Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Dell Announces Intent To Acquire SonicWALL

Soulskill posted more than 2 years ago | from the dude-you're-gettin-a-sonicwall dept.

Businesses 65

New submitter iroc_eater writes with news of an announcement from Dell that it plans to acquire SonicWall, a security services provider. "SonicWall’s technology detects and protects networks from intrusions and malware attacks, and helps protect data. Dell is buying services and software businesses as the PC market faces competition from smartphones and tablets. Last month, the company hired CA Inc. Chief Executive Officer John Swainson to oversee the software push, and today he said security is an important part of that strategy. 'My goal is to make software a meaningful part of Dell’s overall portfolio, so that means that this is not the last thing you’re going to see from us,' Swainson said."

cancel ×

65 comments

Sorry! There are no comments related to the filter you selected.

If you were going to buy a software company....... (2, Interesting)

Anonymous Coward | more than 2 years ago | (#39343289)

Why wouldn't you buy a good one? The hotel I stay at for business has a sonicwall firewall, and it isn't the greatest. I can see a lot of vulnerabilities in it; I just don't exploit them.

Re:If you were going to buy a software company.... (0)

Anonymous Coward | more than 2 years ago | (#39343351)

.........I can see a lot of vulnerabilities in it; I just don't exploit them.

Please illuminate us then on these exploitable vulnerabilities.

Re:If you were going to buy a software company.... (3, Informative)

Anonymous Coward | more than 2 years ago | (#39343575)

To be fair, half the hotels I've stayed at have had non-working or badly-misconfigured wireless routers. At my last job we had a couple of SonicWALL3060s that worked pretty fucking good, and all of our remote workers had TZ170s, the difference is they were set up by people who knew what the fuck they were doing.

Re:If you were going to buy a software company.... (0, Interesting)

Anonymous Coward | more than 2 years ago | (#39343951)

To be fair, half the hotels I've stayed at have had non-working or badly-misconfigured wireless routers. At my last job we had a couple of SonicWALL3060s that worked pretty fucking good, and all of our remote workers had TZ170s, the difference is they were set up by people who knew what the fuck they were doing.

What's even better is not using SonicWALL. Instead use a BSD or Linux box that is configured by 'people who knew what the fuck they were doing'. It's must less expensive and doesn't lock you into their shitty firmware.

Have you ever tried to mesh a bunch of SonicWALLs together? (Oops--time to buy more licenses) Have you ever tried to make a change to lots of SonicWALL devices--like update an ACL? (Oops--not easily scriptable) Have you ever tried to install updates to lots of SonicWALL boxes? (Gotta download a blob that's locked against each devices individual key).

SonicWALL is the king of shitty user interfaces, excessively locked-down equipment, expensive 'addons', and hard-to-manage (script) devices.

Do yourself a favor and use *BSD or Linux. If the CLI (and fwbuilder) scares you, use pfSense.

Re:If you were going to buy a software company.... (1)

Anonymous Coward | more than 2 years ago | (#39344203)

Nonsense. To mass manage SonicWALLs effectively, you should use their GMS (Global Management System). This makes all the tasks you mentioned EASY. Don't blame SonicWALL because you're not using the right tools.

Re:If you were going to buy a software company.... (0)

Anonymous Coward | more than 2 years ago | (#39344685)

Nonsense. To mass manage SonicWALLs effectively, you should use their GMS (Global Management System). This makes all the tasks you mentioned EASY. Don't blame SonicWALL because you're not using the right tools.

Yes--at nearly $2,000 for 5 nodes, I think I'll stick with my mass-management system which costs $0/node (cluster ssh, puppet, etc...)

Re:If you were going to buy a software company.... (0)

Anonymous Coward | more than 2 years ago | (#39344729)

To be fair, half the hotels I've stayed at have had non-working or badly-misconfigured wireless routers. At my last job we had a couple of SonicWALL3060s that worked pretty fucking good, and all of our remote workers had TZ170s, the difference is they were set up by people who knew what the fuck they were doing.

What's even better is not using SonicWALL. Instead use a BSD or Linux box that is configured by 'people who knew what the fuck they were doing'. It's must less expensive and doesn't lock you into their shitty firmware.

Have you ever tried to mesh a bunch of SonicWALLs together? (Oops--time to buy more licenses) Have you ever tried to make a change to lots of SonicWALL devices--like update an ACL? (Oops--not easily scriptable) Have you ever tried to install updates to lots of SonicWALL boxes? (Gotta download a blob that's locked against each devices individual key).

