SonicWall refreshes low ends of TZ and NSa firewall portfolios and unveils zero trust SonicWall Cloud Edge Secure Access

SonicWall has had zero trust capabilities before but the new SonicWall Cloud Edge Secure Access, a ZTNA offering, is their first to be cloud-based and really effective in the cloud.

TZ stack

Cybersecurity vendor SonicWall has made significant additions to both the physical and cloud elements of their Capture Cloud Platform. On the physical side, they have refreshed the lower end of both their SMB-focused TZ firewall and the mid-enterprise level NSa firewall lines. On the cloud side, they introduced SonicWall Cloud Edge Secure Access, a zero-trust network access [ZTNA] solution that controls and protects network access to both managed and unmanaged devices based on identity, location and device parameters. Enhancements were also announced for Network Security Manager and SonicWall Capture Client.

“We have historically been very strong in our firewall appliance endpoint solutions, and we have recently been investing more in our cloud offerings,” said Kayvon Sadeghi, Senior Director of Product Marketing at SonicWall. “ZTNA is a strong move toward SASE [Secure Access Service Edge], which will give the customer a choice of appliance or cloud, as opposed to forcing them into our limited deployment options.”

The hardware announcements are the next stage of a rolling refresh of its appliances, which began in August with the high end of SMB TZ series, with the TZ570 and TZ670 firewalls, and the high end of their enterprise-focused NSsp line, with the NSsp 15700.

SonicWall NSa 2700

“The new SonicWall NSa 2700 is the low end of our NSa line,” Sadeghi said. “It replaces the NSa 2650 and we will go upmarket from there with further refreshes.”

The NSa 2700 is SonicWall’s first mid-market firewall appliance on the new SonicOS 7.0 platform, with a modern UX/UI, device views, and advanced security control.

The new TZ models, the entry level TZ270, TZ370 and TZ470 firewalls, are aimed both at SonicWall’s traditional SMB customers, as well as distributed enterprises with SD-WAN locations. The new models are 5G- and LTE-compatible.

The new SonicWall Cloud Edge Secure Access SASE offering isn’t technically SonicWall’s first zero trust solution, but it is their first one in the cloud.

“We do have our SMA [Secure Mobile Access] VPN solutions, which can implement Zero Trust,” Sadeghi indicated. “The difference between Cloud Edge Secure Access and VPN is that the former is all cloud based. Customers have indicated there are delays in implementing appliance-based VPN in the cloud, so that it is a suboptimal solution for cloud access.  ZTNA gives a fully cloud-based offering, with granular access to resources. It has two components. The gateway can be up within 15 minutes, and the agent, which can be installed in 5 minutes.”

SonicWall Cloud Edge Secure Access is being targeted at larger midmarket and enterprise customers.

“It’s not that it can’t be deployed for SMBs, but MSSPs will purchase it from us and provide it to smaller customers in those markets, Sadeghi said. “From our perspective, we are looking at selling it to mid to large parts of the enterprise.”

SonicWall Cloud Edge Secure Access will be available November 23.

SonicWall also announced Network Security Manager (NSM) 2.1.

“This is a followup to the launch we did in July, when we first announced NSM, and it that time, it was all cloud-based,” Sadeghi said. “Now with 2.1, it’s also available on-prem. This is for customers who just can’t go to the cloud, specifically parts of the government and some regulated industries.”

Finally, SonicWall Capture Client 3.5 endpoint protection has been enhanced to make it easier for MSSPs to manage, specifically with the ability to manage multiple tenants.

“It makes it more MSSP-friendly for partners who want to deploy it as a service,” Sadeghi indicated.

  1 comment for “SonicWall refreshes low ends of TZ and NSa firewall portfolios and unveils zero trust SonicWall Cloud Edge Secure Access

Leave a Reply

Your email address will not be published. Required fields are marked *