SonicWALL is well known for its firewalls, but it is now starting to add optional functionality to the range. The model tested came with the extra-cost items of content filtering and anti-virus. Vulnerability assessment is another optional extra, but was not supplied on the review unit.
When installed, the vulnerability scanner uses NAI's CyberCop, which comprises 720 tests for known vulnerabilities and produces an HTML report showing the actual response made by the host. The whole unit is based on a security ASIC and a RISC processor to achieve a high level of performance.
The firewall that is the foundation for this appliance is an ICSA-certified stateful packet inspection engine that is highly configurable and can provide NAT. Of course, it includes an ICSA-certified IPsec VPN, which also provides user-level authentication, and is based on triple-DES or AES encryption algorithms.
SonicWALL's content filtering service uses SurfControl's CyberNOT list. However, SonicWALL's current content filter list is being upgraded in the very near future to allow for a more comprehensive database of URLs. The anti-virus uses SonicWALL's Network AV, a customized version of McAfee VirusScan ASaP that includes support for SonicWALL's gateway enforcement engine with rapid email attachment blocking, combined with McAfee's NetShield and GroupShield products.
The Attack Summary Report shows details of the attacks that have occurred, including denial-of-service attacks, port scans and other suspicious activity. Other reports can be generated to show the top ten sources of attack, the number of attacks by category and dropped packets. As with the detailed lists, the reports use pie charts and bar charts to make the information presentable and easy to understand. Similar reports may be generated for bandwidth monitoring, service traffic by protocol, FTP usage, web usage by URL, and web filtering actions by user or URL.
Installation is particularly easy and is based on a browser-based wizard application that helps you configure both the appliance and connected workstations. Management is carried out by web interface, or you can use SonicWALL's Global Management System that allows enterprise-wide central management of many firewalls. Dual redundant power supplies are fitted and the PRO 330 supports high availability for automatic failover when configured with another unit.