SonicWALL is the king of shitty user interfaces, excessively locked-down equipment, expensive 'addons', and hard-to-manage (script) devices.

Do yourself a favor and use *BSD or Linux. If the CLI (and fwbuilder) scares you, use pfSense.

Obviously you have never used fortigate, 3Com or H3C

Re:If you were going to buy a software company.... (1)

LordLimecat (1103839) | more than 2 years ago | (#39345173)

Ive used pfSense, and in a lot of ways I prefer it over sonicwall.

But youre ignorant if you think it is superior in every way. For one, it is a LOT more buggy, especially when it comes to IPsec VPN (a single cisco client attempting to connect will completely lock up the racoon daemon-- thats REAL secure). For another, the IDS, AV, and filtering options in pfSense are, being generous, "ghetto". Snort is broken every other patch (was in utter shambles until recently), clam-av filtering is mediocre, and theres no integration with the big-boy web filters (like websense).

Theres also the fact that, except under rare circumstances, you can be pretty sure an upgrade isnt going to hose your configuration.

Its nice that its free and does ACTUAL stateful filtering (it will block acks that egress out a different interface than the syn came in on), and that its configuration is a gigantic XML file, but there ARE reasons to use Sonicwall.

And a lot of these problems arent problems with pfSense, but with the state of BSD filtering and daemons. Having issues with IPsec connections to your BSD box? Whoops, theres noone to contact for support (tho pfSense itself does have excellent paid support).

Re:If you were going to buy a software company.... (1)

houstonbofh (602064) | more than 2 years ago | (#39345699)

Sounds like a lot of your issues are the plugins on pfSense. So how about the non-plugin version, m0n0wall? Or do you need a kitchen sink with your firewall?

Re:If you were going to buy a software company.... (1)

LordLimecat (1103839) | more than 2 years ago | (#39357539)

Changing from m0n0wall to pfsense and back wont fix the issues with the racoon ipsec daemon.

Re:If you were going to buy a software company.... (1)

0racle (667029) | more than 2 years ago | (#39343583)

Sounds like a match made in heaven then.

Re:If you were going to buy a software company.... (1)

Anonymous Coward | more than 2 years ago | (#39343649)

Now, I won't argue that Sonicwalls are pretty shitty devices, in that they have very limited features and an absolutely abysmal interface. But if you see a Sonicwall that is littered with vulnerabilities, that's a configuration issue, not a fault of the product. I mean, my old company has a Cisco ASA that I could still to this day exploit in 10 different ways to get inside their network, but that certainly doesn't mean that Cisco makes shitty firewalls, it just means that particular firewall is very poorly configured.

Re:If you were going to buy a software company.... (1)

houstonbofh (602064) | more than 2 years ago | (#39345725)

But, if most of the devices you see in the wild are poorly configured, that is a device problem. Mostly a problem with the UI, but the UI is in the device. That is why Cisco dropped the Pix. Nice device, but no one in the target market could actually drive the thing.

Insider info (1)

Anonymous Coward | more than 2 years ago | (#39344571)

Speaking as someone who's written software for SonicWall devices, I have to both agree and disagree. Yes, SonicWall's products are cludged-together junk made almost entirely by outside vendors.

But also no, SonicWall's products are on par with other vendors. Router/security boxes are ALWAYS cludged-together junk made almost entirely by outside vendors.

The whole industry is a joke.

Re:Insider info - not (1)

olden (772043) | more than 2 years ago | (#39350703)

Sure, Mr Troll... Go ahead and perform full UTM (unified threat management) aka reorder and classify, say 500k+ simultaneous connections/flows, and in each, unencode/decompress everything as needed (e.g IMAP->MIME->base64->ZIP->GZIP->EXE) to look for 1M+ virus/malware signatures in every bit of every archive, all at 10 to 40 Gb/s sustained and with couple microseconds latency, with "cludged-together"(sic) off-the-shelf hardware and/or software. Tell me how that works for you.

Dell is blowing over 1B$ (yes, billion$) on that technology. Just sayin'
[captcha: informed]

Re:If you were going to buy a software company.... (1)

LordLimecat (1103839) | more than 2 years ago | (#39345079)

At least according to the national CVE database, they dont seem to be that bad vulnerability wise. As another poster said, show us these vulnerabilities that you "saw" (what are you, neo? You can "see" the vulnerabilities?)

