Selecting a Deployment Scenario | SonicWALL SRA 1200/4200 specs

Selecting a Deployment Scenario

The deployment scenarios described in this section are based on actual customer deployments and are SonicWALL- recommended deployment best practices for SRA appliances .

A SonicWALL SRA appliance is commonly deployed in “one- arm” mode over the DMZ or Opt interface on an accompanying gateway appliance, such as a SonicWALL NSA E7500. This method of deployment offers additional layers of security control, plus the ability to use SonicWALL’s UTM services, including Gateway Anti-Virus, Anti-Spyware, Content Filtering, Intrusion Prevention Service, and Comprehensive Anti-Spam Service, to scan all incoming and outgoing NetExtender traffic.

The primary interface (X0) on the SonicWALL SRA connects to an available segment on the gateway device. The encrypted user session is passed through the gateway to the SonicWALL SRA appliance. The SonicWALL SRA appliance decrypts the session and determines the requested resource.

The session traffic then traverses the gateway appliance to reach the internal network resources. The gateway appliance applies security services, such as Intrusion Prevention, Gateway Anti-Virus, and Anti-Spyware inspection as data traverses the gateway. The internal network resource then returns the requested content to the SonicWALL SRA appliance through the gateway, where it is encrypted and sent to the client.

Scenario Overviews

Scenario A: SRA on a New DMZ

	SonicWALL UTM Appliance
X1	E7500
X1		X0
	OPT, X2, etc	X0
	OPT, X2, etc
Router		Switch
Remote Users	X0	Network Nodes
	X0

SRA 1200

SRA Appliance

WAN

DMZ

LAN

SonicWALL SRA 1200/4200 Getting Started Guide Page 7

Image 8

SonicWALL SRA 1200/4200 manual Selecting a Deployment Scenario, Scenario Overviews

Contents

Getting Started Guide Document Contents SonicWALL SRA 1200/4200 Getting Started Guide 2 Document Contents Setting Up Your Network This Section Missing Items? Package Contents for the SonicWALL SRASRA 1200 System Requirements SRA 4200 System Requirements Recording Configuration Information Administrator InformationNetwork Configuration Information What You Need to Begin Selecting a Deployment Scenario Scenario Overviews Scenario B SRA on an Existing DMZ Applying Power to the SonicWALL SRA Accessing the Management Interface Troubleshooting Connecting Your Appliance Configuring Your SRA 1200/4200 Setting Your Administrator Password Navigate to Users Local Users Setting the Time ZoneAdding a Local User Configuring SRA Network Settings Configuring DNS / WinsConfiguring the X0 IP Address for Scenario B and Scenario C Click Accept Configuring a Default Route Adding a NetExtender Client Route Navigate to the NetExtender Client Routes Setting Your NetExtender Address Range 192.168.200.100 to Connecting Your SRA 1200/4200 Scenario a Connecting Your Network Interfaces Scenario B Connecting Your Network Interfaces Scenario C Connecting Your Network Interfaces 20 Connecting Your SRA 1200/4200 Registering Your Appliance Creating a MySonicWALL Account Registering Your SonicWALL SRABefore You Register Product Registration Services and Licensing Service Management Activating Services and Software Flexible Per-User Licensing Trying or Purchasing Services 26 Services and Licensing Network Configuration Scenario a SRA on a New DMZ Un-select the Allow Interface Trust checkbox Connecting to a SonicWALL Security ApplianceAdding a New SRA Custom Zone Enter your Subnet Mask Enter a name for the serviceAllowing a WAN SRA Connection Click Allowing an SRA LAN ConnectionNavigate to the Network Address Objects Name for NetExtender Scenario B SRA on an Existing DMZ Prerequisites Allowing WAN DMZ Connection Allowing DMZ LAN Connection Continue to Testing Your Remote Connection on Configuring SRA LAN Connectivity Scenario C SRA on the LAN Name Name for NetExtender Zone Assignment Select Http and Https checkboxes, and click Next Setting Public Server AccessSelect the Public Server Wizard option and click Next Testing Your Remote Connection Verifying a User Connection from the Internet 40 Testing Your Remote Connection Upgrading Your Appliance Exporting a Copy of Your Configuration Settings Obtaining the Latest SRA SSL VPN Image Uploaded Firmware New Uploaded Firmware with Factory Defaults NewUploading a New SRA SSL VPN Image Resetting the Appliance Using SafeMode Support and Training Options Customer Support Knowledge Base User Forums Training Related Documentation SonicWALL Live Product Demos SonicWALL Secure Wireless Network Integrated Solutions Guide Page Safety and Regulatory Information Lithium Battery Warning Cable Connections Kabelverbindungen Weitere Hinweise zur MontageHinweis zur Lithiumbatterie Declaration of Conformity Complies with EN 55022 Class a and CISPR22 Class a Bmsi Statement Class a Regulatory Information for Korea SWL-1RK23-088 Copyright Notice Trademarks SonicWALL SRA 1200/4200 Getting Started Guide 60 Notes SonicWALL, Inc