Dell Announces Intent To Acquire SonicWALL 65
New submitter iroc_eater writes with news of an announcement from Dell that it plans to acquire SonicWall, a security services provider.
"SonicWall’s technology detects and protects networks from intrusions and malware attacks, and helps protect data. Dell is buying services and software businesses as the PC market faces competition from smartphones and tablets. Last month, the company hired CA Inc. Chief Executive Officer John Swainson to oversee the software push, and today he said security is an important part of that strategy. 'My goal is to make software a meaningful part of Dell’s overall portfolio, so that means that this is not the last thing you’re going to see from us,' Swainson said."
If you were going to buy a software company....... (Score:2, Interesting)
Why wouldn't you buy a good one? The hotel I stay at for business has a sonicwall firewall, and it isn't the greatest. I can see a lot of vulnerabilities in it; I just don't exploit them.
Re: (Score:3, Informative)
To be fair, half the hotels I've stayed at have had non-working or badly-misconfigured wireless routers. At my last job we had a couple of SonicWALL3060s that worked pretty fucking good, and all of our remote workers had TZ170s, the difference is they were set up by people who knew what the fuck they were doing.
Re: (Score:1)
Nonsense. To mass manage SonicWALLs effectively, you should use their GMS (Global Management System). This makes all the tasks you mentioned EASY. Don't blame SonicWALL because you're not using the right tools.
Re: (Score:2)
Ive used pfSense, and in a lot of ways I prefer it over sonicwall.
But youre ignorant if you think it is superior in every way. For one, it is a LOT more buggy, especially when it comes to IPsec VPN (a single cisco client attempting to connect will completely lock up the racoon daemon-- thats REAL secure). For another, the IDS, AV, and filtering options in pfSense are, being generous, "ghetto". Snort is broken every other patch (was in utter shambles until recently), clam-av filtering is mediocre, and the
Re: (Score:2)
Re: (Score:2)
Changing from m0n0wall to pfsense and back wont fix the issues with the racoon ipsec daemon.
Re: (Score:2)
Re: (Score:1)
Now, I won't argue that Sonicwalls are pretty shitty devices, in that they have very limited features and an absolutely abysmal interface. But if you see a Sonicwall that is littered with vulnerabilities, that's a configuration issue, not a fault of the product. I mean, my old company has a Cisco ASA that I could still to this day exploit in 10 different ways to get inside their network, but that certainly doesn't mean that Cisco makes shitty firewalls, it just means that particular firewall is very poorl
Re: (Score:2)
Insider info (Score:1)
Speaking as someone who's written software for SonicWall devices, I have to both agree and disagree. Yes, SonicWall's products are cludged-together junk made almost entirely by outside vendors.
But also no, SonicWall's products are on par with other vendors. Router/security boxes are ALWAYS cludged-together junk made almost entirely by outside vendors.
The whole industry is a joke.
Re:Insider info - not (Score:2)
Sure, Mr Troll... Go ahead and perform full UTM (unified threat management) aka reorder and classify, say 500k+ simultaneous connections/flows, and in each, unencode/decompress everything as needed (e.g IMAP->MIME->base64->ZIP->GZIP->EXE) to look for 1M+ virus/malware signatures in every bit of every archive, all at 10 to 40 Gb/s sustained and with couple microseconds latency, with "cludged-together"(sic) off-the-shelf hardware and/or software. Tell me how that works for you.
Dell is blowing
Re: (Score:2)
At least according to the national CVE database, they dont seem to be that bad vulnerability wise. As another poster said, show us these vulnerabilities that you "saw" (what are you, neo? You can "see" the vulnerabilities?)
Re: (Score:2)
Why wouldn't you buy a good one? The hotel I stay at for business has a sonicwall firewall, and it isn't the greatest. I can see a lot of vulnerabilities in it; I just don't exploit them.
Lets look at it this way, Sonicwall is already so bad Dell couldn't screw it up any more.
So glad I dont work on SonicWall's any more, Cisco Pix/ASA and Foritgates are much better to work with.
Re: (Score:2)
The challenge is cost. What I have always looked for is a "security appliance" capable of least two WAN ports for load balancing and fail over. Dial up fail over that was available on some Netgear models was a freakin joke.
So Sonicwall, with its drawbacks, comes in at many many times cheaper in price to get the job done then Cisco and Fortinet. Sonicwall starts at around $270 and gives you a *heck* of a lot more than any consumer level router has by far.
I think Fortinet, at the bottom starts at $1500 the
Re: (Score:3)
The challenge is cost. What I have always looked for is a "security appliance" capable of least two WAN ports for load balancing and fail over. Dial up fail over that was available on some Netgear models was a freakin joke.
So Sonicwall, with its drawbacks, comes in at many many times cheaper in price to get the job done then Cisco and Fortinet. Sonicwall starts at around $270 and gives you a *heck* of a lot more than any consumer level router has by far.
I think Fortinet, at the bottom starts at $1500 the last time I checked?
