Sonicwall TZ 170

Discussion in 'other firewalls' started by houseisland, Jul 21, 2006.

Thread Status:
Not open for further replies.
  1. houseisland

    houseisland Registered Member

    Joined:
    Jan 12, 2006
    Posts:
    107
    Hi

    I am looking at the Sonicwall TZ 170: http://www.sonicwall.com/products/tz170.html

    I am wondering if anyone has any experience with this product, positive, indifferent, negative.....?

    I am also wondering if the Comprehensive Gateway Security Bundle is worth the initial extra cash layout and the ongoing annual subscription costs?

    Experiences? Thoughts? Opinions?

    Thanks.
     
  2. YeOldeStonecat

    YeOldeStonecat Registered Member

    Joined:
    Apr 25, 2005
    Posts:
    2,345
    Location:
    Along the Shorelines somewhere in New England
    I've used quite a few Sonicwall products for some clients..where I setup wide area networks between several satellite offices and their central office. For router to router VPN tunnels.

    A couple of years ago...in my opinion they stood above the crowd with few other brands for competition in the specific market they were in..along with Ciscos PIX, Watchguard, etc.

    However...I've had difficult times with their support, and their yearly subscriptions have gotten expensive (you need it for continued support and firmware upgrades)

    For business clients with site to site VPN tunnels...I've moved to the RV082/016 line of routers from Linksys/Cisco.

    For unified threat management..I'm thinking of getting onboard with Endian..a linux based device I've been running at home for a while. I'm very pleased with it.

    What specific features are you looking for?
     
  3. houseisland

    houseisland Registered Member

    Joined:
    Jan 12, 2006
    Posts:
    107
    Thanks for the reply.

    I am looking for a replacement for a Linksys RV042, which appears to be crapping out under the current volume of traffic going through it -- periodically won't pick up on legitmate requests.

    The Sonicwall was recommended by the client's ISP -- "few or no problems encountered" -- they diss'd the Linksys as "troublesome."

    I am familiar with the product only by name and by word of mouth reputation.

    The security bundle would be nice, I suppose, but I am not sure about the cost. The client would probably go for it if I were to recommend it, but I am not well informed enough at present to make such a recommendation.
     
  4. YeOldeStonecat

    YeOldeStonecat Registered Member

    Joined:
    Apr 25, 2005
    Posts:
    2,345
    Location:
    Along the Shorelines somewhere in New England
    Hmm...I'm replacing a pair of tz170's with a pair of RV016 units in a few weeks. I know the 042 models have quite a bit less horsepower (233MHz, 16 megs) than the 082 (533MHz with 32 megs) and the 016 models (533MHz with 64 megs)....I've deployed and support about 30 RV082 and 016 units...I love them. I find them very stable and fast. I've stayed away from the 042 model though.

    Sonicwall makes some nice products...once working...they're quite stable and fast. They're just...well...I can'd stand their support..primary thing. I really really dread whenever I have to call them.

    And be prepared for the yearly support expense. You don't get free firmware updates..you need to subscribe (and pay) to get them.

    The antivirus package is just McAfee...so I'd never use that. It basically checks each workstation to make sure the antivirus on the workstation is updated..before allowing it on the internet. If you run a centrally managed business grade antivirus anyways..this isn't really a biggie.

    What I've learned...my advice is..get them through a "Certified Gold Partner"...it seems to be their business model...similar to Esets NOD32..you purchase it through a reseller who specializes in them..and get your support through them.
     
  5. houseisland

    houseisland Registered Member

    Joined:
    Jan 12, 2006
    Posts:
    107
    Hi. Thanks again. Most informative.

    The client's ISP didn't scorn Linksys/Cisco products in general, just the RV042, with which they claim to have had difficulties. A search of Google groups also reveals problems with/complaints about this model.

    What my client really needs is a good basic router/firewall. No need for the VPN component at present. Something with low administrative overhead.

