Review: SonicWALL NSA E5500

Calling the SonicWALL NSA E5500 a mere network security appliance is akin to calling the Batmobile a compact car. Designed to be an interface between your network and the outside world, the device can play every role needed to do that securely. Yes, it’s a firewall, an intrusion prevention system and a content-filtering appliance, but it’s also a gateway router that can handle Wi-Fi and Voice over IP traffic. In short, the E5500 should protect organizations of almost any size against almost anything.

It’s probably easier to describe what the E5500 doesn’t do than what it does. For example, it doesn’t make coffee. But it does perform stateful packet inspection, meet your VPN needs and support site-to-site tunnels and IPv6. The SonicWALL appliance can also be configured to allow or block virtually any application on a very granular level. So if you want to turn off instant messaging for a workgroup, you can.

Advantages

The primary advantage of the SonicWALL E5500 is flexibility. There’s almost nothing that you can’t accomplish in terms of network security. The E5500 supports every network protocol that I could send over it, from HTTPS to VoIP. It handles secure connections and encrypted backup traffic, and it supports at least one service that’s not even listed on the extensive spec sheet — Global System for Mobile communication (GSM) over IP. I was able to use this service to make calls through the firewall using a Unlicensed Mobile Access connection to a Wi-Fi access point.

There are several options available for the appliance that we didn’t test, including deep packet inspection and support for up to 750,000 connections. Some features, such as gateway antivirus and content/URL filtering are optional. But they’re available, which reduces the number of appliances needed in the data center, which in turn eases operations.

Why It Works for IT

While management of the E5500 can be tedious, for the most part this device will simplify things for the IT staff. Because the SonicWALL E5500 can act as a primary network interface to the outside world, there is no need for a separate gateway router, firewall, intrusion prevention system or wireless controller, and IT groups won’t need to be trained to support a wide variety of different software and appliances.

In addition, the E5500 supports failover. If one of these devices dies (or loses power or network connectivity), another E5500 in standby mode instantly takes over. Everything — all of the management settings, the VPNs and routing — will have already been synced to the standby machine. The failover is instantaneous and seamless.

Of course, there is a lot to learn about the device, but the excellent reporting and the logical operation of the management interface make this as easy as it’s likely to be, considering the number of things that can be managed. There are two management interfaces: an LCD on the device front for solving simple problems; and a web interface with a main status screen that shows activities of the appliance in real time and a dashboard that provides a broader opportunity to keep tabs on the device.

Disadvantages

The extreme flexibility of the E5500 means that there’s a lot to learn, and the documentation that comes with it, especially the initial “Getting Started” guide, is less than user-friendly. There are so many options available that it takes some studying to understand what you really need to do.

However, in basic operation, the E5500 is almost plug-and-play, so it’s only the advanced operations that require deep technical knowledge to make them work.