SonicWALL NSA 4500 v5.8.1
Strengths: Dashboards, packet capture tool, session initiation protocol support.
Weaknesses: Nothing of real note, maybe a bit more capability in alerting.
Verdict: A lot of functionality and performance for a decent price. Full featured, yet easy to use.
SummaryThe NSA 4500 is a purpose-built appliance that can be deployed at the edge of a network, inside a network between various network segments, or inline behind existing security solutions. It is managed through a graphical user interface or a central management console, called Global Management System. We tested with the standard web-based user interface. The NSA 4500 appliance offers an extensive array of security and networking features and it is easy to deploy and manage in a wide variety of environments. Available as a suite of appliances, the NSA protects against a comprehensive array of attacks, combining intrusion prevention, anti-virus and anti-spyware, anti-spam and content filtering with application intelligence, control and visualization, with advanced routing, stateful high-availability and high-speed internet protocol security (IPsec), and secure sockets layer virtual private network (SSL VPN) technology.
We attached the appliance to our internal test network and our internet switch. We pointed a browser to the default IP address of the appliance and configured the local area network (LAN) and wide area network (WAN) ports for our environment. Configuration was simple as the user interface (UI) is clean and intuitive. But, there is a separate step involved in setting up these appliances in that one must first set up a mySonicWALL account through the web, and then point the appliance to that account for licensing and updates.
This is a full-featured product with support for stateful firewall, anti-virus and anti-spyware for both email and URL, application control, intrusion prevention systems (IPS), deep packet inspection for SSL, and VPN. There is also a packet capture and monitor available right in the UI. Configuring the firewall rules was quick and easy. There are default access rules that one can edit or individual rules can be added in.
There are enterprise features, such as high availability failover pairs and performance throughput on stateful inspection mode of 275Gbps. There is a useful GeoIP filter option for quickly and easily blocking IP ranges by region. There is also the ability to do SSL traffic stateful inspection (DPI-SSL). Voice over internet protocol (VoIP) traffic is supported through the appliance without the need for a separate session border controller.
The dashboard capabilities are very well done, with numerous dashboards to choose from with configuration options for displayed data. Most of the reporting is done through the dashboard function, including the built-in threat reports. Logging is fairly basic with some nice tools for mining the log data. Alerting is limited to setting an alert level on events, and this is delivered via email.
Documentation was not provided with the product when it arrived, but we were able to obtain it all from the mySonicWALL site. Support is available for 90 days with options to purchase either eight-hours-a-day/five-days-a-week or 24/7 a year add-on for 17 or 23 percent of list price, respectively.
This is a very strong offering with the features it delivers for the price point. The ease of use and dashboard features make it easy to manage. - ML