Re:If you were going to buy a software company.... (1)

mjwx (966435) | more than 2 years ago | (#39347017)

Why wouldn't you buy a good one? The hotel I stay at for business has a sonicwall firewall, and it isn't the greatest. I can see a lot of vulnerabilities in it; I just don't exploit them.

Lets look at it this way, Sonicwall is already so bad Dell couldn't screw it up any more.

So glad I dont work on SonicWall's any more, Cisco Pix/ASA and Foritgates are much better to work with.

Re:If you were going to buy a software company.... (1)

EdIII (1114411) | more than 2 years ago | (#39348469)

The challenge is cost. What I have always looked for is a "security appliance" capable of least two WAN ports for load balancing and fail over. Dial up fail over that was available on some Netgear models was a freakin joke.

So Sonicwall, with its drawbacks, comes in at many many times cheaper in price to get the job done then Cisco and Fortinet. Sonicwall starts at around $270 and gives you a *heck* of a lot more than any consumer level router has by far.

I think Fortinet, at the bottom starts at $1500 the last time I checked?

Sonicwall is not perfect, but is the beginning of prosumer devices. You get what you pay for. Considering that I don't think Sonicwall is all that bad. They are a ton more stable than any Netgear or Linksys/Cisco piece of shit :)

Re:If you were going to buy a software company.... (2)

mjwx (966435) | more than 2 years ago | (#39348955)

The challenge is cost. What I have always looked for is a "security appliance" capable of least two WAN ports for load balancing and fail over. Dial up fail over that was available on some Netgear models was a freakin joke.

So Sonicwall, with its drawbacks, comes in at many many times cheaper in price to get the job done then Cisco and Fortinet. Sonicwall starts at around $270 and gives you a *heck* of a lot more than any consumer level router has by far.

I think Fortinet, at the bottom starts at $1500 the last time I checked?

Sonicwall is not perfect, but is the beginning of prosumer devices. You get what you pay for. Considering that I don't think Sonicwall is all that bad. They are a ton more stable than any Netgear or Linksys/Cisco piece of shit :)

You can get a Fortigate 60C for $500. I understand a Cisco Pix 501 is about the same

A 60C will run a business up to 50 employees easy, I've got clients using a 60C for 80+ staff with no problems. Fortigate support adds more, but Sonicwall do the same thing. Just try getting a Sonicwall support member to even talk to you without a support contract and without that, they are as useful as a Cheap-o Dlink.

I've had a complete nightmare getting SSL and IPSEC VPN running on Sonicwall, after 4 days of failure and no support from Sonicwall I just installed RRAS on a Windows server. With Fortinet, setting up both SSL and IPSEC is dead easy even without the user guides Fortinet publishes. Realistically, if you require more then an El-cheapo D-link and aren't willing to spend $500 to do it properly you will just end up flushing more then $500 of your time down the drain, especially with Sonicwall.

Re:If you were going to buy a software company.... (0)

Anonymous Coward | more than 2 years ago | (#39347845)

still a better acquisition for dell than intel's buy of mcafee.

The Only One I've Seen.. (3, Informative)

bennett000 (2028460) | more than 2 years ago | (#39343319)

The only SonicWall device I've ever had to work with had a limit of 10 nodes that could "connect to the internet". The limit was really 10 nodes that could NAT to port 80. Every other port was open. I always figured that if sonic wall didn't care about protecting their licenses why would they care about protecting their networks?

Re:The Only One I've Seen.. (2, Interesting)

ColdWetDog (752185) | more than 2 years ago | (#39343473)

We've got SonicWall at work. Mostly to block Facebook. Except if you use HTTPS, it lets it through.

That took the staff about a week to figure out.

Dude, you've got a well, you've got a problem.

Re:The Only One I've Seen.. (0)

Anonymous Coward | more than 2 years ago | (#39343517)

That has nothing to do with Sonicwall and everything to do with the people who set it up.

Re:The Only One I've Seen.. (0)

Anonymous Coward | more than 2 years ago | (#39343653)

Well, in a way, no. Most firewalls I've worked with have DENY EVERYTHING as first rule. You then start opening up the firewall to only what is necessary.
But, like I wrote, 'in a way.' If whomever set it up opened it up the ports, then yes it's a user issue.

