We help IT Professionals succeed at work.

SonicWall vs cisco vpn firewall

korymolo
korymolo asked
on
Medium Priority
2,126 Views
Last Modified: 2012-08-13
i have 25 remote locations with 2-5 users in them. i have quotes for a cisco asa 5510 at the HQ and cisco 881 routers at remote sites. i also have a quote for Sonicwall NSA 3500 at HQ and TZ190 at remote sites. I need a VPN setup between here and sites for timeclock, and another app via browser. Can anyone offer any suggestions/insight on Sonicwall, i know nothing of them and just wanted opinions on reliablity, setup, support, etc. they are cheaper but have heard they are "better" then cisco but that is from salesy folk.....just wondering if anyone can back that up.  Any help would be greatly appreciated.
thanks
Comment
Watch Question

Commented:
Hello,
I would take Cisco over Sonicwall in a hear beat.  I despise the licensing for Sonicwall which you don't have with Cisco's.  I just prefer Cisco's
Thanks,
Kelly W.

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts
Commented:
You also have greater control over a Cisco router as far as tailoring it to your needs.
For example you can do some weird and wonderful things with ACLs on a Cisco that you cannot do on a Sonicwall.
Commented:
if you have any say in the purchase go with Cisco...
the Cisco ASA 5510 offers quite a few features such as IPS, Web VPN, REMOTE ACCES VPN, SITE TO SITE VPN, etc, as does Sonic, but how many job descriptions for your future do yiou see ... " experience with Sonic Firewall.." no you see ".. experience in Cisco..."
ke p yourself in the game :)
 
Director
Commented:
The big question here is, do you know and understand Cisco IOS?

If not, it's a HUGE learning  curve, whic you just don't have with the Sonic.

(Sonicwall still requires a learning process, i'm not going to try to kid you it's all simple and obvious, they're very powerful boxes and that means lots of options and learning how they interoperate)

Also, if your remote sites are 2-5 users, check out TZ150, probably more than enough, save a few quid over the 170s. Also, subject to more info on what you have at Head Office, I would suggest the 3550 is also similarly over-specc'd and you could get away with a smaller unit happily.

FINAL POINT.

If your remote access aps are web based as I infer your description to mean, you have a third option. Instead of traditional VPN, you could use SSL-VPN. This means you would need NO special software on the remote sites and no fancy firewall, just a basic cable/DSL router with built in ordinary firewall.   Moreover, you don't need to "host" the VPN sessions on the head office firewall so you can down-spec that.

e.g. again without knowing more about your head office requirement but assuming that only this app drives it,. you could run the head office with a Sonicwall TZ190TS, the remote sites with just Zyxel Prestige 661s or similar, and then add a Sonicwall SSL-VPN appliance to the head office network.

The SSL-VPN model is to provide a *secure* (by certificate, etc) pipe between the browser and the VPN appliance. Once the tunnel is established, the remote user's credentials verified, etc., then the remote user is permitted browser access to the local apps. Moreover, even if your apps require MORE than browser level access, there are still toolsets to enable wider access to the host services.

You really need to get a demo to prove that the system is good enough for your intended services. Talk to your local Sonicwall Partner for a demo of Sonicwall SSL-VPN. Or look at using, say, a Zywall USG300 which is a full firewall with SSL-VPN capability built in.

Commented:
Good answer Ccomley  --> it's a very opened ended question - it's actually research and I recommend the person submittingthe question gather facts and demos, before we can assist h/her.

Author

Commented:
thanks for all the input...think i will setup demos of each and go from there...just wanted opionions and got that!! Thanks all!

Commented:
I have used NSA 3500's and 5510s. The SonicWall is far cheaper than the Cisco. Also its IPS/IDS/GAV/GAS is far quicker than the 5510 will ever be.

Simplicity of setup is also in favour of the SonicWall over the Cisco and so is making changes. The only advantage i see in the Cisco is that its implementation of VPN Client (software) is better than SonicWall.

Other than that we have replaced several Cisco PIX firewalls with NSA 2400/3500's and have been very happy with their performance, support, managability and reliablity. On top of this the licensing and support is approx half the cost of Cisco.
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.