We help IT Professionals succeed at work.

Will installing a SonicWall Wireless N Firewall stop viruses and spyware from entering a SB network

593 Views
Last Modified: 2013-11-16
Hi Experts
Will installing a SonicWall Tz 100 or Tz 200 Wireless N Firewall stop viruses and spyware from entering a SB network?
The Small Business is currently set up as a workgroup and has about 8 systems sharing files
(Financial and Contacts)

If it does stop viruses and spyware & How does it work?

Thank you
Comment
Watch Question

No. The firewall blocks access in and out of the network based on TCP and UDP ports for the various protocols like web and email etc you want to give access to. In general viruses and spyware are attached to legitimate sessions you would normally be allowing through the firewall. The firewall will prevent things like outsiders gaining illegitimate access to your inside servers.
If youre looking for appliance based security Watchguard has many options available. All in one.
CERTIFIED EXPERT

Commented:
Short answer is no. There are sonicwall appliances that offer this protection at the network level and can be licensed for an additional fee but even this is not a replacement for machine based antivirus and antispyware protection.
Alan HardistyCo-Owner
CERTIFIED EXPERT
Top Expert 2011

Commented:
I have never seen a firewall product that can stop a user from clicking on a link that downloads malicious code and then starts wreaking havoc.
You can have the hardest firewall, the best anti-virus software and anti-spyware / anti-malware software in place, but the simple click of a mouse and all of it is bypassed.
The best policy for protection is to educate your users, roll out good anti-virus software, ensure that the users don't have local administrator rights to their PCs and lock down your firewall outbound and inbound so that the only traffic that can flow in and out is what you have setup.

Author

Commented:
Thank you for your responses,
Additional information:
I am looking to replace an old wireless B router (Netgear)

Do these firewalls also act as a Router?

It seems that WatchGaurd only has Wireless B/G not N

Would you prefer one company over another? (WatchGaurd vs. SonicWall)
Alan HardistyCo-Owner
CERTIFIED EXPERT
Top Expert 2011

Commented:
Both the Watchguard and Sonicwall are much more expensive that the Netgear Wireless B Router you are replacing.
Any reason why you are going with a more expensive one rather than a replacement such as a Netgear DGN2000?
http://www.netgear.com/Products/RoutersandGateways/WirelessNRoutersandGateways/DGN2000.aspx
We have many customers using the Netgear products and they have all been very safe.  The only customer we had problems with was using the ISP's router and we could not even block outbound SMTP Traffic on it - just turn it on or off!

Author

Commented:
I am thinking of implementing Antivirus  Antispy at the Gateway.
The 2 Models I am considering are
SonicWall TZ100 Wireless  and their Total Secure  + Subscription based protection
Cisco SA 520W-K9  and their ProtecLink  + Subscription based protection

The questions I have are
Is The SonicWall protection provided by McAfee?
Is the Cisco product able to support a Guest wireless network?
The throughput on the Cisco product is 200Mbs and the Sonic wall is confusing being listed at 100 Mbs in some places and higher in others on their site.

Thanks in advance for your help
CERTIFIED EXPERT
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION
Irwin W.There are a 1000 ways to skin the technology cat.
CERTIFIED EXPERT
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION

Author

Commented:
Thanks for asking about protection for the desktops, I plan to install Kaspersky on each.

My questions and request for help regarding the purchase of either the Cisco or SonicWall firewall revolves around the protection and configuration.

The Cisco product states that it does its scanning in a cloud so there will be no slow down in network traffic.   Is this correct?

The SonicWall product states it does real time scanning and wont bottleneck the network.
Is this true? +
If the SonicWall uses McAfee I dont feel that comfortable using it because I have had problems in the past.

What product is easier to configure- are they both web based?

Thanks again for all your help
Irwin W.There are a 1000 ways to skin the technology cat.
CERTIFIED EXPERT

Commented:
The sort of good news is that the Sonicwalls usually give your a 30 day trial period of their gateway scanning tools.  If you logon to your firewall, you will see these services.  All you need to do, is logon to your Sonicwall's client portal and acquire the registration key for the trial.

As for Cisco's statement, I would still be skeptical of this.  Please check and read all fine print possible on their statement.   There HAS to be some latency if they are scanning your files prior to it hitting your network.
CERTIFIED EXPERT

Commented:
Sorry nappy_d i definitely have to disagree there! I have an older sonicwall 3060 and over 200 users streaming video and music plus a few voip phones and never had any complaints of the network being slow.

Sonicwall is definitely easier to configure and eventhough it may have a mcafee scan engine that doesnt mean you have to deal with any mcafee software. It runs integrated on the appliance and i've never even seen the mcafee logo but i still have the scanning activated. It also downloads updates automatically.
Irwin W.There are a 1000 ways to skin the technology cat.
CERTIFIED EXPERT

Commented:
The 3060 is a whole different device than the TZ series.
CERTIFIED EXPERT

Commented:
i see but will it really slow down for less than 10 users? Maybe the model tz that you had just wasnt sized correctly for the amount of users on the network. I'm actually setting up a new network now with a sonicwall NSA instead of TZ series for 200 users.

Maybe NSA series is an option for you if it turns out to be that TZ will be too slow for less than 10 users. Don't get me wrong, i LOVE cisco, but theyre just not as user friendly for the average tech person.
Irwin W.There are a 1000 ways to skin the technology cat.
CERTIFIED EXPERT

Commented:
OK this is what I am talking about...when the Antivirus is enabled, throughput drops to 10Mbps...http://www.sonicwall.com/ee/295.html

On the entry level devices such as the TZ180 this is what happens.  This is why I suggest that the author keep this off the gateway and let the workstations do their own scanning.

It may be difference of opinion but I don't believe that AV scanning belongs at the gateway.  Proper implementation and the workstations can handle this task.

Author

Commented:
Thank you both for your help.
I found a review of the SonicWall TZ100 with screen shots of the configuration, but I cant find anything on the Cisco Unit.
The SonicWall only has 10/100 ports as compared to the Cisco unit that has 10/1000 ports
Do you think this will cause problems down the road?
Irwin W.There are a 1000 ways to skin the technology cat.
CERTIFIED EXPERT

Commented:
No. You cannot get internet bandwidth at GigE.  10/100 ports are more than sufficient.

Author

Commented:
Thank you both for your help
I went ahead and purchased the SonicWall TZ100w with the UTM protection
The throughput is listed at 25Mbps. The deciding factor was the ease of configuration.

Commented:
I am sorry Nappy_d but your advice is very poor. The original poster should absolutely keep gateway anti-virus, anti-spyware, and intrusion prevention enabled. You may want to look at the throughput of the newer TZ100 and TZ200 devices that the original poster referred to.

http://www.sonicwall.com/us/products/TZ_100.html

Gain unlimited access to on-demand training courses with an Experts Exchange subscription.

Get Access
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Empower Your Career
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.