Re:The Only One I've Seen.. (1)

bennett000 (2028460) | more than 2 years ago | (#39343825)

That has nothing to do with Sonicwall and everything to do with the people who set it up.

Actually it has everything to do with SonicWall.

The issue wasn't the device's ability to block ports (inbound, or outbound), but the device's ability to ensure that only the licensed number of nodes were allowed outbound access through the device.

SonicWall makes money selling licenses, SonicWall is the party responsible for ensuring their devices only support the number of clients their licensed for. Their device was following through with this policy, but it was only limiting devices' outbound port 80 connections. There is no user setting to change the license policy, that's SonicWall's business model

Re:The Only One I've Seen.. (2, Informative)

Anonymous Coward | more than 2 years ago | (#39344317)

SonicWALL (starting with their newer TZ-100, TZ-200, TZ-210, and higher models) has stopped selling "Node" licenses. They've also stopped using their "Standard" firmware. ALL SonicWALL Security appliances are solid with the Enhanced Firmware and Unlimited Nodes. They've been doing this for about 2 or 3 years now.

Looks like you need to brush up on your SonicWALL knowledge.

Re:The Only One I've Seen.. (0)

Anonymous Coward | more than 2 years ago | (#39344709)

That has nothing to do with Sonicwall and everything to do with the people who set it up.

Isn't the 'advantage' of a pointy pointy, clicky clicky that you don't have to know anything to set it up?

Re:The Only One I've Seen.. (2, Informative)

MightyMartian (840721) | more than 2 years ago | (#39343553)

So far as I could tell from the Sonicwalls I worked with, they were just yet more repackaged Linux-iptables systems with some proprietary glue and some rather expensive subscription services. I've put together just as capable of routers, intrusion detectors and mail proxy servers by just using commonly-available Linux packages. Used to use Slackware as the base, but just use Debian nowadays.

Re:The Only One I've Seen.. (2)

guruevi (827432) | more than 2 years ago | (#39343885)

Worse than that, when I worked with them about a decade ago, the more esoteric iptables rules had to be manually entered on command line. The only thing proprietary about those boxes was the interface, even the VPN was Poptop. There were actually quite a few companies in the same time period that used the exact same hardware (and you can still buy it today) to run their own firewalls - basically 1U boxes with n-number of ethernet ports.

Re:The Only One I've Seen.. (1)

LDAPMAN (930041) | more than 2 years ago | (#39344669)

There is actually a lot of proprietary stuff in their new SuperMassive next-generation firewalls. They have a number of patents that allow them to scale > 100Gb/s

Re:The Only One I've Seen.. (1)

jd (1658) | more than 2 years ago | (#39343937)

Virtually all of the firewalls and security gateways I've seen (Cisco excepted) have been repackaged Linux or OpenBSD. Many of the intrusion detection systems (NCircle and a few others excepted) were likewise.

From a technical standpoint, a roll-your-own should be the smart move - you can remove facilities you don't need/want, you can tune with patches like Web100, you can incorporate routing protocols other than RIP, the Linux and pf firewall mechanisms are much more powerful than the cheapo junky frontends suggest, AQM and QOS become practical, you can use the Layer-7 routing patch, because responsiveness is vital you can apply any number of real-time patches, and so on.

From a safety standpoint, most admins aren't capable of rolling their own napkin, never mind their own firewall. I simply wouldn't trust that they would understand how to identify what mechanisms they need, how to ensure those mechanisms are present and no other, why you should understand Linux Capabilities, or how to maximize uptime and minimize outage time from crashes.

Re:The Only One I've Seen.. (1)

MightyMartian (840721) | more than 2 years ago | (#39344271)

I agree to a point. Building an iptables firewall isn't exactly rocket science. The reason I've been building my own is because, even with my time, I can usually build a firewall/NAT router/vpn server with equal or better capabilities to any off-the-shelf appliance that would cost me about twice as much. The last router I built cost me about $300 for the parts (a fanless mini-itx with case and SSD drive) and about three hours of my time, and it manages to separate NATed networks as well as the gateway and VPN and web proxy. I use Webmin mainly as a config writer and then just fine-tune that. I'm building two more for remote locations and will probably just clone my current one and change the names and internal subnets, so in reality, the savings become pretty substantial. Plus, being a proper Linux install, when I upgrade to new hardware, I can just throw it on the new equipment, muck about for a few minutes to make sure udev and MAC addresses are all copacetic and have it running.

