SonicWALL OS 2.x quick start Defining the Security Associations SA

Page 14

Sonic OS 2.x Quick Start Guide

*The ability to NAT traffic as it enters the VPN Tunnel, or as it exits (inbound or outbound), and the capability to have firewall rules specified on VPN traffic.

Defining the Security Associations (SA)

For the purpose of this example, we will keep the VPN configuration simple. Refer to the network diagram at the beginning of the document for the specifics. You should have already defined Address objects for the local network (behind the 4060) and the remote network (behind the TZ170).

On the Pro 4060, define the SA as follows:

1.From the GUI, select the VPN option, and then click ADD.

2.For IPSec Keying Mode, select IKE using Preshared Secret.

3.For Name, enter an appropriate name for this VPN SA.

4.For both the IPSec Primary and Secondary Gateways, enter 0.0.0.0. The remote TZ170 receives a dynamic IP address from the ISP, so an Aggressive Mode IKE is required.

5.For Shared Secret, enter an appropriate combination of characters and numbers.

6.For the Local IKE ID, select Sonicwall Identifier and enter the serial number of the Pro 4060.

7.For the Remote IKE ID, select Sonicwall Identifier and enter the serial number of the TZ170.

8.Select the Network Tab.

9.For the Local Network, choose the address object previously defined. For this example, we created an address object for the LAN subnet connected to the X0 interface (192.168.168.0/24). The VPN will only allow traffic from the X0 IP Subnet to the remote TZ170.

10.For Destination Networks, select the previously defined address object for

the network located behind the TZ170 (192.168.1.0/24)

13

Page 13 Page 15
Image 14
Page 13 Page 15
Contents SonicWALL SonicOS 2.x Enhanced Quick Start Guide Introduction PROBasic WAN & LAN Configuration Security Zones and ObjectsCreating a Custom Zone Security Zones Configuration Objects/Groups Overview Objects and Groups Configuration Define the ObjectsDefine the Group Firewall Access Rules Public LAN ServerMail Server NAT Policy Mail Server Firewall PolicySonic OS 2.x Quick Start Guide Create Firewall Rule User Level Authentication and SchedulesCreate Users & Groups Building VPNs Defining the Security Associations SA Sonic OS 2.x Quick Start Guide Sonic OS 2.x Quick Start Guide WAN-WAN Load Balancing & Fail Over WAN FailoverSonic OS 2.x Quick Start Guide WAN Load Balancing WAN IP

OS 2.x specifications

SonicWALL OS 2.x represents a significant step forward in firewall, VPN, and security appliance technology. This operating system is specifically designed to deliver robust security solutions for businesses of all sizes. SonicWALL, a brand known for its high-performance network security products, leverages advanced features in OS 2.x to elevate the capability of its devices, ensuring that organizations can defend against the ever-evolving landscape of cyber threats.

One of the main features of SonicWALL OS 2.x is its Integrated Intrusion Prevention System (IPS). This technology continuously monitors network traffic to detect and block potential threats in real-time. The IPS is crucial for safeguarding sensitive data by preventing unauthorized access and attacks related to vulnerabilities in applications and services.

Another critical characteristic of OS 2.x is its support for deep packet inspection. This functionality allows SonicWALL devices to thoroughly analyze incoming and outgoing packets, ensuring that malicious content is identified and dealt with appropriately. By parsing the packet data beyond simple header information, deep packet inspection enables the detection of sophisticated threats that might evade standard filtering techniques.

Additionally, SonicWALL OS 2.x includes advanced VPN capabilities, making it easier for remote employees to securely connect to the corporate network. With support for SSL VPN and IPSec, this OS ensures that data remains encrypted and protected during transmission. This aspect is particularly essential for organizations with remote workforces, as it allows employees to access necessary resources without compromising security.

The operating system also features an intuitive and user-friendly graphical user interface (GUI). This interface provides administrators with a streamlined approach to managing security policies, monitoring performance, and making real-time adjustments to firewall settings. The ease of use significantly reduces the complexity associated with managing sophisticated security configurations.

Moreover, SonicWALL OS 2.x integrates with a range of networking technologies including VLAN support and dual WAN failover. This ensures that network performance remains optimal, even during hardware failures or unexpected surges in traffic, contributing greatly to overall business continuity.

In summary, SonicWALL OS 2.x combines a suite of advanced security features with an intuitive management interface, making it an essential solution for organizations looking to enhance their cybersecurity posture. The technologies and characteristics embedded within this operating system exemplify SonicWALL’s commitment to providing reliable and effective security solutions in an increasingly complex digital world.
Top Page Image Contents