Posted by: Jason Tramer
firewalls, IT professional, sonicwall
So as a consultant I get to work with a lot of different products as part of my job and in terms of firewalls I have to be truthful I absolutely hate Sonicwall’s using Standard OS. Don’t get me wrong here, Enhanced OS is fine, certainly not my favorite product to work with but it’s fine. Generally when I tell people this, I get the response something along the lines of “well thats why you have to pay extra for Enhanced OS”. I can understand the need to pay more money for the better product, hell I get really pissed when we sell Watchguard Cores without Fireware Pro. I don’t mind paying extra to get more features but perhaps someone needs to explain to me why I have to pay extra to get an interface that isn’t as painful and unintuitive as Microsoft Access . I swear that Sonicwall designers went out of there way to make this as painful and intuitive as possible so that you have no choice but to pay extra just to get a product that doesn’t make you rip your hair out.
Case in point here, my company is a partner for a service called Last Spam. It’s a great web service for protecting your company from spam. It’s very reasonable and it’s one of those services you put in place and forget about. Part of the configuration includes modifying the SMTP packet filer rule on your firewall to only accept packets from the Last Spam IP ranges, of which there are several. In any other firewall product, you simply modify your rule and add the ranges. In Sonicwall StandardOS however you can not do this. You can only specify one range per rule, that means you have to create a SMTP rule for each range. This gets to be a real pain in the neck when you are configuring the damn thing remotely over a very slow network link. Also it means that your rules table gets pretty large and just much more painful to work with.
Maybe I am just complaining for no reason but I dread having to use StandardOS.