Re:The Only One I've Seen.. (1)

jd (1658) | more than 2 years ago | (#39344683)

I agree with you that it's not rocket science. I would say, based on what you've described, that you're well above average - that you even know about Webmin puts you well above average. I absolutely agree that the savings become substantial, especially if you get the parts yourself, but I shudder at the thought of some of the admins I've met being asked to build a box.

Re:The Only One I've Seen.. (0)

Anonymous Coward | more than 2 years ago | (#39345345)

You're a goddamn moron. You nothing about Sonicwall at all based on this drivel.

Re:The Only One I've Seen.. (1)

MightyMartian (840721) | more than 2 years ago | (#39345453)

Oh I'm sorry anonymous assfucker, please elaborate... How are these critters not just repackaged Linux machines with proprietary glue over top of open source solutions?

Re:The Only One I've Seen.. (0)

Anonymous Coward | more than 2 years ago | (#39346193)

Oh I'm sorry anonymous assfucker, please elaborate... How are these critters not just repackaged Linux machines with proprietary glue over top of open source solutions?

Each further post by you proves you haven't the slightest fucking clue what you are talking about. I will not waste my time to prove you are wrong. I'll let you continue you believeing you are right so you can prove to the world what a clueless goon you are.

Re:The Only One I've Seen.. (1)

MightyMartian (840721) | more than 2 years ago | (#39353197)

Translation: I can't.

Re:The Only One I've Seen.. (0)

Anonymous Coward | more than 2 years ago | (#39362437)

It's VxWorks, not Linux or BSD. Web interface runs on Tomcat.

Re:The Only One I've Seen.. (2)

LordLimecat (1103839) | more than 2 years ago | (#39345215)

Youre doing it wrong. You can configure the sonicwall to block all 443 stuff, though for it to work "well" you need to install a root certificate on all your machines (so the sonicwall can essentially MITM your SSL connections).

You do realize that SSL is DESIGNED to be impossible to subvert the way sonicwall wants to without throwing cert warnings, right? Sonicwall cant just change how the system works simply cause theyre a gateway.

Re:The Only One I've Seen.. (1)

eapache (1239018) | more than 2 years ago | (#39345651)

Posting to cancel accidental bad mod.

Re:The Only One I've Seen.. (1)

DigiShaman (671371) | more than 2 years ago | (#39349235)

No offense, but you're doing it wrong. We have clients that purchased SonicWALLs as a solution to block websites. Specifically Facebook. The product works. I personally admin them for our clients.

I'm not sure what unit you're using or version of OS, but with SonicOS 5 on a TZ100 or 200 series perform the following...

Log in as admin and go to the following page.

Security Services --> Content Filter --> Content Filter Services --> Configure --> CFS tab --> check off "Enable HTTPS Content Filtering"

For the rest of Slashdot, feel free to check out their GUI simulator at https://tz200.demo.sonicwall.com/main.html [sonicwall.com]

Re:The Only One I've Seen.. (3, Informative)

walt-sjc (145127) | more than 2 years ago | (#39350571)

We are a SonicWall partner - a large portion of our clients use them.

Sure you can do content filtering, but it's impossible to configure any sort of granularity in the system such as, allow these users to access these sites, those to access those site. I've worked with multiple Sonicwall engineers on this issue. You just can't do it. Period. There is one set of rules that you can either allow or deny. That's it. Similarly, the bandwidth management sucks if you want to do any sort of QoS.

This all boils down to the UI really. GUI's and firewalls are just a mix that only work for simplistic needs. Once your needs pass a certain threshold, they just get in the way and make it nearly impossible to do the configuration you need. Sonicwall designed their interface for the "part time office manager IT person" and grew from there. And it shows. Cisco frankly is in a similar situation. Use the GUI for simple crap to get you going, the command line when you actually need to do anything complex.

As another poster mentioned, pretty much all firewalls out there are embedded Linux or BSD, and just slap their GUI on top along with other random services. Some do a pretty good job of exposing the underlying power of the native firewall, others, not so much. Sonicwall's is pretty good for exposing that power but the web GUI gets in the way all too often when you need to do a lot of similar rules or complex rules.

Finally, another poster recommended using GMS to manage multiple Sonicwalls. This product is insanely priced and only makes sense in a larger organization that would be better served with alternative products (Cisco, etc.) Despite all the high end models they sell, I wouldn't use ANY of them for an organization with high-end needs. Sonicwall's nitch is small business with 50 or fewer users and in my opinion, selling and supporting these things, that's the only market that it's viable to use them in.

