Sonicwall PRO 2040
Strengths: Impressive and comprehensive functionality combined with an excellent management interface.
Weaknesses: Optional extras add to the price.
Verdict: An extremely good firewall VPN with the flexibility to add additional functions where required.
It is built around the SonicOS Enhanced operating system, which has been beefed up to introduce better user management. The 1U unit comes with with three 10/100 Base-T Ethernet connection.
Installation and setup is easy. After configuring our management PC onto the same IP range and subnet as the device, we simply pointed our browser at the default IP address, logged into the management console and fired up a well-designed setup wizard. After this, it is configured by pointing a web browser at the default address.
The management interface is extremely good – well laid-out, logical, easy to navigate and comprehensive. The 2040 can also be managed using Sonicwall’s Global Management System, allowing you to configure, manage and enforce security policies from a central location. Other options include support for the Simple Network Management Protocol.
Multiple VPN connections can be configured and also multiple VPN polices up to a maximum of 50 site-to-site policies and eight group VPN policies. It supports a wide range of encryption protocols including DES, Triple DES, AES128, AES192 and AES 256. MD5 and SHA1 authentication are also supported.
The VPN software supplied supports Windows 2000 and XP and must be installed individually on each client.
User authentication can be achieved locally within the device, through Radius, LDAP or combinations of these methods.
Functionality can be boosted by buying optional extras such as network and gateway AV, email and content filtering, anti-spyware and intrusion prevention.
For content filtering, the device can be configured to restrict Java, ActiveX, Cookies, access to http proxy servers and known fraudulent certificates. Also, the network administrator easily configure it to allow Java, ActiveX and cookies from trusted domains.