SonicWall Brings Next Generation Unified Threat Management to the SMB Market.

By Frank Ohlhorst

When it comes to the NSA 240 from SonicWall, perhaps the question should be "what doesn’t it do?" Built upon  the idea that all network traffic needs to be monitored and validated, the NSA relies on Re-Assembly Free Deep Packet Inspection (RFDPI) to provide Intrusion Protection, Anti-Virus, Anti-Spyware, Content Filtering, and Application Management in a single, affordable desktop appliance.


While UTM appliances are nothing new to the SMB market, the NSA 240 brings capabilities and a feature set not found in other devices. For example, the NSA 240 includes support for 3G wireless networking cards via a PC card slot in the device. That allows wireless broadband to be used for connectivity - where wired connections do not exist. 3G networking can also be used for fail over and traffic bonding. For some remote locations, such as construction job sites or undeveloped areas, the inclusion of 3G support is a must-have, bringing Internet connectivity to areas where none existed before.


Of course, other solutions exist that allow 3G wireless networks to be created, but none offer the integrated UTM capability, along with VPN support and all of the security features found in the NSA 240.


The product offers a very robust feature set and includes:

-        Deep Packet Inspection Firewall.

-        Gateway anti-virus, anti-spyware, intrusion prevention, and application firewall for perimeter and internal protection.

-        Application Firewall, business application prioritization and QoS.

-        2-core Architecture that supports 600 Mbps Stateful Packet Inspection Firewall, 150 Mbps 3DES and AES VPN Throughput, 110 Mbps Full Unified Threat Management (UTM) Inspection.

-        Three (3) 10/100/1000 Copper Gigabit Ethernet and six (6) 10/100 FastEthernet interfaces

-        Automated and Dynamic Security Updates.

-        Stateful Active/Passive Failover, ISP Failover, and WAN Redundancy

-         802.1q VLAN or SonicWALL PortShield Segmentation

-         Integrated Network Security Policy and Management.




Normally, a device that integrates as many features as the NSA 240 would be complex to manage. SonicWall strives to reduce the complexity by offering a single management interface for all of the products features. In other words, the management of every feature can be done from a single browser session and each management screen has a common look and feel. That proves to be important to administrators new to UTM and helps to speed deployment by solution providers and integrators. SonicWall goes one-step further down the ease-of-use path by providing a significant number of setup and management wizards. Administrators will find those wizards intuitive and will help to speed deployment and reduce errors.

The NSA 240 is well constructed and well labeled. All of the ports are located on the back of the unit and each is labeled clearly. The unit features three Gigabit Interfaces and six FastEtherent interfaces. With the popularity of gigabit Ethernet growing, SonicWall should consider upgrading all ports on the unit to Gigabit speeds.

On the front, the unit offers LEDs for the status of each port, giving critical information at a glance. A nice addition would be an LCD status panel that would show alerts, loads and status. Otherwise, the metal construction of the unit and the diminutive power-brick give an indication of overall high quality.


For processing oomph, the NSA 240 relies on a dual core architecture, when combined with the firmware’s "proxy-less" deep packet inspection offers impressive throughput speeds that should not introduce latency and jitter into network and VOIP communications.


Worth noting is SonicWall’s RFDPI technology, which is able to deep scan packets in real-time, without introducing the need to disassemble and reassemble a packet for analysis. For high volume networks, that style of packet inspection offers many advantages over the traditional proxy-based packet disassembly packet scans, which add milliseconds to packet transmissions.


SonicWall puts no limits on the number of users attached to the NSA 240 and although the unit is designed for the SMB and branch office markets, the unit has the power to serve dozens of users without breaking a sweat.


Out of the box, the NSA 240 supports as many as 25 concurrent VPN sessions and is upgradable to 50 site-to-site VPN connections. Other options include Content Filtering Services, Gateway AV/SPY/IPS & Application Firewall, Comprehensive Gateway Security Suite and a Stateful HA & Expansion Upgrade. Most buyers will want to go with the Comprehensive Gateway Security Suite and bundle all of the options together for the best out-of-the-box protection. SonicWall offers a "Total Secure" version of the unit, which includes a year’s worth of Gateway Anti-Virus, Anti-Spyware and Intrusion Prevention Service, Content Filtering Service (Premium Edition) and 24x7 Support. The "Total Secure" bundle may prove to be the most economical choice for most sites.


Administrators have the ability to define policies, both comprehensive and individual, for the security services offered by the unit. Policy definition is made very simple by the intuitive interface and wizard based administration tools. The NSA 240 is priced at $1,195 and the NSA 240 Total Secure is priced $1,770.


Solution providers will appreciate the integration opportunities offered by the NSA 240 and the product's ability to make the new world of Web-based applications much safer for small businesses. The product's VPN support is a big plus for branch office deployments, where dedicated site-to-site VPNs can be set up to incorporate a branch office back into a corporate headquarters.

This article was originally published on 2008-10-17