Slashdot Mirror

← Back to Stories (view on slashdot.org)

Dell Announces Intent To Acquire SonicWALL

Posted by Soulskill on from the dude-you're-gettin-a-sonicwall dept.

New submitter iroc_eater writes with news of an announcement from Dell that it plans to acquire SonicWall, a security services provider. "SonicWall’s technology detects and protects networks from intrusions and malware attacks, and helps protect data. Dell is buying services and software businesses as the PC market faces competition from smartphones and tablets. Last month, the company hired CA Inc. Chief Executive Officer John Swainson to oversee the software push, and today he said security is an important part of that strategy. 'My goal is to make software a meaningful part of Dell’s overall portfolio, so that means that this is not the last thing you’re going to see from us,' Swainson said."

14 of 65 comments (clear)

  1. If you were going to buy a software company....... by Anonymous Coward · · Score: 2, Interesting

    Why wouldn't you buy a good one? The hotel I stay at for business has a sonicwall firewall, and it isn't the greatest. I can see a lot of vulnerabilities in it; I just don't exploit them.

  2. The Only One I've Seen.. by bennett000 · · Score: 3, Informative

    The only SonicWall device I've ever had to work with had a limit of 10 nodes that could "connect to the internet". The limit was really 10 nodes that could NAT to port 80. Every other port was open. I always figured that if sonic wall didn't care about protecting their licenses why would they care about protecting their networks?

    1. Re:The Only One I've Seen.. by ColdWetDog · · Score: 2, Interesting

      We've got SonicWall at work. Mostly to block Facebook. Except if you use HTTPS, it lets it through.

      That took the staff about a week to figure out.

      Dude, you've got a well, you've got a problem.

      --
      Faster! Faster! Faster would be better!
    2. Re:The Only One I've Seen.. by MightyMartian · · Score: 2, Informative

      So far as I could tell from the Sonicwalls I worked with, they were just yet more repackaged Linux-iptables systems with some proprietary glue and some rather expensive subscription services. I've put together just as capable of routers, intrusion detectors and mail proxy servers by just using commonly-available Linux packages. Used to use Slackware as the base, but just use Debian nowadays.

      --
      The world's burning. Moped Jesus spotted on I50. Details at 11.
    3. Re:The Only One I've Seen.. by guruevi · · Score: 2

      Worse than that, when I worked with them about a decade ago, the more esoteric iptables rules had to be manually entered on command line. The only thing proprietary about those boxes was the interface, even the VPN was Poptop. There were actually quite a few companies in the same time period that used the exact same hardware (and you can still buy it today) to run their own firewalls - basically 1U boxes with n-number of ethernet ports.

      --
      Custom electronics and digital signage for your business: www.evcircuits.com
    4. Re:The Only One I've Seen.. by Anonymous Coward · · Score: 2, Informative

      SonicWALL (starting with their newer TZ-100, TZ-200, TZ-210, and higher models) has stopped selling "Node" licenses. They've also stopped using their "Standard" firmware. ALL SonicWALL Security appliances are solid with the Enhanced Firmware and Unlimited Nodes. They've been doing this for about 2 or 3 years now.

      Looks like you need to brush up on your SonicWALL knowledge.

    5. Re:The Only One I've Seen.. by LordLimecat · · Score: 2

      Youre doing it wrong. You can configure the sonicwall to block all 443 stuff, though for it to work "well" you need to install a root certificate on all your machines (so the sonicwall can essentially MITM your SSL connections).

      You do realize that SSL is DESIGNED to be impossible to subvert the way sonicwall wants to without throwing cert warnings, right? Sonicwall cant just change how the system works simply cause theyre a gateway.

    6. Re:The Only One I've Seen.. by sharkman67 · · Score: 2

      I have to agree with you. I rolled my own Linux router solutions for years but made the switch to Sonicwall two years ago. I deploy TZ-180s at all customer locations and set up a VPN tunnel to my NSA-240 where there virtualized server are located. Can this be done with Linux? Sure but buying the parts to build something the size of a TZ series costs nearly what it costs to purchase the TZ-180 (without the extended service agreement). I have enough 180s deployed that I keep a couple in stock as hot spares rather than spending the $ on the service agreements.

