SonicWALL CSM 2100CF review
With such a strong line-up of SME-level firewalls, it was inevitable that SonicWALL would move into the content security-appliance market as well, and it does so with the CMS 2100CF. It’s worth noting that SonicWALL’s firewall appliances have traditionally offered basic URL filtering as standard, and optional content filtering via third-party sources such as N2H2 or Websense Enterprise. But these features have never been heavily promoted and the optional components have been known to put the price up significantly.
This slimline 1U-rack chassis leaves firewalling duties in the hands of its similarly clad brethren and focuses primarily on web-content filtering using SonicWALL’s own URL category databases. It provides further controls to block the use of Instant Messaging (IM), P2P and multimedia applications, plus the usual restrictions on ActiveX and Java content. It also allows administrators to implement Internet access controls on a per-user basis.
The content filtering is a hosted service, as the 2100CF queries a remote category database to see if the requested URL is listed. SonicWALL maintains multiple databases at different locations to ensure redundancy. Once a rating has been passed back to the appliance, the user is either permitted or denied access and the rating is cached locally to improve performance. Compared with SonicWALL’s firewalls the hardware specification of the 2100CF isn’t spectacular, being based around an 800MHz VIA C3, but it should handle the demands of most small businesses.
Installation starts with a direct network connection to the appliance’s offline management port to set up the LAN and WAN network interfaces before going live. The 2100CF is as plug-and-play as it gets. It functions as a transparent gateway, so it simply slots in between your LAN and WAN, and routes all traffic through without you having to reconfigure your network clients. The web interface is common across all SonicWALL’s appliances, is simple to use and opens with a status report on the unit along with a table of traffic statistics and alert messages. Content-filtering policies are a cinch to create and you can pick and choose from more than 50 predefined categories of objectionable web material. If a user tries to access a banned website, they receive a customisable web page warning of their transgression. The failed access attempt is logged along with the client’s IP and MAC addresses, the destination address and the offending website URL.
Application filtering uses a local database and you pick and choose whether to block or allow listed IM, P2P or multimedia programs.
With a local ACL (access control list) you can force clients to provide a valid username and password to gain Internet access, and the 2100CF also supports Active Directory and RADIUS server authentication for single sign-on security. User access restrictions extend to limiting sessions to a specific number of minutes and applying an inactivity timer. Prior to allowing Internet access, you can also deliver an acceptable use policy declaration, which they must accept before continuing.
During testing, we found the 2100CF an easy security partner. It didn’t take long to set up and the delay during the remote look-up process was almost imperceptible. Usage logging and reporting are good and web filtering works efficiently, making the CSM 2100CF well worth considering if you want to add content security to an existing firewall.