Preface

Preface

Copyright Notice

© 2013 SonicWALL, Inc.

All rights reserved.

Under the copyright laws, this manual or the software described within, can not be copied, in whole or part, without the written consent of the manufacturer, except in the normal use of the software to make a backup copy. The same proprietary and copyright notices must be affixed to any permitted copies as were affixed to the original. This exception does not allow copies to be made for others, whether or not sold, but all of the material purchased (with all backup copies) can be sold, given, or loaned to another person. Under the law, copying includes translating into another language or format.

Specifications and descriptions subject to change without notice.

Limited Warranty

All Dell SonicWALL appliances come with a 1-year Limited Hardware Warranty which provides delivery of critical replacement parts for defective parts under warranty. In addition, for 90 days from the warranty start date, Dell SonicWALL appliances are entitled to a Limited Software Warranty which provides bug fixes, updates and any maintenance releases that occur during the coverage term. Visit the Warranty Information page at http://www.sonicwall.com/us/support/Services.html#tab=warranty for details on your product’s warranty.

About this Guide

Welcome to the SonicOS 5.8.1 Administrator’s Guide. This manual provides the information you need to successfully activate, configure, and administer SonicOS 5.8.1 for SonicWALL security appliances.

Note: Always check <http//:www.sonicwall.com/services/documentation.html> for the latest version of this manual as well as other SonicWALL products and services documentation.

Organization of this Guide

The SonicOS 5.8.1 Administrator’s Guide organization is structured into the following parts that follow the SonicWALL Web Management Interface structure. Within these parts, individual chapters correspond to SonicWALL security appliance management interface layout.

Part 1 Introduction

This part provides an overview of new SonicWALL SonicOS features, guide conventions, support information, and an overview of the SonicWALL security appliance management interface.

Part 2 Dashboard

The SonicWALL Visualization Dashboard offers administrators an effective and efficient interface to visually monitor their network in real time, providing effective flow charts of realtime data, customizable rules, and flexible interface settings. The following tools are included in the Dashboard part:

• Real-Time Monitor
• AppFlow Dash
• AppFlow Monitor
• Threat Reports
• User Monitor
• BWM Monitor
• Connection Monitor
• Packet Monitor
• Log Monitor

Part 3 System

This part covers a variety SonicWALL security appliance controls for managing system status information, registering the SonicWALL security appliance, activating and managing SonicWALL Security Services licenses, configuring SonicWALL security appliance local and remote management options, managing firmware versions and preferences, and using included diagnostics tools for troubleshooting.

Part 4 Network

This part covers configuring the SonicWALL security appliance for your network environment. The Network section of the SonicWALL Management Interface includes:

• Interfaces - configure logical interfaces for connectivity.
• WAN Failover and Load Balancing - configure one of the user-defined interfaces to act as a secondary WAN port for backup or load balancing.
• Zones - configure security zones on your network.
• DNS - set up DNS servers for name resolution.
• Address Objects - configure host, network, and address range objects.
• Routing - view the Route Table, ARP Cache and configure static and dynamic routing by interface.
• NAT Policies - create NAT policies including One-to-One NAT, Many-to-One NAT, Many-to-Many NAT, or One-to-Many NAT.
• ARP - view the ARP settings and clear the ARP cache as well as configure ARP cache time.
• DHCP Server - configure the SonicWALL as a DHCP Server on your network to dynamically assign IP addresses to computers on your LAN or DMZ zones.
• IP Helper - configure the SonicWALL to forward DHCP requests originating from the interfaces on the SonicWALL to a centralized server on behalf of the requesting client.
• Web Proxy - configure the SonicWALL to automatically forward all Web proxy requests to a network proxy server.
• Dynamic DNS - configure the SonicWALL to dynamically register its WAN IP address with a DDNS service provider.

Part 5 3G/4G Analog Modem

This part covers the configuration of the 3G/4G (Third Generation) wireless WAN interface on SonicWALL UTM appliances that support this feature. This allows the SonicWALL to utilize data connections over 3G/4G Cellular networks when a 3G/4G card is plugged into the appliance. This feature can also handle Analog Modem connections when this type of device is connected to the appliance.

Part 6 Wireless

This part covers the configuration of the built-in 802.11 antennas for wireless SonicWALL security appliances.

Part 7 SonicPoint

This part covers the configuration of the SonicWALL security appliance for provisioning and managing SonicWALL SonicPoints as part of a SonicWALL Distributed Wireless Solution.

Part 8 Firewall

This part describes access rules as well as Application Firewall, which is a set of application-specific policies that gives you granular control over network traffic on the level of users, email users, schedules, and IP-subnets. The primary functionality of this application-layer access control feature is to regulate Web browsing, file transfer, email, and email attachments.

Part 9 Firewall Settings

This part covers tools for managing how the SonicWALL security appliance handles traffic through the firewall.

Part 10 DPI-SSL

This part describes the Deep Packet Inspection Secure Socket Layer (DPI-SSL) feature to allow for the inspection of encrypted HTTPS traffic and other SSLbased traffic. Client DPI-SSL is used to inspect HTTPS traffic when clients on the SonicWALL security appliance’s LAN access content located on the WAN. Server DPI-SSL is used to inspect HTTPS traffic when remote clients connect over the WAN to access content located on the SonicWALL security appliance’s LAN.

Part 1 VoIP

This part provides instructions for configuring the SonicWALL security appliance to support H.323 or SIP Voice over IP (VoIP) connections.

