user_overview

Virtual Office Overview

Dell SonicWALL SSL VPN Virtual Office provides secure remote access to network resources, such as applications, files, intranet Web sites, and email through Web access interface such as Microsoft Outlook Web Access (OWA). The underlying protocol used for these sessions is SSL.

With SSL VPN, mobile workers, telecommuters, partners, and customers can access information and applications on your intranet or extranet. What information should be accessible to the user is determined by access policies configured by the Dell SonicWALL SSL VPN Administrator.

Accessing Virtual Office Resources

Remote network resources can be accessed in the following ways:

Using a standard Web browser - To access network resources, you must log into the SSL VPN portal. Once authenticated, you may access intranet HTTP and HTTPS sites, offloaded portals, Web-based applications, and Web-based email. In addition, you may upload and download files using FTP or Windows Network File Sharing. All access is performed through a standard Web browser and does not require any client applications to be downloaded to remote users’ machines.

Using Java thin-client access to corporate desktops and applications – The Dell SonicWALL SRA security appliance includes several Java or ActiveX thin-client programs that can be launched from within the Dell SonicWALL SRA security appliance. Terminal Services and VNC Java clients allow remote users to access corporate servers and desktops, open files, edit and store data as if they were at the office. Terminal Services provides the ability to open individual applications and support remote sound and print services. In addition, users may access Telnet and SSH servers for SSH version 1 (SSHv1) and SSH version 2 (SSHv2), from the SSL VPN portal.

Using the NetExtender SSL VPN client – The Dell SonicWALL SSL VPN network extension client, NetExtender, is available through the SSL VPN Virtual Office portal via an ActiveX control or through stand-alone applications for Windows, Linux, MacOS, Windows Mobile, and Android smartphone platforms. To connect using the SSL VPN client, log into the portal, download the installer application and then launch the NetExtender connector to establish the SSL VPN tunnel. The NetExtender Android client has a different installation process, described in this guide. Once you have set up the SSL VPN tunnel, you can access network resources as if you were on the local network.

The NetExtender standalone applications are automatically installed on a client system the first time you click the NetExtender link in the Virtual Office portal. The standalone client can be launched directly from users’ computers without requiring them to log in to the SSL VPN portal first.

Using the SonicWALL Mobile Connect app – SonicWALL Mobile Connect is an app for iPhone and iPad that, like NetExtender, uses SSL VPN to enable secure, mobile connections to private networks protected by Dell SonicWALL security appliances. For information about installing and using SonicWALL Mobile Connect, see the SonicWALL Mobile Connect User Guide available on www.sonicwall.com, at:
http://www.sonicwall.com/app/projects/file_downloader/document_lib.php?t=PG&id=482

For SSL VPN to work as described in this guide, the SonicWALL SRA security appliance must be installed and configured according to the directions provided in the SonicWALL SRA Getting Started Guide for your model.

Browser Requirements

The following Web browsers are supported for the SSL VPN Virtual Office portal:

icon_IE.jpgInternet Explorer 8.0+, 9.0+

icon_firefox.jpgFirefox 16.0+

icon_safari.jpgSafari 5.0+

icon_chrome.jpgChrome 22.0+

For Administrator management interface Web browser compatibility, refer to the SonicWALL SSL VPN Administrator Guide.

The following table provides specific browser requirements.

compatibility_chart_5.jpg

 

To configure SonicOS SSL VPN firmware, an Administrator must use a Web browser with JavaScript, cookies, and SSL enabled.

Secure Virtual Assist is fully supported on Windows platforms. Secure Virtual Assist is certified to work on Windows 7, Windows Vista and Windows XP. Limited functionality is supported on Mac OS where customers can request for assistance via web-requests.

Web Management Interface Overview

From your workstation at your remote location, launch an approved Web browser and browse to your SRA appliance at the URL provided to you by your network Administrator.

1. Open a Web browser and enter https://192.168.200.1 (the default LAN management IP address) in the Location or Address field.

2. A security warning may appear. Click the Yes button to continue.

The SonicWALL SSL VPN Management Interface displays and prompts you to enter your user name and password. As a default value, enter admin in the User Name field, password in the Password field, and select a domain from the Domain drop-down list and click the Login button. Only LocalDomain allows Administrator privileges. Note that your Administrator may have set up another login and password for you that has only user privileges.

The default page displayed is the Virtual Office home page. The default version of this page shows a SonicWALL logo, although your company’s system Administrator may have customized this page to contain a logo and look and feel of your company. Go to the Virtual Office Overview, to learn more about the Virtual Office home page.

From the Virtual Office portal home page, you cannot navigate to the Administrator’s environment. If you have Administrator’s privileges and want to enter the Administrator environment, you need to go back to the login page and enter a username and password that have Administrator privileges, and login again using the LocalDomain domain. Only the LocalDomain allows Administrator access to the management interface. Also note that the domain is independent of the privileges set up for the user.

