There is an Oklahoma business that is now part of my linkedin profile that hopefully buys SonicWall.
Business has/had Tz210 and the processor and memory was at full capacity. It needed to be replaced. They currently have 52 users behind the firewall and are expecting growth.
They wanted wireless but need multiple access points. Not positive of the amount needed but know need more than one.
Explained that they better not go with the built-in access point. The built-in access point allow seamless roaming with the newer 802.11ac SoniPoints.
Customer obviously wants to stick with SonicWall, they also want to take advantage of the layer 7 visibility in the user interface. Threat prevention services in SonicWall are enterprise capable and easy to use. The user data integrates with active directory and shows per user data.
Through a lot of work (any NAC takes considerable configuration) it has a service capable to decrypt and reencrypt user LAN/WAN traffic in real time.
This small business user does not need that level of visibility though. Just need LAN and Guest services. The guest services has a policy on it to only allow internet service. Default rules are on LAN zone only.
The business in this case will only need to transfer the config from the TZ210 to the NSA2600 to start off. I would suggest working through old config to set up new firewall policy. Also suggest updating documentation (including getting rid of outdated) policies in secure encrypted file. This would provide a good end user and guest policy document for proper use and connectivity of business network.
Suggest NSA2600 with 3 year secure upgrade option and 2 of the new 802.3AC access points. The 3 year secure upgrade provides a year of comprehensive gateway security suite for free. (or just the way I like to explain the upfront discount of the sku)
I am interested in how it turns out.
No comments:
Post a Comment