Solved

Firewall Appliance

Posted on 2016-10-21
3
34 Views
Last Modified: 2016-10-21
I have had 2 Sonicwall Firewalls over the last 10 years, a TZ170 and my current firewall, a TZ210. I've had them configured per Sonicwall's suggestions but have never used their security suite. How safe are we? I use anti-virus on our computer level and have never been breached. (Knock on wood). The million dollar question is does a Firewall Appliance work without the intrusion prevention? I seems like it does. We are going to open up a second location and plan on buying a TZ300 and looking at just the appliance vs a year comprehensive security suite.

Any articles you can point me to would also be helpful.
0
Comment
Question by:Dan Purcell
3 Comments
 
LVL 5

Assisted Solution

by:JSpoor
JSpoor earned 250 total points
Comment Utility
The SonicWALL firewalls without security services are just a statfull firewall.

The IPS plugs the holes and exploits of software like java, flash etc. An AV doesn't do that.
Also SonicWALL's GateWay AV keeps out viruses at the edge.
Virus protection is always best done at two levels, 1) gateway, 2) endpoint as last resort.

I strongly suggest you get the Total Secure bundle. Also there's a secure upgrade program, to "swap" your old TZ for a new one and get discount.


See example configurations at http://livedemo.sonicwall.com
0
 
LVL 61

Accepted Solution

by:
btan earned 250 total points
Comment Utility
If you are looking at mainly internet traffic, then SonicWall Comprehensive Security Suite (CGSS) make sense as it include ICSA-certified gateway anti-virus and anti-spyware protection and more. The suite objective is to help you to stop at network traffic early before it reaches the user's host machine - build up the layer of network defence for attacks deterrence and it helps early detection and alerting cum blocking. It is "comprehensive" GSS as it include 24x7 support. Other key capability besides the AV support are
- It has a  dynamically updated signature database for continuous threat protection
- It does content filtering e.g. control of internal access to inappropriate, unproductive and potentially illegal web content
- It can extend security and productivity by enforcing Internet use policies on endpoint devices located outside the firewall perimeter with the Dell SonicWALL Content Filtering Client
https://www.sonicwall.com/comprehensive-gateway-security-suite/

Since it is ICSA certificate, check out the ICSA website and see their AV monthly testing reports, it has been passing consistently detecting the malware in wild and email list managed by ICSA with the latest threat

https://www.icsalabs.com/product/dell-sonicwall-tz-nsa-e-class-nsa-series

FW in fact is not a NIPS/NIDS as the former does stateful inspection while the latter does more commonly inspection for web application attacks as SQL injection, cross site scripting, remote code execution, shell code payloads and remote procedure calls, as well as protocol anomalies. FW can work as-is w/o the such IPS deep inspection but having too many boxes in the choke points leads to more operational management work hence comes in the UTM or the NGFW that will include such IPS capability or those security module in the FWs.https://www.sonicwall.com/documents/sonicwall-intrusion-prevention-datasheet-68967.pdf

You can still go for one FW and have the CGSS which gives you better and earliest threat coverage. However the part about SSL traffice will not be inspected since it is encrypted. There is another SSL decryption suite - https://www.sonicwall.com/ssl-decryption-and-inspection/
0
 

Author Closing Comment

by:Dan Purcell
Comment Utility
Thanks for your input
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Watchguard Firewall Setup 3 27
Linear algebra 3 52
what font behind pdf 32 100
Query Missing Money orders... 6 53
Whether you believe the “gig economy,” as it has been dubbed, is the next big economic paradigm shift (https://www.theguardian.com/commentisfree/2015/jul/26/will-we-get-by-gig-economy) or an overstated trend (http://www.wsj.com/articles/proof-of-a-g…
If you get continual lockouts after changing your Active Directory password, there are several possible reasons.  Two of the most common are using other devices to access your email and stored passwords in the credential manager of windows.
Articles on a wide range of technology and professional topics are available on Experts Exchange. These resources are written by members, for members, and can be written about any topic you feel passionate about. Learn how to best write an article t…
Saved searches can save you time by quickly referencing commonly searched terms on any topic. Whether you are looking for questions you can answer or hoping to learn about a specific issue, a saved search can help you get the most out of your time o…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now