Sonicwall PRO 5060
Strengths: Very good management, using zones rather than ports; great throughput.
Weaknesses: Could prove quite costly if all options are taken.
Verdict: A competent enterprise security platform.
Until recently, Sonicwall was best known for its small and home office products. But the 5060 breaks that mold, and would find itself at home in either a medium or large enterprise’s server room.
Based on a 2.4GHz Intel Xeon processor, with 512MB of memory and six Gigabit ports, the 5060 is clearly designed for larger sites. And, for failover purposes, several units can be load-balanced using the WAN port.
Management is based on the company’s proprietary SonicOS Enhanced operating system, and can be carried out via a web-based interface or its own Global Management System (GMS).
For this review, we stuck with the web interface, finding an extremely well-ordered layout, which organized into zones instead of the more usual port-view to establish policies.
By creating network objects such as subnets, you can use these as the source and destination of any rule. While a little more time-consuming, it’s well worth it, as you can re-use the network objects in the different rules you establish.
You will certainly want to establish several rules, as the 5060’s default setting is to allow all traffic flow from the LAN to the WAN.
By using the GMS, you can also establish custom policies for each administrator, which is invaluable in most larger enterprises.
The 5060 has the usual security modules: a deep packet inspection firewall; AV, anti-spyware and intrusion prevention (for which it comes with a one-year license); support for 802.1q virtual LANs; spam and content filtering. But taking all these options could be quite expensive – some require additional licenses.
Sonicwall has also paid particular attention to Network Address Translation policies, so that one-to-one, many-to-one, one-to-many and many-to-many policies can all be established and managed.
The unit comes bundled with 2,000 global VPN client licenses, but this can be increased up to 6,000. VPN throughput at 3DES standard can be expected at around the 700Mpbs mark.
The firewall throughput is more impressive at around 2.4Gbps bi-directional, and it will support 750,000 concurrent connections.
Overall, an impressive kit that belies Sonicwall’s relative inexperience at this level.