NSA 240, A Closer Look:

By Frank Ohlhorst  |  Print this article Print


Desktop-as-a-Service Designed for Any Cloud ? Nutanix Frame

The NSA 240 UTM Appliance promises to bring enterprise-class security to small and midsize business via the channel by combining all major security technologies into an easily managed device.


Normally, a device that integrates as many features as the NSA 240 would be complex to manage. SonicWall strives to reduce the complexity by offering a single management interface for all of the products features. In other words, the management of every feature can be done from a single browser session and each management screen has a common look and feel. That proves to be important to administrators new to UTM and helps to speed deployment by solution providers and integrators. SonicWall goes one-step further down the ease-of-use path by providing a significant number of setup and management wizards. Administrators will find those wizards intuitive and will help to speed deployment and reduce errors.

The NSA 240 is well constructed and well labeled. All of the ports are located on the back of the unit and each is labeled clearly. The unit features three Gigabit Interfaces and six FastEtherent interfaces. With the popularity of gigabit Ethernet growing, SonicWall should consider upgrading all ports on the unit to Gigabit speeds.

On the front, the unit offers LEDs for the status of each port, giving critical information at a glance. A nice addition would be an LCD status panel that would show alerts, loads and status. Otherwise, the metal construction of the unit and the diminutive power-brick give an indication of overall high quality.


For processing oomph, the NSA 240 relies on a dual core architecture, when combined with the firmware’s "proxy-less" deep packet inspection offers impressive throughput speeds that should not introduce latency and jitter into network and VOIP communications.


Worth noting is SonicWall’s RFDPI technology, which is able to deep scan packets in real-time, without introducing the need to disassemble and reassemble a packet for analysis. For high volume networks, that style of packet inspection offers many advantages over the traditional proxy-based packet disassembly packet scans, which add milliseconds to packet transmissions.


SonicWall puts no limits on the number of users attached to the NSA 240 and although the unit is designed for the SMB and branch office markets, the unit has the power to serve dozens of users without breaking a sweat.


Out of the box, the NSA 240 supports as many as 25 concurrent VPN sessions and is upgradable to 50 site-to-site VPN connections. Other options include Content Filtering Services, Gateway AV/SPY/IPS & Application Firewall, Comprehensive Gateway Security Suite and a Stateful HA & Expansion Upgrade. Most buyers will want to go with the Comprehensive Gateway Security Suite and bundle all of the options together for the best out-of-the-box protection. SonicWall offers a "Total Secure" version of the unit, which includes a year’s worth of Gateway Anti-Virus, Anti-Spyware and Intrusion Prevention Service, Content Filtering Service (Premium Edition) and 24x7 Support. The "Total Secure" bundle may prove to be the most economical choice for most sites.


Administrators have the ability to define policies, both comprehensive and individual, for the security services offered by the unit. Policy definition is made very simple by the intuitive interface and wizard based administration tools. The NSA 240 is priced at $1,195 and the NSA 240 Total Secure is priced $1,770.


Solution providers will appreciate the integration opportunities offered by the NSA 240 and the product's ability to make the new world of Web-based applications much safer for small businesses. The product's VPN support is a big plus for branch office deployments, where dedicated site-to-site VPNs can be set up to incorporate a branch office back into a corporate headquarters.

Frank Ohlhorst Frank J. Ohlhorst is the Executive Technology Editor for eWeek Channel Insider and brings with him over 20 years of experience in the Information Technology field.He began his career as a network administrator and applications program in the private sector for two years before joining a computer consulting firm as a programmer analyst. In 1988 Frank founded a computer consulting company, which specialized in network design, implementation, and support, along with custom accounting applications developed in a variety of programming languages.In 1991, Frank took a position with the United States Department of Energy as a Network Manager for multiple DOE Area Offices with locations at Brookhaven National Laboratory (BNL), Princeton Plasma Physics Laboratory (PPL), Argonne National Laboratory (ANL), FermiLAB and the Ames Area Office (AMESAO). Frank's duties included managing the site networks, associated staff and the inter-network links between the area offices. He also served at the Computer Security Officer (CSO) for multiple DOE sites. Frank joined CMP Technology's Channel group in 1999 as a Technical Editor assigned to the CRN Test Center, within a year, Frank became the Senior Technical Editor, and was responsible for designing product testing methodologies, assigning product reviews, roundups and bakeoffs to the CRN Test Center staff.In 2003, Frank was named Technology Editor of CRN. In that capacity, he ensured that CRN maintained a clearer focus on technology and increased the integration of the Test Center's review content into both CRN's print and web properties. He also contributed to Netseminar's, hosted sessions at CMP's Xchange Channel trade shows and helped to develop new methods of content delivery, Such as CRN-TV.In September of 2004, Frank became the Director of the CRN Test Center and was charged with increasing the Test Center's contributions to CMP's Channel Web online presence and CMP's latest monthly publication, Digital Connect, a magazine geared towards the home integrator. He also continued to contribute to CMP's Netseminar series, Xchange events, industry conferences and CRN-TV.In January of 2007, CMP Launched CRNtech, a monthly publication focused on technology for the channel, with a mailed audience of 70,000 qualified readers. Frank was instrumental in the development and design of CRNTech and was the editorial director of the publication as well as its primary contributor. He also maintained the edit calendar, and hosted quarterly CRNTech Live events.In June 2007, Frank was named Senior Technology Analyst and became responsible for the technical focus and edit calendars of all the Channel Group's publications, including CRN, CRNTech, and VARBusiness, along with the Channel Group's specialized publications Solutions Inc., Government VAR, TechBuilder and various custom publications. Frank joined Ziff Davis Enterprise in September of 2007 and focuses on creating editorial content geared towards the purveyors of Information Technology products and services. Frank writes comparative reviews, channel analysis pieces and participates in many of Ziff Davis Enterprise's tradeshows and webinars. He has received several awards for his writing and editing, including back to back best review of the year awards, and a president's award for CRN-TV. Frank speaks at many industry conferences, is a contributor to several IT Books, holds several records for online hits and has several industry certifications, including Novell's CNE, Microsoft's MCP.Frank can be reached at frank.ohlhorst@ziffdavisenterprise.com