UTM firewall review: SonicWall smashes speed records

Last month, SonicWall rolled out its next-generation unified threat management firewall appliance geared for the enterprise. In our exclusive test of the Network Security Appliance E7500, results show that SonicWall has, indeed, crashed through the speed barrier.

This box offers 1.3Gbps of UTM performance, which is nearly triple the speed of the fastest product in our comparative UTM test last November (See comparative UTM test).

While SonicWall has not changed much on the surface of its firewall, there are dramatic differences in the internal architecture that yield performance gains that leapfrog the throughput numbers of the SonicWall Pro product line. This makes UTM features including intrusion-prevention system (IPS), antivirus, antispyware, and content filtering cost-effective because they can run at gigabit speeds. (Compare UTM products in UTM Buyer’s Guide.)

Fifth generation multicore performance

SonicWall's NSA firewall line, based on a family of multi-core security processors from Cavium, is called the company's "generation 5 product." The new hardware (six models have been announced already) is slated to entirely replace the company's old Pro series.

SonicWall NSA E7500 Version 5.0 SonicWall

4.01

Price: $25,000 Pros: Very high-performance UTM features; small size; low power consumption; high interface density; redundant power supplies and fans; SonicPoint wireless LAN management system and wireless IDS Cons: Manageability of UTM features limited, especially in IPS; Web-based management system had difficulty handling complex policies in firewall or NAT; firewall configuration flexibility held back by built-in configuration limits Scorecard Performance 25% 4.75 Scoring Key: 5: Exceptional 4: Very good 3: Average 2: Below average 1: Subpar or not available Intrusion prevention 15% 2.50 Antivirus 15% 4.50 VPN 15% 4.00 Management 15% 3.50 Hardware architecture 10% 4.50 Power5% 4.00 TOTAL SCORE 4.01

Click to see: SonicWall net results

The high-end E7500 that we tested has a 16-core Cavium CPU, with each core operating at 600MHz. One core is dedicated to system management, while the other 15 are used for security processing, including firewall, VPN and other UTM features such as antivirus, IPS and content filtering. Also built into the CPU is hardware acceleration for cryptography (useful in VPNs), compression, and regular expressions, which compare a pattern against a string, and are heavily used in most IPS rule sets. SonicWall claims it took 18 months to port its existing operating system to effectively make use of the multicore capabilities of the new hardware.

The E7500 is a 1U, short (16-inch) rack-mountable device with eight firewall ports: four are copper gigabit Ethernet, and four are SFP gigabit interfaces. An additional port is marked for high availability connectivity to another firewall. The E7500 also has redundant, hot-swappable fans and power supplies. Drawing 0.9 amps when unloaded (and 1.1 amps when fully loaded), the E7500 is middle-of-the-road in terms of power consumption for an appliance of its size.