Detection and prevention: 6 intrusion detection systems tested

SonicWALL IPS service for SonicWALL appliances
Along similar lines to the McAfee and Juniper devices is the SonicWALL range of security appliances. For those familiar with SonicWall's family of internet and network security appliances -- or indeed for those who already have SonicWall equipment (running at least SonicOS 2.2) -- deploying the IPS can be as simple as buying the service subscription and following the upgrade manual.

The SonicWALL IPS software will run on a variety of SonicWALL's existing security appliances from the entry-level TZ170 to the PRO5060; there is also support for the PRO2040, PRO3060, and PRO4060 appliances. The SonicWALL appliances are designed to be jacks of all trades and very easy to deploy and maintain. With the right model and subscription keys, users can enable features in the extended SonicOS 2.5 such as firewall, antivirus, content filtering, IPS, and even a multipoint wireless security gateway (when deployed with SonicWall's access points). The main differentiation in the PRO series is the number of available network ports and network throughput performance ranging up to Gigabit over fibre or opper in the 5060. Applying the IPS system will incur approximately a 15 to 20 percent throughput penalty, so if your SonicWALL appliance is already running out of steam, consider upgrading to the next model before deploying the IPS subset. Naturally if you are starting from scratch and will be deploying a new IPS, you can match the correct SonicWALL IPS performance to your environment.

The main management and administration interface is via a Web console that can be enabled (or disabled) on either the LAN or WAN port for local or remote access. The interface uses a simple management style with drop-down menus on the left hand side. These provide access to the enable options on the appliance as well as allowing the operator to access the licencing section to add further licence keys and subscription updates to the system.

IPS logs are stored intenally on generous amounts of flash memory and can easily be scheduled to be sent off the machine. There are quite a lot of included IPS rules and definitions, 1801 in total, however at this stage the users can't create their own.

This is a very neat device and a great concept to provide a scalable security solution in a single box. Unfortunately, we did not get very long to play around with this equipment, however what we saw was quite impressive.

	Detection & prevention   Computer Assosiates   Juniper Networks   McAfee IntruShield   McAfee Entercept   Snort   SonicWALL  Specifications  How we tested  Sample Scenario  Final words  Editor's choice  About RMIT

Product	SonicWALL IPS service for SonicWALL appliances
Price	TZ170 US$595 up to PRO5060 US$14,950
Vendor	ACA Pacific
Phone	03 9674 8188
Web	www.sonicwall.com
Interoperability
Several models available with excellent features.
Futureproofing
Range of models with clear upgrade paths.
ROI
Excellent pricing considering range and features.
Service	½
Warranty and serice renewable annually with service contract.
Rating

• Related stories

• Alerts

Sign up for an e-mail alert

ZDNet Australia Alerts is an e-mail alert service which provides personalised news, features and reviews to readers’ inbox on an hourly, daily and weekly basis.

Alert:

E-mail: *

Frequency: *

Hourly Daily Weekly

Add alert

Be the first to comment on this article!

Add your opinion

All fields are required

Subject:
Comments:
Full name:
E-mail address:

Your e-mail will not be displayed

Posting options:

Display all details Do not display details

Security Code:

You must read and type the 6 chars within 0..9 and A..F

 

Login

E-mail Password (forgot?)

Login Remember

Like 124,000 other people join the community and get the latest news from the IT industry.

Reader Services

Popular Topics

Essentials