Secure Remote Access: Sonicwall SRA 1200 Review

Opening the box that the Sonicwall SRA (Secure Remote Access) 1200 comes in, the purchaser will be pleasantly surprised to find that the unit is no lightweight unit but appears to be solidly built.  The SRA 1200 comes equipped with 2 network interfaces, 2 USB ports, and one console port.  Included in the pack is the hardware to rack mount it, a network cable, and a console cable.
The unit’s management interface is easy to connect to, using a web browser.  It can be accessed via a web browser using a Windows, Mac, or Linux computer.  For this review, a Linux OS computer and Firefox web browser were used.  In order to connect to the management interface, the computer’s network card must first be set to a static IP.  The instructions give clear guidance on how to do this and what IP to use.

Connecting to the Sonicwall SRA 1200 using the management interface defaults to a HTTPS (secure) connection and uses the unit’s default self-signed certificate.  It is nice to see a product that defaults to secure settings instead of having to change them when first configuring the unit.  This being said, the user will need to add an exception to the browser’s SSL certificate settings since the self-signed certificate is the only certificate on the unit when it is first configured.  The management interface does allow the user to easily import certificates, including those from a Certificate Authority.

When logging into the management interface the user will notice that there are items that need attention.  The text is highlighted in red to get the user’s attention, and most of the items conveniently have a link to the right of the text that leads to the location in the management interface which needs correcting.  Changing the administrator default password and configuring the DNS and SMTP server settings are the first items listed, but It would have been better if the user is able to change the login name for the default administrator account.  This way the account would have a strong password (default password should have been changed immediately) but would also force someone to guess or crack the login name in addition to the password.

The Sonicwall SRA 1200 unit that was reviewed had five user licenses as the default for the unit.  Other licenses that would allow a maximum of 50 users can be purchased.  This SRA unit is geared towards the small business market which is why the maximum number of users is capped at 50.  Hardware for this unit is also set up for a small business environment.  After being run for a straight  24-hour period, there were no heating issues.  The fans kept the unit very cool during use and testing although they were noisier than any of the computers that were running (not a big issue for most IT environments.)

Another nice security feature that is set up by default is the automatic log-off when the unit is not in use for a certain period of time.  Login security can also be configured differently, even though the default is pretty good.  The management interface also allows the user to set the maximum number of login attempts in a minute before the user is locked out for a set period of time which can also be changed.  The default is set at five attempts with a lockout period of 5 minutes for the default setting.

Once the SRA 1200 Sonicwall unit is configured to the user’s preferences, the management interface allows the user to easily back up the system settings and, if needed, to import those system settings at a later stage.  The backup system file can also be encrypted which is a very nice feature.  Other appealing features include notification to the SRA 1200 administrator of new firmware available for download and the ability to monitor the system for bandwith use, CPU and memory utilization, and the number of active concurrent users using the VPN.

The Sonicwall’s SRA 1200 management interface allows the administrator to use a number of diagnostic tools including bandwidth testing, DNS lookup, TCP connection, Ping, Traceroute, and SNMP query.  During the review, the bandwidth test ran with a download speed that ranged between 54 and 58 MB per second and an upload speed of 40 to 41 MB per seconds.  Under the portal setting, the administrator can add domains and configure one-time passwords and client certificates.  Authorization mechanisms include a local database, active directory, LDAP, NT domains, and Radius.  With the number of choices for configuring the unit, it is much easier to manage it to work on a company’s current network.

Additional features include the ability to add policies, configure log events to be emailed to the administrator on a scheduled or event basis, and set logs to only record certain (not all) events.  Other  features of the unit are too numerous to discuss in this review, but a complete listing of standard and optional features of the Sonicwall SRA 1200 unit can be found on the Sonicwall website.

Despite all these features, the Sonicwall SRA 1200 is not hard to get up and running.  The administrator will have to first configure the DNS server settings, then configure the unit based on the type of network layout, and, finally, set up NetExtender.  Documentation is good, so completing the original configuration and setup should not be a problem for most administrators.  Additionally, Mysonicwall.com allows the user to register the product and gain access to a wealth of information regarding the unit that was purchased.

For any small business that requires secure remote access to some or their entire business network, the Sonicwall SRA 1200 is recommended as a possible solution to securely handle this issue.