SonicWALL TZ 190 CHAPTER 58

735

SonicOS Enhanced 4.0 Administrator Guide

CHAPTER 58

Chapter 58: Activating Intrusion Prevention Service

Security Services > Intrusion Prevention Service

SonicWALL Intrusion Prevention Service (SonicWALL IPS) delivers a configurable, high

performance Deep Packet Inspection engine for extended protection of key network services

such as Web, e-mail, file transfer, Windows services and DNS. SonicWALL IPS is designed to

protect against application vulnerabilities as well as worms, Trojans, and peer-to-peer, spyware

and backdoor exploits. The extensible signature language used in SonicWALL’s Deep Packet

Inspection engine also provides proactive defense against newly discovered application and

protocol vulnerabilities. SonicWALL IPS offloads the costly and time-consuming burden of

maintaining and updating signatures for new hacker attacks through SonicWALL’s industry-

leading Distributed Enforcement Architecture (DEA). Signature granularity allows SonicWALL

IPS to detect and prevent attacks based on a global, attack group, or per-signature basis to

provide maximum flexibility and control false positives.

SonicWALL Deep Packet Inspection

Deep Packet Inspection looks at the data portion of the packet. The Deep Packet Inspection

technology includes intrusion detection and intrusion prevention. Intrusion detection finds

anomalies in the traffic and alerts the administrator. Intrusion prevention finds the anomalies in

the traffic and reacts to it, preventing the traffic from passing through.

Deep Packet Inspection is a technology that allows a SonicWALL Security Appliance to classify

passing traffic based on rules. These rules include information about layer 3 and layer 4 content

of the packet as well as the information that describes the contents of the packet’s payload,

including the application data (for example, an FTP session, an HTTP Web browser session,

or even a middleware database connection). This technology allows the administrator to detect

and log intrusions that pass through the SonicWALL Security Appliance, as well as prevent

them (i.e. dropping the packet or resetting the TCP connection). SonicWALL’s Deep Packet

Inspection technology also correctly handles TCP fragmented byte stream inspection as if no

TCP fragmentation has occurred.

