We have already published posts about firewalls and also hardware firewalls. In this post, we’ll take a look at sonicwall firewalls to help you understand the different aspects of sonicwall firewalls.

SonicWall next-generation firewalls (NGFW) provide the security, control and visibility you need to maintain an effective cybersecurity posture.

SonicWall NGFWs are designed in four main categories:

  1. SMBs and Branches
  2. Mid-Sized Enterprise
  3. Large-Enterprise
  4. Virtual Firewalls

Source:  sonicwall.com



SMBs and Branches Firewalls 

The SonicWall TZ series of firewalls is designed specifically for the needs of SMBs (small- and medium-sized businesses) and branch locations. The features and facilities of this group of firewalls include the following:

  • SSL/TLS Decryption and Inspection
  • Getting advanced threat protection without compromising on performance
  • Blocking most advanced attacks with Real-Time Deep Memory Inspection (RTDMI) & Capture Advanced Threat Protection (ATP)
  • SonicWall Secure SD-WAN integrates with TZ firewalls without requiring an additional license
  • Leverage shared threat intelligence for continuously-updated security
  • Managing everything from one location with Capture Security Center (‘Single-pane-of-glass’ Management & Reporting)
  • Relying on a wide range of rich features in SonicOS operating system
  • Choosing optional PoE and Wi-Fi options with deep integration of SonicOS
  • Leverage multi-core, parallel-processing hardware architecture
  • Accessing to resources behind the firewall remotely and securely using native SSL VPN
  • Scanning for, and remove, hidden threats over the VPN connection

The most common models of this group of firewalls are the following:


  • Firewall Inspection Throughput: 1.9 Gbps
  • Application Inspection Throughput: 1.8 Gbps
  • IPS Throughput: 1.2 Gbps
  • Threat Prevention Throughput: 800 Mbps
  • VPN Throughput: 1.1 Gbps


TZ500/TZ500 W

  • Firewall Inspection Throughput: 1.4 Gbps
  • Application Inspection Throughput: 1.3 Gbps
  • IPS Throughput: 1.0 Gbps
  • Threat Prevention Throughput: 700 Mbps
  • VPN Throughput: 1.0 Gbps


TZ400/TZ400 W

  • Firewall Inspection Throughput: 1.3 Gbps
  • Application Inspection Throughput: 1.2 Gbps
  • IPS Throughput: 900 Mbps
  • Threat Prevention Throughput: 600 Mbps
  • VPN Throughput: 900 Mbps



  • Firewall Inspection Throughput: 600 Mbps
  • Application Inspection Throughput: 275 Mbps
  • IPS Throughput: 250 Mbps
  • Threat Prevention Throughput: 200 Mbps
  • VPN Throughput: 200 Mbps

Source:  sonicwall.com



Mid-Sized Enterprise 

The SonicWall Network Security appliance (NSa) Mid-Range Firewall is next-generation security designed specifically for businesses of 250 users and up. The features and facilities of this group of firewalls include the following:

  • RTDMI proactively detects and blocks unknown malware via deep memory inspection in real time.
  • Secure SD-WAN technology is built in to NSa firewalls.
  • SonicWall NetExtender provides an intuitive SSL-VPN connection client.
  • NSa series firewalls and SonicWave access points both feature 2.5 GbE ports that enable multi-gigabit wireless throughput offered in Wave 2 wireless technology.
  • Reducing costs through zero-touch deployment to enabling SD-WAN and delivering NetSecOPEN-verified threat block rates on par.
  • Cloud-based & On-Premises Centralized Management.