    At present there are two webservers, an exchange mail server, and a terminal server behind the RV042 -- generally all are lightly used. During peak hours of activity (still light use) the RV042 will refuse to accept connections from outside, this happening sometimes two or three times a day, particularly with SMTP traffic on port 25.

    If I notice, I can put the router through a power cycle and it will work again. If I don't notice, it will right itself on its own.

    There are complaints from terminal server users and from recipients of non-delivery messages -- nothing too serious yet. The situation is not urgent, yet.
     
  6. YeOldeStonecat

    YeOldeStonecat Registered Member

    Joined:
    Apr 25, 2005
    Posts:
    2,345
    Location:
    Along the Shorelines somewhere in New England
    Assuming it has the most recent firmware? They released a much improved firmware somewhere in March..give or take a month.

    Also...is the MTU manually set on it? 1500 for Cable or bridged DSL, 1492 for PPPoE DSL. I always manually set MTU on routers, regardless of the brand..because "auto" isn't reliable. Oddly, the RV0 line, on auto, will start at 576...which is a setting for dial up. :blink: Not good.
     
  7. houseisland

    houseisland Registered Member

    Joined:
    Jan 12, 2006
    Posts:
    107
    Hi. Thanks once more.

    The MTU was set at auto. I have changed it to manual at 1500.

    The firmware is the first iteration for the unit, but I am most reluctant to update it without a safety net/plan B immediately at hand. It would be most incovenient if the flash failed. I know that the odds of unrecoverable failure are low, but I have experenced it first hand with another Linksys router.

    There is also a possibility that the unit is damaged -- baked capacitors. The physical setup of the server closet, done before my arrival and done against the recommendations and protests of the person doing the setup, was exceedingly flakey. The router was sitting ontop of a stack of switches which were perched precariously ontop of the terminal server -- all were so hot that I couldn't touch them. I have remedied the situation but there are problems lingering.

    The switches drop ports periodically. Service through the lowermost one, the one that was sandwiched between the terminal server and the stack above it can slow to a crawl. It may, like Yertle the Turtle, just have given up and said "Sod this all!" :^D
     
  8. YeOldeStonecat

    YeOldeStonecat Registered Member

    Joined:
    Apr 25, 2005
    Posts:
    2,345
    Location:
    Along the Shorelines somewhere in New England
    Hmm....any "spare" routers around you could have for a backup? I've done probably over 500-600 Linksys routers..have to say..I think I only had one hose on my during a firmware upgrade..and I believe it was quite hosed by the time I worked on it.

    A good firmware version is key to optimal performance and stability/performance/compatibility from a router. Yes even Sonicwalls have their issues...I've flashed a few of them too.

    The RV0 series was known to have some issues upon initial release..if you're indeed running on early firmware...any issues you're in charge of troubleshooting...I'd look right there.

    Document all settings....give the router a good hardware reset to factory defaults...and flash. If you're worried about them going wonky on your during a flash attempt...for safetys sake..have some old junker el-cheapo backup router with you to act as stand in while you get a replacement.
     
  9. houseisland

    houseisland Registered Member

    Joined:
    Jan 12, 2006
    Posts:
    107
    Thanks again. :) :cool:

    I will probably recommend the RV082 as a replacement and retire the RV042 as an emergency spare. The RV082 and the RV016 are so inexpensive!

    By the way, the Endian product looks very interesting. I downloaded the VMWare file to play with. Now if I can find some time.....
     
  10. YeOldeStonecat

    YeOldeStonecat Registered Member

    Joined:
    Apr 25, 2005
    Posts:
    2,345
    Location:
    Along the Shorelines somewhere in New England
    "Find the time"...heh...I know that feeling.

    Curious is some of your issues will settle down..now that the MTU is set right.

    Interesting avatar and nickname....you on the shoreline somewhere too?
     
  11. houseisland

    houseisland Registered Member

    Joined:
    Jan 12, 2006
    Posts:
    107
    On the Pacific coast of Canada.

    The avatar is a photo of a Norwegian lighthouse. The nickname is an inter-linguistic joke of sorts.
     
Thread Status:
Not open for further replies.