Contents

Main Page Table of Contents Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page PART 1 Introduction Page CHAPTER 1 Preface Copyright Notice Trademarks Limited Warranty About this Guide Organization of this Guide Part 1 Introduction Part 2 System Part 3 Network Page Part 12 Log Part 13 Wizards Guide Conventions Icons Used in this Manual SonicWALL Technical Support North America Telephone Support International Telephone Support More Information on SonicWALL Products Page Page CHAPTER 2 Common Criteria Overview of Common Criteria Operation Use of GUI Interface for Local Management Related Documents SonicOS Log Events Reference Guide Page CHAPTER 3 Introduction Whats New in SonicOS Enhanced 4.0 Page Page Page Page SonicWALL Management Interface Page Page Getting Help Logging Out Page PART 2 System Page CHAPTER 4 Dashboard System > Security Dashboard SonicWALL Security Dashboard Overview What is the Security Dashboard? Page How Does the Security Dashboard Work? Platforms Using the SonicWALL Security Dashboard Administrator Prerequisites http://www.sonicwall.com/us/Support.html. Administrator Configuration Tasks SonicWALL Security Dashboard Configuration Overview Purchasing Security Services Page Page Page Page Page http://www.sonicwall.com/us/Support.html. Related Features Page CHAPTER 5 System > Status Wizards System Messages System Information Latest Alerts Security Services Before You Register Creating a mySonicWALL.com Account Page Registering Your SonicWALL Security Appliance Network Interfaces CHAPTER 6 System > Licenses Node License Status Excluding a Node Security Services Summary Manage Security Services Online Manual Upgrade Manual Upgrade for Closed Environments From a Computer Connected to the Internet From the Management Interface of your SonicWALL Security Appliance Page CHAPTER 7 System > Administration Firewall Name Administrator Name & Password Changing the Administrator Password Login Security Settings Page Multiple Administrators Activating Configuration Mode Web Management Settings Changing the Default Size for SonicWALL Management Interface Tables SSH Management Settings Advanced Management Enabling SNMP Management Configuring Log/Log Settings for SNMP Configuring SNMP as a Service and Adding Rules Enable GMS Management Page Download URL Selecting UI Language Page CHAPTER 8 System > Certificates Digital Certificates Overview Certificates and Certificate Requests Certificate Details Importing Certificates Importing a Certificate Authority Certificate Importing a Local Certificate Deleting a Certificate Certificate Revocation List (CRL) Importing a CRL Generating a Certificate Signing Request Page Page CHAPTER 9 System > Time System Time NTP Settings Page Page Adding a Schedule Deleting Schedules Page Page Settings Import Settings Export Settings Firmware Management Automatic Notification of New Firmware Firmware Management Table Updating Firmware Manually Creating a Backup Firmware Image SafeMode - Rebooting the SonicWALL Security Appliance System Information Firmware Management FIPS CHAPTER 12 System > Packet Capture Packet Capture Overview What is Packet Capture? How Does Packet Capture Work? Using Packet Capture Accessing Packet Capture in the UI Starting and stopping packet capture Starting packet capture Stopping packet capture Viewing the captured packets About the Captured Packets Window Page About the Packet Detail Window About the Hex Dump Window Configuring Packet Capture Configuring General Settings Configuring Capture Filter Settings Page Page Configuring Display Filter Settings Page Configuring Logging Settings Page Configuring Advanced Settings Restarting FTP logging Verifying Packet Capture Activity Understanding Status Indicators Page Resetting the Status Information Related Information Supported Packet Types File Formats for Export As Page Page Page Tech Support Report Generating a Tech Support Report Diagnostic Tools Active Connections Monitor Active Connections Monitor Settings CPU Monitor DNS Name Lookup Find Network Path Packet Capture Ping Page Trace Route Web Server Monitor System > Restart PART 3 Network Page Page Setup Wizard Interface Settings Interface Traffic Statistics Interfaces Physical Interfaces Permanently Assigned Interfaces User-definable Interfaces SonicOS Enhanced Secure Objects Transparent Mode Configuring Interfaces Configuring the LAN and OPT Interfaces (Static) Configuring Advanced Settings for the Interface Configuring Interfaces in Transparent Mode Configuring Advanced Settings for the Interface Configuring Wireless Interfaces Configuring