Avatar of WORKS2011
Flag for United States of America

asked on 

SonicWall TZ Series Throughput Using Full DPI Creates Substantial Bandwidth Loss

Working with an ISP that has guaranteed 1Gx1G dedicated fiber for $575/month. I haven't seen anyone else able to touch this, not even close. I wasn't expecting this low a price for another 3-5 years.

Brings up a good question regarding firewalls my clients are using, the SonicWall TZ400. I spoke with my Sonicwall rep and she mentioned the TZ400 will reduce the bandwidth substantially for a 1Gx1G dedicated fiber due to DPI limitations that max out at 300M. We discussed if DPI is needed,  I made the case it's not, mentioned I have it disabled on many networks because it's created too many dropped packets. She didn't exactly say this renders the TZ400 useless but she couldn't come to terms why I would do this or not upgrade to the TZ600. Selling point? The TZ600 is $1000 - $1200 more and only increases the DPI bandwidth 100M to 400M total. Nothing hardly to insist spending the money to upgrade. Further in the conversation she priced me out a firewall that would handle the DPI for a 1Gx1G network and it was over $20k, well over.

This brings up allot of questions regarding firewalls as bandwidth continues to increase and the limitations they have regarding security and bandwidth limitations.

What are EE's experience / thoughts regarding the following:
- General use of the SonicWall TZ series firewalls with bandwidth over 400M to full 1G.
- Do you feel DPI is needed? Definitely a great feature but is it needed? In my case we have other measures in place to inspect internet threats. Same with SPAM, we don't use the Spam filter on the SonicWall device, we view it as an extra feature not a necessity.
- Please share other firewalls you're using, why, how do they affect bandwidth.

Thanks in advance.
Hardware FirewallsRoutersNetworking

Avatar of undefined
Last Comment

8/22/2022 - Mon