SonicWALL 232-000861-00 manual Key Features in SonicWALL Scrutinizer

Page 2

Key Features in SonicWALL Scrutinizer 9.0

The following enhancements are new in the SonicWALL Scrutinizer 9.0 release:

Enhanced Notifications and Facilitation of Automatic Remediation: In version 8.6 and earlier versions, Scrutinizer only sent syslogs. Version 9 adds the ability to send notifications and escalate issues. If the first person notified doesn’t clear the alarm within a given time period, a second person, third person, and so on can be notified via email, pager, and other options listed below.

Notifications can be sent when alarms are triggered based upon specific SonicWALL firewall security related events.

New notification options include:

1.Email notifications about network activity can be sent to administrators using mobile and other devices.

2.SNMP Traps can be triggered allowing for greater integration with existing notification options.

3.Syslog Messages allow for greater remediation when integrated with third party SIEM products such as ArcSight.

4.Script execution allows for automatic remediation eliminating the need for manual intervention.

Scrutinizer now facilitates automatic remediation based on specific events: Previous versions of Scrutinizer, as do most other third party flow analytic applications, only provide messages to the user when alarms are triggered. By adding SNMP Traps & Script Execution, Scrutinizer now has the potential to remediate events.

For example, SonicWALL IPS sees an attack occurring on the LAN, an alarm in Scrutinizer is triggered which in turn sends an SNMP Trap to the Cisco switch to shut down the interfaced being used in the attack.

Advanced SonicWALL VPN Reporting with granular drilldown capabilities including:

Reports are available for both site-to-site VPN connections and remote user IPSec VPN connections, i.e. Global VPN Client connections

User Details include user name, authentication method, and domain for detailed reporting on specific users.

Reporting data can be cross referenced with the friendly VPN name, the remote system’s IP address and the local system’s IP address.

New SonicWALL Scrutinizer VPN Report Type

SonicWALL Scrutinizer 9.0.1 Release Notes

P/N 232-000861-00 Rev A

2

Image 2
Contents Contents Key Features in SonicWALL Scrutinizer New SonicWALL Scrutinizer VPN Report TypeEnhanced SonicWALL VoIP Reporting including New Host Destination Report Page Scrutinizer Product Overview Administration Scrutinizer Base ProductSupported Protocols & Other Technical Specifications Flow Analytics Module Page Third Party Product Integration Advanced TroubleshootingService Provider Module Enablement of Traffic and Usage Based Billing Customer PortalCross Check Module Cisco Advanced Reporting ModuleCitrix Advanced Reporting Module Flowalyzer NetFlow & sFlow Tester Known Issues Resolved Issues Clicking the Logalot Report Manager buttonDashboard tab Definitions GroupsWhat is sFlow? How to Upgrade to the Licensed VersionWhat is NetFlow? What are the different versions of NetFlow available?Is Cisco the only vendor supporting NetFlow? What if I need features that Scrutinizer does not support?How is NetFlow different from traffic analyzers like MRTG? Is a trial version of Scrutinizer available for evaluation?Command to type ip flow-cache timeout inactive Example scrututil Scrututil.exe -resetadminpassword UsernameHow do I setup SSL with Scrutinizer? How do I use a different drive for storing data?How do I exclude Scrutinizer in Symantec AntiVirus? ResetmysqlpasswordCan Scrutinizer run in VMWare? How do I know how much hard drive space I will need? Where can I find the Scrutinizer manual?Related Technical Documentation