Dell SonicWall SuperMassive 9600 review
SonicWall’s SuperMassive 9600 appliance lives up to its name and offers carrier-class security to enterprises.
Dell's SonicWall range has had a gap in its security appliance portfolio for some time. Enterprises have had to choose between the carrier-class SuperMassive 10000 family or the physically inferior NSA E-Class appliances.
The SuperMassive 9000 appliances remedy this as they offer the same features as their bigger brothers but in a more compact, powerful hardware package.
On review is the SuperMassive 9600 which claims a maximum firewall throughput of 20Gbits/sec 2.5 times faster than the NSA E8510. It also brings 10-Gigabit (10GbE) firmly into the equation as along with eight copper and eight fibre Gigabit ports, it offers four 10GbE fibre SFP+ ports.
The 9600 sports a 32-core 1.2GHz MIPS64 Octeon processor partnered by 32GB of memory. Smart features include the ability to call extra cores into active duty and assigns new traffic flows to them as the load ramps up.
Hardware redundancy is good with dual PSUs and fan modules located at the rear. However, we found the appliance noisy with the fans puffing and wheezing as they constantly changed speed.
The Real-Time Monitor provides a detailed overview of traffic flowing through the appliance
The price we've shown is high but tempered by the fact that it includes a one year subscription to every security feature. This includes SonicWall's Reassembly-Free Deep Packet Inspection (RFDPI) which is designed to identify and control applications without any significant hits on performance.
Next up are gateway anti-virus, anti-malware, IPS and anti-spam. For URL filtering we had SonicWall's own CFS service enabled but you can add the optional Websense Enterprise cloud service.
The Application Control feature provides higher levels of security for controlling web browsing, file transfers and email. Data leakage protection is on the cards as it can scan emails and files, check message content, subjects, senders and recipients and block file types.
Dell SonicWall's content filtering performs well and provides 64 categories to block or allow
Deployment and zones
Installation is simple. Wizards assist in securing internet access and setting up the application firewall, VPNs and DMZs. Next up is zone configuration where you group physical ports into logical units.
Zones streamline policy deployment as you don't need to apply them to individual ports. Applying policies to a zone will affect any system that's physically connected to a member port.
During zone creation you select a security type. The predefined WAN zone is classed as untrusted and the appliance will not allow any traffic from it to pass to another zone unless access rules specifically permit it.
Trusted zones have no such restrictions placed on them and wireless zones can be applied to any SonicPoint AP the appliance is managing. A predefined SSL VPN zone is also provided and any traffic passing through member ports will be automatically encrypted.
Web content filtering performs very well and the Geo-IP filter allows you to block web sites from specific countries
Security services and policies
SonicWall's CFS offers 64 URL categories to block or allow and you can create multiple filtering policies which can also include custom black and white lists, schedules and redirection to a consent web page for enforcing AUPs.
We don't see a need to pay extra for the Websense service as CFS worked well during testing with few web sites getting past it. The appliance has a Geo-IP filter so you can also block access to web sites hosted in specific countries.
Basic anti-spam is provided as standard but this is only managed using RBLs which we've always found to very poor spam catchers. Far better to enable SonicWalls' anti-spam service which uses its own GRID system for enhanced IP reputation checks.
Once you've told it about your mail servers you can use a scoring system to classify messages accordingly and delete or quarantine them. Installing the Junk Store feature on your Exchange Server allows users to view their personal quarantine areas and delete or release messages.
There's nothing much to do with the gateway anti-virus as you apply a single, global policy to selected zones. It can scan HTTP, FTP, SMTP, POP, IMAP and CIFS protocols for inbound and outbound traffic and signatures are automatically updated.
The Advanced App controls provide extra depth in managing common apps including social networking
SonicWall's App Controls can be used to manage a wide range of applications. You can control FTP transfers or HTTP requests, apply actions such as blocking or redirecting and limit bandwidth for certain activities.
Advanced app controls go further as they use signature IDs to identity specific activities. You can set controls to look for activities such as Facebook likes or posts, Skype logins or even Exchange address book requests and allow, block or log them.
The App Flow monitor in the Dashboard section will prove useful as you can view all application activity. Spot anything you don't like and you can quickly create a rule from the same page to block it, monitor it or enforce a bandwidth management policy.
Logging of all activities is provided on-appliance but if you want full graphical reporting you'll need SonicWall's Analyzer software. Considering the price we would have expected this to be included.
The SuperMassive 9600 is one of the pricier enterprise security appliances on the market but it does offer an impressive range of security measures. Deployment is easy, SonicWall's RFDPI provides extensive application controls and it's 10-Gigabit ready.
It’s expensive, but the SuperMassive 9600 delivers excellent network security teamed up with top performance. Deployment is a cinch and the focus on application controls make the 9600 more versatile that many competing products.
Chassis: 1U rack
CPU: 1.2GHz MIPS64 Octeon
Memory: 32GB RAM
Network: 8 x copper Gigabit, 8 x SFP+ Gigabit, 4 x fibre SFP+ 10GbE
Power: 2 x hot-plug 300W PSUs
Ports: 2 x USB, RJ-45 console
Management: Web browser