Advanced Settings for the Interface Configuring a WAN Interface Configuring the Advanced Settings for the WAN Interface Ethernet Settings Bandwidth Management NAT Policy Settings Configuring SonicWALL PortShield Interfaces Page Configuring the Wireless WAN Interface Managing WWAN Connections Specifying the WAN Connection Model Configuring Basic Wireless WAN Settings Page Configuring Remotely Triggered Dial-Out on the WWAN Configuring the Maximum Allowed WWAN Connections Creating a WLAN Subnet Page CHAPTER 15 SonicWALL PortShield Interfaces Security Services with PortShield Network > SwitchPorts Overview Working in Static Mode Working in Transparent Mode Using Different Approaches to Configuration Creating a PortShield Interface from the Interfaces Area Page Page Page Creating a New Zone for the PortShield Interface Refining the PortShield Interface Page Creating Transparent Mode PortShield Interfaces Creating a Transparent Mode PortShield Interface with a Host Address Object Creating a PortShield Using an Address Object Containing an Address Range Creating a Transparent Mode PortShield Interface with a Group Address Object Mapping Ports from the Switch Ports Window Page PortShield Deployment Scenario Deployment Details Zones PortShield Interfaces Configuring the Hospitality Example Deployment Configure the SonicPoint Profile Configure the Zones Page Configuring Zones Configure the PortShield Interfaces with the PortShield Wizard Page CHAPTER 16 Balancing Network > WAN Failover & Load Balancing WAN Failover Caveats About Source and Destination IP Address Binding Setting Up WAN Failover and Load Balancing Configuring an Interface as a Secondary WAN Port Creating a NAT Policy for the Secondary WAN Port Activating WAN Failover and Selecting the Load Balancing Method Page Configuring WAN Interface Monitoring WAN Probe Monitoring Configuring WAN Probe Monitoring Page WAN Load Balancing Statistics Page CHAPTER 17 Network > Zones How Zones Work Predefined Zones Security Types Allow Interface Trust Enabling SonicWALL Security Services on Zones The Zone Settings Table Adding a New Zone Deleting a Zone Configuring the WLAN Zone Page Page Page Page Page CHAPTER 19 Network > Address Objects Types of Address Objects Address Object Groups Creating and Managing Address Objects Navigating and Sorting the Address Objects and Address Groups Entries Default Address Objects and Groups SonicWALL PRO 5060 Default Address Objects Default Address Groups SonicWALL PRO 4060 Default Address Objects Default Address Groups Adding an Address Object Editing or Deleting an Address Object Creating Group Address Objects Editing or Deleting Address Groups Public Server Wizard Working with Dynamic Addresses Key Features of Dynamic Address Objects Page Enforcing the use of sanctioned servers on the network Using MAC and FQDN Dynamic Address Objects Blocking All Protocol Access to a Domain using FQDN DAOs Using an Internal DNS Server for FQDN-based Access Rules Controlling a Dynamic Hosts Network Access by MAC Address Page Bandwidth Managing Access to an Entire Domain Page Page Page Page Route Advertisement Route Advertisement Configuration Route Policies Policy Based Routing Route Policies Table A Route Policy Example Advanced Routing Services (OSPF and RIP) Page Page OSPF Terms Page Page Page Configuring Advanced Routing Services Configuring RIP RIP Modes Receive (Available in Send and Receive and Receive Only modes) Send (Available in Send and Receive and Send Only modes) Configuring OSPF OSPFv2 Setting Page Page Page CHAPTER 21 Network > NAT Policies Page Navigating and Sorting NAT Policy Entries NAT Policy Settings Explained NAT Policies Q&A Why is it necessary to specify Any as the destination interface for inbound 1-2-1 NAT policies? Can I manually order the NAT Polices? Can I have multiple NAT policies for the same objects? What are the NAT System Polices? NAT Load Balancing Overview NAT LB Mechanisms Which NAT LB Method Should I Use? Caveats Details of Load Balancing Algorithms Sticky IP Algorithm Creating NAT Policies Creating a Many-to-One NAT Policy Creating a Many-to-Many NAT Policy Creating a One-to-One NAT Policy for Outbound Traffic Creating a One-to-One NAT Policy for Inbound Traffic (Reflective) Configuring One-to-Many NAT Load Balancing Page Inbound Port Address Translation via One-to-One NAT Policy Inbound Port Address Translation via WAN IP Address Page Page Using NAT Load Balancing NAT Load Balancing Topology Prerequisites Configuring NAT Load Balancing Page Page Page Troubleshooting NAT Load Balancing Page Page Static ARP Entries