Introduction to Firewall Policies

To open the Policies Panel, click the Firewall tab at the top of the SonicWALL GMS UI and then click the Policies subtab. The SonicWALL appropriate appliance Policies Panel appears:

System

This covers a variety SonicWALL firewall appliance controls for managing system status information, registering the SonicWALL firewall appliance, activating and managing SonicWALL Security Services licenses, configuring SonicWALL firewall appliance local and remote management options, managing firmware versions and preferences, and using included diagnostics tools for troubleshooting. It also describes how to use Dell SonicWALL GMS to configure general System Policy settings on managed SonicWALL appliances. The following sections describe how to configure the system settings:

•	Status—Provides a comprehensive collection of information to help you manage your SonicWALL security appliances and SonicWALL Security Services licenses. It includes GMS status information on Firewall, Management, Subscription, and Firewall Models. Refer to Viewing System Status .

•	Administrator—Describes how to change the administrator and password options for one or more SonicWALL appliances. Refer to Configuring Administrator Settings .

•	Management—Describes how to edit the remote management settings on SonicWALL security appliances for management by GMS or VPN client. Refer to Editing Management Settings .

•	SNMP—Describes how to configure Simple Network Management Protocol. Refer to Configuring SNMP .

•	Certificates (Unit-level view only)—Describes how to configure both third-party Certificate Authority (CA) certificates and local certificates. Refer to Navigating the System > Certificates Page .

•	Time—Describes how to change the time and time options for one or more SonicWALL appliances. Refer to Configuring Time Settings .

•	Schedules—Describes how to create and configure schedule groups, which are used to apply firewall rules for specify days and hours of the week. Refer to Configuring Schedules .

•

Tools—Provides a set of common system configuration tasks for restarting an appliance, requesting diagnostic information, inheriting settings, system synchronization, and synchronizing the appliance to mysonicwall.com. Also includes options to generate a Tech Support Report (TSR) and the ability to email the TSR. Refer to Using Configuration Tools .

•	Info—Describes how to change contact information for one or more SonicWALL appliances. Refer to Configuring Contact Information .

•	Settings—Describes how to backup and save SonicWALL appliance settings as well as restore them from preferences files. Refer to Configuring System Settings .

•

Licensed Nodes (Unit-level view only)—Provides a Node License Status table listing the number of nodes your SonicWALL security appliance is licensed to have connected at any one time, how many nodes are currently connected, and how many nodes you have in your Node license Exclusion List. Refer to Viewing Licensed Node Status .

Network

This chapter covers configuring the SonicWALL firewall appliance for your network environment. Describing how to configure network settings for SonicWALL appliances. It is divided into sections for SonicWALL security appliances running SonicOS Enhanced and SonicOS Standard.

•

DHCP

This chapter describes how to use the Global Management System (GMS) to configure SonicWALL appliances as DHCP servers. Dynamic Host Configuration Protocol (DHCP) enables network administrators to automate the assignment of IP addresses from a centralized DHCP server. This conserves IP addresses and make it easy for mobile users to move among different segments of the network without having to manually enter new IP addresses.

•

Switching

This chapter describes how to configure switching on a Dell SonicWALL appliance. For GMS, switching is supported only on appliances running SonicOS 5.9 or higher. For an overview of switching and configuration procedures, refer to the following:

•	Overview of Switching

•	Configuring VLAN Trunking

•	Configuring Rapid Spanning Tree

•	Configuring Link Aggregation

•	Configuring Port Mirroring

•	Configuring Layer 2 QoS

•	Configuring Rate Control

•	Configuring Port Security

Diagnostics

SonicWALL appliances store information about all devices with which they have communicated. When you generate diagnostic information, only one report can be generated at a time and the information is only maintained during the current session. For example, if you run a firewall log report and then log off or generate another report, the firewall log report data is lost until you run the report again.

•

3G/4G/Modem

NOTE: For information on configuring wireless WAN (WWAN) settings, see Configuring WWAN Settings .

This chapter describes how to configure the dialup settings for SonicWALL SmartPath (SP) and SmartPath ISDN (SPi) appliances. SonicWALL SP appliances have a WAN Failover feature that enables automatic use of a built-in modem to establish Internet connectivity when the primary broadband connection becomes unavailable. This is ideal when the SonicWALL appliance must remain connected to the Internet, regardless of network speed.

•

WWAN

This chapter describes how to configure the Wireless Wide Area Network (WWAN) settings for SonicWALL security appliances that use 3G and other Wireless WAN functionality to utilize data connections over cellular networks.

SonicPoints

•	This chapter describes how to configure SonicPoint managed secure wireless access points.

•

•

Wireless

•	This chapter describes how to configure wireless connectivity options for wireless SonicWALL appliances.

