Why I like Sonicwall

19 Jan 2009

Customers often ask me why they should spend $1000, $2000 or more for a SonicWALL firewall when they can buy “the same kind of” router from D-Link, Netgear, Linksys and the like at an electronics store for less than $100. The answer is that they are not the same.You can see the difference immediately when you unpack the device. SonicWALL firewalls are much more solidly built; most models come with a steel case, and some are rack-mountable.

This same ruggedness extends to the software and the electronics, as well - they just work. I have had a consumer-grade router simply refuse to work with a particular T-1 connection at a customer - for some inscrutable reason, that router simply refused to work with the T-1 equipment after the customer switched T-1 vendors. I had similar problems several times. It’s just not worth the hassle.

More importantly, though, the SonicWALL really does provide added security in ways consumer devices never can.

Here is an example: I recently upgraded one of my customers from a D-Link router to a SonicWALL firewall. Soon thereafter, it helped me identify a computer infected with a Trojan horse - it had slipped past both Symantec Endpoint Protection Service and the very technically savvy user.

The SonicWALL firewall told me that there had been many connections from one specific computer to the IP address 61.152.90.125. My customer had not purchased the SonicWALL Intrusion Prevention service, otherwise the SonicWALL likely would have identified the problem more clearly. Talking to the user, I found that he had been downloading some large files overnight - apparently legit activity. But the IP address the SonicWALL reported did not correspond to the server!

Whois showed that the IP address belonged to a company in China. This is usually suspicious. Using Google some more, I was able to identify that one particular program, Flashget, was known to connect to this IP address regularly. I asked the user about it - sure enough; he was using Flashget for the download.

Needless to say, he uninstalled it very quickly.