TZ so we're able to protect both the users in the HQ and the users in the branches. We also use this solution to optimize the bandwidth that they have by configuring SD-WAN services.

Another use case for this product is when using switches, e.g. when people want to connect their IP phones, their access points, and their access control devices, we recommend the switches and utilize SonicWall TZ, but mostly this firewall solution is for network security monitoring, analytics, and reporting.

SonicWall TZ has a number of benefits to customers.

One benefit is the visibility of the network and activities that are happening on the network, which enables customers to improve on their policies. For example, if a  customer sees that YouTube is consuming a lot of bandwidth, they can revise the policies and allocate less bandwidth to YouTube, then give more bandwidth to business critical applications.

Another benefit of this solution is that it's able to bring a lot of visibility to things that are hidden from a normal IT person's view, so now that these things are visible, users are able to make quick decisions. For example, there was an organization that was complaining that they have less bandwidth, so we implemented the firewall and noticed that whatever they were getting, they needed to add more, before they're able to add more bandwidth from their ISP. 

The simplicity of SonicWall TZ is also one of the things I like about it.

I found many features in SonicWall TZ that are valuable. The NSM (Network Security Manager) is great when you have more than one firewall, e.g. two, three, five, etc., because it's a central place where you can configure the firewalls.

Even for users who only have one firewall, SonicWall TZ is great, because it's very easy to use. It's user-friendly. I have used other firewalls, and I've worked with Fortinet and Palo Alto, and if I compare their user interface with SonicWall TZ, this solution has an interface that's so much easier to use.

In this product, configuring the policies and everything else that needs to be configured is straightforward. You don't have to move through multiple pages and tabs. It's easy to configure and use.

The analytics feature of SonicWall TZ is also good, because users are able to see information on bandwidth utilization, including applications that are traversing the network.

I also like the Capture ATP (advanced threat protection) feature of this solution, because it shows the unknown files that have been detected in the network, how they were scanned, and what the results are. It's a very good feature.

I like the licensing scheme of SonicWall TZ. If you have high availability requirements, you don't need to buy two licenses. You just buy one. This is cost-effective for the customers. I also like the secure upgrade promotion, e.g. If you have an existing firewall from Cisco, Fortinet, or another competitor, SonicWall will give you a two-year license for the price of a one-year license.

SonicWall TZ has good features that I can really position to my customers, and that's how we're able to win new business.

I also like the form factor uniqueness of this product. You can use it even in an office with 10, 15 people. That's very great. That's a day one capability, and it's not licensed, e.g. it's something you can get out-of-the-box. I also believe that SonicWall TZ 570 and 670 series can accommodate SFP (small form-factor pluggable), and I find that very unique.

SonicWall TZ also has high availability, so it's a perfect solution.

Support for SonicWall TZ needs improvement, particularly the time it takes before you're able to speak to a support person, e.g. you have to wait for at least 30 minutes on the phone, and this needs to be improved.

This is an affordable solution, but a competitor like Sophos can give SonicWall a run for their money. Sophos and Fortinet are major competitors of SonicWall, and the way they package their solutions, especially Sophos, they're cheaper, so for some customers who aren't technical, they will just run to these competitors because they're cheaper. However, once you explain to the customer that this is the situation, mostly we're able to win the business for SonicWall.

An additional feature I'd like to see in the next release of SonicWall TZ is enhanced automation.

I've worked with SonicWall TZ since 2019. I've been working with it for three years now.

I didn't have any issues with SonicWall TZ in terms of stability. I started working with SonicWall in 2019, and all the customers I sold this to, not a single device has failed, apart from one customer who had a failure in Ethiopia last year, but that customer bought the device for quite some time, e.g. in 2018 or 2019, so that one had been onsite. I've not heard of any breakage apart from that one, so this product is stable.

SonicWall TZ is scalable. I just have one customer here who is suffering because of issues with sizing and scoping initially, but from what I've seen, this solution is scalable. It scales well.

I was able to contact the SonicWall technical support team a few times, but before I was able to talk to a support person, I had to stay on the line for almost 30 minutes, sometimes even longer than 30 minutes. This is something that they need to improve.

The initial setup for this solution was very straightforward. I don't have an issue with setting up SonicWall TZ.

I find the licensing scheme of SonicWall TZ cost-effective for customers. SonicWall also has a secure upgrade promotion that lets you enjoy a two-year license for the price of a one-year license, if you have an existing firewall from competitors, e.g. Cisco, Fortinet, etc.

I was able to evaluate Fortinet FortiGate briefly. I also evaluated Palo Alto.

I've used Fortinet FortiGate briefly. SonicWall TZ is what I'm using at the moment. We are an authorized distributor of SonicWall, so we sell SonicWall products, including SonicWall TZ, to resellers and partners.

We deal with the latest versions of this solution: the gen 7 series and the gen 7 NSa series. These are what we've been selling to most of our customers.

We have not been able to sell SonicWall TZ on cloud. We have received requests for quotes, particularly for cloud deployment, but what we were able to sell were on-premises deployment, e.g. physical devices.

Deployment of this product usually takes less than a day, but it really depends with the setup, with the network. We recently had one that took two days, but it's usually just less than a day.

