SonicWALL SRA 1200/4200 manual Selecting a Deployment Scenario, Scenario Overviews

Page 8

Selecting a Deployment Scenario

The deployment scenarios described in this section are based on actual customer deployments and are SonicWALL- recommended deployment best practices for SRA appliances .

A SonicWALL SRA appliance is commonly deployed in “one- arm” mode over the DMZ or Opt interface on an accompanying gateway appliance, such as a SonicWALL NSA E7500. This method of deployment offers additional layers of security control, plus the ability to use SonicWALL’s UTM services, including Gateway Anti-Virus, Anti-Spyware, Content Filtering, Intrusion Prevention Service, and Comprehensive Anti-Spam Service, to scan all incoming and outgoing NetExtender traffic.

The primary interface (X0) on the SonicWALL SRA connects to an available segment on the gateway device. The encrypted user session is passed through the gateway to the SonicWALL SRA appliance. The SonicWALL SRA appliance decrypts the session and determines the requested resource.

The session traffic then traverses the gateway appliance to reach the internal network resources. The gateway appliance applies security services, such as Intrusion Prevention, Gateway Anti-Virus, and Anti-Spyware inspection as data traverses the gateway. The internal network resource then returns the requested content to the SonicWALL SRA appliance through the gateway, where it is encrypted and sent to the client.

Scenario Overviews

Scenario A: SRA on a New DMZ

 

SonicWALL UTM Appliance

 

X1

E7500

 

 

X0

 

OPT, X2, etc

 

 

Router

 

Switch

Remote Users

X0

Network Nodes

 

 

SRA 1200

SRA Appliance

WAN

DMZ

LAN

SonicWALL SRA 1200/4200 Getting Started Guide Page 7

Page 7 Page 9
Image 8
Page 7 Page 9
Contents Getting Started Guide Document Contents SonicWALL SRA 1200/4200 Getting Started Guide2 Document Contents Setting Up Your Network This SectionMissing Items? Package Contents for the SonicWALL SRASRA 1200 System Requirements SRA 4200 System Requirements Recording Configuration Information Administrator InformationNetwork Configuration Information What You Need to BeginSelecting a Deployment Scenario Scenario OverviewsScenario B SRA on an Existing DMZ Applying Power to the SonicWALL SRA Accessing the Management InterfaceTroubleshooting Connecting Your Appliance Configuring Your SRA 1200/4200 Setting Your Administrator PasswordNavigate to Users Local Users Setting the Time ZoneAdding a Local User Configuring SRA Network Settings Configuring DNS / WinsConfiguring the X0 IP Address for Scenario B and Scenario C Click AcceptConfiguring a Default Route Adding a NetExtender Client Route Navigate to the NetExtender Client RoutesSetting Your NetExtender Address Range 192.168.200.100 toConnecting Your SRA 1200/4200 Scenario a Connecting Your Network InterfacesScenario B Connecting Your Network Interfaces Scenario C Connecting Your Network Interfaces20 Connecting Your SRA 1200/4200 Registering Your Appliance Creating a MySonicWALL Account Registering Your SonicWALL SRABefore You Register Product RegistrationServices and Licensing Service ManagementActivating Services and Software Flexible Per-User LicensingTrying or Purchasing Services 26 Services and Licensing Network Configuration Scenario a SRA on a New DMZUn-select the Allow Interface Trust checkbox Connecting to a SonicWALL Security ApplianceAdding a New SRA Custom Zone Enter your Subnet Mask Enter a name for the serviceAllowing a WAN SRA Connection Click Allowing an SRA LAN ConnectionNavigate to the Network Address Objects Name for NetExtender Scenario B SRA on an Existing DMZ PrerequisitesAllowing WAN DMZ Connection Allowing DMZ LAN Connection Continue to Testing Your Remote Connection on Configuring SRA LAN Connectivity Scenario C SRA on the LANName Name for NetExtender Zone Assignment Select Http and Https checkboxes, and click Next Setting Public Server AccessSelect the Public Server Wizard option and click Next Testing Your Remote Connection Verifying a User Connection from the Internet40 Testing Your Remote Connection Upgrading Your Appliance Exporting a Copy of Your Configuration Settings Obtaining the Latest SRA SSL VPN ImageUploaded Firmware New Uploaded Firmware with Factory Defaults NewUploading a New SRA SSL VPN Image Resetting the Appliance Using SafeMode Support and Training Options Customer Support Knowledge BaseUser Forums Training Related Documentation SonicWALL Live Product Demos SonicWALL Secure Wireless Network Integrated Solutions Guide Page Safety and Regulatory Information Lithium Battery Warning Cable ConnectionsKabelverbindungen Weitere Hinweise zur MontageHinweis zur Lithiumbatterie Declaration of Conformity Complies with EN 55022 Class a and CISPR22 Class aBmsi Statement Class a Regulatory Information for Korea SWL-1RK23-088Copyright Notice TrademarksSonicWALL SRA 1200/4200 Getting Started Guide 60 Notes SonicWALL, Inc
Top Page Image Contents