SonicWall TZ 600P (PoE) combines the abilities of a stateful firewall with multiple software services to define the nature and type of traffic that flows into a network. SonicWall protects against advanced threats by employing a multi-engine sandbox that masks the bandwidth entering the environment while maximizing firewall performance. The combination of these features and capabilities drive the security effectiveness of this solution.
Capture Advanced Threat Protection runs a a cloud-based, multi-engine sandbox that offers a patented, assembly-free, deep memory inspection. This environmental investigation offers dynamic file analysis, detects never-before-seen malicious code and, whenever it detects such code, evaluates system memory in real-time to uncover any changes. The bandwidth management capabilities let administrators define which files to include with inspections. A 30-day file capture history shows the outcome and justification of each file analysis.
The dashboard breaks into three main sections—Monitor, Investigate and Management—thereby giving administrators easy access to the most relevant and pressing information. The Monitor tab shows an overview of application usage and risk as well as general system status information, such as current firmware version and licensing information. The Monitor tab also shows more specific data, such as current bandwidth information, a real-time account of blocked threat types and details regarding the health of the firewall. Essentially, the Monitor tab shows every piece of information an administrator needs to identify areas that warrant further investigation.
The Investigate dashboard tab then contains all the event, connection and application logging information an administrator needs to investigate questionable items identified during the monitoring process. It also offers diagnostic tools such as ping tests. For more visibility into network activity, administrators may use the application flow reporting to see the types of traffic flowing through the firewall in real-time.
Finally, the Manage dashboard tab has everything an administrator needs to act on any traffic deemed malicious during the monitoring and investigation phases. SonicWall comes out of the box as a zone-based firewall, meaning that network segmentation is built into the appliance. Administrators may define different zones and areas within the network and then use these definitions to configure access rules.
There are graphical reports that aggregate the information contained within these dashboards, however, we were unable to see everything we expected to see. We struggled with turning on the antivirus and found this process and the interface itself less than intuitive. Luckily, support eventually walked us through a resolution. And while we appreciate the flexibility that comes from SonicWall’s many customization options, we were frustrated by the manual configuration that these added options require. We believe this product will best suit MSPs.
Overall, SonicWall offers centralized infrastructure management—including the management of branch networks through the portal—on a single pane of glass, a great option for those looking to add access points and phones without needing to supply additional power. SonicWall’s efficiency, its patented, deep packet inspection technology and its partnerships with major global enterprises make the SonicWall TZ 600P (PoE) a flexible and effective UTM product.
Bundled pricing for the device and UTM services is $3,655 and includes 90-day support. Extended 24/7 or 8/5 phone, email and website support are available for a fee and come with access to a FAQ list and a knowledgebase with online manuals and installation documentation that contain helpful screenshots.
Written by Katelyn Dunn
Tested by Tom Weil