While evaluating the features on the Beta TZ 190, the device hung several times, becoming non-responsive and requiring a power cycle to get to a “Safe Mode,” which requires setting your NIC to a static IP to access the SonicWALL's menu and force a reboot to the OS. I discussed this with SonicWALL's product manager, who was good enough to send me a newer TZ 190W.
The newer TZ 190W was more stable, yet dropped to “Safe Mode” twice during my testing. “Safe Mode” only occurred in the midst of making changes, not during normal operation. It is important to note that testing involves continuously changing configurations and saving them, putting a heavy load on the CPU and OS.
Figure 10: Safe mode
Unified Threat Management = Anti-Virus + Anti-Spyware + Intrusion
The SonicWALL TZ 190 is more than a Gateway Router with Firewall capabilities. The TZ 190 provides Unified Threat Management (UTM), a combination of Anti-Virus, Anti-Spyware, and Intrusion Prevention Services. The TZ 190 also includes Content Filtering, which enables an administrator to block access to objectionable websites. All of these UTM services are subscription-based services, but SonicWALL gives you a 30-day free trial once you've registered the appliance.
When you first log into the TZ 190, you are presented with a Security Dashboard reflecting SonicWALL's global security performance, showing viruses, intrusions, spyware, and multimedia attacks that have been blocked worldwide by SonicWALL devices over the past 2 weeks (below). SonicWALL states they have over 1,000,000 devices in the field contributing to these numbers. This display can also show the performance of your specific TZ 190, and offers the option of downloading the report in PDF format for further distribution.
Figure 11: Global security report for all SonicWALL devices
The Anti-Virus functionality provides dual levels of protection, running at both the Gateway and the Client. The TZ 190 updates itself hourly from the SonicWALL network, ensuring it has the latest signatures and updates for both Anti-Virus and Anti-Spyware detection. SonicWALL has engineers in the US, Israel, and Russia continuously adding to their security databases to ensure they are as current and up to date as possible.
At the centralized Gateway level, my TZ 190 recognized nearly 3,000 different Anti-Virus Signatures, adding to this list daily. Further, SonicWALL provides options for filtering network email based on attachment types defined by file extensions (such as .exe files), as well as creating and managing your own Black List for defining allowed and disallowed email domains. Users on your network would receive a message stating, “The attachment to your E-mail has been disabled by the SonicWALL Virus Filter. See your network administrator for details” in the event they were sent an email with a prohibited attachment. This message can be customized as necessary.
At the Client level, the TZ 190 can be configured to force all PCs on the LAN to have the SonicWALL Anti-Virus software installed, or they'll be blocked from accessing the Internet and given a link to download the proper AV client; see below screen shot.
Figure 12: Anti-Virus warning message
The SonicWALL AV client is a slimmed down version of McAfee's AV software, providing both Anti-Virus and Anti-Spyware functionality. I had no problems downloading and installing the McAfee software through the provided link. If you choose this option, internal communication will be necessary to ensure your end users delete or deactivate any other AV clients on their desktop, or they may have PC performance problems.
Figure 13: Powered by McAfee
Anti-Spyware and Intrusion Prevention are key centralized elements of SonicWALL's Unified Threat Management functionality. My TZ 190 listed over 464 recognized Anti-Spyware signatures, as well as extensive detection for Intrusion Prevention. For example, the TZ 190 lists over 49 different types of DoS attacks it can detect and block.
With Content Filtering, you can rely on SonicWALL's database of URLs, IP addresses and domains to prevent users from accessing inappropriate or unproductive sites. If you're running a network for an organization such as a school or library, or want to block use of various sites in a public use web zone, this subscription-based feature is a one-click solution. It will present those trying to surf the wrong places with a subtle but effective message indicating, “This site is blocked by the SonicWALL Content Filtering Service.”