Sonicwall is not perfect, but is the beginning of prosumer devices. You get what you pay for. Considering that I don't think Sonicwall is all that bad. They are a ton more stable than any Netgear or Linksys/Cisco piece of shit :)
You can get a Fortigate 60C for $500. I understand a Cisco Pix 501 is about the same
A 60C will run a business up to 50 employees easy, I've got clients using a 60C for 80+ staff with no problems. Fortigate support adds more, but Sonicwall do the same thing. Just try getting a Sonicwall support member to even talk to you without a support contract and without that, they are as useful as a Cheap-o Dlink.
I've had a complete nightmare getting SSL and IPSEC VPN running on Sonicwall, after 4 days of failure
The Only One I've Seen.. (Score:4, Informative)
Re: (Score:3, Interesting)
We've got SonicWall at work. Mostly to block Facebook. Except if you use HTTPS, it lets it through.
That took the staff about a week to figure out.
Dude, you've got a well, you've got a problem.
Re: (Score:2)
That has nothing to do with Sonicwall and everything to do with the people who set it up.
Actually it has everything to do with SonicWall.
The issue wasn't the device's ability to block ports (inbound, or outbound), but the device's ability to ensure that only the licensed number of nodes were allowed outbound access through the device.
SonicWall makes money selling licenses, SonicWall is the party responsible for ensuring their devices only support the number of clients their licensed for. Their device was following through with this policy, but it was only limiting devices' outbound port 80
Re: (Score:2, Informative)
SonicWALL (starting with their newer TZ-100, TZ-200, TZ-210, and higher models) has stopped selling "Node" licenses. They've also stopped using their "Standard" firmware. ALL SonicWALL Security appliances are solid with the Enhanced Firmware and Unlimited Nodes. They've been doing this for about 2 or 3 years now.
Looks like you need to brush up on your SonicWALL knowledge.
Re: (Score:3, Informative)
So far as I could tell from the Sonicwalls I worked with, they were just yet more repackaged Linux-iptables systems with some proprietary glue and some rather expensive subscription services. I've put together just as capable of routers, intrusion detectors and mail proxy servers by just using commonly-available Linux packages. Used to use Slackware as the base, but just use Debian nowadays.
Re: (Score:3)
Worse than that, when I worked with them about a decade ago, the more esoteric iptables rules had to be manually entered on command line. The only thing proprietary about those boxes was the interface, even the VPN was Poptop. There were actually quite a few companies in the same time period that used the exact same hardware (and you can still buy it today) to run their own firewalls - basically 1U boxes with n-number of ethernet ports.
Re: (Score:2)
There is actually a lot of proprietary stuff in their new SuperMassive next-generation firewalls. They have a number of patents that allow them to scale > 100Gb/s
Re: (Score:2)
Virtually all of the firewalls and security gateways I've seen (Cisco excepted) have been repackaged Linux or OpenBSD. Many of the intrusion detection systems (NCircle and a few others excepted) were likewise.
From a technical standpoint, a roll-your-own should be the smart move - you can remove facilities you don't need/want, you can tune with patches like Web100, you can incorporate routing protocols other than RIP, the Linux and pf firewall mechanisms are much more powerful than the cheapo junky frontends
Re: (Score:2)
I agree to a point. Building an iptables firewall isn't exactly rocket science. The reason I've been building my own is because, even with my time, I can usually build a firewall/NAT router/vpn server with equal or better capabilities to any off-the-shelf appliance that would cost me about twice as much. The last router I built cost me about $300 for the parts (a fanless mini-itx with case and SSD drive) and about three hours of my time, and it manages to separate NATed networks as well as the gateway and V
Re: (Score:2)
I agree with you that it's not rocket science. I would say, based on what you've described, that you're well above average - that you even know about Webmin puts you well above average. I absolutely agree that the savings become substantial, especially if you get the parts yourself, but I shudder at the thought of some of the admins I've met being asked to build a box.
Re: (Score:2)
Oh I'm sorry anonymous assfucker, please elaborate... How are these critters not just repackaged Linux machines with proprietary glue over top of open source solutions?
Re: (Score:2)
Translation: I can't.
Re: (Score:3)
Youre doing it wrong. You can configure the sonicwall to block all 443 stuff, though for it to work "well" you need to install a root certificate on all your machines (so the sonicwall can essentially MITM your SSL connections).
You do realize that SSL is DESIGNED to be impossible to subvert the way sonicwall wants to without throwing cert warnings, right? Sonicwall cant just change how the system works simply cause theyre a gateway.
Re: (Score:1)
Re: (Score:2)
Re:The Only One I've Seen.. (Score:4, Informative)
We are a SonicWall partner - a large portion of our clients use them.
Sure you can do content filtering, but it's impossible to configure any sort of granularity in the system such as, allow these users to access these sites, those to access those site. I've worked with multiple Sonicwall engineers on this issue. You just can't do it. Period. There is one set of rules that you can either allow or deny. That's it. Similarly, the bandwidth management sucks if you want to do any sort of QoS.
This all boils down to the UI really. GUI's and firewalls are just a mix that only work for simplistic needs. Once your needs pass a certain threshold, they just get in the way and make it nearly impossible to do the configuration you need. Sonicwall designed their interface for the "part time office manager IT person" and grew from there. And it shows. Cisco frankly is in a similar situation. Use the GUI for simple crap to get you going, the command line when you actually need to do anything complex.
