I’m currently looking at sonicwall as a local endpoint for my regional offices (30+). Most sites are on bad connections so throughput doesn’t much matter. And most offices average at about 5 people on any given day. I will be doing site-to-site VPNs. All client side VPN access will be done at HQ and if we go the sonicwall route is looking like an NSA 2600.
While I hear Palo make some great stuff, budget is a concern as I will be buying 30+ units. I’m basically looking for does sonicwall suck, if so, how bad, and who would you recommend that is priced similarly? Our parent organization has a very large customer base with Dell so I do not think that I will have a problem getting support escalations if that is a concern.
Edit: Thanks for the input everyone. I was worried that I’d hear they’re completely terrible. At least they are worthy of a proper look. I’ll probably look at fortigate as well, like some others mentioned.
Sonicwall products don’t suck. Their support does. What does that mean? When something goes wrong be prepared to work your way through the problem with them. Very rarely have they ever ‘just fixed something’.
The plus is their price point. I have yet to find something in the NSA2600 family for a similar price.
As someone else said, SonicWall support suck. At the Dell Canadian Partner Summit, I spoke with someone in charge of the integration of what Dell calls “Dell Software” which includes SonicWall in the Dell ProSupport model. It is a work in progress, hopefully completed in 2015.
But the appliances are great, they do a wonderful job, and the price is unbeatable.
If you plan to use SSL-VPN, I would STRONGLY suggest using SRA Virtual Appliance, and not the SSL-VPN in the NSA.
The worst thing about Sonicwall is having been bought out by Dell… I actually really like their product line. I absolutely hate having to deal with support. I find it easier to fight through problems myself rather than call for help. Dollar for dollar, there is nothing better (in my opinion).
We are happy with our Sonicwall . For a firewall it does the job. We do not use extra feature like filtering , anti spam etc … .Just firewall.
The only drawback is their built in SSL VPN which can not compete with our dedicated SSL VPN solution , it is quite unstable.(sometimes you can not connect … sometimes you can … ) .
I haven’t use their higher end products much (NAS), but can’t stand their TZ series. I used to use them for branch-offices, but they proved less reliable for me than a bloody linksys wrt54g. In fact, I started replacing TZ’s with WRT’s in the recession when I had no budget. They worked far better. At least I wasn’t rebooting every branch office device 2-3 times a day.
Sophos/Astaro is my standby that has treated me well for almost a decade now. They do everything well. Their RED solution is still the best boVPN solution on the market, IMO.
50+ SonicWall owner here, they’re pretty solid products. Support, as others have mentioned, is sort of hit and miss when it comes to quick solutions. Don’t be afraid to demand an escalation if the first tech can’t resolve it in 20 min.
I loathe sonicwalls. I can’t elaborate how terrible I find their interface to be. We have so many bad experiences with them that we’re systematically replacing every single one we manage.
They’ve been summed up pretty well so far–not a bad product in themselves, but not great support. I’m using a pair of NSA2400’s in HA at one site and a TZ-205 at another. Neither has had any major issues. They’re easy to configure, we have 12+ site-to-site VPNs running over a Charter fiber line to the NSA2400’s. As many have said, the SSL-VPN has been the main issue, but my complaints have been regarding the trouble getting the Java or ActiveX client loaded on users’ computers, or HTML5 not working like it’s supposed to. NetExtender has been rock-solid in my experience. I’m also using content filter, gateway anti-virus, and intrusion prevention on both the NSA and the TZ. I’ve been pretty happy with the whole setup.
So, if you’re wondering, yes, I’d recommend them. Ease of configuration has been the big positive for me. Feel free to PM if you ever have any questions.
I’ve been working with Sonicwalls for years, Ever since dell bought them the support (in my opnion) has gone downhill.
If you have a relationship with a IT consulting company that is a Dell partner it would assist in support issues. The last consulting company I worked with was a Gold Partner with SonicWall then a preferred with Dell when it was bought out. We got preferential treatment with support (sometimes), and got training for the product, which got me certified in most of their products. So having a consultant who is a dell partner can sometimes be a huge benefit as they can take care of the more complicated issues (if they arise).
