Answer: Yes. See the following supported platforms:
Answer: NetExtender supports:
Answer: Yes, this can be achieved with the User/Group/Global Policies by adding a ‘deny’ policy for the NetExtender IP range.
Answer: NetExtender can be installed and configured to run as a Windows service, which will allow systems to login to domains across the NetExtender client.
Answer: This range is the pool that incoming NetExtender clients will be assigned – NetExtender clients actually appear as though they are on the internal network – much like the Virtual Adapter capability found in Dell SonicWALL’s Global VPN Client. You will need to dedicate one IP address for each active NetExtender session, so if you expect 20 simultaneous NetExtender sessions to be the maximum, create a range of 20 open IP addresses. Make sure that these IP addresses are open and are not used by other network appliances or contained within the scope of other DHCP servers. For example, if your SRA appliance is in one-port mode on the X0 interface using the default IP address of 192.168.200.1, create a pool of addresses from 192.168.200.151 to 192.168.200.171. In the 7.5 firmware release and newer, you can also assign NetExtender IPs dynamically using the DHCP option.
Answer: These are the networks that will be sent to remote NetExtender clients and should contain all networks that you wish to give your NetExtender clients access to. For example, if your SRA appliance was in one-port mode, attached to a Dell SonicWALL NSA 3500 appliance on a DMZ using 192.168.200.0/24 as the subnet for that DMZ, and the Dell SonicWALL NSA 3500 had two LAN subnets of 192.168.168.0/24 and 192.168.170.0/24, you would enter those two LAN subnets as the client routes to provide NetExtender clients access to network resources on both of those LAN subnets.
Answer: Activating this feature will cause the SRA appliance to push down two default routes that tell the active NetExtender client to send all traffic through the SRA appliance. This feature is useful in environments where the SRA appliance is deployed in tandem with a Dell SonicWALL security appliance running all UTM services, as it will allow you to scan all incoming and outgoing NetExtender user traffic for viruses, spyware, intrusion attempts, and content filtering.
Answer: Yes, right-click on the NetExtender icon in the taskbar and select route information. You can also get status and connection information from this same menu.
Answer: By default, when NetExtender is installed for the first time it stays resident on the system, although this can be controlled by selecting the Uninstall On Browser Exit > Yes option from the NetExtender icon in the taskbar while it is running. If this option is checked, NetExtender will remove itself when it is closed. It can also be uninstalled from the “Add/Remove Program Files” in Control Panel. NetExtender remains on the system by default to speed up subsequent login times.
Answer: New versions of NetExtender are included in each Dell SonicWALL SRA firmware release and have version control information contained within. If the SRA appliance has been upgraded with new software, and a connection is made from a system using a previous, older version of NetExtender, it will automatically be upgraded to the new version.
Answer: NetExtender is designed as an extremely lightweight client that is installed via a Web browser connection, and utilizes the security transforms of the browser to create a secure, encrypted tunnel between the client and the SRA appliance.
Answer: Yes, it uses whatever cipher the NetExtender client and SRA appliance negotiate during the SSL connection.
Answer: Yes, you can configure the Microsoft Terminal Server to use encrypted RDP-based sessions, and use HTTPS reverse proxy.
Answer: This is the transport method NetExtender uses. It also uses compression (MPPC). You can elect to have it removed during disconnection by selecting this from the NetExtender menu.
Answer: NetExtender allows full connectivity over an encrypted, compressed PPP connection allowing the user to directly to connect to internal network resources. For example, a remote user could launch NetExtender to directly connect to file shares on a corporate network.
Answer: Yes. NetExtender connections put minimal load on the SRA appliances, whereas many proxy-based connections may put substantial strain on the SRA appliance. Note that HTTP proxy connections use compression to reduce the load and increase performance. Content received by the SRA from the local Web server is compressed using gzip before sending it over the Internet to the remote client. Compressing content sent from the SRA saves bandwidth and results in higher throughput. Furthermore, only compressed content is cached, saving nearly 40-50% of the required memory. Note that gzip compression is not available on the local (clear text side) of the SRA appliance, or for HTTPS requests from the remote client.
Answer: You can use NetExtender to provide access for any application that cannot be accessed using internal proxy mechanisms - HTTP, HTTPS, FTP, RDP5, Telnet, SSHv1, and SSHv2. Application Offloading can also be used for Web applications. In this way, the SRA appliance functions similar to an SSL offloader and will proxy Web applications pages without the need for URL rewriting.
Answer: NetExtender is installed via an ActiveX-based plug-in from Internet Explorer. Users using Firefox browsers may install NetExtender via an XPI installer. NetExtender may also be installed via an MSI installer. Download the NetExtender MSI installer from mysonicwall.com.
Answer: Not at present, although these sorts of features are planned for future releases of NetExtender.
Answer: Yes, NetExtender supports 64-bit Windows 7 and Vista.
Answer: Yes, NetExtender supports 32-bit and 64-bit Windows 7.
Answer: Yes, Windows NetExtender client supports client certificate authentication from the stand-alone client. Users can also authenticate to the SRA portal and then launch NetExtender.
Answer: If the NetExtender addresses are on a different subnet than the X0 interface, a rule needs to be created for the firewall to know that these addresses are coming from the SRA appliance.