Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
SonicWALL’s PRO line of UTM appliances offers a good collection of features over and beyond a basic firewall, although this core feature is well provided. The 4100 we received is at the upper end of the line, offering 10 Gigabit Ethernet ports and throughput of 800Mbps. A 2.4Gbps version is also available.
Connecting to the unit to set it up was simplicity itself – DHCP is enabled by default, so restarting the interface on our management station had us connected in moments. Why most vendors require manual reconfiguration to the default IP subnet is beyond us, but SonicWALL gets it right.
The system offers an initial set-up wizard, as well as wizards for other common tasks like setting up public servers and VPNs. The main administration screen is headed up with a concise list of items needing attention, which was very useful, but did not link to the appropriate page to rectify the problem. This is followed by a well-designed snapshot of various configuration items – well-designed, but not really useful in a day-to-day sense. A dashboard of alerts, connections and active rules would be more useful than the system and registration status.
We did like the onscreen link status for interfaces – few other products provide a visible alert for physically disconnected links.
The alerts are a bit excitable. For example, a portscan was flagged up, but identified as a syn flood attack and a collection of attacks against non-existent services. So a very basic scan appeared as a major incident in the log. We like to see scans logged, but not to this scale.
Some parts of the interface, particularly information and help screens, are actually framesets pointing to SonicWALL’s own servers. This ensures up-to-date data, but if the unit is internal and has no internet connection, this will cause problems.
Basic firewall and VPN tasks were all accomplished with ease, but the interface could be slow. Some very basic bandwidth limiting is provided, as well as 802.1p for traffic prioritization.
You also get AV, IPS (although no policies are included out of the box and must be downloaded), email and content filtering. An anti-spyware feature is also included. Integration with SonicWALL’s wireless security products is welcome, integrating rogue AP detection into the UTM management interface.
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.