Review: SonicWALL NSA E5500
Calling the SonicWALL NSA E5500 a mere network security appliance is akin to calling the Batmobile a compact car. Designed to be an interface between your network and the outside world, the device can play every role needed to do that securely. Yes, it’s a firewall, an intrusion prevention system and a content-filtering appliance, but it’s also a gateway router that can handle Wi-Fi and Voice over IP traffic. In short, the E5500 should protect organizations of almost any size against almost anything.
It’s probably easier to describe what the E5500 doesn’t do than what it does. For example, it doesn’t make coffee. But it does perform stateful packet inspection, meet your VPN needs and support site-to-site tunnels and IPv6. The SonicWALL appliance can also be configured to allow or block virtually any application on a very granular level. So if you want to turn off instant messaging for a workgroup, you can.
The primary advantage of the SonicWALL E5500 is flexibility. There’s almost nothing that you can’t accomplish in terms of network security. The E5500 supports every network protocol that I could send over it, from HTTPS to VoIP. It handles secure connections and encrypted backup traffic, and it supports at least one service that’s not even listed on the extensive spec sheet — Global System for Mobile communication (GSM) over IP. I was able to use this service to make calls through the firewall using a Unlicensed Mobile Access connection to a Wi-Fi access point.
There are several options available for the appliance that we didn’t test, including deep packet inspection and support for up to 750,000 connections. Some features, such as gateway antivirus and content/URL filtering are optional. But they’re available, which reduces the number of appliances needed in the data center, which in turn eases operations.
Why It Works for IT
While management of the E5500 can be tedious, for the most part this device will simplify things for the IT staff. Because the SonicWALL E5500 can act as a primary network interface to the outside world, there is no need for a separate gateway router, firewall, intrusion prevention system or wireless controller, and IT groups won’t need to be trained to support a wide variety of different software and appliances.
3.9 gigabits per second
Stateful throughput of the SonicWALL NSA E5500
In addition, the E5500 supports failover. If one of these devices dies (or loses power or network connectivity), another E5500 in standby mode instantly takes over. Everything — all of the management settings, the VPNs and routing — will have already been synced to the standby machine. The failover is instantaneous and seamless.
Of course, there is a lot to learn about the device, but the excellent reporting and the logical operation of the management interface make this as easy as it’s likely to be, considering the number of things that can be managed. There are two management interfaces: an LCD on the device front for solving simple problems; and a web interface with a main status screen that shows activities of the appliance in real time and a dashboard that provides a broader opportunity to keep tabs on the device.
The extreme flexibility of the E5500 means that there’s a lot to learn, and the documentation that comes with it, especially the initial “Getting Started” guide, is less than user-friendly. There are so many options available that it takes some studying to understand what you really need to do.
However, in basic operation, the E5500 is almost plug-and-play, so it’s only the advanced operations that require deep technical knowledge to make them work.
It wasn’t long ago that network security interfaces were separate, single-purpose devices. You had a firewall, then an intrusion prevention system, then a content-filtering appliance. These devices have now merged into single products that do everything. There are a number of reasons for this, but ultimately they boil down to reduced costs and reduced staff time.
Costs are reduced because you only have to buy one device, of course, but also because you need to devote less data center real estate to security than previously. You also don’t need as much power and cooling for one device as you would for several. And while managing these devices is more complex than managing any single device might be, you still have to learn to manage only one device. Ultimately that translates into reduced learning time and a lower cost.