I have about 30 SonicWALL’s deployed at my current gig. Bunch of TZ-205’s and TZ-215’s at branch offices, an NSA 240 at a 35 person regional office, NSA 2400 at 100 person corporate office and a pair of NSA3500’s at our colocation. Mix of firmware 5.8 and 5.9. Everything works as expected. There’s been a few quirks here and there but the use is pretty basic. site-to-site IPsec VPN and Firewall only. A few devices have web filtering enabled but that’s it for UTM features, so I don’t push processor heavily. I messed with SSL VPN but don’t use it as I have a Juniper MAG for that purpose. The handful of times we’ve needed support, response was decent. Don’t rely on submitting tickets online, you must call.
I was using SonicWALL for my SMB customers in my side business but have since switched to FortiGate’s. Most of them are using UTM features and the FortiGate price model is much better than the a la carte model from SonicWALL. FortiGate’s SSL VPN features are better than SonicWALL IMO. I’ve only used support for some Q&A so it was low priority and it had a 24 hr turn-around time, which I find perfectly acceptable for Q&A purposes. Have had no need for mission critical support as of yet.
I used to use Sonicwall’s. When it came time to replace my nsa3500 we went with Fortigate.
I actually prefer the Fortigate, though I have yet to actually call support.
One thing I ran into with the Sonicwall is that it just wouldn’t work on a DSL connection in one of our Branch offices. I guess it just didn’t believe that the bandwidth was actually that bad? We ended up upgrading them to cable internet eventually (small office, less than 10 users, usually less than 5).
I’ve found that Sonicwall support only cares if you have a current contract, otherwise they don’t really respond to escalations (though you sound like a bigger Dell customer, so YMMV). I’ve definitely spent a lot of time with them, sometimes they fixed it fast, sometimes it takes FOREVER.
Used to work for a company that sold and installed Sonicwall for about 12 years. Now I admin a network that uses NSA 3500. I’ve always liked them. Content filtering isn’t that great, but works ok for the price compared to other stuff. I’ve only setup SSL VPN a few times and yes, I did struggle with some client issues. Their VPN client is solid, site-to-site VPN is very reliable and they are good firewalls. The Analyzer software kinda sucks but it is better than nothing.
I’ve called support a few times, but I worked for a company who had ‘gold’ status and we always got directly to the higher level techs. They never give up until they help you resolve the issue, but it could take days.
Be very wary of Sonicwall’s support. Our SRA4600 died after 9 months in production (also not great) and we arranged an RMA. The new unit arrived promptly (brilliant) and went straight into production to replace the dead one.
What is less fantastic, however, is the fact that three months down the line, the spike license we purchased for the original unit has still not been applied to the new unit. I have spent the last 12 weeks jumping through the most retarded of hoops with no end in sight.
We’ve only had a few problems with our Sonicwalls, once with licensing because one organization’s license renewal went to the wrong device and they needed to be switched and then later switched back, and numerous times with load balancing not failing over to a backup internet connection when the primary goes down. However! This hasn’t affected all of our clients so it may simply be a bad config on our part
For the price point and our uses, they’ve been pretty alright. We use them for…
Content filtering for which the UI is convoluted to find where you do the actual adding/removing of sites
Site-to-site VPNs which work fine
The network monitoring could be a bit better particularly the real-time monitor which is not super clear about what a particular hog of bandwidth actually is since it shows the protocol in use not the application/user/device; doesn’t sound that bad to some people I’m sure but these are geared for small/medium businesses where the admins may not have the in-depth knowledge to peg an esoteric protocol to its function or application
The Sonicpoint wireless is good since you set a profile and any new devices get that config automatically
The settings import/export and firmware updates are pretty easy
DHCP which works pretty much as you would expect, no problems there
The logs are nice when actively dealing with a problem since it can update in real-time as events occur
Other than that… the support is not the greatest but that is not really unexpected for anyone that deals with tech support for any large enterprises like HP or Dell. They’re not bad devices at all for the price point