mailing list archives
RE: Sonicwall 3500/netflow
From: Brandon Kim <brandon.kim () brandontek com>
Date: Tue, 14 Feb 2012 10:49:00 -0500
I've been using 5.8 with no problems thus far. As for the CLI, yes it is CLUNKY.
But they are completely revamping it, it will be very similar to Cisco in the near future...
From: blake () pfankuch me
To: jay () miscreant org; jra () baylink com
Subject: RE: Sonicwall 3500/netflow
Date: Tue, 14 Feb 2012 14:40:40 +0000
CC: nanog () nanog org
If you have questions contact me off list. I would shoot for a little higher device to support that bandwidth
if you are going to be enabling Services at all. Also if you use services, make sure they are enabled only on 1 zone
as to not double scan traffic. Also I would skip the DPI-SSL services for now, as they are extremely throughput
intensive. The company I work for manages a few hundred Sonicwalls, some of them in a pretty complex setup..
SonicWall netflow is a little unique, they have a GUI feature called APPFlow which makes it pretty easy to trim down
to watch exactly what you need (once you get the hang of it). Some of the additional free features make the
SonicWall very nice. The SSLVPN portal is very handy for remote troubleshooting. You can bind it to a VLAN
interface with private addresses for management purposes as well as remote access.
Careful though, they can either be a beast, or a joy to manage depending on how you set it up.
If you want to do entirely CLI management on the SonicWall, be prepared for a headache. Everything is case
sensitive, and not the cleanest. If you build quick templates in your favorite text editor, it can be very simple to
manage this way.
SonicWall is pushing 220.127.116.11 firmwares to all of the partners as far as I know (maybe to everyone) if you call in
with an issue. Check the caveats though, we have a few conflicts related to VPN stuff as well as dynamic routing a
From: Jay Mitchell [mailto:jay () miscreant org]
Sent: Tuesday, February 14, 2012 3:59 AM
To: Jay Ashworth
Subject: Re: Sonicwall 3500/netflow
According to the spec sheet it does, haven't had the opportunity to play with one to comment any further though.
On 14/02/2012, at 2:21 PM, Jay Ashworth <jra () baylink com> wrote:
This will be my first time in Sonicwall territory. I'm assuming this
thing will (effectively) *be* my edge router; does it support netflow,
as has been being discussed in the recent thread?
I'm likely going to have 100M from L3, with FiOS/150 and Roadrunner/50
for backup/load bal; I don't think this will be a BGP application.
Jay R. Ashworth Baylink jra () baylink com
Designer The Things I Think RFC 2100
Ashworth & Associates http://baylink.pitas.com 2000 Land Rover DII
St Petersburg FL USA http://photo.imageinc.us +1 727 647 1274