Re:The Only One I've Seen.. (1)

DigiShaman (671371) | more than 2 years ago | (#39351445)

I also work for an MSP that's a SonicWALL reseller. While I personally don't have my CSSA (sponsorship and training is expensive I hear), I have a few co-workers who were able to take the training and obtain the cert. But, my skill level is about on par with those guys. At least when it comes to understanding the functionality SonicWALL's provide.

Sure you can do content filtering, but it's impossible to configure any sort of granularity in the system such as, allow these users to access these sites, those to access those site.

Not true. It can be done using Single Sign-On (SSO) [fuzeqna.com] . We had to do this for a few schools actually. In both instances, they were using AD. It takes a bit of work to setup, but basically we can restrict website access based on the AD user logged into the PC making a client access request. If the SonicWALL is unable to verify client access, it rolls them over to a default content filter group with limited access.

Re:The Only One I've Seen.. (0)

Anonymous Coward | more than 2 years ago | (#39344115)

Well, there's always pfSense, an open source firewall with most of, if not all or more, features of Sonicwall or any other proprietary firewall offering. Just donate some money to the devs or sponsor their hackathons.

Re:The Only One I've Seen.. (1)

tlhIngan (30335) | more than 2 years ago | (#39344259)

I do like their VPN solutions.

They have "clientless" VPN solutions (you connect via https to the VPN server and access everything through that - you can RDP, SSH (I think) and access fileshares from your web browser. This gets extended with NetExtender that takes that HTTPS connection and turns it into a full blown VPN (ssl-vpn).

It's really useful at places where the only ports you can send traffic through are 80 and 443. Heck, one place actively denies all other ports - you get connection resets over just timeouts.

Re:The Only One I've Seen.. (2)

sharkman67 (548107) | more than 2 years ago | (#39347849)

I have to agree with you. I rolled my own Linux router solutions for years but made the switch to Sonicwall two years ago. I deploy TZ-180s at all customer locations and set up a VPN tunnel to my NSA-240 where there virtualized server are located. Can this be done with Linux? Sure but buying the parts to build something the size of a TZ series costs nearly what it costs to purchase the TZ-180 (without the extended service agreement). I have enough 180s deployed that I keep a couple in stock as hot spares rather than spending the $ on the service agreements.

The best part is that clients are able to access their servers from home/on the road/etc with NetExender to a SRA Virtual Appliance. I think this is where Sonicwall really shines. The ability to install the NetExtender from a web portal with a couple of clicks saves me many hours of trying to walk a client through how to configure a vpn connection on their home computer. In addition the SRA supports Windows, OS X, Linux and iOS devices and the clients are all no charge. It's simple to configure a custom portal for each customer including bookmarks to file shares, rdp sessions, etc. And the best part is that the authentication for each portal is easily pointed the the customers DC's, a thing that Has always been a problem for me with Linux routers.

While I was not a fan of Sonicwall in the past I believe today they really provide a nice range of products at a reasonable price point.

Good company (0)

Anonymous Coward | more than 2 years ago | (#39343333)

We use a SonicWall appliance at our workplace. Works great. Price is pretty good too. We chose it for its content filtering ability which is pretty stellar compared to other things we saw on the market.

Re:Good company (2, Informative)

Anonymous Coward | more than 2 years ago | (#39344717)

Disclaimer: I work in the industry. I think of SonicWall as a worthy competitor, which is more than what I can say of many of the players on so called "NGFW" market.

Many of the comments here seem to miss the point of commercial solutions, entirely. The fact that you can set up a reasonably reliable traditional firewall on Linux is nothing. At least for those customers the vendors in this market are after. By the way, these customers rarely advertise their choices. (I hope they understand the strengths and weaknesses of their picks, though.)

These are some of the points many customers (which tend to have deep pockets to pay for their solutions) value:
- Reliable support.
- Usable and flexible policy and installation management.
- Useful, informative and manageable logs.
- Prepackaged rules (especially on deep packet inspection).
- High availability.
- High throughput.
- High coverage (especially inspection again).
- Certifications demanded in specific applications.
- Capability to support lots of streams (tens of millions of content-inspected connections and dozens of gigabits per second are not unheard of).
- Reliable and scalable deep packet inspection / stream inspection.
- Protocol inspection - potentially with decompression and decryption.
- Rule correlation associated with actions.
- Flexible alerts.
- User authentication.
- Integration with web site reputation services, spam prevention and such.
- Centrally managed corporate installations (dozens to tens of thousands of geographically distributed appliances).
- Prepackaged solutions with SLA: both physical and virtual appliances.

