PUBLICATION & RESEARCH LIBRARY

Authors: Devon James, Jeff Bowermon and Ty Smith

Publish Date: July 23, 2017

SonicWall has resolved earlier identified issues and participated in an NSS Labs follow-on test. NSS has completed follow-on testing and this report represents the verified results for the SonicWall NSA 6600 SonicOS Enhanced 6.2.5.10-70n. (Dynamic signature database and engine rule definitions: [Gateway Anti-Virus – UTC 05/17/2017 16:31:39.000; Intrusion Prevention – UTC 05/17/2017 19:29:30.000; Anti-Spyware – UTC 05/17/2017 19:28:09.000])

TECHNOLOGY DESCRIPTION:

NSS Labs defines a firewall as a mechanism used to protect a trusted network from an untrusted network while allowing authorized communications to pass from one side to the other. With the emergence of new web applications and security threats, however, firewalls are further evolving. Next generation firewalls (NGFWs) have traditionally been deployed to defend the network perimeter, but enterprise deployment options are expanding to include internal segmentation.

NSS research indicates that NGFW devices are typically deployed to protect users rather than data center assets, and that the majority of enterprises will not separately tune intrusion prevention system (IPS) modules within their NGFWs.

PRODUCT EVALUATED:

NSS Labs performed an independent test of the SonicWall NSA 6600 SonicOS 6.2. The product was subjected to thorough testing at the NSS facility in Austin, Texas, based on the Next Generation Firewall (NGFW) Test Methodology v7.0, which is available at nsslabstage.wpengine.com. This test was conducted free of charge and NSS did not receive any compensation in return for SonicWall’s participation.

PRODUCT TESTED IN THE FOLLOWING AREAS:

  • Security Effectiveness – Ability to provide a trusted internal interface, an untrusted external (Internet) interface, and at least one DMZ interface
  • Performance – Ability to provide effective firewall security policy enforcement with performance metrics such as raw packet processing (UDP), latency, maximum capacity, and HTTP connections with “real-world” traffic mix ?
  • Stability and Reliability – Ability to maintain security and reliability under normal load conditions while enforcing security policies
  • Total Cost of Ownership – Costs associated with purchase, installation, and ongoing management ?

As with all NSS Labs group tests, there was no fee for participation. In addition, the test methodology applied is in the public domain to provide transparency and to help enterprises understand the test results.