I don't have any TZ 400 any longer in the field, but if you have access to the unit you can see that value on top of the Access Rules list in the upper right corner (or in the TSR).
I have an older TSR of a TZ 500 laying around, and it said 2550 Rules, so I would guess it's not higher than that.
Hi BWC, many thanks for your email update in regards to my query, very much appreciated. Would you or anybody else know what would be the most recommended sonicwall unit device to replace or upgrade from TZ400 to increase the "Max Rule Count"?
How much Access Rules do you need? Usually the selection of a small box like the TZ 4x0 is made by throughput, not number of Access Rules.
I checked a TSR of a TZ 470 (the obvious replacement) and it comes with 2710 Max Rules, but AFAIK it can be set up to 12710 Rules.
I don't know what the immediate effect will be, maybe the system is reserving memory for the higher amount of rules and have less memory for other operations.
"Create more than 7000 rules" is not an actual objective, that's just a side-effect of what you're trying to achieve. So what are you really trying to do?
My intuition would be that if you need more than 7000 rules on a TZ400, whatever it is you're doing, you're doing it wrong.
Thanks to all with recent update replies, very much appreciated. The current scenario is that in our QA environment we are currently utilizing a TZ400 unit device, where the current max rule count is as follows.
Obviously we didnt want to delete or alter any existing rules, hence my initial query, along with secondary query above in this community comms thread.
I would assume that we will need to a replace (or upgrade) to a GEN7 device, which either a TZ470 or (most probably go with this) TZ570 at this point of time.
But would appreciate any thoughts or feedback in regards to this query?
I guess you should contact your SNWL rep for this, because having so much Rules isn't the usual thing we deal with every day. How is the TZ 400 behaving considering this kind of configuration?
I checked on TZ 470 - 670 and it comes with 2775 max Rules as default and can be configured up to 12775. The NSa 2700 comes with 10020 and can go up to 27020. But as said before, I don't know what the implications are having so much rules, memory-/performance-wise.
TZ 470 - 670 comes with 4 Cores and 4 GB of RAM, so no much difference here. TSR for TZ 470 does not show RAM, so I'am not 100% certain on that.
Answers
I don't have any TZ 400 any longer in the field, but if you have access to the unit you can see that value on top of the Access Rules list in the upper right corner (or in the TSR).
I have an older TSR of a TZ 500 laying around, and it said 2550 Rules, so I would guess it's not higher than that.
—Michael@BWC
Hi BWC, many thanks for your email update in regards to my query, very much appreciated. Would you or anybody else know what would be the most recommended sonicwall unit device to replace or upgrade from TZ400 to increase the "Max Rule Count"?
How much Access Rules do you need? Usually the selection of a small box like the TZ 4x0 is made by throughput, not number of Access Rules.
I checked a TSR of a TZ 470 (the obvious replacement) and it comes with 2710 Max Rules, but AFAIK it can be set up to 12710 Rules.
I don't know what the immediate effect will be, maybe the system is reserving memory for the higher amount of rules and have less memory for other operations.
—Michael@BWC
"Create more than 7000 rules" is not an actual objective, that's just a side-effect of what you're trying to achieve. So what are you really trying to do?
My intuition would be that if you need more than 7000 rules on a TZ400, whatever it is you're doing, you're doing it wrong.
Hi All,
Thanks to all with recent update replies, very much appreciated. The current scenario is that in our QA environment we are currently utilizing a TZ400 unit device, where the current max rule count is as follows.
Obviously we didnt want to delete or alter any existing rules, hence my initial query, along with secondary query above in this community comms thread.
I would assume that we will need to a replace (or upgrade) to a GEN7 device, which either a TZ470 or (most probably go with this) TZ570 at this point of time.
But would appreciate any thoughts or feedback in regards to this query?
I guess you should contact your SNWL rep for this, because having so much Rules isn't the usual thing we deal with every day. How is the TZ 400 behaving considering this kind of configuration?
I checked on TZ 470 - 670 and it comes with 2775 max Rules as default and can be configured up to 12775. The NSa 2700 comes with 10020 and can go up to 27020. But as said before, I don't know what the implications are having so much rules, memory-/performance-wise.
TZ 470 - 670 comes with 4 Cores and 4 GB of RAM, so no much difference here. TSR for TZ 470 does not show RAM, so I'am not 100% certain on that.
—Michael@BWC
Is it obvious?