- ... and so on. Combine just couple of these, and running above-mentioned "Linux firewalls" become non-option...

Re:Good company (1)

Necroman (61604) | more than 2 years ago | (#39348647)

I with I had mod points for you Mr. AC.

Where technology goes to die (0)

Anonymous Coward | more than 2 years ago | (#39343387)

Last month, the company hired CA Inc. Chief Executive Officer John Swainson

Says everything you need to know right there.

Like CA, Dell is turning into a place where technology goes to die.

Re:Where technology goes to die (0)

Anonymous Coward | more than 2 years ago | (#39343435)

No, anything Dell purchases ends up dying.. Not Sonicwall's fault..

As for Sonicwall firewalls, been using them for years with little to no problems.

They're kinda spammy. (1)

Anonymous Coward | more than 2 years ago | (#39343549)

In a previous job, I somehow got onto their sales mailing list while we were demoing their product. Let me tell you, they never give up, and won't take you off the list no matter WHO you talk to! Plus, their product was, well... bad. There's no other way of putting it.

Bad news for HP (2)

lucm (889690) | more than 2 years ago | (#39343605)

Dell is a truly innovative company with a very interesting approach to manufacturing and sales; their efficient inventory management (with stock never older than a week or so) is pretty impressive. And unlike other big vendors they understand the needs of small and medium businesses and they make it very easy to become a customer (easy financing, good online inventory, etc.).

Their consumer or entry-level products are not as flashy as Apple or as robust as Lenovo but they are very competitive on the price/quality ratio and they came a long way over the last 10 years. For servers nowadays the PowerEdge as pretty much equivalent to the products from other vendors (HP, IBM) but less expensive, and their storage offering is pretty good (Equallogic, Compellent, etc.) with aggressive pricing as well. If I had to build a new data center today they would definitely be in my vendors shortlist.

I think it's a good thing that they move in the software field even if I am not a big fan of the products they acquired so far. If they follow their usual strategy within a few years they will offer a viable, cost-effective alternative to other big vendors. I guess HP is the one that will get squeezed between the expensive, corporate solutions from IBM and the more affordable Dell products.

Re:Bad news for HP (0)

Anonymous Coward | more than 2 years ago | (#39343949)

Dell is a truly innovative hardware assembly and distribution company. That's about where their innovation ends.

Re:Bad news for HP (0)

Anonymous Coward | more than 2 years ago | (#39344415)

You sound like a Dell rep or employee... Dell taking over a company has rarely been a good thing unless they leave them alone (i.e. Equallogic). But the companies with potential that they have absorbed and destroyed are a bit longer (Silverback, Exanet, Scalent, Ocarina, and possibly KACE and Force 10 Networks in the near future). At least they haven't acquired Brocade yet.

Sorry but their server quality is as far down the list as you can get from the major vendors. HP, IBM, and now Cisco have superior quality server products. When we had Dell Servers and a couple of their M1000 Blade Chassis I have never replaced so many motherboards and Blade backplanes... Their switch products are the same, crap from the start and not looking to get any better. Printers (rebadged Lexmark garbage... We have had problems with HP and Cisco's as well, just not the level of Dell.

Equallogic and Compellent are fine products but they were great products before Dell bought them. Luckily Dell has left both of them alone pretty much only changing logos... Phone and Onsite Support are generally the same people as before Dell. But in terms of Storage HP has them beat and they continue to grow while Dell has sat flat with two companies that were growing fast.

FYI SonicWall is primarily a hardware appliance vendor, not a software vendor. Sonicwall has a decent product, as long as you knew how to configure it, as long as Dell leaves them alone they will remain a decent company.

Re:Bad news for HP (3, Insightful)

PrimalChrome (186162) | more than 2 years ago | (#39345027)

Whereas I agree that IBM's server solutions stand a head higher than Dell, I would not dream of saying the same of HP. We are primarily a Dell shop and looked at swapping over to HP after numerous issues with Dell's Partner program. At the end of last year, HP accounted for 5% of our server install base. They accounted for closer to 20% of our server degraded/downtime for clients.

