SonicWALL TZ 210 or Cisco ASA 5510?

KapsZ28

2[H]4U
Joined
May 29, 2009
Messages
2,114
Which is a better firewall without looking at all the additional services you can purchase on a Sonicwall.
 
Firewall. Not looking at administration standpoint. Just better overall firewall between the ISP and internal network.
 
Try having a look at the Watchguard 5 series. What kind of throughput and/or amount of connections are you looking at?
 
Small to medium businesses. ISP could be anywhere from 30mbps to 100mbps and from 10-100 PCs.
 
I would suggest you download the latest Gartner report to answer this question. I would post the magic quadrant but that would likely violate terms. Palo Alto has a free copy that you can download here:

http://connect.paloaltonetworks.com/gartner-mq-2013/?ts=MQ_2013_hpfeaturebanner

Based on your inputs I'd say Cisco but then again I wouldn't use Sonicwall as a door stop. I would suggest you read the report as it is only 30 pages and includes pros and cons of other vendors as well as Cisco and Dell.
 
How about using pfsense for a SMB? Is it common for companies to use pfsense?
 
How about using pfsense for a SMB? Is it common for companies to use pfsense?

I have heard of it, but companies typically prefer something with full service support. That way, if something breaks you can get a replacement overnighted to you.
 
Sonicwall TZ210 and a Cisco 5510 are two totally different devices......

I'd sat the Cisco 5510 or consider a
Small Juniper SRX unit instead,
 
Last edited:
Sonicwall TZ210 and a Cisco 5510 are two totally different devices......

I'd sat the Cisco 5510 or consider a
Small Juniper SRX unit instead,

He's right.. tz210 would be more along the lines of a 5505
NSA2400/3500 would be closer to the 5510 than anything

I think you should probably be looking more towards the 55XX-X line anyways
 
Oops. Actually I meant to compare the TZ 210 to the ASA 5505. Didn't realize the typo.
 
tz210 is discontinued. They have the tz215 now. Even the 205 is better then 210. as a UTM they are a great device. They do layer 2 and layer 3 routing as well as give you lots of firewall UTM features. This has saved me a lot of work.

210 had bugs.
 
OK, maybe I asked the question wrong. I am more interested in comparing Sonicwall against Cisco as a firewall for SMB. Doesn't have to be a specific model although I am looking at the Sonicwall TZ and NSA series compared to Cisco ASA series. One article I was looking at on the web, http://www.firewalls.com/sonicwall_vs_cisco seemed to be very biased and almost not believable.

Looking at Gartner, it is not very clear. Sonicwall and Cisco are neither visionaries. Cisco has been around much longer and is considered a challenger, but is not a leader.

I am also curious how pfSense compares, not including support since it is free.

So if you were setting up firewalls at small to medium business and your choices were SonicWALL, Cisco, or pfSense. Which would you go with and why?
 
OK, maybe I asked the question wrong. I am more interested in comparing Sonicwall against Cisco as a firewall for SMB. Doesn't have to be a specific model although I am looking at the Sonicwall TZ and NSA series compared to Cisco ASA series. One article I was looking at on the web, http://www.firewalls.com/sonicwall_vs_cisco seemed to be very biased and almost not believable.

Looking at Gartner, it is not very clear. Sonicwall and Cisco are neither visionaries. Cisco has been around much longer and is considered a challenger, but is not a leader.

I am also curious how pfSense compares, not including support since it is free.

So if you were setting up firewalls at small to medium business and your choices were SonicWALL, Cisco, or pfSense. Which would you go with and why?

Keep in mind you can buy a PFsense support contract and if you are using this for a business and you are not familar and comfortable supporting PFsense you should strongly consider buying a support contract.
 
So if you were setting up firewalls at small to medium business and your choices were SonicWALL, Cisco, or pfSense. Which would you go with and why?

The question you are asking is overly broad and frankly it may very well be you trying to compare apples to oranges. Define your use case if you want a reasonable answer.
 
5510s are going EoL, so you'd want a 5512-X (or 5515-X) if you went with an ASA.

IMO, Sonicwall, Watchguard, etc, are garbage. Look at Palo Alto, Fortinet and Cisco.
 
As Vito says ... The only products that anyone should seriously consider fall into Q1 or Q2 of that Gartner report I linked earlier. Personally I'd laugh anyone who suggested Sonicwall out of my office. Apples and Oranges
 
5510s are going EoL, so you'd want a 5512-X (or 5515-X) if you went with an ASA.

