Story image

Hands-on review: Dell SonicWall TZ600

16 Aug 2016

The SonicWall TZ600 security appliance is designed for medium-sized businesses. It’s ideal for those wanting network security without paying the GDP of Ghana to get it. It offers powerful but flexible security that doesn't need a degree in rocket science. 

In addition to the TZ600's raw horsepower, it brings wireless management to the party.

What’s in the box?

The TZ600 looks like a generic network appliance given its slim-line rectangular box-like shape. It packs ten Gigabit ports for LAN, WAN, DMZ and WLAN connectivity. It can handle up to 70 users thanks to its 1GB of memory and quad-core 1.4GHz MIPS64 Octeon CPU. 

Depending on where you shop, the TZ600 costs around $4,000. That may give some CEOs pause for thought, but it includes the TZ600 and 12 months of Web Filtering, Intrusion Prevention, Gateway Anti-virus, Gateway Anti-malware, Application Control, Support and Maintenance. For an extra $560, TotalSecure Advanced Threat Prevention Service is also available. It also provides application intelligence and control, putting it into the must-buy category.

Bells and Whistles

Not content with providing industrial strength security, the TZ600 also has wireless management capabilities. These can handle up to 24 SonicPoint access points for secure wireless coverage.

For ME’s without dedicated IT people, setting up a security appliance can seem daunting, but deployment with the TZ600 is as simple as plugging everything in as per the quick-start guide and firing up the quick-start wizard. This sets up the first LAN port and a WAN port for Internet access as well as applying security policies. The web admin console uses zoning. This allows selected ports to be in different zones, and individual security policies can be applied to members in each zone.

In practice, this means that it is possible to determine what traffic can pass through each zone. By default, LAN ports are trusted. The WAN port remains untrusted. This means no traffic passes from the WAN to another zone unless permitted by a rule.

New zones automatically get firewall rules set up. In use it manages that oh-so-difficult combination of being both intuitive and powerful at the same time. The TZ600 also has Deep Packet Inspection. This can identify and control applications without any noticeable performance hit.

The TZ600’s App Controls are likely to appeal to most MEs as they’re both intuitive and powerful. I was able to manage a range of application categories including FTP or HTTP requests. I could block access or even just limit bandwidth. There’s also a tonne of more advanced controls which use signatures to identify specific activities.

The TZ600 comes with 1,500 signatures pre-bundled. These allow it to spot Facebook likes, pokes or posts. These can be blocked, logged (or dare I say it, allowed). Signature policies can be applied to groups of users and IP addresses. They can even link to a schedule, allowing staff to use Facebook at lunchtime but not on the company's dime.

Verdict

With ransomware, hacks and other cyber nasties giving businesses unexpected bouts of celebrity media status, not to mention uncontrolled Internet access and its impacts on productivity, there are plenty of reasons to invest in a decent security appliance. The TZ600 mightn’t be cheap, but it is both powerful and intuitive. Then again what price would you put on having good IT security policies in place?

Slack doubles down on enterprise key management
EKM adds an extra layer of protection so customers can share conversations, files, and data while still meeting their own risk mitigation requirements.
NVIDIA introduces a new breed of high-performance workstations
“Data science is one of the fastest growing fields of computer science and impacts every industry."
Apple says its new iMacs are "pretty freaking powerful"
The company has chosen the tagline “Pretty. Freaking powerful” as the tagline – and it’s not too hard to see why.
NZ ISPs issue open letter to social media giants to discuss censorship
Content sharing platforms have a duty of care to proactively monitor for harmful content, act expeditiously to remove content which is flagged to them as illegal.
Partnership brings AI maths tutor to NZ schools
“AMY can understand why students make a mistake, and then teach them what they need straight away so they don't get stuck."
Polycom & Plantronics rebrand to Poly, a new UC powerhouse
The name change comes after last year’s Plantronics acquisition of Polycom, a deal that was worth US $2 billion.
Unencrypted Gearbest database leaves over 1.5mil shoppers’ records exposed
Depending on the countries and information requirements, the data could give hackers access to online government portals, banking apps, and health insurance records.
Mozilla launches Firefox Send, an encrypted file transfer service
Mozille Firefox has launched a free encrypted file transfer service that allows people to securely share files from any web browser – not just Firefox.