SonicWALL PRO 5.0.0
- By Chip Andrews
Up to this point, we’ve been discussing software-based firewall
products. SonicWALL takes a different approach, offering hardware
devices that serve as firewalls: in this case, the SonicWALL PRO
5.0.0. Known as an Internet security appliance, the SonicWALL box
provides a solid firewall with stateful packet inspection, NAT,
application proxy, DHCP, content filtering, and VPN features.
Once installed, the SonicWALL box is easily configured via a Web
browser, and offers more options than most of the software-only
products I’ve used. The interface is so intuitive that I never
used SonicWALL’s online help, though I eventually checked it
out and found it to be excellent. Firmware updates to the box are
downloaded from the Internet and take only seconds to complete.
You can even import and export SonicWALL settings for a large-scale
deployment or in case of an emergency.
If I do have a gripe about SonicWALL, it has to do with initial
installation. The PC host must be temporarily reconfigured to the
SonicWALL device’s IP address range. Once this is complete,
you can connect to and configure the SonicWALL box, then reconfigure
the PC host. I find this to be a hassle and hope that SonicWALL
considers trying some other approaches, such as having the SonicWALL
device temporarily act as a DHCP client and display its IP address
via an integrated LCD.
The SonicWALL PRO features an intuitive and functional
Web-based interface. (Click image to view larger version.)
In stress testing, the SonicWALL PRO holds up well under denial-of-service
attacks. Alerts are forwarded to an email account so a network administrator
can quickly react. As a bonus, I found the SonicWALL box even includes
a Web filter for controlling access to certain sites. Also, the
addition of a Java/ActiveX filter means you can actually institute
a usage policy that before might have seemed impossible to enforce.
If you’re looking for a no-nonsense, solid, and easy firewall
solution, you’ll be hard-pressed to find a better package than
the SonicWALL device.
Chip Andrews, MCSE+I, MCDBA is a software security architect at (Clarus Corp.). Chip maintains the (sqlsecurity.com) Web site and speaks at security conferences on SQL Server security issues.