Call us
+44 (0)20 8830 6820

SonicWall NSa 2700

This is the base SonicWall NSa 2700 Appliance. No licenses or security services are included.
SKU: 02-SSC-4324

See configuration tab below.

The SonicWall Network Security Appliance (NSa) 2700 next-generation firewall (NGFW) offers medium to large sized enterprises industry-leading performance at the lowest total cost of ownership in its class.

With comprehensive security features such as intrusion prevention, VPN, application control, malware analysis, URL filtering and IP reputation services, it protects the perimeter from advanced threats without becoming a bottleneck. The NSa 2700 has been built from the ground up with the latest hardware components, all designed to deliver multi-gigabit threat prevention throughput — even for encrypted traffic. Featuring a high port density (including 16 x 1GbE ports and three x 10 GbE ports), the solution supports network and hardware redundancy with high availability, clustering and dual power supplies.


This is the base SonicWall NSa 2700 Appliance. No licenses or security services are included. To include a full security services package (EPSS or APSS), please see either

SonicWall NSa 2700 TotalSecure - Advanced Edition

SonicWall NSa 2700 TotalSecure - Essential Edition

SonicWall NSa 2700 Launch Video:

  1. 1 RU – Form Factor
  2. 16 x 1 GbE interfaces
  3. 3 x 10 GbE interfaces
  4. 2 Gbps Threat and Malware Analysis Throughput
  5. Enterprise Internet Edge Ready
  6. Latest Generation 7 SonicOS support
  7. Secure SD-WAN capability
  8. Intuitive single pane of glass management
  9. TLS 1.3 support
  10. Best-in-class price-performance
  11. Fast DPI performance
  12. Low TCO in its class
  13. High port density for easy networking
  14. Redundant power

The SonicWall NSa 2700 runs on SonicOS 7.0, a new operating system built from the ground up to deliver a modern user interface, intuitive workflows and user-first design principles. SonicOS 7.0 provides multiple features designed to facilitate enterprise-level workflows. It offers easy policy configuration, zero-touch deployment and flexible management — all of which allow enterprises to improve both their security and operational efficiency. The NSa 2700 supports advanced networking features, such as SD-WAN, dynamic routing, layer 4-7 clustering and high-speed VPN functionality. In addition to integrating firewall and switch capabilities, the appliance provides a single-paneof-glass interface to manage both switches and access points. Built to mitigate the advanced cyberattacks of today and tomorrow, the NSa 2700 offers access to SonicWall’s premier advanced firewall security services, allowing you to protect your entire security infrastructure. Solutions and services such as Cloud Application Security, Capture Advanced Threat Protection (ATP) cloud-based sandboxing, Real-Time Deep Memory Inspection (RTDMI™) and Reassembly-Free Deep Packet Inspection (RFDPI) — along with Deep Packet Inspection (DPI) for all traffic including TLS 1.3 — offer comprehensive gateway protection from most stealthy and dangerous malware, including zeroday and encrypted threats.

