Sunday, September 07, 2008  
Google
Web pcquest.com

CIOL Network sites

Search by Issue | CD Search | Sitemap | Advanced Search


   
 Home > Developer > Shootout

Sonicwall PRO 5060

The appliance provides a robust security platform for the enterprises, along with modern features, like ISP failover, DPI, VoIP proxy, etc

Wednesday, September 05, 2007

Sonicwall Pro 5060 is particularly meant for medium to large enterprises. This was the costliest UTM that we received. The device is equipped with gateway-level anti-virus, IDP, anti-spyware, content filter, and e-mail filter. It has six Gb Ethernet ports and one console port over a customized OS, called SonicOS. It has easy-to-use wizard for setting up NAT, VPN, etc. Surprisingly, the UTM doesn't have an anti-spam in it, which is of course a major drawback of it. It only provides you with black and white listing of e-mail ids, and option for blocking attachments, as defined by admin. It also supports features, such as, ISP failover, load balancing, WAN redundancy and has policy-based management system. The device provides 7,50,000 concurrent connections, maximum of 6000 VPN connections and has deep packet inspection. It can also serve as VoIP proxy, by logging calls, there start time, bandwidth consumed, etc.

Sonicwall PRO 5060
Price: Rs 1,74,550 (3 yrs warranty)
Contact: IBM India, Bangalore
Tel: 1800-4253333
E-mail: rgossain@in.ibm.com
SMS Buy 130831 to 56767

Tests and results
When we tested it for anti-virus, the results we got were similar to the Cyberoam device. Out of 1000 viruses, which were downloaded over HTTP and FTP, only 65 viruses could pass through. For checking the performance of IDP, we ran couple of vulnerability scans. We ran Nessus on default configuration. It showed one warning and a hole, but with a bit of configuration setting helped, as it did in the case of Cyberoam. Then we tried to jam the LAN ports of the appliance. We did it, by flooding private network IPs on the LAN ports, from 5 different clients. Now, the accessibility of the device to public network was jammed. We tested the machine for denial-of-service attack with a spoofed IP. The device was able to detect the attack, but was not able to detect the IP of the machine, from which the attack was done. It showed the spoofed IP as the source, instead of, the actual IP. We also tried ARP spoofing and the IDP of the device was not able to detect the attack.

BOTTOMLINE: Good for large enterprises, where they already have a device or a mechanism to take care of spams.

Page(s)   1  



Untitled 1


Do you know your Linux is SAP ready?

e-Book guide to improve your PPM Process

Remove Uncertainty with SAP
   
 


 
 

Magazine Subscription | RQS | Contact Us | Team PCQuest

 
 
 
 
   

Copyright © CyberMedia. All rights reserved.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.
Usage of this web site is subject to terms and conditions.
Broken links? Problems with site? Send email to webmasterciol@cybermedia.co.in