Free delivery

McAfee SECURE sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams

Dynamic search > >
UK Sales: 0330 1340 230
• SonicWall Specialist
• Expert Advice
• Free next working day delivery if ordered before 4.00pm (Mon-Fri)*
• Live Stock Feed
• Secure Ordering
• Established 2006
SonicWall NSa 2650 Secure Upgrade Plus - Advanced Edition (2 Years)

SonicWall NSa 2650 Secure Upgrade Plus - Advanced Edition (2 Years)

  1. Firewall inspection throughput: 1.9 Gbps,
  2. Threat prevention throughput: 150 - 300 Mbps,
  3. Interfaces: 8 x 1 GbE,
  4. Max. SSL VPN Clients: 250



(£3,498.00 inc VAT)
8   item(s) *

Designed for mid-sized organizations and distributed enterprises, the NSa 2650 delivers high-speed threat prevention in a 1U rackmount appliance. High port density including eight 2.5 GbE interfaces enables fast, scalable security across wired and cloud networks while supporting high-speed 802.11ac Wave 2 wireless connections.

*** This product is a promotional upgrade - for customers upgrading from earlier SonicWall firewalls, or from competitive products

Firewall Product Features

12 x 1 GbE, 4 x 2.5 GbE SFP
1 - 100
700 Mbps
3.0 Gbps
300 - 600 Mbps
300 Mbps
1.5 Gbps
1,000,000 (500,000 with DPI)
50 (1,000)
2 (350)
2-Year Subscription Included
2-Year Subscription Included
2-Year Subscription Included
2-Year Subscription Included
2-Year Subscription Included
2-Year Subscription Included
30-Day FREE Trial

Warranty & Support

2-Yr hardware/2-Yr support, firmware updates
24x7 Support
Hardware overview NSa 2650
Operating system SonicOS 6.5.x
Security processing cores 4
Interfaces 4 x 2.5-GbE SFP, 4 x 2.5-GbE, 12 x 1-GbE, 1 GbE Management, 1 Console
Expansion 1 Expasion Slot (Rear) *
Built-in storage
16 GB
Management CLI, SSH, Web UI, Capture Security Center, GMS, REST APIs
Single Sign On (SSO) Users 40,000
Access points supported (max) 48
Logging Analyzer, Local Log, Syslog, IPFIX, NetFlow
Firewall/VPN performance
Firewall inspection throughput1 3.0 Gbps
Threat Prevention throughput2 (Max Security) 1.25 Gbps
Application inspection throughput2 1.4 Gbps
IPS throughput2 1.4 Gbps
Anti-malware inspection throughput2 1.3 Gbps
IMIX throughput3 700 Mbps
TLS/SSL inspection and decryption throughput (DPI SSL)2 250 Mbps
VPN throughput2 1.3 Gbps
Connections per second 14,000
Maximum connections (SPI) 1,000,000
Maximum connections (DPI) 500,000
Maximum connections (DPI SSL) 18,000
Default connections (DPI/DPI SSL)4 500,000/12,000
Site-to-site VPN tunnels 1,000
IPSec VPN clients (maximum) 50 (1,000)
SSL VPN licenses (maximum) 2 (350)
Encryption/authentication DES, 3DES, AES (128, 192, 256-bit)/MD5, SHA-1, Suite B Cryptography
Key exchange Diffie Hellman Groups 1, 2, 5, 14v
Route-based VPN RIP, OSPF, BGP
IP address assignment Static (DHCP, PPPoE, L2TP and PPTP client), Internal DHCP server, DHCP Relay
NAT modes 1:1, many:1, 1:many, flexible NAT (overlapping IPS), PAT, transparent mode
VLAN interfaces
Routing protocols BGP, OSPF, RIPv1/v2, static routes, policy-based routing
QoS Bandwidth priority, max bandwidth, guaranteed bandwidth, DSCP marking, 802.1p
Authentication LDAP (multiple domains), XAUTH/RADIUS, SSO, Novell, internal user database, Terminal Services, Citrix, Common Access Card (CAC)
VoIP Full H.323-v1-5, SIP
Certifications(in progress)
ICSA Firewall, ICSA Anti-Virus, FIPS 140-2, Common Criteria NDPP (Firewall and IPS), UC APL, USGv6, CsFC
High Availability Active/Passive with State Sync
Power supply Dual, redundant 120W (one included)
Fans Dual, Fixed
Input power
100-240 VAC, 50-60 Hz
Maximum power consumption (W) 37.2
MTBF @25ºC in hours 162,231
MTBF @25ºC in years 18.5
Form factor
1U Rack Mountable
Dimensions 16.9 x 12.8 x 1.8 in (43 x 32.5 x 4.5 cm)
Weight 11.5 lb (5.2 kg)
WEEE weight 12.1 lb (5.5 kg)
Shipping weight 17.0 lb (7.7 kg)
Major regulatory FCC Class A, CE (EMC, LVD, RoHS), C-Tick, VCCI Class A, MSIP/KCC Class A, UL, cUL, TUV/GS, CB, Mexico CoC by UL, WEEE , REACH, ANATEL, BSMI
Environment(Operatin/Storage) 32°-105° F (0°-40° C)/-40° to 158° F (-40° to 70° C)
Humidity 10-90% non-condensing