IMO, Sonicwall, Watchguard, etc, are garbage. Look at Palo Alto, Fortinet and Cisco.

Gonna 2nd this statement. If you want reliability, only look at PA, Fortinet and Cisco

I love the PA setups they are pretty nice
 
5510s are going EoL, so you'd want a 5512-X (or 5515-X) if you went with an ASA.

IMO, Sonicwall, Watchguard, etc, are garbage. Look at Palo Alto, Fortinet and Cisco.

Cool. This is basically the answer I was looking for without getting into too much details.

If we were comparing to cars maybe we could say SonicWALL is a Ford, Cisco is a Porsche, and PA is a Ferrari?

What about Check Point? Gartner seems to rate them pretty high.
 
I have heard of it, but companies typically prefer something with full service support. That way, if something breaks you can get a replacement overnighted to you.

I have this. My supermicro servers are overnight 3yr warranties and I stock really common parts on the shelf. I have a support contract with bsdperimeter - which I rarely need, but sometimes (ab)use to save time or verify best practice.
 
What does pfSense offer that the others don't other than it being much less expensive?
 
Cool. This is basically the answer I was looking for without getting into too much details.

If we were comparing to cars maybe we could say SonicWALL is a Ford, Cisco is a Porsche, and PA is a Ferrari?

What about Check Point? Gartner seems to rate them pretty high.

The analogy doesn't work as it implies speed. What you need to concerned with isn't speed so much as it is robustness and reliability. In that regard Sonicwall is a Chrysler and Cisco is a Honda and PA a BMW.

As for CheckPoint. The bulk of my day is spent with CheckPoint and Fortinet. I like them both ALOT much more so than ASA and PA. ATM my preference is Fortinet as they seem to offer more bang for the buck and our account team goes so far out of their way to help us. 3 weeks ago I sent an email to one of our account guys at 9AM on a Saturday morning and by 9:15 I had 4 Fortinet reps on the phone to help. Support like that goes a long way and I can't believe it is it typical for everyone but that is the support we get. Please don't take this to mean our CheckPoint support is bad. We have what CP calls Diamond support and never have I not had a call get to my designated engineer in timely manner and never have emails gone more than a few hours without answer. I could get a faster response if I just dialed the standard number but we prefer to deal our single point contact whenever possible as needs dictate. Again this is not the standard support level but it is what we have.

The only complaint I have CP is their licensing is confusing and PITA to deal with. If your just talking a few standalone boxes then that is no problem. Once you move to Provider-1 keeping licenses straight can be a problem.

The way things stand today I would take CP or Fortinet over just about anything else with a slight preference to Fortinet ... for now though could change soon if there any any new announcements at CPX in April..
 
I for one cannot stand Checkpoint, from their licensing to their GUI to there 15 different applications that you have to install that all do different things, then hunting down problems as to why policies won't install, or the inability to do NAT-T over a Site-to-Site VPN, and on and on. Give me an ASA anyday. I wait with bated breath when we can be rid of the Checkpoints in our office and put in a Cisco.

Note though that I'm much more familiar with Cisco products than any other vendor, so I *am* biased.
 
what are you looking to do with the firewall though? users connecting in through VPN? site to site VPN? content filtering? IPS?

each firewall will have +'s and -'s depending on what you're looking to accomplish.
 
I was under the impression that Sonicwall devices made terrible L3 routers?

Firmware 5.6 and lower yes. 5.8 was completely rewritten.

I am a partner so I get the good tech support as well. Great guys all based in Pheonix.
 
Firmware 5.6 and lower yes. 5.8 was completely rewritten.

I am a partner so I get the good tech support as well. Great guys all based in Pheonix.

That is interesting.

I might take sonicwall off my (do not buy list)
 
what are you looking to do with the firewall though? users connecting in through VPN? site to site VPN? content filtering? IPS?

each firewall will have +'s and -'s depending on what you're looking to accomplish.

Your typical firewall. IPS, DPI, SPI, etc.

VPN and site to site VPN is also important. I do like the SSL VPN on the SonicWALL.
 
Any of the routerboard "cloud core router" series or "RB1100Hx2" would also fit the bill, just an FYI.

RouterOS offers many different VPN options and is a very good routing platform.

Seriously, check it out. Mikrotik also has a live demo on their website so you can get a feel for the interface and the features.
 
Last edited:
If you are opening it up, then make sure you look at Zyxel USG Series as well. I'd guess a USG200/USG300 to match your requested needs.
 
Back
Top