SonicWall ConsultingSonicWall has over two decades of experience developing firewall and VPN products. SonicWall currently offers an extensive selection of physical and virtual firewalls and security services to provide integrated threat defense for small and home offices, midsize businesses, distributed enterprises, and large data centers. SonicWall offers subscription-based security services to augment the protection built into SonicWall's portfolio of next-generation security appliances, which include SonicWall's TZ, NSa, and NSsp'Series firewalls.

SonicWall Firewalls Consultants

Progent has delivered online and onsite cybersecurity consulting expertise for 20 years and has experience with both new and legacy firewall and VPN products from SonicWall. Progent's certified SonicWall technology experts and network security professionals can help you maintain and manage your legacy SonicWall firewalls or plan and carry out an efficient migration to SonicWall's next generation security gateways.

SonicWall's Next Generation Firewalls Supported by Progent
SonicWall's current family of desktop and rackmount Unified Threat Management (UTM) firewall appliances offer the performance, protection, scale and cost to match virtually any deployment scenario and budget. These firewalls are powered by SonicWall's SonicOS operating system and allow consistent centralized management and easy deployment. In addition, these next-generation firewalls all work with SonicWall's subscription-based add-on security services, which are available as affordable bundles and which provide the full range of malware defense, management, monitoring, and reporting features required in today's increasingly challenging threat landscape.

SonicWall's Comprehensive Gateway Security Suite offers core services in a single package. Services include:

  • Gateway Anti-Virus: SonicWall's dynamically updated cloud database continuously delivers malware signatures, derived from global threat intelligence, to SonicWall firewalls in order to block modern threats in real time. Dynamic updates prevent the installation of new malicious spyware and identifies and disrupts existing spyware communications.
  • Intrusion Protection Service (IPS): All network traffic is scanned for malicious or suspicious patterns to protect against worms, trojans, software vulnerabilities and other threats.
  • Application Control: Fine-grained control for classifying business and non-business associated apps allows you to define application access policies and control enforcement.
  • Content Filtering Services (CFS): Content Filtering Services (CFS) allow you to define and enforce policies on Internet usage so you can restrict access to undesirable web content. A dynamic rating architecture cross references locally requested websites with a cloud database that collects millions of rated URLs, IP addresses, and domains and compares each rating to your specified local policy settings.
SonicWall's Advanced Gateway Security Suite provides all the services included with the Comprehensive Gateway Security Suite and adds Capture Advanced Threat Protection (Capture ATP) for defending against unknown and zero-day attacks such as new variants of ransomware. With Capture ATP, your SonicWall firewall automatically sends suspicious files to the SonicWall Capture ATP Cloud for analysis while your security gateway waits for a verdict. File types supported include executables, DLL, PDFs, Office documents, archives, JAR, and APK. Capture ATP supports multiple operating systems including Windows and Android. Cloud analysis utilizes SonicWall's Real-Time Deep Memory Inspection (RTDMI) in-memory sandboxing, full system emulation, and virtualization techniques to identify potentially harmful behavior.

Once a verdict is determined in the cloud, files being held at the gateway are either blocked or sent on. If a file shows evidence of malicious code, Capture ATP Cloud immediately sends a signature to SonicWall firewalls subscribed to the Capture APT service to block follow-up attacks. Meanwhile, the malware is submitted to SonicWall's Capture Labs research group for more extensive analysis and for inclusion in the Gateway Anti-Virus and IPS signature databases. The threat information is also submitted to reputation databases for blacklisted URLs, IP addresses, and domains.

SonicWall's Capture ATP service includes a threat analysis dashboard plus reports that display the results of the analysis performed on files sent to the service. Details reported include source and destination as well as specifics about the malicious activity the intercepted malware was intended to perform. You can customize protection by specifying file type, file size, sender, recipient or protocol of files to be sent to or excluded from Capture ATP analysis. You can also submit files manually.

SonicWall Security Services Consultants

SonicWall's Capture ATP service protects against unknown and zero-day attacks like new variants of ransomware

SonicWall's TZ Series Firewalls
SonicWall's TZ series firewalls are desktop units designed for use in home offices, branches, small offices, midsize businesses, or distributed enterprises. TZ series firewalls feature high-speed TLS/SSL decryption and inspection, zero-touch remote deployment, 3G/4G failover for high availability, and IPv4/IPv6 support. TZ appliances allow IPSec VPN for site-to-site connectivity and SSL VPN and IPSec client remote access. The devices offer centralized management, reporting, licensing, and analytics via SonicWall's cloud-based Capture Security Center. TZ series firewalls work with all subscription services bundles from SonicWall including the Advanced Gateway Security Suite. Supported low-cost transport technologies for wide-area networking include Ethernet, DSL, Cable, 3G, and 4G.