1Testing Methodologies: Maximum performance based on RFC 2544 (for firewall). Actual performance may vary depending on network conditions and activated services.

2Threat Prevention/Gateway AV/Anti-Spyware/IPS throughput measured using industry standard Spirent WebAvalanche HTTP performance test and Ixia test tools. Testing done with multiple flows through multiple port pairs. Threat Prevention throughput measured with Gateway AV, Anti-Spyware, IPS and Application Control enabled. DPI SSL performance measured on HTTPS traffic with IPS enabled.

3VPN throughput measured using UDP traffic at 1280 byte packet size adhering to RFC 2544. All specifications, features and availability are subject to change.

4For every 125,000 DPI connections reduced, the number of available DPI SSL connections increases by 3,000 except for NSa 9250 and above.

5Active/Active Clustering and Active/Active DPI with State Sync require purchase of Expanded License.

*Future use. All specifications, features and availability are subject to change.

Advanced Gateway Security Suite (AGSS)

At a glance

Gateway Anti-Virus, Anti-Spyware and Intrusion Prevention, Application Intelligence and Control Service - CGSS & AGSS

  • Real-time gateway anti-virus engine that scans for viruses, worms, Trojans and other Internet threats in real-time.
  • Dynamic spyware protection blocks the installation of malicious spyware and disrupts existing spyware communications.
  • Powerful intrusion prevention protects against an array of network-based threats such as worms, Trojans and other malicious code.
  • Application intelligence and control provides application classification and policy enforcement.
  • Dynamically updated signature database for continuous threat protection.

Content Filtering Service (CFS) - CGSS & AGSS

  • Comprehensive content filtering provides control of internal access to inappropriate, unproductive and potentially illegal web content.
  • Website ratings cached locally on SonicWall firewalls make response time to frequently visited sites virtually instantaneous.
  • Dynamically updated rating architecture cross-references all requested websites against a database in the cloud containing millions of URLs, IP addresses and domains and then compares each rating to the local policy setting.

24x7 Support - CGSS & AGSS

  • Software and firmware updates and upgrades maintain network security to keep your solution as good as new.
  • Around-the-clock access to chat, telephone, email and web-based support for basic configuration and troubleshooting assistance.
  • Advance Exchange hardware replacement in the event of failure.
  • Annual subscription to SonicWall’s Service Bulletins and access to electronic support tools and moderated discussion groups.

Capture Advanced Threat Protection (Capture ATP) - AGSS

  • Block zero-day attacks before they enter your network.
  • Rapidly deploy remediation signatures to other network security appliances.
  • Establish advanced protection against the changing threat landscape.
  • Analyze a broad range of file types.

SonicWall support subscriptions & renewals

SonicWall remote access client licences

SonicWall add-ons & replacements

SonicWall centralised management & reporting