Enforced Client Product Guide

Using the Firewall Protection Service

 

Configuring policies for firewall protection

„Configure IP addresses for a custom connection

Custom settings configured on the SecurityCenter are ignored on client computers if the Firewall Protection Mode is set to Prompt mode. In Prompt mode, settings configured by users override administrator settings.

5

Configure system services for a custom connection

Certain applications, including web servers and file-sharing server programs, must accept unsolicited connections from other computers through designated system service ports. When configuring a custom operating mode, you can:

„Allow applications to act as servers on the local network or the Internet.

„Add or edit a port for a system service.

„Disable or remove a port for a system service.

Select a port for system services only if you are certain it must be open. You will rarely need to open a port. we recommend that you disable unused system services.

Examples of system services that typically require ports to be opened are:

Email server — You do not need to open a mail server port to receive email. You need to open a port only if the computer running the firewall protection service acts as an email server.

Web server — You do not need to open a web server port to run a web browser. You need to open a port only if the computer running the firewall protection service acts as a web server.

An opened service port that does not have an application running on it poses no security threat.

This section explains the following concepts and tasks relevant to configuring service ports:

„Standard system service ports

„Open a service port

„Add and edit service ports

„Close a service port

Standard system service ports

System services communicate through ports, which are logical network connections. Common Windows system services are typically associated with particular service ports, and your computer’s operating system or other system applications might attempt to open them. Because these ports represent a potential source of intrusions into a client computer, you must open them before the computer can communicate through them.

These commonly used standard service ports are listed by default on the Firewall Custom Settings page, where you can open or close them:

„File and Print Sharing

„Remote Desktop

117

Page 116 Page 118
Page 117
Image 117
SonicWALL 4.5 manual Configure system services for a custom connection, „ Configure IP addresses for a custom connection
Page 116 Page 118

4.5 specifications

SonicWALL 4.5 is a robust network security solution designed to address the evolving challenges in threat protection and data security. This release brings a suite of advanced features, cutting-edge technologies, and characteristics tailored to enhance system performance and resilience against cyber threats.

One of the highlight features of SonicWALL 4.5 is its Integrated Intrusion Prevention System (IPS). This system provides real-time threat detection and response by monitoring network traffic for potential vulnerabilities and malicious activities. With continuously updated signature-based detection, it ensures that organizations are protected against the latest exploits and attack vectors.

Another key component is the Next-Generation Firewall (NGFW) capabilities, which combine traditional firewall functions with advanced features such as application awareness, user identity control, and content filtering. The NGFW allows organizations to enforce detailed policies based on user roles, thereby enhancing the security posture while maintaining user productivity.

SonicWALL 4.5 also incorporates advanced malware protection through its Capture Advanced Threat Protection (ATP) service. This multi-engine sandboxing technology analyzes suspicious files and URLs in a secure environment, providing organizations with in-depth insights into potential threats before they reach the network.

Furthermore, the solution includes enhancements to Secure Mobile Access, enabling secure remote connections while ensuring that sensitive data remains protected. With features like SSL VPN, SonicWALL 4.5 allows users to securely access private networks from anywhere while maintaining compliance with data protection regulations.

In terms of management, SonicWALL 4.5 introduces an intuitive interface for centralized management, enabling IT administrators to configure and monitor multiple devices effortlessly. The reporting and logging capabilities are enhanced, providing detailed insights into network activity, which is crucial for compliance and forensic analysis.

SonicWALL 4.5 also prioritizes user experience and performance with its optimized hardware, ensuring faster processing speeds and reduced latency. Features like high availability and load balancing further enhance system reliability.

In summary, SonicWALL 4.5 stands out with its integrated IPS, NGFW capabilities, advanced malware protection through Capture ATP, secure mobile access, intuitive management interface, and optimized performance. This comprehensive suite of features positions SonicWALL 4.5 as a formidable player in the realm of network security, making it an appealing choice for organizations seeking robust protection against an ever-evolving threat landscape.
Top Page Image Contents