Secondary Subnets with Static ARP Adding a Secondary Subnet using the Static ARP Method Page Navigating and Sorting the ARP Cache Table Navigating and Sorting the ARP Cache Table Entries Flushing the ARP Cache CHAPTER 23 Network > DHCP Server DHCP Server Options Overview What Is the SonicWALL DHCP Server Options Feature? How Does the SonicWALL DHCP Server Options Feature Work? Supported Standards DHCP Server Persistence Overview What is DHCP Server Persistence? How Does DHCP Server Persistence Work? Enabling the DHCP Server DHCP Server Lease Scopes Configuring DHCP Server for Dynamic Ranges General Settings DNS/WINS Settings VoIP Settings Configuring Static DHCP Entries General Settings DNS/WINS Settings VoIP Settings Configuring SonicWALL DHCP Server Options Configuring DHCP Option Objects Page Page Page Configuring DHCP Option Groups Page Configuring DHCP Generic Options for DHCP Lease Scopes Page Current DHCP Leases DHCP Option Numbers Page Page Page Page Page Page Page Page CHAPTER 24 Network > IP Helper IP Helper Settings IP Helper Policies Adding an IP Helper Policy Editing an IP Helper Policy Deleting IP Helper Policies CHAPTER 25 Network > Web Proxy Configuring Automatic Proxy Forwarding (Web Only) Bypass Proxy Servers Upon Proxy Failure CHAPTER 26 Network > Dynamic DNS Supported DDNS Providers Additional Services offered by Dynamic DNS Providers Configuring Dynamic DNS Page Page Dynamic DNS Settings Table Page PART 4 Wireless Page CHAPTER 27 Station Status Wireless Overview Considerations for Using Wireless Connections Recommendations for Optimal Wireless Performance Adjusting the Antennas Wireless Node Count Enforcement MAC Filter List WiFiSec Enforcement Wireless > Status WLAN Settings WLAN Statistics WLAN Activities Station Status Page CHAPTER 28 Wireless > Settings Wireless Radio Mode Wireless Settings Secure Wireless Bridging Page Configuring a Secure Wireless Bridge Network Settings for the Example Network Wireless Bridging (without WiFiSec) Configuring VPN Policies for the Access Point and Wireless Bridge Page Configuration for VPN Policies Page Page CHAPTER 29 Wireless > WEP/WPA Security Authentication Overview WEP Encryption Settings WEP Encryption Keys WPA Encryption Settings WPA-PSK Settings WPA-EAP Settings WPA/WPA2 Encryption Settings WPA2-PSK Settings WPA2-EAP Settings Page Beaconing & SSID Controls Wireless Client Communications Configurable Antenna Diversity Page Advanced Radio Settings Page Page CHAPTER 31 Wireless > MAC Filter List Allow or Deny Specific Resources Page CHAPTER 32 Wireless > IDS Wireless Bridge IDS Access Point IDS Enable Client Null Probing Association Flood Detection Intrusion Detection Settings Discovered Access Points Scanning for Access Points Authorizing Access Points on Your Network CHAPTER 33 Wireless > Virtual Access Point SonicPoint VAP Overview What Is a Virtual Access Point? What Is an SSID? Wireless Roaming with ESSID What Is a BSSID? Virtual AP Configuration Task List VAP Configuration Overview Network Zones The Wireless Zone Custom Wireless Zone Settings Page Page Page WLAN Subnets DHCP Server Scope Virtual Access Points Profiles Virtual Access Point Profile Settings WPA-PSK / WPA2-PSK Encryption Settings WPA-EAP / WPA2-EAP Encryption Settings Virtual Access Points General VAP Settings Advanced VAP Settings Virtual Access Point Groups Thinking Critically About VAPs Determining Your VAP Needs A Sample Network Determining Security Configurations VAP Configuration Worksheet Page Page PART 5 WWAN Page CHAPTER 34 WWAN Wireless WAN Overview What is WWAN? Understanding Wireless WAN Connection Models Understanding WWAN Failover Persistent Connection WWAN Failover Dial on Data WWAN Failover Manual Dial WWAN Failover Wireless WAN PC Card Support 3G Wireless WAN Service Provider Support Wireless WAN Prerequisites Viewing the WWAN Status Configuring Wireless WAN Configuring WWAN Basic Settings Connect on Data Management/User Login WWAN Probe Settings Configuring WWAN Advanced Settings Configuring Remotely Triggered Dial-Out Configuring WWAN Connection Profiles Page Page Configuring the Maximum Allowed WWAN Connections Managing WWAN Connections Specifying the WAN Connection Model Monitoring WWAN Data Usage WWAN Glossary Page Page PART 6 SonicPoint Page CHAPTER 35 SonicPoint > SonicPoints Before Managing SonicPoints SonicPoint Provisioning Profiles Configuring a SonicPoint Profile Page Page Page Updating SonicPoint Settings Edit SonicPoint settings Synchronize SonicPoints Enable and Disable Individual SonicPoints Updating SonicPoint Firmware Automatic Provisioning (SDP & SSPP) SonicPoint States Page Page Page Page Page CHAPTER 37 SonicPoint > IDS Wireless Intrusion Detection Services Intrusion Detection Settings Scanning for Access Points Discovered Access Points View Style Authorizing Access Points on Your Network Page CHAPTER 38 SonicPoint > RF Monitoring RF Monitoring Overview Why RF Monitoring? Enabling RF Monitoring on SonicPoint(s) Using The RF Monitoring Interface RF Monitoring Interface Overview Set the Measurement Interval Selecting RF Signature Types Viewing Discovered RF Threat Stations Adding a Threat Station to the Watch List Types of RF Threat Detection Practical RF Monitoring Field Applications Before Reading this Section Using Sensor ID to Determine RF Threat Location Page Using RSSI to Determine RF Threat Proximity Page PART 7 Firewall Page CHAPTER 39 Firewall > Access Rules Stateful Packet Inspection Default Access Rules Overview Using Bandwidth Management with Access Rules Overview Example Scenario Configuration Task List Displaying Access Rules with View Styles Configuring Access Rules for a Zone Page Adding Access Rules Page Page Editing an Access Rule Deleting an Access Rule Enabling and Disabling an Access Rule Restoring Access Rules to Default Zone Settings Displaying Access Rule Traffic Statistics Access Rule Configuration Examples Enabling Ping Blocking LAN Access for Specific Services Enabling Bandwidth Management on an Access Rule Page CHAPTER 40 Settings Firewall > Advanced Detection Prevention Dynamic Ports Source Routed Packets Connections Page Page CHAPTER 41 Firewall > TCP Settings TCP Traffic Statistics TCP Settings Working with SYN/RST/FIN Flood Protection Understanding a TCP Handshake SYN Flood Protection Methods SYN Flood Protection Using Stateless Cookies Layer-Specific SYN Flood Protection Methods Understanding SYN Watchlists Working with SYN Flood Protection Features Working with SYN Flood Protection Modes Working with SYN Attack Threshold Working with SYN Proxy Options Working with SYN/RST/FIN Blacklisting SYN, RST, and FIN Flood Statistics Page Page Page Default Services Overview Custom Services Configuration Task List Supported Protocols Adding Custom Services for Predefined Service Types Page Adding Custom IP Type Services Example Page Editing Custom Services Deleting Custom Services Adding a Custom Services Group Editing Custom Services Groups Page Page CHAPTER 43 Firewall > Multicast Multicast Snooping Multicast Policies IGMP State Table Enabling Multicast on LAN-Dedicated Interfaces Enabling Multicast Through a VPN Page Page Viewing Connections Filtering Connections Viewed Page Page CHAPTER 45 Firewall > QoS Mapping Classification Marking Conditioning Example Scenario 802.1p and DSCP QoS Enabling 802.1p Page Example Scenario DSCP Marking DSCP Marking and Mixed VPN Traffic Configure for 802.1p CoS 4 Controlled load QoS Mapping Managing QoS Marking Page Page Bandwidth Management Page Declaration Limits Outbound Bandwidth Management Algorithm for Outbound Bandwidth Management Outbound BWM Packet Processing Path Guaranteed Bandwidth Processing Maximum Bandwidth Processing Example of Outbound BWM Inbound Bandwidth Management Algorithm for Inbound Bandwidth Management Ingress Rate Update Egress ACK monitor Process ACKs Credit-Based Processing Example of Inbound Bandwidth Management BWM with WAN load balancing Glossary Page Page Page CHAPTER 46 Firewall > SSL Control Overview of SSL Control Page Key Features of SSL Control Key Concepts to SSL Control Page Page Page Caveats and Advisories SSL Control Configuration Page Enabling SSL Control on Zones SSL Control Events Page Page PART 8 VoIP Page CHAPTER 47 VoIP VoIP Overview What is VoIP? VoIP Security Firewall Requirements for VoIP VoIP Protocols H.323 SIP SonicWALLs VoIP Capabilities VoIP Security VoIP Network VoIP Network Interoperability Supported VoIP Protocols H.323 SIP SonicWALL VoIP Vendor Interoperability CODECs VoIP Protocols that SonicOS Does Not Perform Deep Packet Inspection on How SonicOS Handles VoIP Calls Incoming Calls Local Calls Page Configuring SonicWALL VoIP Features Supported Interfaces Configuration Tasks General VoIP Configuration Configuring Consistent Network Address Translation (NAT) Configuring SIP Settings Configuring H.323 Transformations Configuring BWM and QoS Bandwidth Management Quality of Service Configuring Bandwidth on the WAN Interface Configuring VoIP Access Rules Page Page Using the Public Server Wizard Page Page Configuring VoIP Logging VoIP Deployment Scenarios Generic Deployment Scenario Deployment Scenario 1: Point-to-Point VoIP Service page 245 Deployment