SonicWall TZ670 Network Security/Firewall Appliance

The SonicWall TZ670 is a milestone in desktop-form-factor security, delivering enterprise-grade protection in a compact, easy-to-deploy appliance. Engineered for mid-sized organizations and distributed enterprises with SD-Branch locations, this NGFW couples powerful threat prevention with scalable networking to safeguard users, data, and applications across multiple sites. It is designed to handle the demands of modern networks—whether you are protecting a regional office, a branch campus, or a distributed workforce—while keeping total cost of ownership attractive through best-in-class price/performance. The TZ670’s combination of high-speed 10 Gigabit Ethernet interfaces, proven security capabilities, and streamlined management makes it a compelling choice for organizations pursuing robust security without sacrificing efficiency or simplicity.

• High-speed, scalable connectivity: The TZ670 is built to handle bandwidth-intensive workloads with multiple 10-Gigabit Ethernet interfaces, enabling fast WAN/LAN links, smooth video conferences, cloud access, and seamless data replication. This design supports growing traffic without creating bottlenecks, delivering reliable performance for mid-sized networks and SD-Branch deployments.

• Desktop-form-factor security appliance: Combining enterprise security with a compact, plug-and-play form factor, the TZ670 fits neatly in branch offices, distributed campuses, or data-center-edge environments. Its desktop footprint simplifies deployment, reduces rack space needs, and accelerates rollout across multiple sites, empowering IT teams to secure more locations with fewer resources.

• Next-Generation Firewall with comprehensive threat prevention: The TZ670 delivers industry-validated security effectiveness through Deep Packet Inspection (DPI), Intrusion Prevention System (IPS), Gateway Anti-Virus, Anti-Spyware, and application control. SSL/TLS inspection provides deeper visibility into encrypted traffic, helping to block evolving threats while maintaining user productivity and experience.

• SD-Branch ready and secure connectivity: Designed for distributed enterprises, the TZ670 supports secure SD-Branch deployments with centralized policy management, VPN connectivity, and simplified orchestration across branch sites. This enables consistent security postures, unified management, and streamlined operations for organizations pursuing a cloud-first or hybrid network strategy.

• Flexible licensing and integrated security services: The appliance ships with essential firewall capabilities and supports a broad range of security services, including application control, gateway anti-virus, anti-spyware, content filtering, and VPN functionality. This combination helps organizations tailor protections to their risk profile while optimizing cost and performance.

Technical Details of SonicWall TZ670

• Form factor: Desktop NGFW appliance designed for easy placement at branch offices or edge locations, offering robust security without the complexity of a full rack-mount solution.
• Interfaces: Equipped with multiple 10-Gigabit Ethernet interfaces to support high-speed WAN and LAN connectivity for fast, low-latency access to applications and cloud services.
• Security architecture: Next-Generation Firewall with integrated DPI, IPS, Gateway Anti-Virus, Anti-Spyware, and Application Control, plus SSL/TLS inspection for comprehensive threat prevention.
• SD-Branch capability: Optimized for secure, centrally managed branch deployments, enabling consistent policy enforcement and streamlined administration across multiple sites.
• Management integration: Designed to work with SonicWall management ecosystems, including centralized policy control, analytics, and security monitoring to simplify ongoing administration and reporting.
• Performance and efficiency: Engineered to deliver high security with responsive throughput while maintaining a user-friendly management experience, suitable for mid-sized organizations and distributed enterprises.

how to install SonicWall TZ670

• Unbox and verify contents: Ensure the TZ670 appliance, power supply, cables, and any included licenses are on hand before beginning installation.
• Plan the topology: Map your network segments (LAN, WAN, DMZ) and determine where the TZ670 will sit in the path between users, applications, and the internet.
• Connect networking interfaces: Attach the 10-Gigabit Ethernet ports to the appropriate network segments (internet connection, internal networks, and any high-speed uplinks required for data centers or cloud access).
• Power up and access the management interface: Apply power and connect a management workstation to the dedicated management port or a trusted management network. Use the initial setup wizard or the command-line interface to begin configuration.
• Apply firmware and licenses: Update the TZ670 to the latest firmware version and install the necessary security service licenses (gateway anti-virus, IPS, content filtering, etc.) to enable full threat protection capabilities.
• Configure security policies: Create firewall rules, intrusion prevention policies, application controls, and SSL/TLS inspection profiles that align with your security posture and compliance requirements.
• Set up VPN connectivity: Establish site-to-site VPNs for secure branch-to-branch traffic and configure remote access VPN for employees on the move or working remotely.
• Integrate with management platforms: Enroll the TZ670 in SonicWall Capture Security Center or SonicWall Global Management System (GMS) for centralized monitoring, logging, and policy management.
• Test and validate: Run a controlled test to verify that policies are enforced, VPNs connect as expected, and users can access required resources without disruption.
• Plan ongoing maintenance: Schedule regular updates, review threat intelligence feeds, and refine security profiles based on network changes and threat landscape.

Frequently asked questions

• What environments is the TZ670 best suited for? The TZ670 is ideal for mid-sized organizations and distributed enterprises with SD-Branch locations, where secure, scalable protection at the edge is needed without sacrificing manageability or cost efficiency.
• Does the TZ670 support VPNs? Yes. It provides robust VPN capabilities, including site-to-site IPsec VPNs for connecting branches and remote access VPN for employees, ensuring secure and reliable connectivity across distributed networks.
• What security services are included or licensable for the TZ670? The TZ670 supports a comprehensive set of security services such as Intrusion Prevention, Gateway Anti-Virus, Anti-Spyware, Content Filtering, and Application Control, with licensing options that fit various deployment needs and budgets.
• Can the TZ670 be managed centrally? Absolutely. It integrates with SonicWall Capture Security Center and SonicWall Global Management System (GMS) for centralized policy management, logging, threat analytics, and simplified administration across multiple sites.
• What makes the TZ670 a good value for price/performance? The TZ670 blends a desktop form-factor with enterprise-grade NGFW features, high-speed 10-Gigabit Ethernet interfaces, and SD-Branch readiness, offering strong security controls and scalable connectivity at an attractive total cost of ownership for mid-sized organizations.