|
Sonicwall�s TZ170 Wireless a Secure Launch Pad for Wireless Computing
By BIJU OOMMEN
Telecommunications & Networking Solutions
SonicWALL’s TZ170 wireless
………………………..
SonicWALL, Inc.
1143 Borregais Avenue
Sunnyvale CA 94089-1306
Phone +1 408.745.9600
Fax +1 408.745.9300
Web site: http:// www.sonicwall.com
…………………………
RATINGS (0–5)
Installation-5 Features-5 Documentation-5 GUI-4 Overall Rating: 4.75
…………………………
Freedom to compute wherever and whenever you want to is exhilarating especially when you can do it minus the associated security risks.For WiFi networks big or small security is an overriding concern. Security is the buzz word and companies like SonicWall have leveraged their expertise in securing wired networks to now facilitate secured wireless network access.
In the SonicWALL TZ 170 family series there is this TZ 170 wireless thoroughbred which comes in various orderable node configurations namely 10 nodes, 25 nodes or unrestricted giving prospective users overall flexibility in terms of the number of supported users and its VPN capability. SonicWall has merged a deep packet inspection firewall, VPN and a wireless 802.11b/g access point in the TZ 170 wireless unit. The incorporated deep packet inspection firewall promises speeds of 90 Mbps and 6000 concurrent firewall connections. The crypto on board allows 3DES or AES encryption selection and flaunts 30+ Mbps throughput.
If you want to deploy rock solid impenetrable wired and wireless security against various blended threats then help is at hand with the TZ 170 wireless. You can enforce a host of advanced state of the art security features like VPN encryption, create multiple zones of access, and use optional but supported subscription based security services like intrusion prevention (provides protection from worms, application exploits and access control for instant messenger (IM) and peer-to-peer (P2P) applications based on deep packet inspection architecture and routinely updated signature database). The other equally useful security services are content filter (for internet content filtering and to monitor usage and control access to offensive Web content based on established acceptable Use Policies), network anti-virus (distributed gateway-enforced solution that ensures always-on, always-updated anti-virus software for the network clients) or gateway anti-virus (for continuous protection a real-time virus scanning engine and dynamically updated signature database at the gateway) and the e-mail filter (provides custom rule configuration for filtering harmful e-mail attachments). Yet again in the wireless domain you get advance security features like wireless intrusion detection services (WIDS), wireless firewalling, secure wireless roaming and wireless guest services (WGS).WIDS on the TZ 170 aids in detecting and preventing rogue access points, disassociation attacks and association flood attacks. The WGS is a secure wireless access function that allows guest users wireless connections to the internet while keeping them away from company’s internal corporate network. Thus the TZ 170 wireless strives to be a secure launch pad for secure wireless connectivity. The embodied product philosophy is to put multiple security functionality into your hand and into one wireless communications platform for you to rake in associated cost savings and reduced complexity.
For interfaces the TZ 170 wireless gives you one RJ 45 serial console port for command line interface and seven auto-MDIX 10/100 Base-T Ethernet ports for multiple secure connections to the network. Out of the seven one of them is for the internet WAN link connectivity and another one is called the optional port. The optional port provides a lot of flexibility as it can become a LAN, WAN, or DMZ port. To power the unit you can choose either the accompanying regular power brick or use an 802.3af Power over Ethernet (PoE) power injector on the designated LAN 1 port as it supports PoE facility. Also accompanying the unit are a pair of external 5 dBi diversity antennas.
Operational Testing
My test machine was a 25 node capable TZ 170 running SonicOS Standard and it shipped with default IP address of 192.168.168.168. I used this to initially access the TZ 170 management interface and was presented with the status screen which provided a lot of useful system information, latest alerts, network information etc. I then launched the SonicWALL configuration wizard where I could run a setup wizard or wireless wizard or network access rules wizard or even a VPN wizard. The setup wizard allowed me to setup the TZ 170 in various wireless deployment scenarios by selecting the office gateway mode (secure access for wired and wireless users), secure access point (add secure wireless to an existing wired network) and guest internet gateway (provide guest controlled access to internet only). At this stage I should say that the TZ 170 won my admiration for the well laid out screens and for a setup that was simple and straightforward which meant that I just needed to follow the onscreen intuitive instructions. All complex features and functions supported on the TZ170 are neatly tucked away behind the web based management interface and I found that a simple deployment is just a few mouse clicks away. I could configure and modify all of TZ 170’s features using the web-based SonicWALL management interface giving complete control over all its features. I liked it for each feature is distinctly identified via a hierarchy of menu buttons on the left side of the browser window. It includes system, network, wirelesss, WGS, firewall, VPN, users, security services, log, wizards, help and logout all containing detailed information and options in the relevant area. The browser interface gave me access to the TZ 170 unit’s administration, monitoring, reporting and alerting functions. TZ 170’s support for widely prevalent internet VoIP protocols such as H.323 & SIP is noteworthy for it allows VoIP to be deployed behind the firewall. The TZ 170 logs could be sent at predetermined times by email or to a syslog server. Why the alerts can even be sent to a specified email address. The front panel LED’s convey at a glance the status of various ports.
The basic and advance security features supported on this box are exceptional. The CD with the unit includes all the comprehensive administration documentation and you can get going armed with just the browser on your management PC.
Suggestions
I would like Sonicwall to pre-package as a standard the Power over Ethernet (PoE) injector along with the TZ170 wireless unit.
Conclusion
Sonicwall’s TZ170 wireless can usher in a lower total cost of ownership to enterprises due to its one-seat provisioning of point and click secured wireless access. That is also why I called the TZ170 wireless a secure launch pad for wireless computing
Biju Oommen is a Telecommunications & Networking Solutions Consultant with a special focus on enterprise products and solutions.
[ Back To TMCnet.com's Homepage ]
|
Find Solutions for Enterprises, SMBs & Service Providers at the INTERNET TELEPHONY Conference and EXPO West, September 16-18, 2008. Los Angeles, California.