WGS

Thischapter describes how to configure Wireless Guest Services (WGS) enabled appliances running SonicOS Standard. For appliances running SonicOS Standard, these configuration options are available at the unit level. Wireless Guest Services allows the administrator to configure wireless access points for guest access. Wireless Guest Services is configured with optional custom login pages, user accounts and is compatible with several different authentication methods including those which require external authentication. Firewall

This chapter describes how to configure Access Rules and App Control policies for Dell SonicWALL firewalls from the Dell SonicWALL GMS management interface. Firewall Settings

•	The Firewall settings in SonicWALL GMS are different for SonicWALL security appliances running SonicOS Enhanced and Standard.

DPI-SSL

This chapter describes the Deep Packet Inspection Secure Socket Layer (DPI-SSL) feature to allow for the inspection of encrypted HTTPS traffic and other SSL-based traffic. Client DPI-SSL is used to inspect HTTPS traffic when clients on the SonicWALL firewall appliance’s LAN access content located on the WAN. Server DPI-SSL is used to inspect HTTPS traffic when remote clients connect over the WAN to access content located on the SonicWALL firewall appliance’s LAN.

Anti-Spam

This chapter provides a quick, efficient, and effective way to add anti-spam, anti-phishing, and anti-virus capabilities to your SonicWALL firewall appliance. There are two primary ways inbound messages are analyzed by the Anti-Spam feature - Advanced IP Reputation Management and Cloud-based Advanced Content Management. IP Address Reputation uses the GRID Network to identify the IP addresses of known spammers, and reject any mail from those senders without even allowing a connection. GRID Network Sender IP Reputation Management checks the IP address of incoming connecting requests against a series of lists and statistics to ensure that the connection has a probability of delivering valuable email. The lists are compiled using the collaborative intelligence of the SonicWALL GRID Network. Known spammers are prevented from connecting to the SonicWALL firewall appliance, and their junk email payloads never consume system resources on the targeted systems.

VPN

This chapter covers how to create VPN policies on the SonicWALL firewall appliance to support SonicWALL Global VPN Clients as well as creating site-to-site VPN policies for connecting remote offices running SonicWALL firewall appliances. A VPN is a private data network that uses encryption technologies to operate over public networks.SSL VPN

This chapter provides information on how to configure the SRA features on the SonicWALL SRA appliances. SonicWALL’s SRA features provide secure, seamless, remote access to resources on your local network using the NetExtender client.

•

Virtual Assist

 

This chapter contains the following:

Users

This chapter covers how to configure the SonicWALL firewall appliances for user level authentication as well as manage guest services. Describing how to use the Dell SonicWALL GMS to configure user and user access settings.

•

Web Filters

•	SonicWALL Content Security Manager (CSM) CF provides appliance-based Internet filtering that enhances security and employee productivity, optimizes network utilization, and mitigates legal liabilities by managing access to objectionable and unproductive Web content.

Application Filters

This chapter provides configuration tasks for deploying SonicWALL CSM application filtering services. SonicWALL Content Security Manager (CSM) provides appliance-based application filtering that enhances security and employee productivity and optimizes network utilization.

High Availability

This chapter describes how to use Dell SonicWALL GMS to configure High Availability that allows the administrator to specify a primary and secondary SonicWALL appliance. In the case that the connection to the primary device fails, connectivity will transfer to the backup device.

In addition, SonicWALL GMS can utilize the same device pairing technology to implement different forms of load balancing. Load balancing helps regulate the flow of network traffic by splitting that traffic between primary and secondary SonicWALL devices. Security Services

This chapter includes an overview of available SonicWALL Security Services as well as instructions for activating the service, including FREE trials. These subscription-based services include SonicWALL Gateway Anti-Virus, SonicWALL Intrusion Prevention Service, SonicWALL Content Filtering Service, SonicWALL Client Anti-Virus, and well as other services.

SonicWALL firewall appliances offer several services for protecting networks against viruses and attacks. This chapter provides concept overviews and configuration tasks for deploying these services.

•

Content Filter

This chapter describes how to use Dell SonicWALL GMS to configure content filtering options for one or more SonicWALL appliances. This functionality can be used to deny access to material supplied by the active content filtering subscription, specific domains, domains by keyword, and Web features such as ActiveX, Java, and cookies.

•

WAN Acceleration

This chapter describes how to view and configure the WAN Acceleration service.

•

Flow Activity

This chapter describes how to configure the Flow Activity feature and contains the following sections:

Log

NOTE: This feature is only available for SonicWALL security appliances running SonicOS 6.1 and higher firmware.

This chapter covers managing the SonicWALL firewall appliance’s enhanced logging, alerting, and reporting features. The SonicWALL firewall appliance’s logging features provide a comprehensive set of log categories for monitoring security and network activities. This chapter describes how to use GMS to configure where the SonicWALL appliance(s) send their logs, how often the logs are sent, and what information is included.

Register/Upgrades

This chapter describes how to register and upgrade your SonicWALL firewall appliances. Events

This section provides an introduction to the SonicOS Event Alerts feature.