From the GMS 9.4.2 release notes “IMPORTANT: GMS does not support firewall versions beyond 7.0.x, so if you plan to continue using GMS to manage firewalls, please do not upgrade them to versions beyond 7.0.x. This information will be displayed in GMS 9.4.2 user interface for all Gen 7 firewalls in the firewall status and global status. Also, “Log-In to Unit(LTU)” feature will not be available for firewalls running firmware version 7.1.2 and higher”. But NSM doesn’t support the custom reporting some of my clients require for federal compliance. They’re making other vendors look really attractive right now.
NSM is also 3x the price of GSM and 30% of the functionality too.
Maybe they can let us know AFTER they put all the firmware downloads back online first. This is ridiculous
GMS has been hot trash since day 1. They’ve never improved it. We are using cloud NSM now and it’s a huge improvement. Hopefully it’ll continue to get better.
I have used SonicWALLs since their beginning and I am a fan of their interface, security capabilities, and their built in WiFi (and now switch) management. But there are some weird limitations. The only thing that’s starting to make me think twice is their constantly increasing costs. That said, I am ripping out a really nice Fortinet because I absolutely hate the interface…
What is some of the custom reporting you need that is missing from NSM? And is it missing from both cloud and on-prem NSM?
Looks like a 3rd party tool.
Get a Dream Machine Pro Max
Sonicwalls are an abomination, prices have steadily increased year on year but the devices do not get any better. As witnessed by the recent bug causing them to go dark!
Plus if you want reporting you have to add on Analytics, an additional cost.
What’s ticking me off is the catch-22 choice, between the “Critical security vulnerability identified in CVE-2024-40766” solution of upgrading to the latest firmware, which then makes my client’s firewalls inaccessible via GMS.
How many months of data retention?
My roots are in Viewpoint, then Analyzer, then GMS, so I’m with you. I’m feeling like Sonicwall went to the Tan Hock School of Profit and is assuming we’re too invested to move.
Truthfully I’m not sure anymore. I showed our SE the VPN reports, user reports, etc that our banking clients require and he told me to hold off, that NSM reporting won’t do them. I’m considering installing a trial if there is such a thing. Financially I’m still trying to wrap my head around the cost of moving 70 devices from one platform to another. Plus we need a years retention and I was told cloud won’t do that. If a client asks where an ex employee was going 6 months ago, I can pull that report from GMS. Tomorrow I’m starting some webinars on Fortinet so it may all be a moot point anyway.
I used to be a huge fan, and defended them for the decade+ we have sold them. But the Gen 7 devices and their bugs have pissed off a few big clients of ours. We have started selling the Netgate pfSense ones to smaller clients with basic requirements.
SonicOS 7.0.1-5161 and several other releases in 7.0.1 train have the fix (https://www.sonicwall.com/support/technical-documentation/docs/sonicos-7-0-0-0-release\_notes/Content/Versions/sonicos-7-0-1-13-5161.htm)
More details : https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0015
Cloud NSM does do one year retention and reporting if you pay for NSM Advanced, but only 30 days of analytics.
I know there is a new NSM release coming at the end of the month with a number of bug fixes, because we’ve been running into rule problems with the 6/6.5 gen devices. It’s allegedly going to have some new functionality too, but no details yet.
If you are a SonicWall partner, your rep will have no problem getting you a longer eval of NSM (you can get a 30 day one on your own in MySonicWall for each of the firewalls there with active support). Our SE is clueful with NSM which is why we are giving it another shot for even the older firewalls.
Also, different headaches with Fortinet. We had a customer replace 30 SonicWalls with FortiGates over a six month period. They’re starting to hate the Fortis as much as they did the SonicWalls.
Agreed, oh I long for the days of Sonicwalls running forever without rebooting and not magically puking their configs. But more so I need a product that I can tell my clients they have to use because it runs with our infrastructure, and not be saddling them with routing nightmares.