SonicWALL 4500, NSA 5000, 3500 manual Enabling Intrusion Prevention Services

Page 47

7.Select Enable HTTP Clientless Notification Alerts and customize the message. This feature informs the user that GAV detected a threat from the HTTP server.

8.Select Enable Gateway AV Exclusion List and then click Add to define a range of IP addresses whose traffic will be excluded from SonicWALL GAV scanning.

9.When finished in the Add GAV Range dialog box, click OK.

10.In the Gateway AV Config View window, click OK.

11.In the Security Services > Gateway Anti-Virus page, click Accept.

Enabling Intrusion Prevention Services

To enable Intrusion Prevention Services in SonicOS:

1.Navigate to the Security Services > Intrusion Prevention page. Select the Enable Intrusion Prevention checkbox.

2.In the Signature Groups table, select the Prevent All and Detect All checkbox for each attack priority that you want to prevent. Selecting the Prevent All and Detect All check boxes for High Priority Attacks and Medium Priority Attacks protects your network against the most dangerous and disruptive attacks.

3.To log all detected attacks, leave the Log Redundancy Filter field set to zero. To enforce a delay between log entries for detections of the same attack, enter the number of seconds to delay.

4.Click Configure IPS Settings to enable IP packet reassembly before inspection and create a SonicWALL IPS exclusion list.

5.In the IPS Config View window, select Enable IPS Exclusion List and then click Add to define a range of IP addresses whose traffic will be excluded from SonicWALL IPS scanning.

6.When finished in the Add IPS Range dialog box, click OK.

7.In the IPS Config View window, click OK.

8.In the Security Services > Intrusion Prevention page, click Accept.

Page 46 Enabling Security Services in SonicOS

Image 47

Contents Getting Started Guide SonicWALL NSA Getting Started Guide Document ContentsSonicWALL NSA Series BackThis Section Pre-Configuration TasksCheck Package Contents Registration Information Obtain Configuration InformationAdministrator Information Obtain Internet Service Provider ISP InformationFront Panel Back Panel Power Supply8 The Back Panel Registering Your Appliance on mysonicwall.com Before You Register Product Registration Registering and Licensing Your Appliance on mysonicwall.comSupport Services Licensing Security Services and SoftwareService Bundles Gateway ServicesSonicWALL NSA 5000/4500/3500 Getting Started Guide Registration Next Steps Registering a Second Appliance as a BackupDeployment Scenarios Selecting a Deployment Scenario ABCScenario a NAT/Route Mode Gateway Scenario B State Sync Pair in NAT/Route Mode Scenario C L2 Bridge Mode System Requirements Initial SetupConnecting the WAN Port Applying Power Connecting the LAN PortAccessing the Setup Wizard Accessing the Management InterfaceTesting Your Connection Connecting to Your NetworkActivating Licenses in SonicOS Obtaining the Latest Firmware Saving a Backup Copy of Your PreferencesUpgrading Firmware on Your SonicWALL On the System Settings page, click Upload New Firmware Upgrading the Firmware with Current SettingsUpgrading the Firmware with Factory Defaults Using SafeMode to Upgrade FirmwareConfirmation dialog box, click OK to proceed Uploaded Firmware NewScenario B Configuring a State Sync Pair in NAT/Route ModeInitial High Availability Setup Navigate to the High Availability Advanced Configuring High AvailabilityConfiguring Advanced HA Settings 30 Configuring a State Sync Pair in NAT/Route Mode Synchronizing Settings Synchronizing Firmware Adjusting High Availability SettingsHA License Configuration Overview Click Register Associating Pre-Registered AppliancesConnection Overview Configuring L2 Bridge ModeConfiguring the Primary Bridge Interface IP Assignment drop-down, select Layer 2 Bridged Mode Configuring the Secondary Bridge InterfaceAdditional Deployment Configuration WAN DMZ Creating Network Access RulesSonicWALL NSA 5000/4500/3500 Getting Started Guide Creating a NAT Policy SonicWALL NSA 5000/4500/3500 Getting Started Guide Configuring Address Objects Leave Create a reflexive policy unchecked Configuring NAT PoliciesEnabling Gateway Anti-Virus Enabling Security Services in SonicOSSonicWALL NSA 5000/4500/3500 Getting Started Guide Security Services Intrusion Prevention page, click Accept Enabling Intrusion Prevention ServicesSecurity Services Gateway Anti-Virus page, click Accept Enabling Anti-Spyware Applying Security Services to Network Zones Updating SonicPoint Firmware Deploying SonicPoints for Wireless AccessConfiguring SonicPoint Provisioning Profiles 802.11g Radio tab Select Enable Radio Select Enable SonicPointConfiguring a Wireless Zone Assigning an Interface to the Wireless Zone Connecting the SonicPoint Using Packet Capture Troubleshooting Diagnostic ToolsUsing Ping Using the Active Connections Monitor Using Log View For this Task See this Chapter Deployment Configuration Reference ChecklistSupport and Training Options Customer Support Support ServicesKnowledge Portal SonicWALL Live Product DemosUser Forums Training Related Documentation Product Safety and Regulatory Information Cable Connections Safety and Regulatory InformationLithium Battery Warning Rack Mounting the SonicWALLKabelverbindungen Safety and Regulatory Information in GermanWeitere Hinweise zur Montage Hinweis zur LithiumbatterieRegulatory Information for Korea FCC Part 15 Class a NoticeCanadian Radio Frequency Emissions Statement Cispr 22 EN 55022 Class aTrademarks Copyright Notice70 Notes SonicWALL NSA 5000/4500/3500 Getting Started Guide 72 Notes Rev a 01/08