We sell SonicWall TZ to different companies. One company has 10 users. Another company has a hundred users. There's another company with 500 users. We sell to partners, and that's our main job. The partners sell to the customer, so you'll find one partner has five customers, another partner has two customers, etc. We are just not covering Kenya. We cover east Africa all the way up to Congo, Ethiopia, Djibouti, and Eritrea. We cover all those areas.

What I usually tell people who are looking into implementing this product is that it's the easiest to use among the many firewalls I've seen.

I have not been disappointed with SonicWall TZ, so I'm giving it an eight out of ten, not a perfect score, because there's still room for improvement.

SonicWall is perfectly okay for businesses that need to support around 100-150 users.

SonicWall is very expensive in terms of using it for 500 users. It's very expensive compared to Cisco Meraki. Cisco Meraki is half the price with the same features. Even FortiGate is less expensive than SonicWall.

I'd like to see anti-spam included in the standard license. I have to pay more for anti-spam when really it should be the standard feature.

I have been using SonicWall for about two years. 

No issues with stability. There's an automatic update that defines everything and then implements it to where I can see it on the dashboard. I can see all the spam or malware that was detected, as well as the vulnerability. It then stops those issues. 

General maintenance is okay, but if some users require changes, or I have to deploy some policy on the users, then the steps are actually pretty lengthy.

The only issue I have with scalability is the price.

I get in touch with technical support whenever we require the support, the support is okay. We have a toll free number to connect with them. I just connect support and then discuss the issues. They take control of my firewall and then make changes as per my requirement. That's fine. The support is more or less is good. That's not an issue.

I license SonicWall TZ for three years subscription and support. I would say the price is about 20% more when compared to the competition. The standard service for what my company needs is already covered in that license. But if I need more licenses like for VPN or some other filtering, then I need to pay more.

I worked with Meraki and Fortigate. I can differentiate the products in terms of ease of use. If I go for ease of use and deployability, then I would prefer Cisco Meraki in any case.

It's not user friendly as compared to Meraki.

I would rate this solution a seven out of ten. 

If an organization has about 200 users with slow growth, then SonicWall would be great. But if the growth is exponential and rapid, they may want to consider other solutions or SonicWall NSA.

Our use case is that our email and CRM are in the cloud but the rest of the solution is here on our old server on premise. That includes file sharing and internal programs, too. We have some kind of replication of the cloud on premise to use in case of problems.

The feature with SonicWall that I have found most valuable is that all the models have the same interface. We don't need to learn different interfaces in the smaller or bigger models. The other thing is the actualization and upgrade politic are really strong, really good, very high quality. Lastly, the performance and the price are excellent.

I am really happy with the product. The new interface is really modern and really clear. The 7th generation is a really big improvement.

It has a very good design.

In terms of what could be improved. That is a very good question. Maybe the price could be lower. That is the only thing. Otherwise, it is really a very good product with really good performance. The only thing is maybe to lower the price a little bit - but it's not a complaint. I don't have complaints with SonicWall.

SonicWall is really a very complete product.

I have been using SonicWall TZ for five or six years.

SoinciWall TZ is really very stable.

Their scalability is wonderful. SonicWall has a migration table and it's easy to migrate the configuration of a small model to medium or all types. It's really easy. No problem. I have done this a few times and each time was perfect.

We have almost 100 users.

One person is enough for doing maintenance on SonicWall.

We do have plans to increase usage to more or less 10 or 20% more users next year.

The support is excellent

Previous to being introduced to SonicWall, I used Softforce.

The initial deployment is easy. Even in the case when a client has a particularly exotic configuration - the support is quick, fast, and very professional.

How long the deployment takes depends. Normally, the delays are the fault of the misinformation we receive from a client. Or misunderstanding the information the client provided us before we did the setup of the firewall. Normally it's not a problem with SonicWall.

We pay yearly or bi-yearly. Normally we offer the license for two or three years. But it's common to buy the license year by year.

My only recommendation is that you need to be a certificate holder to set it up and configure it. It's really important because it looks easy, but it is complex. You need to have the knowledge and experience. But this is normal for technical products. It is not a product for the regular user. It's for technical people. You need to have skills.

As a customer and a reseller, we feel they are doing a really good job.

On a scale of one to ten, I would give SonictWall TZ obviously a 10.

Our primary use cases are a site-to-site VPN connection, content filtering and in addition SSL VPN connectivity for remote desktops.

It provides our organization with very low throughput.

The site-to-site VPN connections, content filtering, and in our current remote working situation, SSL VPN remote desktop connectivity are the most valuable features. 

The areas we would like to see improvement include more features available similar to the equivalent FortiGate appliance, e.g. SSL encryption and inspection. Two-factor authentication capability would be another additional feature that could be included in the next release. 

I have been using SonicWall for 2 years. We have utilized SonicWall appliances for the last 7 years.

The overall stability has been good, there were no issues or concerns from the viewpoint.

We size our appliance based on the number of users, in this solution the TZ appliance was suitable for 30-40 users.

We experienced a very good level of support from the vendor and they have assisted us in real time via remote session when needed.

The initial setup is very straightforward. It took approximately 3-4 hours.

In comparison to competitors the license price is higher and as a suggestion, for 10-15 users potentially provide a free basic license.

We did evaluate the Fortinet FortiGate equivalent option.