Dell SonicWall SuperMassive 9600 review

SonicWall’s SuperMassive 9600 appliance lives up to its name and offers carrier-class security to enterprises.

Price
£70,000
  • Swift deployment; Top performance; Zone-based security; Advanced App controls
  • Comparatively pricey; Reporting costs extra; Noisy hardware

Dell's SonicWall range has had a gap in its security appliance portfolio for some time. Enterprises have had to choose between the carrier-class SuperMassive 10000 family or the physically inferior NSA E-Class appliances.

The SuperMassive 9000 appliances remedy this as they offer the same features as their bigger brothers but in a more compact, powerful hardware package.

On review is the SuperMassive 9600 which claims a maximum firewall throughput of 20Gbits/sec 2.5 times faster than the NSA E8510. It also brings 10-Gigabit (10GbE) firmly into the equation as along with eight copper and eight fibre Gigabit ports, it offers four 10GbE fibre SFP+ ports.

The 9600 sports a 32-core 1.2GHz MIPS64 Octeon processor partnered by 32GB of memory. Smart features include the ability to call extra cores into active duty and assigns new traffic flows to them as the load ramps up.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Hardware redundancy is good with dual PSUs and fan modules located at the rear. However, we found the appliance noisy with the fans puffing and wheezing as they constantly changed speed.

The Real-Time Monitor provides a detailed overview of traffic flowing through the appliance

Features

The price we've shown is high but tempered by the fact that it includes a one year subscription to every security feature. This includes SonicWall's Reassembly-Free Deep Packet Inspection (RFDPI) which is designed to identify and control applications without any significant hits on performance.

Next up are gateway anti-virus, anti-malware, IPS and anti-spam. For URL filtering we had SonicWall's own CFS service enabled but you can add the optional Websense Enterprise cloud service.

The Application Control feature provides higher levels of security for controlling web browsing, file transfers and email. Data leakage protection is on the cards as it can scan emails and files, check message content, subjects, senders and recipients and block file types.

Dell SonicWall's content filtering performs well and provides 64 categories to block or allow

Deployment and zones

Installation is simple. Wizards assist in securing internet access and setting up the application firewall, VPNs and DMZs. Next up is zone configuration where you group physical ports into logical units.

Zones streamline policy deployment as you don't need to apply them to individual ports. Applying policies to a zone will affect any system that's physically connected to a member port.

Advertisement
Advertisement - Article continues below

During zone creation you select a security type. The predefined WAN zone is classed as untrusted and the appliance will not allow any traffic from it to pass to another zone unless access rules specifically permit it.

Trusted zones have no such restrictions placed on them and wireless zones can be applied to any SonicPoint AP the appliance is managing. A predefined SSL VPN zone is also provided and any traffic passing through member ports will be automatically encrypted.

Web content filtering performs very well and the Geo-IP filter allows you to block web sites from specific countries

Security services and policies

SonicWall's CFS offers 64 URL categories to block or allow and you can create multiple filtering policies which can also include custom black and white lists, schedules and redirection to a consent web page for enforcing AUPs.

We don't see a need to pay extra for the Websense service as CFS worked well during testing with few web sites getting past it. The appliance has a Geo-IP filter so you can also block access to web sites hosted in specific countries.

Basic anti-spam is provided as standard but this is only managed using RBLs which we've always found to very poor spam catchers. Far better to enable SonicWalls' anti-spam service which uses its own GRID system for enhanced IP reputation checks.

Once you've told it about your mail servers you can use a scoring system to classify messages accordingly and delete or quarantine them. Installing the Junk Store feature on your Exchange Server allows users to view their personal quarantine areas and delete or release messages.

Advertisement - Article continues below

There's nothing much to do with the gateway anti-virus as you apply a single, global policy to selected zones. It can scan HTTP, FTP, SMTP, POP, IMAP and CIFS protocols for inbound and outbound traffic and signatures are automatically updated.

The Advanced App controls provide extra depth in managing common apps including social networking

Advertisement
Advertisement - Article continues below

App Controls

SonicWall's App Controls can be used to manage a wide range of applications. You can control FTP transfers or HTTP requests, apply actions such as blocking or redirecting and limit bandwidth for certain activities.

Advanced app controls go further as they use signature IDs to identity specific activities. You can set controls to look for activities such as Facebook likes or posts, Skype logins or even Exchange address book requests and allow, block or log them.

The App Flow monitor in the Dashboard section will prove useful as you can view all application activity. Spot anything you don't like and you can quickly create a rule from the same page to block it, monitor it or enforce a bandwidth management policy.

Advertisement - Article continues below

Logging of all activities is provided on-appliance but if you want full graphical reporting you'll need SonicWall's Analyzer software. Considering the price we would have expected this to be included.

Overall

The SuperMassive 9600 is one of the pricier enterprise security appliances on the market but it does offer an impressive range of security measures. Deployment is easy, SonicWall's RFDPI provides extensive application controls and it's 10-Gigabit ready.

Verdict

It’s expensive, but the SuperMassive 9600 delivers excellent network security teamed up with top performance. Deployment is a cinch and the focus on application controls make the 9600 more versatile that many competing products.

Chassis: 1U rack

CPU: 1.2GHz MIPS64 Octeon

Memory: 32GB RAM

Network: 8 x copper Gigabit, 8 x SFP+ Gigabit, 4 x fibre SFP+ 10GbE

Power: 2 x hot-plug 300W PSUs

Ports: 2 x USB, RJ-45 console

Management: Web browser

 

Featured Resources

Transform the operator experience with enhanced automation & analytics

Bring networking into the digital era

Download now

Artificially intelligent data centres

How the C-Suite is embracing continuous change to drive value

Download now

Deliver secure automated multicloud for containers with Red Hat and Juniper

Learn how to get started with the multicloud enabler from Red Hat and Juniper

Download now

Get the best out of your workforce

7 steps to unleashing their true potential with robotic process automation

Download now
Advertisement

Recommended

Visit/hardware/354237/five-signs-that-its-time-to-retire-it-kit
Sponsored

Five signs that it’s time to retire IT kit

29 Nov 2019
Visit/hardware/354193/buy-it-to-grow-not-slow-your-business
Sponsored

Buy IT to grow, not slow, your business

25 Nov 2019
Visit/hardware/34757/how-your-business-can-grab-a-black-friday-tech-bargain
Sponsored

How your business can grab a Black Friday tech bargain

11 Nov 2019
Visit/laptops/34333/dell-latitude-5500-review-going-off-key
Laptops

Dell Latitude 5500 review: Going off key

6 Sep 2019

Most Popular

Visit/operating-systems/microsoft-windows/354297/this-exploit-could-give-users-free-windows-7-updates
Microsoft Windows

This exploit could give users free Windows 7 updates beyond 2020

9 Dec 2019
Visit/security/vulnerability/354309/patch-issued-for-critical-windows-bug
vulnerability

Patch issued for critical Windows bug

11 Dec 2019
Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Visit/data-insights/big-data/354311/google-reveals-uks-most-searched-for-terms-in-2019
big data

Google reveals UK’s most searched for terms in 2019

11 Dec 2019