Logging in as a user takes you directly to Virtual Office. The Virtual Office Home page displays as shown here.

The Virtual Office content will vary based on the configuration of your network Administrator. Some bookmarks and services described in the SonicWALL SSL VPN User Guide may not be displayed when you log into the SonicWALL SRA security appliance.

The Virtual Office consists of the nodes described in the following table.

Node

Description

File Shares

Provides access to the File Shares utility, which gives remote users with a secure Web interface access to Microsoft File Shares using the CIFS (Common Internet File System) or SMB (Server Message Block) proto­cols. Using a Web interface similar in style to Microsoft’s familiar Net­work Neighborhood or My Network Places, File Shares allow users with appropriate permissions to browse network shares, rename, delete, retrieve, and upload files, and to create bookmarks for later recall.

NetExtender

Provides access to the NetExtender utility, a transparent SSL VPN client for Windows, MacOS, Linux, Windows Mobile, or Android smartphone users that allows you to run any application securely on the remote net­work. It acts as an IP-level mechanism provided by the virtual interface that negotiates the ActiveX component (on Windows with IE), using a Point-to-Point Protocol (PPP) adapter instance. On non-Windows plat­forms except Android, Java controls are used to automatically install NetExtender from the Virtual Office portal. After installation, NetEx­tender automatically launches and connects a virtual adapter for SSL secure NetExtender point-to-point access to permitted hosts and sub­nets on the internal network.

Secure Virtual Assist

Provides access to Secure Virtual Assist, an easy to use tool that allows SonicWALL SSL VPN users to remotely support customers by taking control of their computers while the customer observes. Secure Virtual Assist is a lightweight, thin client that installs automatically using Java from the SonicWALL SSL VPN Virtual Office without requiring the instal­lation of any external software. For computers that do not support Java, Secure Virtual Assist can be manually installed by downloading an exe­cutable file from the Virtual Office.

Secure Virtual Meeting

Provides access to Secure Virtual Meeting, which allows multiple users to view a desktop and interactively participate in a meeting from virtu­ally anywhere with an Internet connection. Secure Virtual Meeting is similar to the one-to-one desktop sharing provided by Secure Virtual Assist except multiple users can share a desktop.

Secure Virtual Access (if config­ured by Administrator

Secure Virtual Access allows Technicians to gain access to systems out­side the LAN of the SRA appliance. After downloading and installing the thin client for Secure Virtual Access mode, the system will appear only on that Technician’s Secure Virtual Assist support queue, within the SRA’s management interface.

Bookmarks

Provides a list of available bookmarks which are objects that enable you to connect to a location or application conveniently and quickly.

Options

Provides the option to change user password and use single sign-on, if enabled by the Administrator.

Online Help

Launches online help for Virtual Office.

Tips/Help

Provides a short list of common questions and tips about the Virtual Office.

Logout

Logs you out of the Virtual Office environment.

The Home page provides customized content and links to network resources. The Home Page may contain support contact information, VPN instructions, company news, or technical updates.

Only a Web browser is required to access intranet Web sites, File Shares, and FTP sites. VNC, Telnet and SSHv1 require Java. SSHv2 provides stronger encryption than SSHv1, requires SUN JRE 1.4 or above and can only connect to servers that support SSHv2. Terminal Services requires either Java or ActiveX on the client machine.

As examples of tasks you can perform and environments you can reach through Virtual Office, you can connect to:

• Intranet Web or HTTPS sites – If your organization supports Web-based email, such as Outlook Web Access, you can also access Web-based email

• The entire network by launching the NetExtender client

• FTP servers for uploading and downloading files

• The corporate network neighborhood for file sharing

• Telnet and SSH servers

• Desktops and desktop applications using Terminal Services or VNC.

• Email servers via the NetExtender client.

The Administrator determines what resources are available to users from the SonicWALL SSL VPN Virtual Office. The Administrator can create user, group, and global policies that disable access to certain machines or applications on the corporate network.

The Administrator may also define bookmarks, or preconfigured links, to Web sites or computers on the intranet. Additional bookmarks may be defined by the end user.

SonicWALL NetExtender is a software application that enables remote users to securely connect to the remote network. With NetExtender, remote users can virtually join the remote network. Users can mount network drives, upload and download files, and access resources in the same way as if they were on the local network.

Certificates

If the SRA appliance uses a self-signed SSL certificate for HTTPS authentication, then it is recommended to install the certificate before establishing a NetExtender connection. If you are unsure whether the certificate is self-signed or generated by a trusted root Certificate Authority, SonicWALL recommends that you import the certificate. The easiest way to import the certificate is to click the Import Certificate button at the bottom of the Virtual Office home page.

If the certificate is not issued by an authorized organization, a message is displayed warning users of the risk. A user can then view detailed information and choose to continue or end the connection.