SonicWall TZ300 Firewall ConsultantsThe entry-level SonicWall TZ300 firewall has five 1Gbe LAN switch ports, including two PoE ports or a single PoE+ port, plus a USB expansion port. The appliance delivers firewall throughput of 750 Mbps, threat prevention throughput of 235 Mbps, and IPS throughput of 300 Mbps. The firewall can handle up to 100,000 concurrent connections, 5,000 connections/sec, and 10 VPN tunnels. Integrated 802.11ac Wi-Fi is optional. The SonicWall TZ350 has the same I/O options and supports firewall throughput of 1.0 Gbps, threat prevention throughput of 335 Mbps, and IPS throughput of 400 Mbps.

The SonicWall TZ400 firewall has seven 1Gbe LAN switch ports (none with PoE) and a USB expansion port. The appliance delivers firewall throughput of 1.3 Gbps, threat prevention throughput of 600 Mbps, and IPS throughput of 900 Mbps. The firewall can handle up to 150,000 concurrent connections, 6,000 new connections/sec, and 20 VPN tunnels. Integrated 802.11ac dual-band wireless is optional. The SonicWall TZ500 firewall has eight integrated 1Gbe ports and two USB expansion ports. The unit delivers firewall throughput of 1.4 Gbps, threat prevention throughput of 700 Mbps, and IPS throughput of 1.0 Gbps. The firewall can handle 150,000 concurrent connections, 8,000 new connections/sec, and 25 VPN tunnels. The firewall supports Active/Standby high availability with stateful synchronization.

SonicWall TZ600 Firewall ConsultantsThe SonicWall TZ600 has eight integrated 1Gbe ports and two USB expansion ports, The security gateway delivers firewall throughput of 1.9 Gbps, threat prevention throughput of 800 Mbps, and IPS throughput of 1.2 Gbps. The firewall can handle 150,000 concurrent connections, 12,000 new connections/sec, and 50 VPN tunnels. Four of the eight switch interfaces on the SonicWall TZ600P firewall have PoE/PoE+ and the firewall includes an expansion slot. All TZ600 series firewalls support Active/Standby high availability with stateful synchronization.

SonicWall's NSa Series Firewalls
SonicWall's NSa series firewalls are high-performance, 1RU rack mountable security gateways intended for deployment in environments ranging from mid-sized networks to distributed enterprises and data centers. All NSa series firewalls include multiple high-speed switch ports, a 1Gbe management port, dual USB ports, and built-in SSD storage. All versions support Active/Standby high availability with stateful synchronization, and all feature full H323-v1-5 and SIP support for VoIP.

SonicWall NSa 2650 Firewall ConsultantsThe SonicWall NSa 2650 firewall has four integrated 2.5GbE SFP ports, four 2.5GbE ports, 12 1GbE ports, and a 16 GB storage module. The NSa 2650 delivers firewall throughput of 3.0 Gbps, threat prevention throughput of 1.5 Gbps, and IPS throughput of 1.4 Gbps. The firewall supports a max of 1,000,000 concurrent connections, 14,000 new connections/sec, and 1,000 VPN tunnels. The SonicWall NSa 3650 firewall has two integrated 10GbE SFP+ ports, eight 2.5GbE SFP ports, four 2.5GbE ports, 12 1GbE ports, and a 32 GB storage module. The NSa 3650 supports firewall throughput of 3.75 Gbps, threat prevention throughput of 1.75 Gbps, and IPS throughput of 1.8 Gbps. The firewall supports up to 2,000,000 concurrent connections, 14,000 new connections/sec, and 3,000 VPN tunnels.

The SonicWall NSa 4650 firewall has two integrated 10GbE SFP+ ports, four 2.5GbE SFP ports, four 2,5GbE ports, and 16 1GbE ports, optional dual power supplies, and a 32 GB storage module. The NSa 4650 delivers firewall throughput of 6.0 Gbps, threat prevention throughput of 2.5 Gbps, and IPS throughput of 2.3 Gbps. The firewall supports up to 3,000,000 concurrent connections, 40,000 new connections/sec, and 4,000 VPN tunnels. The SonicWall NSa 5650 firewall has two built-in 10GbE SFP+ ports, two 10GbE ports, four 2.5GbE SFP ports, four 2,5GbE ports, and 16 1GbE ports, optional dual power supplies, and a 64 GB storage module. The NSa 5650 supports firewall performance of 6.25 Gbps, threat prevention throughput of 3.4 Gbps, and IPS throughput of 3.4 Gbps. The firewall supports up to 4,000,000 connections, 40,000 new connections/sec, and 6,000 VPN tunnels. The SonicWall NSa 6650 firewall has two built-in 10GbE SFP+ ports, two 10GbE ports, four 2.5GbE SFP ports, four 2,5GbE ports, and 16 1GbE ports, optional dual power supplies, triple fans, and a 64 GB storage module. The NSa 6650 supports firewall performance of 12.0 Gbps, threat prevention throughput of 5.5 Gbps, and IPS throughput of 6.0 Gbps. The firewall supports a maximum of 5,000,000 connections, 90,000 new connections/sec, and 8,000 VPN tunnels.

