DELL SonicWALL – Understanding Trend The company was founded in 1991 under the name "Sonic Systems. In the late 1990s they released a security product later branded "SonicWALL" which was a dedicated hardware appliance with firewall and VPN software intended for the small-business market.

1

SonicWALL has gone through with multiple strategic level changes in near past.

1. On July 23, 2010 SonicWALL announced its merger with affiliates of an investor group led by Thoma Bravo

2. Within 2.5 years on March 13, 2012 Dell announced that they had signed a definitive agreement to acquire SonicWALL.

This frequent merger/acquisition has left SonicWALL channel jittery. They are worried about Dell’s approach towards SonicWALL’s existing partners, resellers and distributors. They are afraid of moving business focus and change in company’s philosophy. Though Dell is trying hard to ensure them, but channel does not seem to be convinced. How have the successive mergers affected the employees and the overall security philosophy of SonicWALL is also a matter of a speculation. Let’s compare Cyberoam and SonicWALL to understand why Cyberoam is an intelligent choice over SonicWALL.

1. SonicWALL - A Very Costly Gateway Anti-Spam

SonicWALL Spam Detection rates were not up to present industry standards as it merely relied on FREE RBLs. They had acquired MailFrontier. They have improved the spam detection to some degree. But the catch is: Per User License in Spam Filtering.

This means that for every inbox that you have, you have to pay. It is prohibitively costly. In spite of paying so highly, the spam filtering rate is not very high as the technology used is pretty old.

1 http://en.wikipedia.org/wiki/SonicWALL

Let’s compare:

Anti-Spam Features Cyberoam UTM SonicWALL UTM

License / Pricing One time Per User License

Anti-Spam Technology used

Cyberoam uses RPD® technology. This technology detects Spam in real-time. It a State-of-Art technology.

Teamed with RPD® technology, Cyberoam also uses IP reputation filters to block 80% of spam traffic at gateway, before even getting into your network.

Uses primarily Bayesian filtering based Spam filtering along with IP reputation and connection management. Bayesian filtering is a decade old outdated technology. To cover all the gaps they are forced to use fourteen (14) other types of filters. All these different types of filters are needed as not any one of them is full-proof.

Frequency of Update Real-time Approximately every 5 minutes

Language Independent

Yes. Spam in any language is filtered without any manual intervention.

No. The Anti Spam engine needs to be trained to detect Spam for every language.

Content Agnostic Yes, irrespective to the content or attachment of a mail, if it is a Spam, it will be filtered.

No, The Spam Filter has to be trained manually to filter spam.

Adaptive Spam Filtering

Yes, Without any human intervention or training the spam filter is just Deploy and Forget solution. Starts filtering instantly and precisely.

Spam filter has to be trained, tweaked and tuned to reach maximum efficiency.

Spam Detection Rate 98% + 98%

False Positive Rate 1 in 10,00,000 No Published

Protocol Scan SMTP, POP3, IMAP Does not scan POP3 and IMAP

Spam Digest

An automated mail sent out by the UTM to the recipients informing them about the suspected quarantined spam emails stored at Cyberoam’s On- Appliance Spam quarantine area. The mail has a hyperlink which takes the user directly to the quarantined mail to decide the fate of the mail.

Need to install Junk Store on separate server to view Junk Store summary and ‘unjunk’ legitimate emails

This is a hidden cost.

Apart from the comparison, there is one important feature that SonicWALL does not have.

Cyberoam Minimizes the Window of Vulnerability Cyberoam provides proactive protection against new email-borne virus outbreaks, hours before the signatures are released. It has introduced the proactive virus detection technology which detects and blocks the new outbreaks immediately and accurately.

It provides a critical first layer of defense by intelligently blocking suspicious mail during the earliest stage of a virus outbreak.

2. Weak Web Filtering – SonicWALL

SonicWALL’s Web Filtering has not improved over time.

Let us compare:

Web Filtering Features

Cyberoam UTM SonicWALL UTM

Total Number of Categories

More than 45+ Million URLs have been classified in 82 + Categories.