Horrid product support consisting of smug warranty reps with little product knowledge. Getting parts was even more of a chore. Dell's 4 hour turnaround on parts is generally just that. 4 hours. HP's 4 hour parts warranty was regularly 24 hours, and in one instance, four days. Yes, days. Admittedly the actual failure rate was comparable with Dell (not better), but when you couple it with a disdain for supporting their products....sorry, we're done with HP.

I also think you're spot on with the take on Equallogic's gear and Sonicwall's future at Dell.

Re:Bad news for HP (0, Informative)

Anonymous Coward | more than 2 years ago | (#39344473)

they understand the needs of small and medium businesses

You are mistaking 'knows how market to' with 'understands the needs'.

Sorta like the quote people mis-attribute to Henry Ford: "If I had asked people what they wanted, they would have said faster horses".

Some people are convinced they need a SonicWALL and therefore must pay the extortionate prices that go along with that. What they really need is a cheap piece of hardware that runs pfSense.

Their consumer or entry-level products are not as flashy as Apple or as robust as Lenovo but they are very competitive on the price/quality ratio and they came a long way over the last 10 years.

...right up until your kid snaps the power connector off the dock for your Dell Streak 7 and you find out the doc power connector now costs more than the dock did when you bought it 6 months ago...

When buying Dell crap, it's better to remember this: Whenever their sales tards call up to sell you an upgrade, immediately open your wallet and do it--otherwise your 6-month-old 'obsolete' hardware will become *very* expensive to maintain. That server you bought a year ago that let you add an additional power supply for $25 will now cost you $150 to replace...

Re:Bad news for HP (0)

Anonymous Coward | more than 2 years ago | (#39344715)

You're catching a lot of flak for this, but Dell does understand the small business segment pretty well. Their prices are perfectly reasonable, they provide decent hardware, and they maintain very good support compared to their competition.

Their servers are guaranteed to have parts available for replacement for as long as they'll provide a warranty for it. I can pick up the phone and actually get someone who knows something, unlike my multiple experiences with HP.

Sonicwall is a big player in the small business world and their firewalls have come a long ways in the past 2-3 years. Dell is smart for picking them up; it gives them a more comprehensive package to offer SMBs.

Seems like a good move to me.

A good pairing (1)

Hydrian (183536) | more than 2 years ago | (#39344109)

I have dealt with SonicWall Aventail E-series quite a bit. I am very familiar with their system because my companies security products integrate with them(along with Cisco, Juniper, Fortigat, NetScaler,etc..) They are nice robust systems. Their VM version of their product even runs a modified version on Debian. I have heard that the old SonicWall hardware was more orientated to SMB and was not as flexible or feature rich.

I think Dell is smart to acquire SonicWall. It is a good rounding out Dell's networking product portfolio. This give them a good content filtering system and a SSL VPN product.

Ugh sonicwall (1)

maas15 (1357089) | more than 2 years ago | (#39344163)

I really hope Dell took a look at a Sonicwall running in production - they're completely undependable! Real fixer-upper of a purchase.

Mixed feelings (0)

Anonymous Coward | more than 2 years ago | (#39344251)

Sonicwall's products are a mixed bag. On one hand you can get some reliable devices that are easy to use, just limited. Reasonably priced too.

On the other their business model is to use their hardware as an anchor to sell you crapware and expensive subscription services.
Their email marketing is garish and relentless. They also deluge you with postal mail that is damn near designed to trick your AP in to thinking their solicitations are bills. Sleazy stuff.

This is geek news? (1)

devleopard (317515) | more than 2 years ago | (#39344509)

I understand this being on Yahoo Finance or the like, but this is just a blurb about a corporate acquisition. Just because they're IT companies just really make it geeky or nerdy.

Slashdot shouldn't get into trying to reporting on mergers and acquisitions, but should stick to what it does best: regurgitating the articles I read yesterday on Hacker News, which were then on Reddit 12 hours ago.

Re:This is geek news? (1)

MrP- (45616) | more than 2 years ago | (#39345007)

I work in IT and manage Dell servers and SonicWall security devices (as well as use SonciWall at home) so I see no problem with this news as it affects me.

That said I read about this first on some Apple news blog site.

We unplugged our SonicWall box a few months ago (1)

PowerBook Pete (791018) | more than 2 years ago | (#39344943)

Now that I'm thinking of it, does anyone have any suggestions for repurposing that box?
Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?