Security_Services_ssSettingsView
SonicWALL, Inc. offers a variety of subscription-based security services to provide layered security for your network. SonicWALL security services are designed to integrate seamlessly into your network to provide complete protection.
The following subscription-based security services are listed in Security Services on the firewall’s management interface:
• SonicWALL Content Filtering Service
• SonicWALL Client Anti-Virus
• SonicWALL Gateway Anti-Virus
• SonicWALL Intrusion Prevention Service
• SonicWALL Anti-Spyware
• RBL Filter
Tip After you register your firewall, you can try FREE TRIAL versions of SonicWALL Content Filtering Service, SonicWALL Client Anti-Virus, SonicWALL Gateway Anti-Virus, SonicWALL Intrusion Prevention Service, and SonicWALL Anti-Spyware.
You can activate and manage SonicWALL security services directly from the SonicWALL management interface or from https://www.mysonicwall.com.
The Security Services > Summary page lists the available SonicWALL security services and upgrades for your firewall and provides access to mysonicwall.com for activating services using Activation Keys.
A list of currently available services is displayed in the Security Services Summary table. Subscribed services are displayed with Licensed in the Status column. The service expiration date is displayed in the Expiration column. If the service is limited to a number of users, the number is displayed in the Count column. If the service is not licensed, Not Licensed is displayed in the Status column. If the service license has expired, Expired is displayed in the Status column.
When you access your mysonicwall.com account from this page in the SonicWALL management interface, the Security Services Summary table changes to the Manage Services Online table. This table provides an updated status of your security services and allows you to activate FREE TRIAL versions, and activate or renew security services licenses using Activation Keys.
If your firewall is not registered, the Security Services > Summary page does not include the Services Summary table. Your firewall must be registered to display the Services Summary table.
mysonicwall.com
To activate SonicWALL Security Services, you need to have a mysonicwall.com account and your firewall must be registered. Creating a mysonicwall.com account is easy and free. You can create a mysonicwall.com account directly from the SonicWALL management interface. Simply complete an online registration form. Once your account is created, you can register firewalls and activate SonicWALL Security Services associated with the firewall.
mysonicwall.com delivers a convenient, one-stop resource for registration, activation, and management of your SonicWALL products and services. Your mysonicwall.com account provides a single profile to do the following:
• Register your Dell SonicWALL network security appliance
• Try free trials of SonicWALL security services
• Purchase/Activate SonicWALL security service licenses
• Receive SonicWALL firmware and security service updates and alerts
• Manage your SonicWALL security services
• Access SonicWALL Technical Support
Your mysonicwall.com account is accessible from any Internet connection with a Web browser using the HTTPS (Hypertext Transfer Protocol Secure) protocol to protect your sensitive information. You can also access mysonicwall.com license and registration services directly from the SonicWALL management interface for increased ease of use and simplified services activation.
Managing Security Services Online
Clicking the Manage Licenses button displays the mysonicwall.com Login page for accessing your MySonicWALL.com account licensing information.
Enter your mysonicwall.com username and password in the User Name and Password fields, and then click Submit. The System > Licenses page is displayed with the Manage Services Online table.
The information in the Manage Services Online table is updated from your mysonicwall.com account.
If you are already connected to your mysonicwall.com account from the management interface, the Manage Services Online table is displayed.
Click Synchronize to update the licensing and subscription information on the firewall from your mysonicwall.com account.
The following sections describe global configurations that are performed on the Security Services > Summary page:
• Security Services Settings on page 836
• Signature Downloads and Registration Through a Proxy Server on page 837
• Security Services Information on page 837
• Update Signature Manually on page 837
The Security Services Settings section provides the following options for fine-tuning SonicWALL security services:
• Security Services Settings - This pull-down menu specifies whether SonicWALL security services are applied to maximize security or to maximize performance:
– Maximum Security (Recommended) - Inspect all content with any threat probability (high/medium/low). For additional performance capacity in this maximum security setting, utilize SonicOS UTM Clustering.
– Performance Optimized - Inspect all content with a high or medium threat probability. Consider this performance optimized security setting for bandwidth or CPU intensive gateway deployments or utilize SonicOS UTM Clustering.
The Maximum Security setting provides maximum protection. The Performance Optimized setting utilizes knowledge of the currently known threats to provide high protection against active threats in the threat landscape.