Only 59 categories, Number of Sites – not published.

On-Appliance vs. External Database

Cyberoam has the database of the filtering categories on the appliance. Repercussions:

Instant filtering, No waiting

Low Bandwidth consumption

Better end-user experience

Periodic updates of the database keeps it up-to-date.

SonicWALL depends on External database. Repercussions:

Slow Web filtering as the query has to be checked against remote database. A definite latency is involved.

Inferior end user experience.

Scanning the HTTPS Cyberoam Web Filtering database has a HTTPS category which can help regulate access to HTTPS based sites.

The user has to manually find the IP of the HTTPS site and then enter it in the blacklisting category.

3. Cyberoam On – Appliance Web Application Firewall

Cyberoam is one of the few UTM vendors who offer On-appliance Web Application Firewall (WAF). You just need to subscribe for cost effective WAF subscription, offered by Cyberoam, which is as effective as best-of- breed solutions.

While with SonicWALL you need to purchase dedicated WAF appliance to secure critical web applications.

Let’s compare:

WAF Features Cyberoam UTM SonicWALL UTM

Solution format Available as a subscription for its UTM appliances.

Need to purchase a separate WAF appliance.

Management

Single point of management:

WAF protection can be managed from Cyberoam UTM interface.

No On-appliance WAF:

Separate appliance, Separate management. No common point of integration.

Technology used Positive Protection model without signature tables.

Signature based protection. Needs manual intervention to download and synchronize the signature database.

It is sluggish to respond to new threats as it is dependent on the signature update.

Intutive Website Flow Detector

Intutive and intelligent technology to identify and block application layer attacks.

The administrator needs to understand the nature of Web traffic and create rule(s) accordingly.

4. SonicWALL Lacks Identity-based AAA Security Approach

Cyberoam UTM has a first mover’s advantage in this critical feature. Cyberoam uses Authentication, Authorization and Accounting for Identity-based total security approach. Under this approach, only an Authenticated user is Authorized to use the resources as per identity-based custom policies. The usage is strictly Accounted for through the audit trail - Reports.

Cyberoam uses Identity as a decision parameter in Firewall, Intrusion Prevention (IPS), Gateway Anti-Virus & Anti-Spam, Content Filtering, Bandwidth Management, Policy based Routing and VPN features. Apart from this, Cyberoam is the only UTM that has two unique features:

o On-Appliance Identity Based Reporting: We have discussed this feature when we talk about the audit trail and it will be further discussed in the Reporting section.

o Fusion Technology: Cyberoam's Firewall page provides a unifying control interface to tweak all the UTM features from one screen. This gives the administrator an unparallel ease of use.

Like most other products, SonicWALL is still lagging behind in total deliverance of this feature and does not offer such a granular approach.

It can authenticate and partially authorize the user, but fails to effectively account for all the user activity. The user-based reporting is also limited and is dependent fully on Scrutinizer or Analyzer -SonicWALL's External Reporting Tool.

5. Frail Anti-Virus – SonicWALL

SonicWALL Gateway Anti-Virus (GAV) is one of its weakest links.

Let us compare:

Anti-Virus Features Cyberoam UTM SonicWALL UTM

Total Number of Signatures

More than 4 Millions (AV + Anti-Spyware Signatures)

21708 (AV Signatures)

8284921(AV Signatures) available on Cloud AV database {from the Online Demo}

Granular Control Over AV Scans

Using Cyberoam you are empowered to configure custom scan policy. E.g.: You can choose between Batch Mode and Real Time Mode.

No such granularities

Scan supports more than 40 types of compressed files.

Scanning of a limited number of compressed file format supported.

Anti-Virus Features Cyberoam UTM SonicWALL UTM

Malware Detection Rate

One of the Highest in the Industry – 99.5%

2

Not Published.

AV Scans Effect on Throughput

Does effect, still the throughput remains manageable. For further details, please refer to the Datasheets and TechSheets on the Cyberoam site.

