SonicWALL SonicWALL UTM Appliance manual

LDAP Leveraging LDAP Groups/ Users with SonicWALL UTM Appliance

Contents

Contents.............................................................................................................................................................. 1

Integrating LDAP/Active Directory with Sonicwall UTM...................................................................................... 3

LDAP over SSL............................................................................................................................................... 3

Configuring the CA on the Active Directory Server..................................................................................... 3

Exporting the CA Certificate from the Active Directory Server............................................................................4

Importing the CA Certificate onto the SonicWALL.............................................................................................. 4

Configuring the SonicWALL Appliance for LDAP........................................................................................4

Authentication....................................................................................................................................................13

Single Sign-On Agent (SSO)......................................................................................................................... 13

Logon to Appliance – Configuring User Level Authentication Settings......................................................... 14

SonicOS Options That Leverage Groups/Users............................................................................................... 17

Creating Firewall Rules with LDAP Groups/Users........................................................................................ 17

Firewall Rules with Bandwidth Management & Logging............................................................................... 20

Blocking Websites (Domain Names) for Groups/Users.................................................................................... 22

Blocking Domains with Firewall Rules.......................................................................................................22

Allowing Specific Domains and Blocking All Others with Firewall Rules...................................................... 24

Blocking HTTPS (SSL) Domains with SSL Control.......................................................................................30

Configuring a SSL Blacklist and Whitelist................................................................................................. 31

Applying Different CFS Policies to Groups .......................................................................................................33

Creating Custom CFS Policies..................................................................................................................35

Enforcing CFS Policies without Requiring All Users to Authenticate............................................................ 39

Variables for Custom Block Page in SonicOS 5.2.................................................................................... 40

Basic Sample Code for SonicOS 5.2........................................................................................................ 41

Advanced Sample Code for SonicOS 5.2................................................................................................. 41

Sample JavaScript Code for SonicOS 5.2................................................................................................ 44

Sample Code for SonicOS 5.1 or Earlier ..................................................................................................44

Applying Application Firewall Polices to Groups/Users.................................................................................45

Blocking All Websites except a Select Few with Application Firewall....................................................... 49

Tightening Control over the Browsing Behavior of Users................................................................................. 50

Applying Intrusion Prevention Service Signatures to Groups/Users.................................................................51