[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Firewall Appliance

Posted on 2016-10-21
3
Medium Priority
?
108 Views
Last Modified: 2016-10-21
I have had 2 Sonicwall Firewalls over the last 10 years, a TZ170 and my current firewall, a TZ210. I've had them configured per Sonicwall's suggestions but have never used their security suite. How safe are we? I use anti-virus on our computer level and have never been breached. (Knock on wood). The million dollar question is does a Firewall Appliance work without the intrusion prevention? I seems like it does. We are going to open up a second location and plan on buying a TZ300 and looking at just the appliance vs a year comprehensive security suite.

Any articles you can point me to would also be helpful.
0
Comment
Question by:Dan Purcell
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 9

Assisted Solution

by:J Spoor
J Spoor earned 1000 total points
ID: 41854024
The SonicWALL firewalls without security services are just a statfull firewall.

The IPS plugs the holes and exploits of software like java, flash etc. An AV doesn't do that.
Also SonicWALL's GateWay AV keeps out viruses at the edge.
Virus protection is always best done at two levels, 1) gateway, 2) endpoint as last resort.

I strongly suggest you get the Total Secure bundle. Also there's a secure upgrade program, to "swap" your old TZ for a new one and get discount.


See example configurations at http://livedemo.sonicwall.com
0
 
LVL 65

Accepted Solution

by:
btan earned 1000 total points
ID: 41854058
If you are looking at mainly internet traffic, then SonicWall Comprehensive Security Suite (CGSS) make sense as it include ICSA-certified gateway anti-virus and anti-spyware protection and more. The suite objective is to help you to stop at network traffic early before it reaches the user's host machine - build up the layer of network defence for attacks deterrence and it helps early detection and alerting cum blocking. It is "comprehensive" GSS as it include 24x7 support. Other key capability besides the AV support are
- It has a  dynamically updated signature database for continuous threat protection
- It does content filtering e.g. control of internal access to inappropriate, unproductive and potentially illegal web content
- It can extend security and productivity by enforcing Internet use policies on endpoint devices located outside the firewall perimeter with the Dell SonicWALL Content Filtering Client
https://www.sonicwall.com/comprehensive-gateway-security-suite/

Since it is ICSA certificate, check out the ICSA website and see their AV monthly testing reports, it has been passing consistently detecting the malware in wild and email list managed by ICSA with the latest threat

https://www.icsalabs.com/product/dell-sonicwall-tz-nsa-e-class-nsa-series

FW in fact is not a NIPS/NIDS as the former does stateful inspection while the latter does more commonly inspection for web application attacks as SQL injection, cross site scripting, remote code execution, shell code payloads and remote procedure calls, as well as protocol anomalies. FW can work as-is w/o the such IPS deep inspection but having too many boxes in the choke points leads to more operational management work hence comes in the UTM or the NGFW that will include such IPS capability or those security module in the FWs.https://www.sonicwall.com/documents/sonicwall-intrusion-prevention-datasheet-68967.pdf

You can still go for one FW and have the CGSS which gives you better and earliest threat coverage. However the part about SSL traffice will not be inspected since it is encrypted. There is another SSL decryption suite - https://www.sonicwall.com/ssl-decryption-and-inspection/
0
 

Author Closing Comment

by:Dan Purcell
ID: 41854155
Thanks for your input
0

Featured Post

Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Phishing is at the top of most security top 10 efforts you should be pursuing in 2016 and beyond. If you don't have phishing incorporated into your Security Awareness Program yet, now is the time. Phishers, and the scams they use, are only going to …
Gift cards are not a new concept - it's been around for a very long time.  Undoubtedly, over the past you have received such a card or purchased one for a friend or relative.  Are you aware that you've been feeding the machine?  If not, read on :)
Articles on a wide range of technology and professional topics are available on Experts Exchange. These resources are written by members, for members, and can be written about any topic you feel passionate about. Learn how to best write an article t…
Saved searches can save you time by quickly referencing commonly searched terms on any topic. Whether you are looking for questions you can answer or hoping to learn about a specific issue, a saved search can help you get the most out of your time o…
Suggested Courses

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question