Agree here. They are a nice box if you have the enhanced OS but the native logging bites to troubleshoot properly. On going maintenance costs is also an issue for most ive seen. -----Original Message----- From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Amy Babinchak Sent: Friday, 22 June 2007 6:47 AM To: isapros@xxxxxxxxxxxxx Subject: [isapros] Re: Hot Topics The sonicwall enhanced os is very nice. We're using the 2040 with all the bells and whistles for one local client. The thing I dislike about sonicwall is support and logging. Clients don't like the maintenance price tag.Other than that a very nice product. Load balancing and failover is what forced the purchase. thanks, Amy Babinchak Harbor Computer Services From Mobile PDA Phone (248) 890-1794 http://isainsbs.blogspot.com http://smalltechnotes.blogspot.com http://www.harborcomputerservices.net -----Original Message----- From: "John T (lists)" <johnlist@xxxxxxxxxxxxxxxxxxx> To: "isapros@xxxxxxxxxxxxx" <isapros@xxxxxxxxxxxxx> Sent: 6/21/07 3:07 PM Subject: [isapros] Re: Hot Topics No, Sonicwall will never be as great as ISA is! Yes, it can leverage AD, both protocol and location. Yes, you can force all traffic through the VPN. No, it does not provide the level of logging that ISA does, but using a syslog it does provide quite a bit, but I would not say comprehensive. Stateful packet, yes. Application layer, no. Enhanced OS allows you to create the same type of rules for traffic to/from VPN since it treats VPN as a zone itself, meaning objects can be assigned to the zone and rules can be created specifying the zone or the object or a group of objects. John T > -----Original Message----- > From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros- > bounce@xxxxxxxxxxxxx] On Behalf Of Thomas W Shinder > Sent: Thursday, June 21, 2007 10:33 AM > To: isapros@xxxxxxxxxxxxx > Subject: [isapros] Re: Hot Topics > > How granular? Does it leverage Active Directory users and groups? Per > protocol? Per location? Allow Web proxy through the VPN link? Provide > comprehensive logging to text, MSDE or SQL for the VPN connection? > Perform both stateful packet and application layer inspection on the > remote access VPN connections? > > Thomas W Shinder, M.D. > Site: www.isaserver.org > Blog: http://blogs.isaserver.org/shinder/ > Book: http://tinyurl.com/3xqb7 > MVP -- Microsoft Firewalls (ISA) > > > > > -----Original Message----- > > From: isapros-bounce@xxxxxxxxxxxxx > > [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of John T (lists) > > Sent: Thursday, June 21, 2007 12:09 PM > > To: isapros@xxxxxxxxxxxxx > > Subject: [isapros] Re: Hot Topics > > > > > A webcast on how to use VPN fine tuned access controls for remote > > > access > > > VPN clients is a good one. Its not like your "hardware" VPN > > server that > > > let's everyone party down on the corpnet once they get > > connected. You > > > can provide secure least privilege access. > > > > FYI, for those that can not substantiate the cost of ISA server for a > > network, or part of it, Sonicwall Enhanced OS does indeed > > allow granular > > control of access via VPN. > > > > John T > > > > > > > > > > -- ExchangeDefender Message Security: Click below to verify authenticity http://www.exchangedefender.com/verify.asp?id=l5LKkgbx027272&from=amy@xxxxxxxxxxxxxxxxxxxxxxxxxx