by September 5, 2007 0 comments

Sonicwall Pro 5060 is particularly meant for medium to large enterprises.
This was the costliest UTM that we received. The device is equipped with
gateway-level anti-virus, IDP, anti-spyware, content filter, and e-mail filter.
It has six Gb Ethernet ports and one console port over a customized OS, called
SonicOS. It has easy-to-use wizard for setting up NAT, VPN, etc. Surprisingly,
the UTM doesn’t have an anti-spam in it, which is of course a major drawback of
it. It only provides you with black and white listing of e-mail ids, and option
for blocking attachments, as defined by admin. It also supports features, such
as, ISP failover, load balancing, WAN redundancy and has policy-based management
system. The device provides 7,50,000 concurrent connections, maximum of 6000 VPN
connections and has deep packet inspection. It can also serve as VoIP proxy, by
logging calls, there start time, bandwidth consumed, etc.

Sonicwall PRO 5060
1,74,550 (3 yrs warranty)
Contact: IBM India, Bangalore
Tel: 1800-4253333
SMS Buy 130831 to 56767

Tests and results
When we tested it for anti-virus, the results we got were similar to the
Cyberoam device. Out of 1000 viruses, which were downloaded over HTTP and FTP,
only 65 viruses could pass through. For checking the performance of IDP, we ran
couple of vulnerability scans. We ran Nessus on default configuration. It showed
one warning and a hole, but with a bit of configuration setting helped, as it
did in the case of Cyberoam. Then we tried to jam the LAN ports of the
appliance. We did it, by flooding private network IPs on the LAN ports, from 5
different clients. Now, the accessibility of the device to public network was
jammed. We tested the machine for denial-of-service attack with a spoofed IP.
The device was able to detect the attack, but was not able to detect the IP of
the machine, from which the attack was done. It showed the spoofed IP as the
source, instead of, the actual IP. We also tried ARP spoofing and the IDP of the
device was not able to detect the attack.

BOTTOMLINE: Good for large enterprises, where they already have a
device or a mechanism to take care of spams.

No Comments so far

Jump into a conversation

No Comments Yet!

You can be the one to start a conversation.