SonicWall NSa: Web Application Firewall Overview and Analysis

Published

eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

See our complete list of Top Web Application Firewall Vendors

Bottom Line

The SonicWall NSa Mid-Range Firewall combines automated threat prevention, next-gen firewall (NGFW), and WAF in one platform. It can scale to meet the performance demands of mid-sized networks, branch offices and distributed enterprises. For current SonicWall customers, as well as those looking for a WAF and NGFW combo, it is a strong candidate.

Product Description

The NSa Mid-Range Firewall series consolidates automated advanced threat prevention technologies in an NGFW platform. It’s built on a multi-core hardware architecture featuring 10-GbE and 2.5-GbE interfaces. The NSa series scales to meet the performance demands of mid-sized networks, branch offices and distributed enterprises. The firewalls feature cloud-based and on-box capabilities such as TLS/SSL decryption and inspection, application intelligence and control, real-time visualization and WLAN management. A number of models are available, from the NSa 2650 to the latest NSsp 12000 series.

SonicWall NSa Features Rated

Security: Very good. NSS Labs test results show that the NSa 2650 was at the top in security effectiveness, with a block rate of 98.8%, including blocking 100% of evasions as well as obfuscation and fragmentation techniques.

Performance: Good. Delivering protection to 300,000+ users, NSa series models offer more than double the number of SPI connections (up to 4 million) and quadruple the number of DPI-SSL connections compared to their predecessors. They can support up to 48,000 SSL transactions per second and throughput of 4 Gbps.

Value: Very good. NSS Labs assessed the TCO at $4 per protected Mbps.

Implementation: Very good. Said one network administrator: “This firewall is very easy to set up. It does lack a lot of features that seem to be in other vendor appliances. It does seem to block exactly what you tell it to though.”

Management: Good. The GUI is web-based. Additional management interfaces include CLI and API.

Support: Good. Customer satisfaction scores are good and customer feedback is mostly positive, but some report issues.

“Support can be an issue if you have more technical issues,” said a manager of IT operations in the manufacturing industry.

Cloud features: Good. Cloud-based versions are available.

SonicWall WAF

Security Qualifications

Common criteria, PCI, FIPS.

Delivery

The NSa series is available as an appliance-based solution that can be delivered both on-premises and as a service through SonicWall Security-as-a-Service. In addition, SonicWall offers an NSa equivalent virtual firewall.

Pricing

Pricing starts at $2,495 for the NSa2650 and rises to $38,475 for the NSa 6650

Drew Robb Avatar

Subscribe to Cybersecurity Insider

Strengthen your organization’s IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices.

This field is required This field is required

Get the free Cybersecurity newsletter

Strengthen your organization’s IT security defenses with the latest news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday

This field is required This field is required