Re: SonicWall

[James Neal - HandiCAT <neal () ee pdx edu>]

In message <013701bf6d72$f8785c00$e80a78c1 () esat net>you write:
> Can anybody body give me any information regarding the SonicWall range =
> of firewalls. I am particularly looking at the pros and cons.

Well, the pros are it's pretty inexpensive.

The cons list is a tad bit longer. We've spent the last two months with
a SonicWall PRO sitting between us and the Internet (after an
ill-advised, and ill-received upgrade).

        Con #1: Any rule change necessitates a reboot of the device,
        dropping all active connections to the Internet.

        Con #2: The configuration file isn't in a user-edititable form.
        You _must_ configure this thing through the web interface.
        Though you can then backup the configuration file, it's in an
        encrypted format.

        Con #3: No secure configuration interface.  Not even an
        SSL-capable webserver.

        Con #4: Extreme flakiness.  1:1 NAT often _just stops
        working_.  The packet enters the box, but then never leaves.
        To get it to work again we have to ping the inside box _from
        the sonicwall_.  That fixes it for about 20 minutes.

        Con #5: Poor logging.  What happened to the packet in #4?  Who
        knows; nothing shows up in the logs.

        Con #6: Poor support.  Email only.  A heck of a lot of good
        that does you when you're firewall is busted.

There's others, but I'd like to give Sonic the chance to address them
before posting them to a public forum. 

-James