As another poster mentioned, pretty much all firewalls out there are embedded Linux or BSD, and just slap their GUI on top along with other random services. Some do a pretty good job of exposing the underlying power of the native firewall, others, not so much. Sonicwall's is pretty good for exposing that power but the web GUI gets in the way all too often when you need to do a lot of similar rules or complex rules.
Finally, another poster recommended using GMS to manage multiple Sonicwalls. This product is insanely priced and only makes sense in a larger organization that would be better served with alternative products (Cisco, etc.) Despite all the high end models they sell, I wouldn't use ANY of them for an organization with high-end needs. Sonicwall's nitch is small business with 50 or fewer users and in my opinion, selling and supporting these things, that's the only market that it's viable to use them in.
Re: (Score:2)
Re: (Score:2)
I do like their VPN solutions.
They have "clientless" VPN solutions (you connect via https to the VPN server and access everything through that - you can RDP, SSH (I think) and access fileshares from your web browser. This gets extended with NetExtender that takes that HTTPS connection and turns it into a full blown VPN (ssl-vpn).
It's really useful at places where the only ports you can send traffic through are 80 and 443. Heck, one place actively denies all other ports - you get connection resets over just
Re: (Score:3)
Re: (Score:2, Informative)
Disclaimer: I work in the industry. I think of SonicWall as a worthy competitor, which is more than what I can say of many of the players on so called "NGFW" market.
Many of the comments here seem to miss the point of commercial solutions, entirely. The fact that you can set up a reasonably reliable traditional firewall on Linux is nothing. At least for those customers the vendors in this market are after. By the way, these customers rarely advertise their choices. (I hope they understand the strengths and w
Re: (Score:2)
I with I had mod points for you Mr. AC.
They're kinda spammy. (Score:1)
In a previous job, I somehow got onto their sales mailing list while we were demoing their product. Let me tell you, they never give up, and won't take you off the list no matter WHO you talk to! Plus, their product was, well... bad. There's no other way of putting it.
Bad news for HP (Score:3)
Dell is a truly innovative company with a very interesting approach to manufacturing and sales; their efficient inventory management (with stock never older than a week or so) is pretty impressive. And unlike other big vendors they understand the needs of small and medium businesses and they make it very easy to become a customer (easy financing, good online inventory, etc.).
Their consumer or entry-level products are not as flashy as Apple or as robust as Lenovo but they are very competitive on the price/quality ratio and they came a long way over the last 10 years. For servers nowadays the PowerEdge as pretty much equivalent to the products from other vendors (HP, IBM) but less expensive, and their storage offering is pretty good (Equallogic, Compellent, etc.) with aggressive pricing as well. If I had to build a new data center today they would definitely be in my vendors shortlist.
I think it's a good thing that they move in the software field even if I am not a big fan of the products they acquired so far. If they follow their usual strategy within a few years they will offer a viable, cost-effective alternative to other big vendors. I guess HP is the one that will get squeezed between the expensive, corporate solutions from IBM and the more affordable Dell products.
Re:Bad news for HP (Score:4, Insightful)
Whereas I agree that IBM's server solutions stand a head higher than Dell, I would not dream of saying the same of HP. We are primarily a Dell shop and looked at swapping over to HP after numerous issues with Dell's Partner program. At the end of last year, HP accounted for 5% of our server install base. They accounted for closer to 20% of our server degraded/downtime for clients.
Horrid product support consisting of smug warranty reps with little product knowledge. Getting parts was even more of a chore. Dell's 4 hour turnaround on parts is generally just that. 4 hours. HP's 4 hour parts warranty was regularly 24 hours, and in one instance, four days. Yes, days. Admittedly the actual failure rate was comparable with Dell (not better), but when you couple it with a disdain for supporting their products....sorry, we're done with HP.
I also think you're spot on with the take on Equallogic's gear and Sonicwall's future at Dell.
A good pairing (Score:1)
I have dealt with SonicWall Aventail E-series quite a bit. I am very familiar with their system because my companies security products integrate with them(along with Cisco, Juniper, Fortigat, NetScaler,etc..) They are nice robust systems. Their VM version of their product even runs a modified version on Debian. I have heard that the old SonicWall hardware was more orientated to SMB and was not as flexible or feature rich.
I think Dell is smart to acquire SonicWall. It is a good rounding out Dell's network
Ugh sonicwall (Score:1)
Re: (Score:2)
They have a whole new product line now which is completely unrelated to their SMB gear. Check out SuperMassive. http://www.sonicwall.com/us/products/SuperMassive_Series.html [sonicwall.com]
This is geek news? (Score:2)
I understand this being on Yahoo Finance or the like, but this is just a blurb about a corporate acquisition. Just because they're IT companies just really make it geeky or nerdy.
Slashdot shouldn't get into trying to reporting on mergers and acquisitions, but should stick to what it does best: regurgitating the articles I read yesterday on Hacker News, which were then on Reddit 12 hours ago.
Re: (Score:2)
We unplugged our SonicWall box a few months ago (Score:1)