Scenario 2: Public VoIP Service Wizard Deployment Scenario 3: Trusted VoIP Service Page PART 9 VPN Page Page VPN Types VPN Security IKE version 1 http://rfc.net/rfc2407.html http://rfc.net/rfc2408.html http://rfc.net/rfc2409.html IKEv2 http://rfc.net/rfc4306.html Configuring VPNs in SonicOS Enhanced Planning Your VPN GroupVPN Policy Planning Checklist Page Page Site-to-Site VPN Planning Checklist Page Page Page VPN Policy Wizard VPN Global Settings VPN Policies Navigating and Sorting the VPN Policies Entries Currently Active VPN Tunnels Viewing VPN Tunnel Statistics Configuring GroupVPN Policies Configuring GroupVPN with IKE using Preshared Secret on the WAN Zone Page Page Page Configuring GroupVPN with IKE using 3rd Party Certificates Page Appliances section in the VPN > Settings section on page 537. Exporting a VPN Client Policy Site-to-Site VPN Configurations Creating Site-to-Site VPN Policies Configuring a VPN Policy with IKE using Preshared Secret Page Page Page Page Configuring a VPN Policy using Manual Key Configuring the Local SonicWALL Security Appliance Page Page Configuring the Remote SonicWALL Security Appliance Configuring a VPN Policy with IKE using a Third Party Certificate Page Page Page Appliances section in the VPN > Settings section on page 537. VPN Auto-Added Access Rule Control Page Page Page Page Using OCSP with SonicWALL Security Appliances About OCSP OpenCA OCSP Responder Loading Certificates to use with OCSP Using OCSP with VPN Policies Page CHAPTER 50 VPN > DHCP over VPN DHCP Relay Mode Configuring the Central Gateway for DHCP Over VPN Configuring DHCP over VPN Remote Gateway Page Devices Current DHCP over VPN Leases Page CHAPTER 51 VPN > L2TP Server Configuring the L2TP Server Currently Active L2TP Sessions Page PART 10 User Management Page CHAPTER 52 Settings User Management Introduction to User Management Using Local Users and Groups for Authentication Page Using RADIUS for Authentication Using LDAP / Active Directory / eDirectory Authentication LDAP Directory Services Supported in SonicOS Enhanced LDAP Terms Further Information on LDAP Schemas Single Sign-On Overview What Is Single Sign-On? Benefits Platforms Supported Standards How Does Single Sign-On Work? How Does SonicWALL SSO Agent Work? Logging Multiple Administrator Support Overview What is Multiple Administrators Support? Benefits How Does Multiple Administrators Support Work? Page Page Viewing Status on Users > Status Configuring Settings on Users > Settings User Login Settings User Session Settings Other Global User Settings Acceptable Use Policy Configuring Local Users Viewing, Editing and Deleting Local Users Adding Local Users Editing Local Users Configuring Local Groups Page Creating a Local Group Importing Local Groups from LDAP Configuring RADIUS Authentication RADIUS Servers RADIUS Users RADIUS Users Settings Creating a New User Group for RADIUS Users RADIUS with LDAP for user groups RADIUS Client Test Configuring LDAP Integration in SonicOS Enhanced Preparing Your LDAP Server for Integration Configuring the CA on the Active Directory Server Exporting the CA Certificate from the Active Directory Server Importing the CA Certificate onto the SonicWALL Configuring the SonicWALL Appliance for LDAP Page Page Page Page Page Page Page Configuring Single Sign-On Page Installing the SonicWALL SSO Agent Page Page Page Page Configuring the SonicWALL SSO Agent Page Page Page Page Adding a SonicWALL Security Appliance Editing Appliances in SonicWALL SSO Agent Deleting Appliances in SonicWALL SSO Agent Modifying Services in SonicWALL SSO Agent Configuring Your SonicWALL Security Appliance Page Page Page Page Page Advanced LDAP Configuration Page Page Page Page Page Page Page Configuring Firewall Access Rules Viewing User Status Configuring User Settings Configuring Multiple Administrator Support Configuring Additional Administrator User Profiles Configuring Administrators Locally when Using LDAP or RADIUS Preempting Administrators Page Page Verifying Multiple Administrators Support Configuration Viewing Multiple Administrator Related Log Messages Page Global Guest Settings Guest Profiles Users > Guest Accounts Viewing Guest Account Statistics Adding Guest Accounts To Add an Individual Account: To Generate Multiple Accounts Enabling Guest Accounts Enabling Auto-prune for Guest Accounts Printing Account Details. Users > Guest Status Logging Accounts off the Appliance PART 11 Security Services Page CHAPTER 54 Services SonicWALL Security Services Security Services Summary mySonicWALL.com Managing Security Services Online Security Services