The second thing is that sonicwall is not so common in Israel……

I was working on compiling my list when I had a deliciously vindictive idea…

I’m sure other people have horror stories about Sonicwall–so I did a quick whois….

http://hatesonicwall.com

I already posted one of my horror stories. I’ll post the rest over the next few days. If you or anyone else has a good horror story, feel free to post something.

I’d also love to hear success stories of pfSense.

Nothing is 100% fool proof? Of course not – and making licensing a huge potential point of failure in the security infrastructure of your network is completely insane. Why add points of failure when the solitary purpose of that huge point of failure is the company you’re paying all kinds of money doesn’t trust you? It’s absurd.

If I were about to deploy a Sonicwall anything I would send it back. I’m not going to tell you there is one firewall solution that’s a perfect fit for every environment – there isn’t. Anyone who says so is lying or stupid. I don’t use pfSense everywhere, I manage numerous Cisco devices as well as many other vendors, but I wouldn’t consider a Sonicwall anymore. (not that I’ve ever actually bought one or recommended buying one, I’ve managed a few)

There is no such thing as 100% failproof. It doesn’t happen but they could have taken steps to reduce the risk.

We are about to put SonicWALL NSA 3500 into production and this didn’t give me a nice warm fuzzing feeling. However, since we have other security products in place it’s not really an issue long as the “firewall functions” continue to work. Only thing that would be a problem if the VPN to our remote offices goes down because of this then it would tick everybody off and more work for IT.

I am anxious to getting PFSense 2.0 in production because we use the Microsoft VPN and current version of 1.2.1 and earlier only supports one connection at a time to the same IP address so can’t use it yet.

When we do get PFSense into production I will make a recommendation that we also purchase the commerical support. Hopefully we won’t need it but it’s our insurance policy.

It tends to be the case that the piracy protection companies put in software gets bypassed anyway and the only effect is it annoys your customers. I guess in this case maybe it’s so strict that it does prevent piracy, but also creates huge problems and gaping holes in their customers networks.

It absolutely will keep them from pirating it…
The Sonicwall DRM is such a pain in the rear, it prevents you from using it legitimately most times, let alone a pirated version.

Hell–you can’t even install firmware downloaded for one customers TZ180 to another customers TZ180–you have to download signed firmware specific to the customer. Oh–and if your subscription has expired, forget about upgrading the firmware or getting bugs fixed.

The only reason I can figure people use Sonicwall is because someone higher up is getting a kick-back. The prices are artificially inflated for everything. What’s the difference to your Sonicwall is you have 1 VPN user or 100? Nothing–except a few bits you have to pay for the privilege of flipping.

A company I once worked for was a Sonicwall reseller. We sold them no matter what the customer wanted–and when the device failed to perform, we just took their project in another direction. Lame.

And the hardest part was me, sitting at home with my pfSense box, and another technician from my company with his pfSense box. We relentlessly duplicated the conditions we faced out a client sites and tested pfSense. It hasn’t failed us yet.

I’m seriously thinking about starting a page on my site describing all the crap that Sonicwall can’t do that pfSense can…it would be very enlightening.

This is by far the best advertisment for pfsense in a long time