SonicWALL TZ300 Review – Modest UTM performance, but good value with top security features and wireless management
Dell SonicWALL’s latest TZ appliances promise a much-needed performance boost over their predecessors without a commensurate price hike. Targeting small offices of 25 users or fewer, the TZ300 on review’ here is good value and supports the new SonicPoint 8o2.nac access points (APs) for integral wireless network provisioning and management.
This enables round-the-clock support, IPS, gateway antivirus, anti-spyware and a content-filtering service (CFS).
Unlike many of its rivals, antispam is a bolt-on option. A year’s subscription will buy you a licence for the Analyzer reporting tool. Wireless management is enabled as standard, allowing the TZ300 to handle up to eight SonicPoint APs.
Installation took five minutes in our tests, as the web console’s quick-start wizard set up the first LAN port as w-ell as the WAN port for internet access, and applied a base security policy to the default zone. The latter makes the TZ300 very versatile; we could place selected ports in different zones and quickly apply a single security policy to all members.
Antivirus scanning is applied at the gateway and can be enabled on selected zones. It uses a single, global configuration through which you can activate scanning on HTTP, FTP, IMAP, POP3, SMTP, CIFS and TCP streams.
There are two options for web-content filtering; you can use CFS or pay extra for the Websense Enterprise hosted service. We found CFS to be perfectly adequate, with very few’ dodgy websites slipping past in our tests. CFS provides more than 60 URL categories, and you can create multiple filtering policies to be applied to different port zones. Each policy can be customized w’ith blacklists, whitelists and use schedules to determine w’hen they’re active. You can also apply acceptable-use policies (AUPs) by redirecting users to a consent wreb page.
Its application controls provide precise management of activities such as web brow’sing. file transfers and messaging. The rules are quite complex but wizards helped us create inspection policies for SMTP, POP3, FTP and HTTP.
The advanced app controls, meanwhile, use signature IDs to identify specific activities and provide more granular control of apps. For example, they can be used to log or block various Facebook activities and Exchange address book requests.
You can monitor app activity by watching the App Flow graphs in the main dashboard. If you see any suspect activities or apps popping up, you can create a rule to block, monitor or to apply bandwidth restrictions to that particular element.
We used a SonicPoint ACi dual-band 8o2.nac access point to test the wireless management features. TheTZ300 has predefined wireless profiles for both radios, which we modified to suit, and when we connected the access point, it was identified and automatically had the correct profile.
All access points are placed in a dedicated WLAN zone, which allowed us to swiftly apply policies such as web filtering, IPS and gateway antivirus. Moreover, provisioning guest access is pain-free, as the WLAN zone has options for client isolation and redirecting users to an external website for authentication.
If you see any suspect activities or apps popping up, you can create a rule to block, monitor or to apply bandwidth restrictions
The anti-spam service can’t transparently scan mail traffic and requires details of your mail server to work. It provides options for handling spam, phishing and infected messages, while installing the Junk Store feature on an Exchange Server allows users to view their personal quarantine areas and delete or release messages.
Even though anti-spam and reporting are extras, the TZ300 still packs plenty of security measures for the price. Its UTM throughput of looMbits/sec should satisfy small offices, and it has great wireless network management features.
SonicWALL TZ300 Review: Specifications
Desktop chassis • 800MHz dual-core Octeon MIPS64 • 1GB RAM • 5x Gigabit Ethernet • USB 3 • RJ45 serial • external PSU • web browser management • Options: appliance and TotalSecure; comprehensive anti-spam