      The best part is that clients are able to access their servers from home/on the road/etc with NetExender to a SRA Virtual Appliance. I think this is where Sonicwall really shines. The ability to install the NetExtender from a web portal with a couple of clicks saves me many hours of trying to walk a client through how to configure a vpn connection on their home computer. In addition the SRA supports Windows, OS X, Linux and iOS devices and the clients are all no charge. It's simple to configure a custom portal for each customer including bookmarks to file shares, rdp sessions, etc. And the best part is that the authentication for each portal is easily pointed the the customers DC's, a thing that Has always been a problem for me with Linux routers.

      While I was not a fan of Sonicwall in the past I believe today they really provide a nice range of products at a reasonable price point.

    7. Re:The Only One I've Seen.. by walt-sjc · · Score: 3, Informative

      We are a SonicWall partner - a large portion of our clients use them.

      Sure you can do content filtering, but it's impossible to configure any sort of granularity in the system such as, allow these users to access these sites, those to access those site. I've worked with multiple Sonicwall engineers on this issue. You just can't do it. Period. There is one set of rules that you can either allow or deny. That's it. Similarly, the bandwidth management sucks if you want to do any sort of QoS.

      This all boils down to the UI really. GUI's and firewalls are just a mix that only work for simplistic needs. Once your needs pass a certain threshold, they just get in the way and make it nearly impossible to do the configuration you need. Sonicwall designed their interface for the "part time office manager IT person" and grew from there. And it shows. Cisco frankly is in a similar situation. Use the GUI for simple crap to get you going, the command line when you actually need to do anything complex.

      As another poster mentioned, pretty much all firewalls out there are embedded Linux or BSD, and just slap their GUI on top along with other random services. Some do a pretty good job of exposing the underlying power of the native firewall, others, not so much. Sonicwall's is pretty good for exposing that power but the web GUI gets in the way all too often when you need to do a lot of similar rules or complex rules.

      Finally, another poster recommended using GMS to manage multiple Sonicwalls. This product is insanely priced and only makes sense in a larger organization that would be better served with alternative products (Cisco, etc.) Despite all the high end models they sell, I wouldn't use ANY of them for an organization with high-end needs. Sonicwall's nitch is small business with 50 or fewer users and in my opinion, selling and supporting these things, that's the only market that it's viable to use them in.

  3. Re:If you were going to buy a software company.... by Anonymous Coward · · Score: 3, Informative

    To be fair, half the hotels I've stayed at have had non-working or badly-misconfigured wireless routers. At my last job we had a couple of SonicWALL3060s that worked pretty fucking good, and all of our remote workers had TZ170s, the difference is they were set up by people who knew what the fuck they were doing.

  4. Bad news for HP by lucm · · Score: 2

    Dell is a truly innovative company with a very interesting approach to manufacturing and sales; their efficient inventory management (with stock never older than a week or so) is pretty impressive. And unlike other big vendors they understand the needs of small and medium businesses and they make it very easy to become a customer (easy financing, good online inventory, etc.).

    Their consumer or entry-level products are not as flashy as Apple or as robust as Lenovo but they are very competitive on the price/quality ratio and they came a long way over the last 10 years. For servers nowadays the PowerEdge as pretty much equivalent to the products from other vendors (HP, IBM) but less expensive, and their storage offering is pretty good (Equallogic, Compellent, etc.) with aggressive pricing as well. If I had to build a new data center today they would definitely be in my vendors shortlist.

    I think it's a good thing that they move in the software field even if I am not a big fan of the products they acquired so far. If they follow their usual strategy within a few years they will offer a viable, cost-effective alternative to other big vendors. I guess HP is the one that will get squeezed between the expensive, corporate solutions from IBM and the more affordable Dell products.