• Reduce Anti-Virus traffic for ISDN connections - Select this feature to enable the SonicWALL Anti-Virus to check only once a day (every 24 hours) for updates and reduce the frequency of outbound traffic for users who do not have an “always on” Internet connection.
• Drop all packets while IPS, GAV and Anti-Spyware database is reloading - Select this option to instruct the firewall to drop all packets whenever the IPS, GAV, and Anti-Spyware database is updating.
• HTTP Clientless Notification Timeout for Gateway AntiVirus and AntiSpyware - Set the timeout duration after which the firewall notifies users when GAV or Anti-Spyware detects an incoming threat from an HTTP server. The default timeout is one day (86400 seconds).
Signature Downloads and Registration Through a Proxy Server
This section provides the ability for Dell SonicWALL network security appliances that operate in networks where they must access the Internet through a proxy server to download signatures. This feature also allows for registration of Dell SonicWALL network security appliances through a proxy server without compromising privacy. To enable signature download or appliance registration through a proxy server, perform the following steps:
1. Select the Download Signatures through a Proxy Server checkbox.
2. In the Proxy Server Name or IP Address field, enter the hostname or IP address of the proxy server.
3. In the Proxy Server Port field, enter the port number used to connect to the proxy server.
4. Select the This Proxy Server requires Authentication checkbox if the proxy server requires a username and password.
5. If the appliance has not been registered with mySonicWALL.com, two additional fields are displayed:
– MySonicWALL Username - Enter the username for the MySonicWALL.com account that the appliance is to be registered to.
– MySonicWALL Password - Enter the MySonicWALL.com account password.
6. Click Accept at the top of the page.
This section includes a brief overview of services available for your Dell SonicWALL network security appliance.
The Manual Signature Update feature is intended for networks where reliable, broadband Internet connectivity is either not possible or not desirable (for security reasons). The Manual Signature Update feature provides a method to update the latest signatures at the network administrator’s discretion. The network administrator first downloads the signatures from http://www.mysonicwall.com to a separate computer, a USB drive, or other media. Then the network administrator uploads the signatures to the firewall. The same signature update file can be used on all Dell SonicWALL network security appliances that meet the following requirements:
• Devices that are registered to the same mysonicwall.com account
• Devices that belong to the same class of Dell SonicWALL network security appliances.
To manually update signature files, complete the following steps:
1. On the Security Services > Summary page, scroll to the Update Signatures Manually heading at the bottom of the page. Note the Signature File ID for the device.
Log on to http://www.mysonicwall.com using the mysonicwall.com account that was used to register the Dell SonicWALL network security appliance.
Note The signature file can only be used on firewalls that are registered to the mysonicwall.com account that downloaded the signature file.
3. Click on Download Signatures under the Downloads heading.
4. In the pull down window next to Signature ID:, select the appropriate SFID for your firewall.
5. Download the signature update file by clicking on Click here to download the Signature file.
Note The remaining steps can be performed while disconnected from the Internet.
6. Return to the Security Services > Summary page on the firewall management interface.
7. Click on the Import Signatures box.
8. In pop-up window that appears, click the browse button, and navigate to the location of the signature update file.
9. Click Import. The signatures are uploaded for the security services that are enabled on the firewall.
Update Geo-IP Database Manually
The Geo-IP Filter feature allows administrators to block connections to or from a geographic location based. The Dell/SonicWALL network security appliance uses IP address to determine to the location of the connection. To use this feature, you must download the Geo-IP database to the appliance.
To update the Geo-IP database manually:
1. Go to the Security Services > Summary page.
2. Scroll down to the Update Geo-IP Database Manually section.
3. Click the Import Geo-IP Database button.
The Import Geo-IP Database dialog appears.
4. Browse and select the Geo-IP database that you want.
5. Click Import.
Update Botnet Database Manually
The Botnet Filtering feature allows administrators to block connections to or from Botnet command and control servers. To use this feature, you must download the Botnet database to the appliance.
To update the Botnet database manually:
1. Go to the Security Services > Summary page.
2. Scroll down to the Update Botnet Database Manually section.
3. Click the Import Botnet Database button.
The Import Botnet Database dialog appears.
4. Browse and select the Botnet database that you want.
5. Click Import.
To activate a SonicWALL Security Service, refer to the specific Security Service chapter.