Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

NSM - Never used - should i?

I have not used NSM, but recently purchasing agent purchased NSM without discussing with me, after reading several of the community complaints I do not feel comfortable enabling NSM on our main production firewall. Things like Login loops, rebooting, X1 only issues. just to name a few are red flags. Lots of comments on its not mature enough.

I feel this like this product is a disaster, and should I even attempt it. Personally I don't mind managing it locally. I grew up in that era and just been a part of my life. Cloud has its place but not sure managing production firewalls is one of them. My worry / concern is some of the things that have been reported and even recently (Jun 2021) so that is pretty recent. I have a couple of TZ350s that i could do a trial on.

It seems the general census is DO NOT USE IT.

Category: Network Security Manager
Reply

Answers

  • LarryLarry Cybersecurity Overlord ✭✭✭

    My view on NSM is simple (and I've posted enough rants to warrant advice to tone it down): If you manage only a handful of devices, and have no requirement for any analytics, there is simply no need to use this product. However, if you have a large, dispersed fleet - either at one client site or multiple sites - then it might be a time-saving offering for overall management.

    But, if you want to use it, you'll have to realize that it is a product that was released without full functionality. It is being built on a continual basis. This means that features that either aren't present may (or may not) be on a roadmap. Broken items have unknown fix dates only in future releases (it seems there's no such thing as a "hot fix" for the cloud). For example: Capture ATP reporting for licensed AGSS devices hasn't been available in the NSM Dashboard since it was released. Supposedly it will arrive by the end of June 2021 with 2.3.x.

    So, if you can live with that kind of uncertainty, go ahead. Otherwise, there is no need to spend your clients' money.

  • MPERU99MPERU99 Newbie ✭
    edited June 10

    Ya I only have like 5 production office firewalls, 3 production remote user firewalls and 2 non production TZ350 (lab) firewalls to play with. So basically a handful , definitely not a fleet , I dont even use CSC on any of them. I have only known how to maintain locally ( I kind of prefer that anyhow.) and for the kind of management I want to do, you still cannot do under the cloud based. Like exporting all the IPs out of one firewall and importing them into another firewall.. using the simple GUI. and no not using the CLI either. what the point of the CLI when i can copy and paste faster using the GUI, the CLI offers no efficiency and I spend more time struggling on how to use the CLI then actually getting anything done. I have complained about this lack of simple useful export of IPs for a while. Its sad that so many other firewalls can do this and yet sonicwall cannot.

    Larry, thanks for you input, it is valued, I appreciate someone with more experience reaching out and providing a lighted path, so that others do not fall into the darkness of the unknown.

  • TKWITSTKWITS All-Knowing Sage ✭✭✭✭

    I agree with Larry's comments. I have a handful of firewalls on NSM and barely touch it. Most of these devices I have access to either via a server local to the firewall or its direct WAN interface.

    I had used their pre-cloud GSM years ago and found it lacking. Analytics was a big reason we tried NSM and as mentioned it's not quite there yet.

    I can totally see NSM use for a distributed helpdesk that covers a large geographical footprint with a mix of ISPs. I do not advocate for cellular connectivity, but NSM could be the best way to manage firewalls on cell services (because otherwise you are stuck behind carrier-grade NAT and not able to manage directly remotely).

    I really dislike agile development (I call it fr-agile) and thats what SW's latest offerings are.

  • mantis2kmantis2k Newbie ✭
    edited June 19

    One of our most used features on sonicwall is the Public Server / NAT config wizard. My very first experience with using NSM was to click on the wizard and discover that the Public Server wizard is missing. All the other wizards are there though?! This seems kind of crazy. I then found this on their FAQ, so much for NSM making our life easier, sigh:

    https://www.sonicwall.com/support/knowledge-base/sonicwall-network-security-manager-nsm-faq/200803090636870/

    • I have a customer with more than 200 firewalls that uses LTU. Will NAT configuration wizard be available on NSM?  

    This a roadmap feature under consideration. This feature will have wizards to create large scale VPNs and SDWAN, etcetera.

  • montanadavemontanadave Newbie ✭

    Flat out answer: NO.

    They release things without proper testing, training, nor support. Save yourself a ton of headaches and wait a year.

    Try applying a template to a firewall. The template "engine" doesn't pull in newly created zones so you can't use them in the rest of the config. Try changing the time to log out as admin due to inactivity (default is 5 min). The template won't save and throws an error.

    I've spent hours configuring a template to see only portions of it apply to a firewall.

    Love the direction SNWL is going but they seem to be more concerned about moving forward than getting stuff to work.

    And when it comes to their switches, make sure they are cloud managed and not managed by firewall if you are using VLAN's amongst wired and wireless clients. Firewall managed switches and WAP's have issues -- cloud management all the way.

    The amount of hours I have spent with support is ridiculous. No one knows the product suite including support.

    Keep it simple and stick to the basic functionality and strength of the firewall. NSM isn't ready.

  • lostbackupslostbackups Newbie ✭

    Here's my 2 cents as someone in IT that's only worked with Sonicwall firewalls at my company and now I'm using NSM, deployed at the beginning of 2021.... the product looks very nice and it would be awesome if it actually worked, but it doesn't.

    Issues I've had:

    • VPN connectivity between NSM and the Sonicwall NSM I am using with it - aka the most basic function to get things working and it took about 10 support calls to finally get it working and even then it was some wonkey work-around vs the automated/zero-touch method that should work
    • Analytics numbers somethings show GB instead of MB which really REALLY throws off the reporting and darn near makes it untrustworthy. This is unacceptable and I even saw this same issue in the days of GMS Analyzer
    • Monitoring and Alerting doesn't seem to work at all. I've just set up alerts for intrusions, viruses, botnets, web activity, and network performance. The only alerts it actually shows so far is a handful of Web Activity alerts, but there's literally no information about the events. Not only that, I set up a test alert for when my NSA 3600 goes above 5% CPU usage and I didn't start getting alerts until like 2 days after setting it up. And even then I was somehow only getting the emails for the alerts, but the events weren't even showing up in the NSM page where they should be viewable
    • Email alerts from NSM in general constantly get held in our spam filter due to failing DMARC which is all on Sonicwall's end as they haven't properly configured their DNS authentication for SPF and DKIM - I even called support and they acknowledged the issue
    • The login process to get into NSM is terrible. You have to first sign into MySonicWall and then go to Services and then NSM. Half the time you get stuck in continuous login loops between MySonicWall and NSM pages and the only solution is to clear your browser's cache and try again
    • NSM page loading is SUPER SLOW. Every now and then it is snappy but for the most part it is like running a super heavy website on dial-up.... No... satellite internet.
    • When you call into get NSM support, they always ask for the serial number, which the cloud hosted NSM doesn't even have a serial number so you have to give them the firewall unit serial, so then the ticket gets placed in the support queue for that firewall support category and not NSM. So when you call back you always get stuck in that loop of talking to the wrong person.
    • Support takes forever to get back to you if at all and they don't seem to actually read the information provided in cases opened online
    • As of 2021, I noticed that Sonicwall support seems to be almost always Indian women. I am not racist or sexist, but the trend seems to be getting support from someone who sounds like they could care less about your issue, doesn't listen or understand when you explain things, doesn't know how to actually solve the problem, and frequently gets disconnected or has to put you on hold for ages to get help from someone else. Then in the end, the solution is usually that the fix is coming in another firmware release

    I could probably keep going but that is the most common issues I've been having

Sign In or Register to comment.