Manuals / SonicWALL / Computer Equipment / Network Router

SonicWALL Internet Security Appliances manual Appendix I Configuring Radius and ACE Servers

Models: Internet Security Appliances

1 293
Download 293 pages 54.59 Kb
Page 279
Image 279

Appendix I - Configuring RADIUS and ACE Servers

Individual users must have their privileges defined on the RADIUS server used for authenticating the users. Global user privileges can be configured on the RADIUS tab of the SonicWALL management interface, but SonicWALL-specific privileges must be configured on the RADIUS server.

Different vendors also have different methods of configuring the privileges on their servers. In some cases, it can be complex, but most allow for the configuration of group profiles or policies which means you can configure the attributes once per group.

This Appendix describes the configuration of user privileges on various vendors of RADIUS servers, and also notes the particular RADIUS servers which support CHAP (Challenge Handshake Authentication Protocol) mode. CHAP support is required if HTTPS is not available for logging into the SonicWALL.

Steel Belted RADIUS (Funk Software)

Steel Belted RADIUS server version 3.0 from Funk Software supports pre-configuration of vendor- specific attributes in a vendor-specific dictionary file. SonicWALL.dct is the new dictionary file for the SonicWALL.

To configure the Steel Belted RADIUS server to include the SonicWALL.dct file, use the following instructions:

1.Locate the directory that Steel Belted RADIUS is installed, C:\RADIUS by default, and copy the SonicWALL.dct file into C:\RADIUS\Service folder.

2.Edit the vendor.ini file located in the Service folder using Notepad. Add the following lines so that they are in alphabetical order with the other vendor products in the file:

 

Table 1:

 

 

vendor-product

= SonicWALL Firewall

dictionary

= SonicWALL

ignore-ports

= no

port-number-usage

= per-port-type

help-id

= 2000

3.Edit the dictiona.dcm file using Notepad, and add the entry @sonicwall.dct to it, keeping the entry in alphabetical order with the existing entries.

4.Restart the Windows service called Steel Belted RADIUS Service.

5.Run the Steel Belted RADIUS Administrator.

6.Click RAS Clients, and select SonicWALL Firewall from the Make/Model list. Click Save.

If there is no entry for SonicWALL Firewall, be sure that steps 2 and 3 were performed correctly.

Page 280 SonicWALL Internet Security Appliance Administrator’s Guide

Page 278 Page 280
Page 279
Image 279
SonicWALL Internet Security Appliances Appendix I Configuring Radius and ACE Servers, Steel Belted Radius Funk Software
Page 278 Page 280

Internet Security Appliances specifications

SonicWALL Internet Security Appliances are pivotal solutions aimed at safeguarding networks from an ever-evolving array of cyber threats. Designed for small to medium-sized businesses, as well as enterprises, these appliances deliver robust security and high-performance capabilities.

One of the main features of SonicWALL Internet Security Appliances is their Unified Threat Management (UTM) functionality. This integrated approach allows organizations to manage multiple security measures, including firewall protection, intrusion prevention systems (IPS), and antivirus capabilities, within a single device. This consolidation simplifies security management and reduces the risk of vulnerabilities from disparate systems.

Another significant technology found in these appliances is Application Control. This feature enables administrators to monitor and regulate the applications and services used within their networks, ensuring that bandwidth is allocated efficiently, and potentially harmful applications are blocked. Coupled with Content Filtering, SonicWALL offers granular policies to restrict access to inappropriate or non-work-related content, enhancing overall productivity while maintaining security.

SonicWALL appliances also utilize advanced cybersecurity technologies like SonicWall Capture Threat Assessment and Capture Advanced Threat Protection. These solutions leverage artificial intelligence to identify and remove sophisticated malware and ransomware threats before they infiltrate the network. This proactive approach ensures that only safe email and web traffic is allowed through, providing comprehensive protection against advanced persistent threats.

Moreover, SonicWALL’s Global Management System (GMS) enables centralized control over multiple security devices, making it easy for IT teams to maintain a consistent security posture across various locations. This capability is especially beneficial for organizations with distributed networks, as it provides real-time visibility into network activity and security incidents.

The appliances are also designed with scalability in mind. Whether an organization grows or needs to adjust its security policies, SonicWALL appliances can be updated, expanded, or modified without significant disruptions. This flexibility makes them a long-term investment for any business focused on network security.

In addition, SonicWALL's user-friendly interface simplifies the deployment and management processes. With intuitive dashboards and reporting tools, administrators can easily track security events, analyze network traffic patterns, and respond swiftly to potential threats.

In summary, SonicWALL Internet Security Appliances combine essential features like Unified Threat Management, Application Control, and advanced threat protection technologies into a cohesive security solution. Their scalability, centralized management capabilities, and user-friendly interfaces make them an excellent choice for businesses aiming to strengthen their cyber defenses in a complex digital landscape.