Assurance on the shore

The firewall's visualization capabilities have given Brick Township granular control, rule creation and the ability to prioritize the applications that are most critical for the school district. In addition, the NSA E6500 has enabled the district to reduce threats and optimize bandwidth, he adds.

“SonicWALL has exceeded our expectations,” he says. “I am saving up to 15 hours a week with the reduction in support calls.” That is human capital that he and his staff can put back into other projects, he says.

Two SonicWALL E6500s now sit in the school district's core server room with redundant WAN links. It also has a SonicWALL NSA2400 at high-population, low bandwidth for internet egress. And, Ellicott says his team is now working to complete a site-to-site virtual private network (VPN) to a remote warehouse, primarily to connect the new voice over IP (VoIP) phone network. They are also working to complete its Active Directory-aware, user-based access controls. 

“We cater to children through adult,” Ellicott says. “High school students are crafty and keep our department on its toes, while staff requires greater security and access to different computing platforms. We have a great responsibility to protect not only adults in the district but children as well.” 

[sidebar]

UPDATES: Keeping current

SonicWALL customers with active security services, such as the Brick Township public school district, receive regular updates by the firewall polling the company's back-end servers, says Dmitriy Ayrapetov, product line manager of network security at the San Jose, Calif.-based provider of internet security solutions. Usually the updates are hourly, but in some cases can become more frequent. There are no reboots necessary when an update is applied. 

Additionally, the company's cloud-assist anti-virus feature, called Cloud-GAV, allows the firewall to query an additional six million-plus malware signatures that exist on the backend, Ayrapetov says.  The updates there, by definition, are instantaneous. 

“Most organization at this point are extremely aware of the benefits of deep packet inspection, but we've seen most avoid deploying this technology because of performance implications or because of negative experiences with vendors who focus on protecting just a few common ports,” says Ayrapetov.  

“Our vision is to eliminate this performance concern and to reassure our customers that all ports are protected and administrators can regain control of their networks even if all applications start streaming over HTTP,” Ayrapetov says. “We give them this visibility without a sacrifice in performance. Security gets turned off if it hinders productivity and work, and we are working to provide security that enhances productivity.”