SonicWall NSa Review

Unstable, expensive, and technical support is too slow to respond

What is our primary use case?

We primarily use the solution from our firewall endpoint VPN. It does have a spam filter, SSL, DPI, and numerous other security features. We've got the full license suite.

What is most valuable?

The DPI-SSL is the solution's most valuable aspect. It's handy. It's nice.

The scalability is okay.

The initial implementation isn't too bad, once you get used to the process.

What needs improvement?

We're not happy with the device itself. We're obviously moving away from it for a reason that they're a Swiss pocket-knife of devices and they do a lot. However, nothing is really done well. They don't specialize in one thing that they excel at. They try instead to do almost everything and end up failing.

We're not particularly fond of the way it generally performs. We are finding ourselves rebooting often. There are freeze-ups and that kind of thing. The stability needs to improve exponentially.

Technical support is pretty slow to respond and escalate matters.

The cost of the solution is quite high.

The solution could use an invisible DPI-SSL or something that doesn't require a certificate rewrite. Most of the other vendors are doing that now. 

The SSL VPN performance-wise is terrible.

For how long have I used the solution?

We've been using the solution for about three years at this point.

What do I think about the stability of the solution?

The stability isn't the best. It freezes. We have to reboot a lot. The device just doesn't work very well.

What do I think about the scalability of the solution?

The scalability is okay, It's marginal, however, it is possible.

We have about 300 people on-premises that use the solution.

How are customer service and technical support?

We've been in touch with technical support, ad currently, we find them to be below average in their support capabilities. Firewall support is just adequate. Right now, with COVID and everything, you are looking at 45 minutes to an hour to get the first technician on the phone. Often it takes two or three days to get it escalated. It's slow.

Which solution did I use previously and why did I switch?

I personally previously used Cisco devices at another company, and therefore I have some experience with them. 

We're currently migrating away from this solution at the moment. We do not like the way the device performs.

How was the initial setup?

In terms of deployment, there is a bit of a learning curve right off the top, as I come from a Cisco ASA background. It's more object-based, a little bit different. Once you get the knack of it, it's actually pretty nice in some ways.

That said, operationally, I would recommend anybody that deploys one of these to make sure they develop their own SOP for naming conventions, for objects, object groups, object types, service groups, service objects, et cetera, so that it's easier to manage and understand what you're doing. Generally speaking, it's just a best practices kind of process for administrative work. If you've got multiple admins, it's important that everything is contiguous, meaning everybody understands and works under that same parameters. It's like any other operating environment.

In terms of maintenance, there are two of us that generally manage it and maintain it on a fairly regular basis. I'm a network engineer and the department manager, who's not a system engineer, (however, is well-versed), also can perform maintenance as needed.

What about the implementation team?

We handled the implementation in-house. We did not need an integrator or consultant to assist us.

What's my experience with pricing, setup cost, and licensing?

While I don't know the exact amount off the top of my head, I would estimate the licensing package was about $15,000 to $20,000 a year.

Your original purchase includes the purchase of the hardware, licensing, and support. It's not a cheap device. 

What other advice do I have?

We are customers and end-users.

We are currently using the NSA 4600. It's a full security appliance. We're using the latest version of the solution.

It's our primary firewall/VPN endpoint. It's used 24/7, 365. Due to the nature of our work, uptime is critical.

Ultimately, if you were to ask me if I were to recommend this device, I would say no.

I'd rate the solution at a three out of ten, simple due to the fact that the stability isn't there, and it's an expensive solution.

Which deployment model are you using for this solution?

**Disclosure: I am a real user, and this review is based on my own experience and opinions.
More SonicWall NSa reviews from users
...who work at a Manufacturing Company
...who compared it with Fortinet FortiGate
Learn what your peers think about SonicWall NSa. Get advice and tips from experienced pros sharing their opinions. Updated: July 2021.
522,281 professionals have used our research since 2012.
Add a Comment
ITCS user