[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1954
  • Last Modified:

SonicWall vs cisco vpn firewall

i have 25 remote locations with 2-5 users in them. i have quotes for a cisco asa 5510 at the HQ and cisco 881 routers at remote sites. i also have a quote for Sonicwall NSA 3500 at HQ and TZ190 at remote sites. I need a VPN setup between here and sites for timeclock, and another app via browser. Can anyone offer any suggestions/insight on Sonicwall, i know nothing of them and just wanted opinions on reliablity, setup, support, etc. they are cheaper but have heard they are "better" then cisco but that is from salesy folk.....just wondering if anyone can back that up.  Any help would be greatly appreciated.
thanks
0
korymolo
Asked:
korymolo
5 Solutions
 
Kelly_WCommented:
Hello,
I would take Cisco over Sonicwall in a hear beat.  I despise the licensing for Sonicwall which you don't have with Cisco's.  I just prefer Cisco's
Thanks,
Kelly W.
0
 
MrJemsonCommented:
You also have greater control over a Cisco router as far as tailoring it to your needs.
For example you can do some weird and wonderful things with ACLs on a Cisco that you cannot do on a Sonicwall.
0
 
tl121000Commented:
if you have any say in the purchase go with Cisco...
the Cisco ASA 5510 offers quite a few features such as IPS, Web VPN, REMOTE ACCES VPN, SITE TO SITE VPN, etc, as does Sonic, but how many job descriptions for your future do yiou see ... " experience with Sonic Firewall.." no you see ".. experience in Cisco..."
ke p yourself in the game :)
 
0
 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

 
ccomleyCommented:
The big question here is, do you know and understand Cisco IOS?

If not, it's a HUGE learning  curve, whic you just don't have with the Sonic.

(Sonicwall still requires a learning process, i'm not going to try to kid you it's all simple and obvious, they're very powerful boxes and that means lots of options and learning how they interoperate)

Also, if your remote sites are 2-5 users, check out TZ150, probably more than enough, save a few quid over the 170s. Also, subject to more info on what you have at Head Office, I would suggest the 3550 is also similarly over-specc'd and you could get away with a smaller unit happily.

FINAL POINT.

If your remote access aps are web based as I infer your description to mean, you have a third option. Instead of traditional VPN, you could use SSL-VPN. This means you would need NO special software on the remote sites and no fancy firewall, just a basic cable/DSL router with built in ordinary firewall.   Moreover, you don't need to "host" the VPN sessions on the head office firewall so you can down-spec that.

e.g. again without knowing more about your head office requirement but assuming that only this app drives it,. you could run the head office with a Sonicwall TZ190TS, the remote sites with just Zyxel Prestige 661s or similar, and then add a Sonicwall SSL-VPN appliance to the head office network.

The SSL-VPN model is to provide a *secure* (by certificate, etc) pipe between the browser and the VPN appliance. Once the tunnel is established, the remote user's credentials verified, etc., then the remote user is permitted browser access to the local apps. Moreover, even if your apps require MORE than browser level access, there are still toolsets to enable wider access to the host services.

You really need to get a demo to prove that the system is good enough for your intended services. Talk to your local Sonicwall Partner for a demo of Sonicwall SSL-VPN. Or look at using, say, a Zywall USG300 which is a full firewall with SSL-VPN capability built in.

0
 
tl121000Commented:
Good answer Ccomley  --> it's a very opened ended question - it's actually research and I recommend the person submittingthe question gather facts and demos, before we can assist h/her.
0
 
korymoloAuthor Commented:
thanks for all the input...think i will setup demos of each and go from there...just wanted opionions and got that!! Thanks all!
0
 
simonbajCommented:
I have used NSA 3500's and 5510s. The SonicWall is far cheaper than the Cisco. Also its IPS/IDS/GAV/GAS is far quicker than the 5510 will ever be.

Simplicity of setup is also in favour of the SonicWall over the Cisco and so is making changes. The only advantage i see in the Cisco is that its implementation of VPN Client (software) is better than SonicWall.

Other than that we have replaced several Cisco PIX firewalls with NSA 2400/3500's and have been very happy with their performance, support, managability and reliablity. On top of this the licensing and support is approx half the cost of Cisco.
0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now