Dell SonicWALL NSA 2600 review

Offering a big boost in security features and performance, Dell SonicWALL NAS 2600 remains affordable for SMBs.

  • Performance improvements; Easy installation; Extensive features; Zone based policies
  • Optional reporting and anti-spam

Replacing the elderly NSA 2400, Dell SonicWALL NSA 2600 delivers a near three-fold performance improvement. Along with a big hike in firewall throughput from 775Mbps to 1.9Gbps, it also doubles full DPI (deep packet inspection) speeds to 300Mbps.

This has been achieved by replacing the 500MHz dual-core MIPS CPU of the NSA 2400 with an 800MHz quad-core MIPS64 Octeon chip and beefing up memory from a miserly 512MB to a healthy 2GB. The port count is increased as well with eight Gigabit data ports plus a dedicated Gigabit management port.

Advertisement - Article continues below

The NSA 2600 can be upgraded to 10GbE speeds using the front expansion slot. A good selection of modules is available and includes dual-port 10Gbase-SR and 10Gbase-LR fibre or dual 10Gbase-T copper.

Prices for the NSA 2600 are reasonable with SonicTek charging 1,468 ex VAT for the base unit. A 1-year TotalSecurity subscription activates gateway anti-virus and anti-spyware, IPS, application controls and URL filtering and pushes the price up to around 2,330 ex VAT.

A quick start wizard gets the appliance up and running in a few minutes


We had no problems installing the NSA 2600 in the lab. The simple, browser-based quick start wizard secures administrative access, sets up the LAN and WAN ports and applies a security policy to the default port zone.

Advertisement - Article continues below

Only the first LAN port is placed in a zone so you need to decide what to do with the others. You can group them into a single zone so new policies will be automatically applied to all connected systems or create separate zones for selected ports, each with their own security settings. 

Advertisement - Article continues below

Selecting a security type for each zone also determines what traffic can pass across it. All LAN ports are trusted but the appliance's WAN port is untrusted so no traffic will be allowed to pass from it to another zone unless you create a rule permitting this.

Security policies can be applied using the appliance's port zone feature

AV and web filtering

Anti-virus scanning is applied at the gateway and can be enabled on selected zones. It uses a single, global configuration where you can activate scanning on HTTP, FTP, IMAP, POP3, SMTP, CIFS and TCP streams.

Two options are provided for web content filtering as you can use the CFS (content filter service) included with the TotalSecure subscription or pay extra for the WebSense Enterprise hosted service. CFS will be adequate for most businesses as we found very few dodgy web sites slipped past it during testing. 

It provides over 60 URL categories and you can create multiple filtering policies and apply them to different port zones. Each policy can be customised with black and white lists, you can use schedules to determine when they are active and apply AUPs by redirecting users to a consent web page. For even more browsing control you can activate the Geo-IP filter which blocks access to web sites hosted in specific countries.

There are plenty of categories to choose from for URL filtering which performs well

Advertisement - Article continues below

Monitor your apps

The Application Control provides precise management of activities such as web browsing, file transfers and messaging. App Rules are complex but a wizard helps create inspection policies for SMTP, POP3, FTP and HTTP.

Advertisement - Article continues below

You can, for example, create an Application Firewall policy for FTP transfers. This inspects all uploads and downloads through a port zone looking for specific file types and blocks their transfer. Likewise with email, you can create a policy to inspect message subjects, content and attachments and decides whether to permit or deny the transfer.

For even greater control there are advanced app controls which use signature IDs to identify specific activities. These can spot a huge range including Facebook likes, pokes and posts, Exchange address book requests and much more and block or log them.

Rule creation can be streamlined by monitoring the App Flow graphs in the main dashboard. If you see any suspect activities or apps popping up you can create a rule to block, monitor or apply bandwidth restrictions.

Real time graphs show user activity but the optional Analyzer report module costs extra

Advertisement - Article continues below

Anti-spam and reporting 

The appliance comes with basic anti-spam measures using RBLs but we have never found these to be a substitute for the real thing as they let too much through. The Dell SonicWALL hosted anti-spam service is a better bet with a yearly subscription costing an additional 574 ex VAT.

This uses its own GRID network for applying sender IP reputation checks. It the message passes this test it's then subjected to further analyse in the cloud using a unique hash, or GRIDprint', generated using the message contents.

Although the Dashboard screen provides plenty of real time statistics, full reporting costs extra with the Analyzer adding around 220 ex VAT to the asking price. Running from a Windows or VMware host, this Syslog server takes all data from multiple appliances, stores it in a central database and provides an impressive range of report generation tools.


We had no problems installing the NSA 2600 with its zone feature making light work of security policy assignment. You'll need to factor in the extra costs of reporting and anti-spam but it's still reasonable value and offers a substantial speed boost over the NSA 2400.


The NSA 2600 is miles than its predecessor and packs more into its 1U chassis. Some features cost extra but this appliance is easy to install and its zone based security makes light work of policy deployment.

Chassis: 1U rack

CPU: 800MHz quad-core MIPS64 Octeon

Memory: 2GB DDR3, 1GB Flash

Network: 8 x Gigabit

Other ports: Gigabit management, 2 x USB, RJ-45 console

Expansion: 1 x module slot, SDHC slot

Management: Web browser

Modules: 10Gbase-SR, £762; 10Gbase-LR, £1,350; 10Gbase-T, £291 (all ex VAT)

Featured Resources

Top 5 challenges of migrating applications to the cloud

Explore how VMware Cloud on AWS helps to address common cloud migration challenges

Download now

3 reasons why now is the time to rethink your network

Changing requirements call for new solutions

Download now

All-flash buyer’s guide

Tips for evaluating Solid-State Arrays

Download now

Enabling enterprise machine and deep learning with intelligent storage

The power of AI can only be realised through efficient and performant delivery of data

Download now



Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans

6 Mar 2020
Business strategy

RSA sale spells a new chapter for Dell

21 Feb 2020
mergers and acquisitions

Dell sells RSA security business to private equity firm

19 Feb 2020

Dell UltraSharp UP2720Q review: A crisp, well-balanced design display

17 Feb 2020

Most Popular

Server & storage

HPE warns of 'critical' bug that destroys SSDs after 40,000 hours

26 Mar 2020
video conferencing

Zoom beams iOS user data to Facebook for targeted ads

27 Mar 2020

These are the companies offering free software during the coronavirus crisis

25 Mar 2020
high-performance computing (HPC)

IBM dedicates supercomputing power to coronavirus research

24 Mar 2020