Part 12 Anti-Spam

This part provides instructions for configuring the Anti-Spam feature, which provides a quick, efficient, and effective way to add anti-spam and anti-phishing capabilities to your existing SonicWALL UTM appliance. This feature uses the spam-filtering capabilities of SonicWALL Email Security to reduce the amount of junk email the organization delivers to users.

Part 13 VPN

This part covers how to create VPN policies on the SonicWALL security appliance to support SonicWALL Global VPN Clients as well as creating site-to-site VPN policies for connecting offices running SonicWALL security appliances.

Part 14 SSL VPN

This part provides information on how to configure the SSL VPN features on the SonicWALL security appliance. SonicWALL’s SSL VPN features provide secure, seamless, remote access to resources on your local networkusing the NetExtender client.

Part 15 Virtual Assist

This part describes the Virtual Assist feature, which allows users to support customer technical issues without having to be on-site with the customer. This capability serves as an immense time-saver for support personnel, while adding flexibility in how they can respond to support needs. Users can allow or invite customers to join a “queue” to receive support, then virtually assist each customer by remotely taking control of a customer’s computer to diagnose and remedy technical issues.

Part 16 User Management

This part covers how to configure the SonicWALL security appliance for user level authentication as well as manage guest services for managed SonicPoints.

Part 17 High Availability

This part explains how to configure the SonicWALL security appliance for high availability so that in case of a loss of network connectivity, another SonicWALL security appliance resumes all active connections.

Part 18 Security Services

This part includes an overview of available SonicWALL Security Services as well as instructions for activating the service, including FREE trials. These subscription-based services include SonicWALL Gateway Anti-Virus, SonicWALL Intrusion Prevention Service, SonicWALL Content Filtering Service, SonicWALL Client Anti-Virus, and well as other services.

Part 19 WAN Acceleration

This part provides an overview of the SonicWALL WXA series appliance, basic and advanced deployment scenarios, and configuration and verification examples. This chapter includes Status, TCP Acceleration, WFS Acceleration, System, Logs, and Configuring WAN Acceleration.

Part 20 AppFlow

This part covers managing the SonicWALL network security appliance’s flow reporting statistics and configurable settings for sending AppFlow and real-time data to the local collector or to external AppFlow servers. SonicOS AppFlow provides support for external AppFlow reporting formats, such as NetFlow version 5, NetFlow version 9, IPFIX, and IPFIX with extensions.

Part 21 Log

This part covers managing the SonicWALL security appliance’s enhanced logging, alerting, and reporting features. The SonicWALL security appliance’s logging features provide a comprehensive set of log categories for monitoring security and network activities.

Part 22 Wizards

This part walks you through using the SonicWALL Configuration Wizards for configuring the SonicWALL security appliance. The SonicWALL Configuration Wizards in SonicOS include:

• The Setup Wizard takes you step by step through network configuration for Internet connectivity. There are four types of network connectivity available: Static IP, DHCP, PPPoE, and PPTP.
• The Registration & License Wizard simplifies the process of registering your SonicWALL security appliance and obtaining licenses for additional security services.
• The Public Server Wizard takes you step by step through adding a server to your network, such as a mail server or a Web server. The wizard automates much of the configuration you need to establish security and access for the server.
• The VPN Policy Wizard steps you through the configuration of Group VPNs and site-to-site VPNs.
• The Application Firewall Wizard takes you step by step through configuration of Application Objects, Actions, Email User Objects, and Policies.

Part 23 Appendices

This part contains the Command Line Interface (CLI) guide, which describes how to configure the SonicWALL security appliance using CLI commands.

Guide Conventions

The following conventions used in this guide are as follows:

Convention

Use

Bold

Highlights items you can select on the SonicWALL security appliance management interface.

Italic

Highlights a value to enter into a field. For example, “type 192.168.168.168 in the IP Address field.”

Menu Item > Menu Item

Indicates a multiple step Management Interface menu choice. For example, Security Services > Content Filter means select Security Services, then select Content Filter.

Icons Used in this Manual

These special messages refer to noteworthy information, and include a symbol for quick identification:

Caution: : Important information that cautions about features affecting firewall performance, security features, or causing potential problems with your SonicWALL.

Tip: : Useful information about security features and configurations on your SonicWALL.

Note: : Important information on a feature that requires callout for special attention.

SonicWALL Technical Support

For timely resolution of technical support questions, visit SonicWALL on the Internet at http://www.sonicwall.com/us/Support.html. Web-based resources are available to help you resolve most technical issues or contact SonicWALL Technical Support. To contact SonicWALL telephone support, see the telephone numbers listed below:

North America Telephone Support

U.S./Canada: +1 888.793.2830 or +1 408.837.4317

International Telephone Support

Australia: + 1800.35.1642

Austria: +43(0)820.400.105

EMEA: +31(0)411.617.810

France: +44 193.257.3927

Germany: +44 193.257.3910

Hong Kong: +1 800.93.0997

India: 000.800.100.3395

Italy: +44 193.257.3928

Japan: 0120.569122

New Zealand: + 800.446489

Singapore: + 800.110.1441

Spain: +44 193.257.3921

Switzerland: +44 193.257.3929

UK: +44 193.257.3929

More Information on SonicWALL Products

Contact SonicWALL, Inc. for information about SonicWALL products and services at:

: Web:: http://www.sonicwall.com

: E-mail:: sales@sonicwall.com

: Phone:: (408) 745-9600

Fax:: (408) 745-9300