Firewall General
Operating systemSonicOS 7.0
Interfaces16x1GbE, 3x10G SFP+, 2 USB 3.0, 1 GbE Management, 1 Console
ExpansionStorage Expansion Slot (Up to 256GB)
Storage64GB M.2
VLAN Interfaces256
Access points supported (maximum)32
Firewall/VPN Performance
Firewall inspection throughput5.2 Gbps
Threat Prevention throughput3.0 Gbps
Application inspection throughput3.6 Gbps
IPS throughput3.4 Gbps
Anti-malware inspection throughput2.9 Gbps
TLS/SSL decryption and inspection throughput (DPI SSL)800 Mbps
IPSec VPN throughput2.1 Gbps
Connections per second21500
Maximum connections (DPI)500000
Site-to-site tunnels2000
SSL VPN licenses (max)2 (500)
IPSec VPN clients (max)50 (1000)
Encryption/AuthenticationDES, 3DES, AES (128, 192, 256-bit)/MD5, SHA-1, Suite B Cryptography
Key exchangeDiffie Hellman Groups 1, 2, 5, 14v
Route-based VPNRIP, OSPF, BGP
Certificate supportVerisign, Thawte, Cybertrust, RSA Keon, Entrust and Microsoft CA for SonicWall-to- SonicWall VPN, SCEP
VPN featuresDead Peer Detection, DHCP Over VPN, IPSec NAT Traversal, Redundant VPN Gateway, Route-based VPN
Global VPN client platforms supportedMicrosoft® Windows Vista 32/64-bit, Windows 7 32/64-bit, Windows 8.0 32/64-bit, Windows 8.1 32/64-bit, Windows 10
NetExtenderMicrosoft Windows Vista 32/64-bit, Windows 7, Windows 8.0 32/64-bit, Windows 8.1 32/64-bit, Mac OS X 10.4+, Linux FC3+/Ubuntu 7+/OpenSUSE
Mobile ConnectApple® iOS, Mac OS X, Google® Android™, Kindle Fire, Chrome, Windows 8.1 (Embedded)
Security Services
Deep Packet Inspection servicesGateway Anti-Virus, Anti-Spyware, Intrusion Prevention, DPI SSL
Content Filtering Service (CFS)HTTP URL, HTTPS IP, keyword and content scanning, Comprehensive filtering based on file types such as ActiveX, Java, Cookies for privacy, allow/forbid lists
Comprehensive Anti-Spam ServiceSupported
Application VisualizationYes
Application ControlYes
Capture Advanced Threat ProtectionYes
IP address assignmentStatic, (DHCP, PPPoE, L2TP and PPTP client), Internal DHCP server, DHCP relay
NAT modes1:1, 1:many, many:1, many:many, flexible NAT (overlapping IPs), PAT, transparent mode
Routing protocolsBGP, OSPF, RIPv1/v2, static routes, policy-based routing
QoSBandwidth priority, max bandwidth, guaranteed bandwidth, DSCP marking, 802.1p
AuthenticationLDAP (multiple domains), XAUTH/RADIUS, SSO, Novell, internal user database, Terminal Services, Citrix, Common Access Card (CAC)
Local user database250
VoIPFull H323-v1-5, SIP
Certifications pendingFIPS 140-2 (with Suite B) Level 2, UC APL, VPNC, IPv6 (Phase 2), ICSA Network Firewall, ICSA Anti-virus, Common Criteria NDPP (Firewall and IPS)
High availabilityActive/Active with stateful synchronization
Form factor1U Rack Mountable
Power supply (W)60
Maximum power consumption (W)21.5
Input power100-240 VAC, 50-60 Hz
Total heat dissipation73.32 BTU
Dimensions43 x 32.5 x 4.5 (cm) 16.9 x 12.8 x 1.8 in
Weight4.0 kg / 8.8 lbs
WEEE weight4.2 kg / 9.3 lbs
Shipping weight6.4 kg / 14.1 lbs
Major regulatoryFCC Class A, CE (EMC, LVD, RoHS), C-Tick, VCCI Class A, MSIP/KCC Class A, UL, cUL, TUV/GS, CB, Mexico CoC by UL, WEEE , REACH, ANATEL, BSMI
Environment (Operating/Storage)32°-105° F (0°-40° C)/-40° to 158° F (-40° to 70° C)
Humidity5-95% non-condensing
Remote Configuration & Setup

When you purchase a new firewall, SonicWall support does not cover initial configuration.  We can help you fill this gap by offering the optional add-on, “Remote Configuration & Support” when you purchase any of SonicWall TZ and NSa firewalls or from the Secure Mobile Access product sets.

Our experienced technicians will guide you through the installation and configuration process during an initial telephone consultation, regardless of your level of experience or skill.  All we require is access to the appliance over the internet and a contact phone number for your on-site engineer. The service is for a maximum of 2 hours - additional time can be purchased by prior agreement.

The Process

  1. Remember to tick the “REMOTE CONFIGURATION?” checkbox (above) before adding the device to the basket.  Once you’ve completed the purchase, we will contact you to book a scheduled telephone appointment with one of our engineers*.
  2. You will need to ensure that the appliance is available remotely on HTTPS.**
  3. Our engineer will contact you during the scheduled appointment (please provide a valid telephone number) to guide you through the installation and configuration process.
  4. Our service is tailored for any skill level so if you require additional support (or for more advanced configuration assistance), you can request an additional appointment.
  5. Once we are satisfied that your appliance is up and running, we will provide details of the network configuration, including setup and login details for your records.
  6. You can also expect a post-installation health check to ensure that your appliance is functioning at optimum levels.
  7. If you already have your network configuration planned out, we will implement it accordingly. If you do not have these details, we can advise on best practices, network setups, ranges and policies to ensure the most secure and flexible configuration. Full details will be provided at the end of the process.

* For multiple appliances, you will need to book a session for each installation.

** Although we can advise you on how to enable this, it is your responsibility to perform the required gateway/router changes. You may need to contact your connectivity provider. By default, the device is available on HTTPS. 


back to top