Dell SonicWall SuperMassive 9600 review

SonicWall’s SuperMassive 9600 appliance lives up to its name and offers carrier-class security to enterprises.

  • Swift deployment; Top performance; Zone-based security; Advanced App controls
  • Comparatively pricey; Reporting costs extra; Noisy hardware

Dell's SonicWall range has had a gap in its security appliance portfolio for some time. Enterprises have had to choose between the carrier-class SuperMassive 10000 family or the physically inferior NSA E-Class appliances.

The SuperMassive 9000 appliances remedy this as they offer the same features as their bigger brothers but in a more compact, powerful hardware package.

Advertisement - Article continues below

On review is the SuperMassive 9600 which claims a maximum firewall throughput of 20Gbits/sec 2.5 times faster than the NSA E8510. It also brings 10-Gigabit (10GbE) firmly into the equation as along with eight copper and eight fibre Gigabit ports, it offers four 10GbE fibre SFP+ ports.

The 9600 sports a 32-core 1.2GHz MIPS64 Octeon processor partnered by 32GB of memory. Smart features include the ability to call extra cores into active duty and assigns new traffic flows to them as the load ramps up.

Hardware redundancy is good with dual PSUs and fan modules located at the rear. However, we found the appliance noisy with the fans puffing and wheezing as they constantly changed speed.

The Real-Time Monitor provides a detailed overview of traffic flowing through the appliance


The price we've shown is high but tempered by the fact that it includes a one year subscription to every security feature. This includes SonicWall's Reassembly-Free Deep Packet Inspection (RFDPI) which is designed to identify and control applications without any significant hits on performance.

Advertisement - Article continues below
Advertisement - Article continues below

Next up are gateway anti-virus, anti-malware, IPS and anti-spam. For URL filtering we had SonicWall's own CFS service enabled but you can add the optional Websense Enterprise cloud service.

The Application Control feature provides higher levels of security for controlling web browsing, file transfers and email. Data leakage protection is on the cards as it can scan emails and files, check message content, subjects, senders and recipients and block file types.

Dell SonicWall's content filtering performs well and provides 64 categories to block or allow

Deployment and zones

Installation is simple. Wizards assist in securing internet access and setting up the application firewall, VPNs and DMZs. Next up is zone configuration where you group physical ports into logical units.

Zones streamline policy deployment as you don't need to apply them to individual ports. Applying policies to a zone will affect any system that's physically connected to a member port.

During zone creation you select a security type. The predefined WAN zone is classed as untrusted and the appliance will not allow any traffic from it to pass to another zone unless access rules specifically permit it.

Advertisement - Article continues below

Trusted zones have no such restrictions placed on them and wireless zones can be applied to any SonicPoint AP the appliance is managing. A predefined SSL VPN zone is also provided and any traffic passing through member ports will be automatically encrypted.

Web content filtering performs very well and the Geo-IP filter allows you to block web sites from specific countries

Security services and policies

SonicWall's CFS offers 64 URL categories to block or allow and you can create multiple filtering policies which can also include custom black and white lists, schedules and redirection to a consent web page for enforcing AUPs.

We don't see a need to pay extra for the Websense service as CFS worked well during testing with few web sites getting past it. The appliance has a Geo-IP filter so you can also block access to web sites hosted in specific countries.

Advertisement - Article continues below

Basic anti-spam is provided as standard but this is only managed using RBLs which we've always found to very poor spam catchers. Far better to enable SonicWalls' anti-spam service which uses its own GRID system for enhanced IP reputation checks.

Advertisement - Article continues below

Once you've told it about your mail servers you can use a scoring system to classify messages accordingly and delete or quarantine them. Installing the Junk Store feature on your Exchange Server allows users to view their personal quarantine areas and delete or release messages.

There's nothing much to do with the gateway anti-virus as you apply a single, global policy to selected zones. It can scan HTTP, FTP, SMTP, POP, IMAP and CIFS protocols for inbound and outbound traffic and signatures are automatically updated.

The Advanced App controls provide extra depth in managing common apps including social networking

App Controls

SonicWall's App Controls can be used to manage a wide range of applications. You can control FTP transfers or HTTP requests, apply actions such as blocking or redirecting and limit bandwidth for certain activities.

Advanced app controls go further as they use signature IDs to identity specific activities. You can set controls to look for activities such as Facebook likes or posts, Skype logins or even Exchange address book requests and allow, block or log them.

Advertisement - Article continues below

The App Flow monitor in the Dashboard section will prove useful as you can view all application activity. Spot anything you don't like and you can quickly create a rule from the same page to block it, monitor it or enforce a bandwidth management policy.

Logging of all activities is provided on-appliance but if you want full graphical reporting you'll need SonicWall's Analyzer software. Considering the price we would have expected this to be included.


The SuperMassive 9600 is one of the pricier enterprise security appliances on the market but it does offer an impressive range of security measures. Deployment is easy, SonicWall's RFDPI provides extensive application controls and it's 10-Gigabit ready.


It’s expensive, but the SuperMassive 9600 delivers excellent network security teamed up with top performance. Deployment is a cinch and the focus on application controls make the 9600 more versatile that many competing products.

Chassis: 1U rack

CPU: 1.2GHz MIPS64 Octeon

Memory: 32GB RAM

Network: 8 x copper Gigabit, 8 x SFP+ Gigabit, 4 x fibre SFP+ 10GbE

Power: 2 x hot-plug 300W PSUs

Ports: 2 x USB, RJ-45 console

Management: Web browser


Featured Resources

Preparing for long-term remote working after COVID-19

Learn how to safely and securely enable your remote workforce

Download now

Cloud vs on-premise storage: What’s right for you?

Key considerations driving document storage decisions for businesses

Download now

Staying ahead of the game in the world of data

Create successful marketing campaigns by understanding your customers better

Download now

Transforming productivity

Solutions that facilitate work at full speed

Download now



Dell Inspiron 14 7000 review: Capable, but not uncompromising

18 Jun 2020
business communications

Dell Technologies reports strong Q1 as laptop sales soar

29 May 2020

Dell EMC updates storage line with PowerStore

5 May 2020

Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans

6 Mar 2020

Most Popular

Business operations

Nvidia overtakes Intel as most valuable US chipmaker

9 Jul 2020

How to find RAM speed, size and type

24 Jun 2020
cyber attacks

Trump confirms US cyber attack on Russia election trolls

13 Jul 2020