AV Scanning leads to a significant deterioration in the throughput. Please refer to the Datasheets and TechSheets on the SonicWALL site.

6. Guest User Access – SMS Gateway

Cyberoam Guest User acccess feature allows administrator to provide secure Internet access to the guest users.The administrator can create and apply various security policies and login restrictions to the guest users. When the guest user tries to access Internet from Cyberoam protected network, Cyberoam provides temporary credentials to the guest user over user’s registered mobile number. This complete process is transparent, so there is no need of administrator’s intervention.

SonicWALL lacks this type of transparent process.

7. Cyberoam On-Appliance Reporting

In SonicWALL, the customer needs to purchase and deploy Scrutinizer or Analyzer to get detailed reporting. This is a steep escalation in terms of Capital Expenditure and Operational Expenditure.

Cyberoam’s On-Appliance Plug-and-Play reporting – Cyberoam-iView provides around 1000+ detailed reports at No Additional Cost.

Some unique Cyberoam Reports include:

1. User-wise reports of all types (Web Filtering, Internet Surfing, IPS, IM) 2. User-wise Data Transfer 3. User-wise Search Keywords (reports of web searches) 4. Web Surfing Trends reports per: User, Organization, Site, Category(graphical reports)

2 http://www.av-comparatives.org/en/comparativesreviews/detection-test

If the reporting requirements are more demanding, Cyberoam also provides external integration with its Open Source Software – iView. Cyberoam UTM can support five (5) SYSLOG streams.

8. Cyberoam’s Identity-based Security Approach

Who do you give access to: An IP Address or a User?

Whom do you wish to assign security policies: User Name or IP Addresses?

In case of an insider attempted breach, whom do you wish to see: User Name or IP Address?

How do you create network address based policies in a DHCP and a Wi-Fi network?

How do you create network address based policies for shared desktops?

Cyberoam UTM approaches the Security paradigm from the identity perspective. The blended threats

circumvent the perimeter defense and launch an attack from within. The network’s own resources are

used to subvert it. The main target is thus the end user who knowingly or unknowingly breaches the

perimeter defense.

While providing a robust perimeter defense, Cyberoam UTM’s Identity-based access control

technology ensures that every user is encapsulated in a tight, yet granular security policy that spans

across Cyberoam UTM’s Firewall/VPN, Gateway Anti Virus, Anti-Spam, Web Filtering, Intrusion

Prevention System (IPS) and Bandwidth Management solutions.

Cyberoam in Numbers

Worldwide Presence Deployed in 90+ countries

Virus Detection Rate 99.5%

Spam Detection Rate 98%

Spam False Positive Rate 1 in One Million

Number of URL categories 82+

Disclaimer This comparison is based on our interpretation of the publicly available information as on date of preparing this comparisson. The features /

characteristics of the subject product under comparison, which may have direct impact on the accuracy and / or validity of this comparison, are likely to change without prior notice. The information contained in this comparison is and intended to provide broad consumer understanding and

knowledge of factual information of various products. This comparison is merely our opinion / interpretation, which may be subject to further

modification / rectification in future in case of receipt of any fact / information regarding the subject products under comparison. People using

information should also research original sources of information and should not rely only upon this comparison while selecting any product. This

comparison is not exhaustive and may not be accurate. Cyberoam Technologies Pvt. Ltd. makes no warranty as to the reliability, accuracy, usefulness, or completeness of the comparison. The materials / information in this comparison are provided "as is" and without warranties of any

kind either expressed or implied. To the fullest extent permissible pursuant to applicable law, Cyberoam Technologies Pvt. Ltd. disclaims all

warranties of accuracy or otherwise in respect of the comparison. Cyberoam Technologies Pvt. Ltd. does not warrant or make no representations

regarding the use of or the result of the use of the comparison in terms of their correctness, accuracy, reliability, or otherwise. Cyberoam Technologies Pvt. Ltd. retains the right to revise these rules / conditions at any time. This document is confidential and intended for private

circulation only.