Oct 12 2018

Review: The SonicWall TZ400 Firewall Delivers Advanced Security in a Small Package

Made for small businesses and branch offices, users get enterprise-quality cybersecurity.

SonicWall has been protecting enterprise networks for a long time with a robust series of next-generation firewalls and security appliances designed to detect and mitigate the most dangerous kinds of security threats. Yet those large units are oversized for many small businesses and regional offices that experience less traffic volume. SonicWall’s new TZ series was designed with those groups in mind.

While every security appliance in the TZ series has the same operating system and cybersecurity capabilities as larger SonicWall enterprise units, the TZ units are designed to handle less traffic, and are thus much more economical for small deployments. They can, however, be managed using the same software as the enterprise units, meaning that larger businesses can deploy whatever firewall is needed, and the TZ units simply become part of the overall defense.

Configuring the review unit — a SonicWall TZ400 model that could optionally become a wireless hub in addition to a security appliance — was extremely easy and nontechnical.

Setup won’t require a dedicated IT staff. I simply attached the TZ400 to the internet and then connected to it using a laptop. The online wizard made it easy to add any needed services, and support from the company was readily available.

VIDEO: How to meet user demands in an ever-evolving workplace!

Tap Next-Generation Cyberthreat Protection

The unit offers modules for anti-malware, anti-spyware, application control, intrusion prevention and URL filtering. Once configured, the box keeps itself updated with the latest threat signatures, meaning that small to medium-sized businesses can have a single point protecting their networks, and worry less about things like updating software protection on every client. If the wireless 802.11ac radio is activated, then that protection can also extend to anyone using the wireless network, be it internal employees or guests.

A variety of threats were sent against the TZ400 using some of the most advanced attack techniques, including encrypting the packets. Hackers began encrypting packets a while ago because they slip past quite a few firewalls that way. But the TZ400 scanned my encrypted SSL/TLS connections. It found and stopped encrypted threats without slowing down the rest of the network.


The TZ400 offers SMBs the same hardware-based cybersecurity protection found in large enterprise appliances without requiring an IT staff for setup or maintenance. No regional office or SMB should be without this kind of protection.

Stop Zero-Day Attacks in Their Tracks

One of the strongest features of the SonicWall TZ400 is the ability to add modules as needed to protect small to medium-sized businesses and small branch offices of large companies. Such businesses may not experience high traffic volumes but are nonetheless attractive targets for attackers.

The SonicWall Capture Advanced Threat Protection service is an optional module that one would probably not expect to find on an entry-level security appliance. It was easily added to my evaluation unit, as with other modules.

While most threats are detected and stopped by the appliance itself, the ATP service is a cloud component that consists of multiple sandboxing engines that probably could not run locally. Once enabled, whenever the TZ400 runs across a file or process that it’s unsure about, that file is halted in place and transferred to a secure gateway. It is held there until cleared by the sandboxing processes. Files revealed to be malicious are destroyed and never make it to network clients.

DOWNLOAD: Tap insights on the modern workforce!

SonicWall Captures the Power of the Cloud

Thousands of SonicWall appliances around the world are linked through the cloud. As soon as any of them use the cloud-based sandboxes to reveal the presence of unknown malware, a signature is created and shared with all the others. Suddenly, those extremely malicious zero-day attacks become known quantities to anyone with a SonicWall security appliance running the ATP service.

The other benefit to using cloud-based sandboxing is that it’s not restricted to just one engine. There are several sandboxes that SonicWall uses, making it nearly impossible for a hacker to create malware that could trick all of them.

You don’t often find this level of cybersecurity protection in an entry-level appliance, much less one aimed at small businesses and regional offices. Yet the TZ400 supports it, as does the even-smaller TZ300. Adding the ATP service was just as easy as activating internal modules. Other than a very slight delay while files are being analyzed in the cloud, there are no disadvantages to enabling SMBs to enjoy the kind of cybersecurity protection normally found only in large enterprise deployments.

SonicWall TZ400

Total Firewall Throughput: 1.3Gbps
Anti-malware Throughput: 300Mbps
Maximum DPI Connections: 90,000
Optional Wireless AP: 802.11ac dual-band wireless
Dimensions: 5.3 x 7.5 x 1.4 inches
Weight: 1.6 pounds

More On


Learn from Your Peers

What can you glean about security from other IT pros? Check out new CDW research and insight from our experts.