SonicWALL’s PRO line of UTM appliances offers a good collection of features over and beyond a basic firewall, although this core feature is well provided. The 4100 we received is at the upper end of the line, offering 10 Gigabit Ethernet ports and throughput of 800Mbps. A 2.4Gbps version is also available.
Connecting to the unit to set it up was simplicity itself – DHCP is enabled by default, so restarting the interface on our management station had us connected in moments. Why most vendors require manual reconfiguration to the default IP subnet is beyond us, but SonicWALL gets it right.
We were disappointed to see the default management service running over HTTP, but the page uses crypto (in JavaScript) to avoid sending the administration password in plaintext.
The system offers an initial set-up wizard, as well as wizards for other common tasks like setting up public servers and VPNs. The main administration screen is headed up with a concise list of items needing attention, which was very useful, but did not link to the appropriate page to rectify the problem. This is followed by a well-designed snapshot of various configuration items – well-designed, but not really useful in a day-to-day sense. A dashboard of alerts, connections and active rules would be more useful than the system and registration status.
We did like the onscreen link status for interfaces – few other products provide a visible alert for physically disconnected links.
The alerts are a bit excitable. For example, a portscan was flagged up, but identified as a syn flood attack and a collection of attacks against non-existent services. So a very basic scan appeared as a major incident in the log. We like to see scans logged, but not to this scale.
Some parts of the interface, particularly information and help screens, are actually framesets pointing to SonicWALL’s own servers. This ensures up-to-date data, but if the unit is internal and has no internet connection, this will cause problems.
Basic firewall and VPN tasks were all accomplished with ease, but the interface could be slow. Some very basic bandwidth limiting is provided, as well as 802.1p for traffic prioritization.
You also get AV, IPS (although no policies are included out of the box and must be downloaded), email and content filtering. An anti-spyware feature is also included. Integration with SonicWALL’s wireless security products is welcome, integrating rogue AP detection into the UTM management interface.