SonicWall Firewall

Riguy Index and Archive:

SonicWALL TZ-180 Firewall Review

I purchased and am currently using a SonicWALL TZ 180 firewalling unit on my SOHO network and I must say - it is a fine, efficient and seemingly secure product. The TZ 180 is an entry level unit that meets the basic firewall and other (i.e. 1 VPN client) needs of a small office. The TZ 180, like all SonicWALL products, needs to be ordered through a reseller, for example CDW. Although there are potentially sticky situations that need to be looked at carefully before purchase, such as whether or not to purchase a brand new unit outright or a unit that will replace another vendor's product, it is a product worth serious consideration. It is in fact worth purchasing in place of the mighty, pricey, Cisco units, in my opinion. Call me crazy, but Cisco units are more expensive than SonicWALL units. But does that mean they are better? It may depend on how this is measured. But let's face facts: Cisco has a long history of security vulnerabilities. Isn't security one of the main factors when purchasing networking equipment? Of course, performance would be the other imperative factor, followed by cost, ease of use, etc.

This is simply my opinion. I believe the SonicWALL unit (s) should be given consideration because of 2 major factors: cost savings and ease of use. I do not work for SonicWALL and have no stake in their success, although I hope they stick around for a long time so my unit is supported in the future!

It is interesting to note that although Cisco units these days do have graphical interfaces for configurations, many old time engineers continue to use the standard command line equivalents. So, they telnet or use 'putty' to the firewall or switch. Although many of these folks brag about the superiority of the command line, many of them simply have not even looked into the graphical application options. Also, an interesting aside: the command line ('CLI') impresses the chicks and some VP's at many workplaces and this is great for these engineers. Ok, so maybe I'm kidding a little..

But for some reason many people are impressed when seeing an engineer of some sort frantically typing Cisco IOS commands, when really all they are doing is allowing access in or out of their networks to 1 IP address, and maybe saving those changes to memory, etc. But by the looks of their sweat and keyboard noise, you would think they were in the midst of a "24" (the show) type of terrorist calamity or that they were bringing down the world's root DNS servers. Maybe all they are really doing is rebooting the router because the internet connection for the company has stalled due to the fact that the firewall unit is using 5 year old firmware? Of course, this is not the fault of Cisco, per se. They do in fact strongly encourage training.

Anyway, in some networks or IT shops, the network engineers are the people who run the show. In my experience I have noticed that many of these people come from UNIX backgrounds, despite the fact that they have no particular training or background in Cisco or even TCP-IP networking. As a result, they tend to learn their Cisco 'on the job', if you know what I mean. If they have the training previous to the configuration of the Cisco equipment then that is great! But what many business users do not know is that sometimes when there is "downtime" in their company, it is in fact attributable to a lack of routing or networking equipment knowledge, and not that the equipment itself simply "failed" on its own accord (or in IT parlance: "it died"). My point is that some companies may want to consider moving over to SonicWALL equipment for the following reasons: cost and ease of use. The SonicWALL equipment is less expensive and is uses a simple web interface that can be understood by a Cisco, a UNIX, or a Windows engineer or anyone who has been schooled appropriately in the OSI model and networking concepts. Also, instead of paying the extra $50,000 salary to a Unix or network engineer because of the Cisco skills required, the SonicWALL skill set may be less costly and equally useful.

As for critical performance issues, I am trying to measure performance on my network and will post the results as I can. But it is purely anecdotal. At this point, after several months, the connections seem speedy. And when major changes are made on the unit, i.e. a static IP edit or some type of mapping (for example to this web site, port 80), the reboot of the unit takes a reasonable amount of time, say 1-20 seconds.

Moving on ...

This equipment is managed through a web interface. The login screen is straightforward enough, and keep in mind the default name and password given with the documentation. Admin is the default username and I changed the password as soon as initial configurations were done...

The router needs to be configured right away. There are various wizards that are given as options. And even after configuring the bare minimum, the wizard offerings can be opened after at any time. The choices are divided into 4 areas: internet (Setup), Licensing, access rules, and VPN, if applicable. Here are the specific wizard options for the TZ 180 - after configuring basic IP addressing:

After initial configuration, the left window pane/menu can be seen in your own web browser - as viewed to the left. Whatever is opened in the left frame opens in the right pane. The window actually opens into the default system Security Dashboard. There are 2 options for viewing within the Security Dashboard, depending on what packages you may have/have not purchased from your reseller. One view is the Global and the other is the local anti virus, anti spam, anti intrusion, etc view, if that package is indeed purchased from SonicWALL. The latter option at that point will be in MAC address form. Anyway, it's a simple radio button choice. The Global view is pretty nifty, but it is just that: global, i.e. worldwide. So, you get a report on the world's hottest virus, spam, P2P programs or intrusions. Not too shabby, but definitely not local in nature. Again, for the local view of threat detection, the services package has to be purchased from SonicWALL. I have not purchased them at this point but I am considering it. Providing a solid firewall was my primary objective, as I already have anti virus available. My Exchange server has anti spam capabilities in use as well.

Again, to see the local view, services must be purchased from SonicWALL. But here is a snippet of the default global intrusions (as of March, 2008).

SonicWall Part 2

Search Google for Related Content:

Windows 2003 Server
Vista Upgrade
Samba Server
Windows SMS Server
Mac OS X in a Domain
Distributed File System
Exchange Server Set Up
NT Backup
Network Monitoring
DSL Comparisons
Windows 2000 Upgrade
Terminal Services
Red Hat on a Laptop
Network+ Exam Prep
Windows Perfmon
Exchange Server Synching
Windows IIS for Web
Exchange Global Address
McAfee ePolicy
Using TCPDUMP
Red Hat Linux Updates