    --
    lucm, indeed.
    1. Re:Bad news for HP by PrimalChrome · · Score: 3, Insightful

      Whereas I agree that IBM's server solutions stand a head higher than Dell, I would not dream of saying the same of HP. We are primarily a Dell shop and looked at swapping over to HP after numerous issues with Dell's Partner program. At the end of last year, HP accounted for 5% of our server install base. They accounted for closer to 20% of our server degraded/downtime for clients.

      Horrid product support consisting of smug warranty reps with little product knowledge. Getting parts was even more of a chore. Dell's 4 hour turnaround on parts is generally just that. 4 hours. HP's 4 hour parts warranty was regularly 24 hours, and in one instance, four days. Yes, days. Admittedly the actual failure rate was comparable with Dell (not better), but when you couple it with a disdain for supporting their products....sorry, we're done with HP.

      I also think you're spot on with the take on Equallogic's gear and Sonicwall's future at Dell.

  5. Re:Good company by Anonymous Coward · · Score: 2, Informative

    Disclaimer: I work in the industry. I think of SonicWall as a worthy competitor, which is more than what I can say of many of the players on so called "NGFW" market.

    Many of the comments here seem to miss the point of commercial solutions, entirely. The fact that you can set up a reasonably reliable traditional firewall on Linux is nothing. At least for those customers the vendors in this market are after. By the way, these customers rarely advertise their choices. (I hope they understand the strengths and weaknesses of their picks, though.)

    These are some of the points many customers (which tend to have deep pockets to pay for their solutions) value:
    - Reliable support.
    - Usable and flexible policy and installation management.
    - Useful, informative and manageable logs.
    - Prepackaged rules (especially on deep packet inspection).
    - High availability.
    - High throughput.
    - High coverage (especially inspection again).
    - Certifications demanded in specific applications.
    - Capability to support lots of streams (tens of millions of content-inspected connections and dozens of gigabits per second are not unheard of).
    - Reliable and scalable deep packet inspection / stream inspection.
    - Protocol inspection - potentially with decompression and decryption.
    - Rule correlation associated with actions.
    - Flexible alerts.
    - User authentication.
    - Integration with web site reputation services, spam prevention and such.
    - Centrally managed corporate installations (dozens to tens of thousands of geographically distributed appliances).
    - Prepackaged solutions with SLA: both physical and virtual appliances.

    - ... and so on. Combine just couple of these, and running above-mentioned "Linux firewalls" become non-option...

  6. Re:If you were going to buy a software company.... by mjwx · · Score: 2

    The challenge is cost. What I have always looked for is a "security appliance" capable of least two WAN ports for load balancing and fail over. Dial up fail over that was available on some Netgear models was a freakin joke.

    So Sonicwall, with its drawbacks, comes in at many many times cheaper in price to get the job done then Cisco and Fortinet. Sonicwall starts at around $270 and gives you a *heck* of a lot more than any consumer level router has by far.

    I think Fortinet, at the bottom starts at $1500 the last time I checked?

    Sonicwall is not perfect, but is the beginning of prosumer devices. You get what you pay for. Considering that I don't think Sonicwall is all that bad. They are a ton more stable than any Netgear or Linksys/Cisco piece of shit :)

    You can get a Fortigate 60C for $500. I understand a Cisco Pix 501 is about the same

    A 60C will run a business up to 50 employees easy, I've got clients using a 60C for 80+ staff with no problems. Fortigate support adds more, but Sonicwall do the same thing. Just try getting a Sonicwall support member to even talk to you without a support contract and without that, they are as useful as a Cheap-o Dlink.

    I've had a complete nightmare getting SSL and IPSEC VPN running on Sonicwall, after 4 days of failure and no support from Sonicwall I just installed RRAS on a Windows server. With Fortinet, setting up both SSL and IPSEC is dead easy even without the user guides Fortinet publishes. Realistically, if you require more then an El-cheapo D-link and aren't willing to spend $500 to do it properly you will just end up flushing more then $500 of your time down the drain, especially with Sonicwall.

    --
    Calling someone a "hater" only means you can not rationally rebut their argument.