SonicWALL OS 2.x quick start Mail Server NAT Policy, Mail Server Firewall Policy

Page 10

Sonic OS 2.x Quick Start Guide

Mail Server NAT Policy:

To create an Inbound NAT policy for our Mail Server:

1.Select the NAT Policies option under the Network button of the GUI.

2.Click the ADD button.

3.For Original Source, select ANY. Allow E-Mail from anywhere on the Internet.

4.For Translated Source, select Original. We want to leave the original source IP address alone.

5.For Original Destination, select WAN Primary IP. Incoming mail is being sent to the routable WAN IP of the Sonicwall.

6.For Translated Destination, select the Mail Server address object. This causes the incoming mail to

be routed to the private IP address (192.168.168.4) defined by the Mail Server address object.

7.For Original Service, select SMTP (Send E-Mail). We only want this translation to work for E-Mail.

8.For Translated Service, select Original. Our mail server is expecting SMTP on port 25, so we leave the service as the original, no service translations required.

9.For Inbound Interface, select X1 (the primary WAN).

10.For Outbound Interface, select ANY.

11.Click OK to add the NAT policy.

Mail Server Firewall Policy:

This NAT policy will take any TCP packets coming in on the primary WAN interface that are destined for port 25, and redirect them to the IP address of the Mail Server. This is a great start to allowing access to our mail server, but we’re not done yet – next we must specify an Access Rule allowing the traffic to pass through the firewall.

First, we must ensure that we place the access rule correctly in the Zone matrix. The Zone concept essentially creates a matrix of rulesets, with each ruleset applying to traffic from one zone to another. Since this rule will apply to traffic coming in from the WAN zone and destined for the LAN zone, we’ll need to edit the appropriate rules as follows:

9

Page 9 Page 11
Image 10
Page 9 Page 11
Contents SonicWALL SonicOS 2.x Enhanced Quick Start Guide Introduction PROBasic WAN & LAN Configuration Security Zones and ObjectsCreating a Custom Zone Security Zones Configuration Objects/Groups Overview Objects and Groups Configuration Define the ObjectsDefine the Group Firewall Access Rules Public LAN ServerMail Server NAT Policy Mail Server Firewall PolicySonic OS 2.x Quick Start Guide Create Users & Groups User Level Authentication and SchedulesCreate Firewall Rule Building VPNs Defining the Security Associations SA Sonic OS 2.x Quick Start Guide Sonic OS 2.x Quick Start Guide WAN-WAN Load Balancing & Fail Over WAN FailoverSonic OS 2.x Quick Start Guide WAN Load Balancing WAN IP

OS 2.x specifications

SonicWALL OS 2.x represents a significant step forward in firewall, VPN, and security appliance technology. This operating system is specifically designed to deliver robust security solutions for businesses of all sizes. SonicWALL, a brand known for its high-performance network security products, leverages advanced features in OS 2.x to elevate the capability of its devices, ensuring that organizations can defend against the ever-evolving landscape of cyber threats.

One of the main features of SonicWALL OS 2.x is its Integrated Intrusion Prevention System (IPS). This technology continuously monitors network traffic to detect and block potential threats in real-time. The IPS is crucial for safeguarding sensitive data by preventing unauthorized access and attacks related to vulnerabilities in applications and services.

Another critical characteristic of OS 2.x is its support for deep packet inspection. This functionality allows SonicWALL devices to thoroughly analyze incoming and outgoing packets, ensuring that malicious content is identified and dealt with appropriately. By parsing the packet data beyond simple header information, deep packet inspection enables the detection of sophisticated threats that might evade standard filtering techniques.

Additionally, SonicWALL OS 2.x includes advanced VPN capabilities, making it easier for remote employees to securely connect to the corporate network. With support for SSL VPN and IPSec, this OS ensures that data remains encrypted and protected during transmission. This aspect is particularly essential for organizations with remote workforces, as it allows employees to access necessary resources without compromising security.

The operating system also features an intuitive and user-friendly graphical user interface (GUI). This interface provides administrators with a streamlined approach to managing security policies, monitoring performance, and making real-time adjustments to firewall settings. The ease of use significantly reduces the complexity associated with managing sophisticated security configurations.

Moreover, SonicWALL OS 2.x integrates with a range of networking technologies including VLAN support and dual WAN failover. This ensures that network performance remains optimal, even during hardware failures or unexpected surges in traffic, contributing greatly to overall business continuity.

In summary, SonicWALL OS 2.x combines a suite of advanced security features with an intuitive management interface, making it an essential solution for organizations looking to enhance their cybersecurity posture. The technologies and characteristics embedded within this operating system exemplify SonicWALL’s commitment to providing reliable and effective security solutions in an increasingly complex digital world.
Top Page Image Contents