Last month, SonicWall rolled out its next-generation unified threat management firewall appliance geared for the enterprise. In our exclusive test of the Network Security Appliance E7500, results show that SonicWall has, indeed, crashed through the speed barrier.

This box offers 1.3Gbps of UTM performance, which is nearly triple the speed of the fastest product in our comparative UTM test last November.

While SonicWall has not changed much on the surface of its firewall, there are dramatic differences in the internal architecture that yield performance gains that leapfrog the throughput numbers of the SonicWall Pro product line. This makes UTM features including intrusion-prevention system (IPS), antivirus, antispyware, and content filtering cost-effective because they can run at gigabit speeds.

Fifth generation multicore performance

SonicWall's NSA firewall line, based on a family of multi-core security processors from Cavium, is called the company's "generation 5 product." The new hardware (six models have been announced already) is slated to entirely replace the company's old Pro series.

The high-end E7500 that we tested has a 16-core Cavium CPU, with each core operating at 600MHz. One core is dedicated to system management, while the other 15 are used for security processing, including firewall, VPN and other UTM features such as antivirus, IPS and content filtering. Also built into the CPU is hardware acceleration for cryptography (useful in VPNs), compression, and regular expressions, which compare a pattern against a string, and are heavily used in most IPS rule sets. SonicWall claims it took 18 months to port its existing operating system to effectively make use of the multicore capabilities of the new hardware.

The E7500 is a 1U, short (16-inch) rack-mountable device with eight firewall ports: four are copper gigabit Ethernet, and four are SFP gigabit interfaces. An additional port is marked for high availability connectivity to another firewall. The E7500 also has redundant, hot-swappable fans and power supplies. Drawing 0.9 amps when unloaded (and 1.1 amps when fully loaded), the E7500 is middle-of-the-road in terms of power consumption for an appliance of its size.

We tested the E7500 by putting it through performance tests very similar to we used in our November UTM test. However, to drive the E7500 to its UTM limits, we used a faster set of Spirent Avalanche/Reflector test devices.

Full UTM performance (including client and server-side IPS signatures, antivirus, antispyware, and content filtering) was 1,288Mbps using recommended settings. For comparison, the fastest fully loaded UTM performance registered in our November test was by the FortiGate 3600A, which came in at 520Mbps, but also carries with it a list price nearly double that of the E7500.

Although firewall vendors are constantly upgrading their wares, SonicWall is the first with a major leap past the gear in our November test.

We had similar results when testing IPS performance on the E7500 (1914Mbps using recommended settings) and antivirus performance (1615Mbps using recommended settings), all significantly faster than the best numbers from high-end gigabit products in our November test. Compared with SonicWall's own previous top-of-the-line Pro 5060, the results are even more dramatic, with the E7500 coming in six to eight times faster on all UTM tests.

Overall, the E7500 provides a dramatic boost in speed that makes UTM possible in enterprises needing gigabit speeds.