The most common models of this group of firewalls are the following:

NSa 2650

  • Firewall Inspection Throughput: 3.0 Gbps
  • Application Inspection Throughput: 1.4 Gbps
  • IPS Throughput: 1.4 Gbps
  • Threat Prevention Throughput: 1.25 Gbps
  • VPN Throughput: 1.3 Gbps


NSa 4650

  • Firewall Inspection Throughput: 6.0 Gbps
  • Application Inspection Throughput: 3.0 Gbps
  • IPS Throughput: 2.3 Gbps
  • Threat Prevention Throughput: 2.5 Gbps
  • VPN Throughput: 3.0 Gbps


NSa 6650

  • Firewall Inspection Throughput: 12.0 Gbps
  • Application Inspection Throughput: 6.0 Gbps
  • IPS Throughput: 6.0 Gbps
  • Threat Prevention Throughput: 5.5 Gbps
  • VPN Throughput: 6.0 Gbps


NSa 9650

  • Firewall Inspection Throughput: 17.1 Gbps
  • Application Inspection Throughput: 11.5 Gbps
  • IPS Throughput: 10.3 Gbps
  • Threat Prevention Throughput: 9.4 Gbps
  • VPN Throughput: 10.0 Gbps

Source:   sonicwall.com



Large Enterprise 

The SonicWall Network Security services platform (NSsp) High-End Firewall series delivers the advanced threat protection, fast speeds and budget friendly price that large enterprises, data centers, and service providers demand. It’s security without compromise. The features and facilities of this group of firewalls include the following:

  • Stopping Zero-Day and unknown malware in its tracks with RTDMI and Reassembly-Free Deep Packet Inspection (RFDPI)
  • Scalability and Availability
  • Low Total Cost of Ownership
  • Design and support by team of cyber security professionals, advanced machine learning algorithms, and more than one million security sensors

The most common models of this group of firewalls are the following:

NSsp 12400

  • Firewall Inspection Throughput: 58.4 Gbps
  • Application Inspection Throughput: 45.5 Gbps
  • IPS Throughput: 1.4 Gbps
  • Threat Prevention Throughput: 1.25 Gbps
  • VPN Throughput: 1.3 Gbps


NSsp 12800

  • Firewall Inspection Throughput: 120.3 Gbps
  • Application Inspection Throughput: 91.0 Gbps
  • IPS Throughput: 73.0 Gbps
  • Threat Prevention Throughput: 67.5 Gbps
  • VPN Throughput: 47.0 Gbps

Source:  sonicwall.com



Virtual Firewalls 

SonicWall Network Security virtual (NS) series brings SonicWall’s industry leading Next-Generation Firewall (NGFW) capabilities to protect your workloads in the cloud from threats, with automated, real-time breach detection and protection. The features and facilities of this group of firewalls include the following:

  • Leveraging RTDMITM & RFDPI
  • Stopping zero-day threats with Capture ATP multi-engine sandboxing
  • Blocking all types of malware, intrusions, encrypted threats, malicious websites
  • Gaining VPN and network segmentation capability
  • Attaining platform support across hybrid and multi-cloud environments
  • Providing secure connectivity and preventing lateral movement of malware
  • Promoting agility and scalability without reducing performance
  • Attaining cost benefit and efficiency by shifting from CAPEX to OPEX model
  • Delivering safe application enablement rules by application, user and device, regardless of VM location
  • Helping adhere to compliance standards and policies
  • Enhance system scalability, operational agility, provisioning speed, management simplicity and cost reduction
  • Securing workloads on VMware ESXi, Microsoft Hyper-V and KVM
  • Managing security governance, compliance and risk from a single pane of glass
  • Implementing proper security zoning and isolations
  • Preventing unauthorized takeover of virtual systems
  • Securing workloads on Amazon Web Services (AWS) and Microsoft Azure
  • Grouping similar interfaces, and applying the same policies across them
  • Gaining complete visibility and control of traffic across multiple regions and availability zones
  • Deploying over a wide variety of virtualized and cloud platforms for various private and public cloud security use cases
  • Preventing threats with complete visibility into intra-host communication between virtual machines
  • Blocking malicious and intrusive actions
  • Ensuring appropriate application of security policies
  • Ensuring system resiliency, service reliability and regulatory conformance
  • Stopping unauthorized access to protected data assets
  • Preventing service disruption of any part or of the entire virtual ecosystem

Source:   sonicwall.com



Our posts about hardware firewalls:

pfSense Firewall
Cisco ASA Firewall
Watchguard Firewall