Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Dell SonicWall NSA UTM: Product overview

Expert David Strom explains why the feature-rich Dell SonicWall NSA Series of enterprise unified threat management devices may take some getting used to.

Editor's note: This article has been updated for accuracy regarding platform support and pricing.

The Dell SonicWall Network Security Appliance (NSA) Series could be considered one of the creators of the unified threat management (UTM) industry. Even though the market has evolved considerably since those early days, Dell still offers a very robust UTM product set, many of which are appropriate for enterprises.

Product specs

In this security product review, we look at all seven of the Dell SonicWall NSA series models -- NSA 6600, NSA 5600, NSA 4600, NSA 3600, NSA 2600, NSA 250M and NSA 220 -- to fulfill the needs of various-sized businesses. Some models have 10 Gigabit Ethernet connectors, while others just have a single gigabit port. The rated firewall inspection throughput ranges from 600 Mbps to 12 Gbps, which may not be sufficient for larger network configurations.

The range of supported site-to-site VPN tunnels varies from 25 on the smallest unit to 6,000 on the largest box. While some models are relatively new, know that SonicWall has been in the UTM business from the earliest days, practically creating the category before it was acquired by Dell.

Standard features

Each unit features a multi-core architecture that includes a firewall, virtual private network (VPN), intrusion prevention system (IPS), application control, network-based antimalware, gateway anti-spam, secure remote access and wireless, URL filtering and centralized management.

Market position

Dell was a UTM market leader in the early days, when it only sold small and midsize business units. However, as it grew to offer larger and more capable boxes, Dell has had a harder time adjusting its features and functions to the enterprise market. For example, it offers a confusing series of menu choices on enterprise-class devices that will take some work to sort out. There are also separate menus for protecting against SYN floods and distributed denial-of-service attacks that require adjusting a series of timeout and threshold parameters.

Special features

One nice feature of the Dell SonicWall NSA series is there is no maximum file attachment size for the antimalware scanner since it looks at the entire packet as it streams by the box. Some of its competitors place email file attachments in memory before they are scanned.

The Dell SonicWall NSA products come with each port set up independently, but enterprises can add what are called "PortShield groups" to turn a box into a single network switch. Organizations can also set up the box to automatically forward NetBIOS protocols across subnets (to make it easier to build a flat network to handle Windows file and printer sharing, for example).

A screenshot of Dell SonicWall's port communication interface. SonicWall's interfaces display shows you at a glance which ports are communicating, making it easier to debug infrastructure issues.

Another great feature Dell offers is online demos of all of its products, so you can experience the product's user interface first-hand without going to the trouble of putting a test box in your environment. Additionally, setting up its high-availability feature is simple, with just a few checkboxes to select. Finally, SonicWall supports deep packet inspection over SSL connections, something not every UTM offers.

But also note…

The two smallest Dell SonicWall NSA units come with integrated wireless controllers; the larger units do not. Until recently, Dell supported only Windows SSL VPN connections, but has added Mac, IOS and Android clients, making it more in line with what competitors offer. Another potential issue is that unlike several of its competitors, some SonicWall ports are tied to particular network zones and can't be changed via software configurations. This limits the cabling flexibility if you don’t have a switch in front of the UTM box.


The smallest unit, SonicWall NSA 220, is suitable for branch and small offices and starts at $1,095 for the basic software configuration, but can quickly rise beyond $1,700 when you add in the first year's subscriptions. The largest unit, NSA 6600, starts at $19,995, and subscriptions can add another $10,000 to the first year cost.

Dell also offers two categories of support available for an annual subscriptions: The Gold-level support is available on the larger units that provides 24x7 telephone access, and Silver-level support for the smaller units provides only daytime access. Both add about a third of the initial purchase price without any other options.

TTGT Takeaways
Technology Dell SonicWall Network Security Appliance (NSA) Series of unified threat management (UTM) appliances
Tactics A full suite of security functions wrapped up into one single product, preventing the need to purchase or integrate separate devices.
Good features Combined network switch integration; robust antimalware scanning; deep-packet inspection over SSL; helpful online demos.
Troublesome features Integrated wireless controllers not included in all models; port configuration limitations.

Author's note: The contributor does not have a paid relationship with any of the vendors mentioned in this article.

This was first published in June 2014

Next Steps

Part one of this Buying Decisions series examines the basics of unified threat management

Part two of this series looks at the enterprise benefits of UTM products

Part three of this series outlines the purchasing criteria for UTM products

Part four of this series compares the best UTM products on the market

This was last published in January 2016

Dig Deeper on Network device security: Appliances, firewalls and switches