Settings Security Services Information Update Signature Manually Page Activating Security Services Page Page SonicWALL Content Filtering Service Content Filter Status Activating SonicWALL CFS Activating a SonicWALL CFS FREE TRIAL Content Filter Type Restrict Web Features Trusted Domains CFS Exclusion List Message to Display when Blocking Configuring SonicWALL Filter Properties Custom List Enable Keyword Blocking Disable all Web traffic except for Allowed Domains Consent Mandatory Filtered IP Addresses Adding a New Address Configuring N2H2 Internet Filtering N2H2 Properties N2H2 Server Status Settings URL Cache Configuring SonicWALL Blocking Features Restrict Web Features Trusted Domains Message to Display when Blocking Configuring Websense Enterprise Content Filtering Websense Properties Websense Server Status Settings URL Cache Configuring SonicWALL Blocking Features Restrict Web Features Trusted Domains Message to Display when Blocking Page CHAPTER 56 Security Services > Anti-Virus Activating SonicWALL Client Anti-Virus Page Activating a SonicWALL Client Anti-Virus FREE TRIAL Configuring Client Anti-Virus Service Anti-Virus Policies Anti-Virus Enforcement Security Services > E-mail Filter CHAPTER 57 Virus Service Security Services > Gateway Anti-Virus SonicWALL GAV Multi-Layered Approach Remote Site Protection Internal Network Protection HTTP File Downloads Server Protection SonicWALL GAV Architecture Page Page Activating the Gateway Anti-Virus, Anti-Spyware, and IPS License Page Setting Up SonicWALL Gateway Anti-Virus Protection Page Applying SonicWALL GAV Protection on Zones Viewing SonicWALL GAV Status Information Updating SonicWALL GAV Signatures Specifying Protocol Filtering Enabling Inbound Inspection Page Configuring Gateway AV Settings Configuring HTTP Clientless Notification Configuring a SonicWALL GAV Exclusion List Viewing SonicWALL GAV Signatures Displaying Signatures Navigating the Gateway Anti-Virus Signatures Table Page Page CHAPTER 58 Security Services > Intrusion Prevention Service SonicWALL Deep Packet Inspection How SonicWALLs Deep Packet Inspection Works SonicWALL IPS Terminology SonicWALL Gateway Anti-Virus, Anti-Spyware, and IPS Activation Page Page Activating the Gateway Anti-Virus, Anti-Spyware, and IPS License Page Setting Up SonicWALL Intrusion Prevention Service Protection Enabling SonicWALL IPS Specifying Global Attack Level Protection Applying SonicWALL IPS Protection on Zones Page CHAPTER 59 Security Services > Anti-Spyware Service SonicWALL Gateway Anti-Virus, Anti-Spyware, and IPS Activation Page Page Activating the Gateway Anti-Virus, Anti-Spyware, and IPS License Setting Up SonicWALL Anti-Spyware Service Protection Applying SonicWALL Anti-Spyware Protection on Zones Page CHAPTER 60 Blacklist SMTP Real-Time Black List Filtering Security Services > RBL Filter Adding RBL Services User-Defined SMTP Server Lists Page CHAPTER 61 Security Client Security Services > Global Security Client Global Security Client Features How SonicWALL Global Security Client Works Global Security Client Licensing Activating Global Security Client Licenses on Your SonicWALL Page Page PART 12 Log Page Page Log View Table Navigating and Sorting Log View Table Entries Refresh Clear Log Export Log E-mail Log Filtering Log Records Viewed Log Event Messages Page Log Priority Logging Level Alert Level Log Redundancy Filter Alert Redundancy Filter Log Categories Page Managing Log Categories Page Page Syslog Settings Syslog Facility Syslog Servers Adding a Syslog Server Page Page E-mail Log Automation Mail Server Settings CHAPTER 66 Log > Name Resolution Selecting Name Resolution Settings Specifying the DNS Server Page Data Collection View Data Web Site Hits Page Page CHAPTER 68 Log > ViewPoint Activating ViewPoint Enabling ViewPoint Settings Page PART 13 Wizards Page CHAPTER 69 the Setup Wizard Wizards > Setup Wizard Using the Setup Wizard Page Configuring a Static IP Address with NAT Enabled Start the Setup Wizard Change Password Change Time Zone WAN Network Mode WAN Network Mode: NAT Enabled LAN DHCP Settings SonicWALL Configuration Summary Setup Wizard Complete Configuring DHCP Networking Mode Page Page LAN Settings DHCP Settings SonicWALL Configuration Summary Setup Wizard Complete Configuring NAT Enabled with PPPoE Page Page DHCP Server Page Configuring PPTP Network Mode Page Page DHCP Server Page Page Page Page Page Page Page Page Page Page Page Page Page Page Using the VPN Policy Wizard Page Page Connecting the Global VPN Clients Page Using the VPN Wizard to Configure Preshared Secret Page Page Page Index