Let me try that again... ------ Frankly, no, given your 200Mbps link (that may go up to 500)[1].
See the following for theoretical maximum throughput numbers. http://www.sonicwall.com/us/en/products/NSA_Series.html#tab=compare The 220 maxes out at 115 Mbps when doing anti-malware inspection. Real world experience shows that value to be lower, particularly when combined with other security services such as IPS, etc. Even the 2400 wouldn't keep up with your ISP under ideal circumstances. One last nod to Sonicguard.com, because they've been really helpful and saved me a ton of money in the past. I think it would be worth your time to give them a call. [1] Where do I get one of those!?!? On Wed, Nov 13, 2013 at 2:36 PM, Richard Stovall <[email protected]> wrote: > Frankly, no, given your 200Mbps link (that may go up to 500)[1]. > > See the following for theoretical maximum throughput numbers. > > > > On Wed, Nov 13, 2013 at 2:28 PM, Jesse Rink <[email protected] > > wrote: > >> Thanks for the tips. Right now I am leaning towards a NSA 250M or the >> NSA 2400. >> >> >> >> I checked the current firewall (Microsoft TMG) and it's showing 23,000 >> active connections. There wouldn't be a need for content filtering or >> anti-spam filtering, etc. as other services are used for that. >> >> >> >> Does either of those models sound in the right ballpark based on the >> information I provided earlier? >> >> >> ------------------------------ >> *From:* [email protected] [[email protected]] >> on behalf of Richard Stovall [[email protected]] >> *Sent:* Wednesday, November 13, 2013 1:00 PM >> *To:* [email protected] >> *Subject:* Re: [NTSysADM] Sonic Wall model/sizing >> >> I use them, but my environment is much smaller. We're stuck in the >> NSA 2XX range for cost reasons, but I wish I could jump up a notch or two >> for performance. >> >> I think the key is what features you'll be using and what throughput >> the firewall can manage when using them. IIRC, the big performance killers >> are Intrusion Prevention, Gateway Anti-Virus, Anti-Spyware and DPI-SSL. It >> also helps to have your zones planned out well (and the security services >> applied to each) when sizing because you can inadvertetnly have traffic >> scanned multiple times as it enters and exits various zones. >> >> Also, make sure you have enough physical ports to accommodate the >> number of zones you want. >> >> A fantastic reseller of SonicWall gear is sonicguard.com. They will >> definitely help you size a solution without pushing you to something you >> don't need. Oh, and their prices are great. Ping me offline and I'll send >> you a direct e-mail contact. >> >> >> On Wed, Nov 13, 2013 at 1:43 PM, Jesse Rink < >> [email protected]> wrote: >> >>> Looking for real-world solution sizing for a Sonic Wall firewall. >>> Site has about 1500-2500 devices/nodes and has a 200Mb internet pipe >>> currently (which may increase up to 500Mb in the next 3 years). Rather >>> than speak with Sonic Wall sales who will push me into some high-end >>> device that is way beyond what I need, I'm looking to hear from anyone who >>> uses Sonic Wall firewalls right now and what they might recommend for >>> right-sizing. I don't need HA/failover on the firewall. Average >>> 'active sessions' on our current firewall is about 1800, give or take... >>> current firewall reports on average about 300 new connections/sec. >>> >>> >>> >>> I've worked with NSA 220s but not much else from Dell in my experience. >>> >>> >>> >>> JR >>> >> >> >