SonicWall NSa 9650 Firewall ConsultantsThe SonicWall NSa 9250 firewall has 10 built-in 10GbE SFP+ ports, two 10GbE ports, eight 2.5GbE ports, eight 1GbE ports, an LCD display, dual power supplies, triple fans, plus a 1 TB and a 128 GB storage module. The NSa 9250 delivers firewall throughput of 12.0 Gbps, threat prevention throughput of 6.5 Gbps, and IPS throughput of 7.2 Gbps. The firewall supports a max of 7,500,000 concurrent connections, 90,000 new connections/sec, and 12,000 VPN tunnels. The SonicWall NSa 9450 firewall has the same integrated features as the SonicWall NSa 9250 and delivers firewall performance of 17.1 Gbps, threat prevention throughput of 9.0 Gbps, and IPS throughput of 10.2 Gbps. The firewall supports up to 10,000,000 concurrent connections, 130,000 new connections/sec, and 12,000 VPN tunnels. The SonicWall NSa 9650 firewall has the same integrated features as the SonicWall NSa 9250 and NSa 9450 except for a larger storage module. The NSa 9650 delivers firewall performance of 17.1 Gbps, threat prevention throughput of 9.4 Gbps, and IPS throughput of 10.3 Gbps. The firewall supports up to 12,500,000 concurrent connections, 130,000 new connections/sec, and 12,000 VPN tunnels.

SonicWall's NSsp 12000 Series Firewalls
SonicWall NSsp 12000 Firewall ConsultantsSonicWall's NSsp 12000 series firewalls are top-of-the-line 4U rack mountable security appliances designed for large distributed enterprises, data centers, and service providers. The devices feature multiple 40-GbE and 10-GbE interfaces, redundant power supplies, multiple processor and storage modules, and an LCD display and controls. The SonicWall NSsp 12400 firewall includes four integrated 40GbE QSFP+ ports and 16 10GbE SFP+ ports, two 480 GB storage modules, and a processor module with 128 security processing cores. The NSsp 12400 delivers firewall throughput of 58.4 Gbps, threat prevention throughput of 33.5 Gbps, and IPS throughput of 36.8 Gbps. The firewall supports up to 40,000,000 concurrent connections, 430,000 new connections/sec, and 25,000 VPN tunnels. The SonicWall NSsp 12800 firewall has a second processor module for a total of 256 security processing cores. The NSsp 12800 delivers firewall throughput of 120.3 Gbps, threat prevention throughput of 67.5 Gbps, and IPS throughput of 73 Gbps. The firewall supports up to 80,000,000 concurrent connections, 860,000 new connections/sec, and 25,000 VPN tunnels.

SonicWall's Legacy Products Supported by Progent
After more than two decades as a supplier of network security technology, SonicWall has shipped more than one million appliances worldwide. Popular legacy firewall/VPN devices from SonicWall include earlier models of the TZ and NSa series as well as SonicWall's PRO family. These security appliances do not offer the performance or the range of security features available with SonicWall's next-generation firewalls.

Progent's firewall and VPN consultants are experienced in providing support for network environments that incorporate legacy SonicWall firewalls and that combine SonicWall devices with products from other vendors to create comprehensive security solutions. Progent can help you support, manage, and troubleshoot your legacy SonicWall equipment and software and can also help you assess the business case for migrating from older SonicWall products to more advanced SonicWall technology, and Progent can help you plan and carry out an efficient migration to SonicWall's next generation firewalls (NGFWs). For a description of SonicWall's legacy firewalls supported by Progent, visit SonicWall legacy firewall management, support, and migration services.

Progent's SonicWall Consulting Services
Progent's SonicWall consultants can help you select, deploy and manage SonicWall's Firewall and VPN appliances and provide training to help you manage these products. Progent's CISSP certified cybersecurity consultants and CISM certified security management consultants can help you create a complete security strategy, including written policies, and design security into your business processes.

Find out how to contact a Progent cybersecurity consultant. More topics of interest: