Sonicwall Study Guide
This course provides you with the background, knowledge, and hands-on experience to begin setting up Basic Firewall Components that will guide you through the process of creating zones on the firewalls, configuring virtual interfaces, creating host address and service objects, deploying NAT policies, and configuring access rules. This technical training covers Basic Threat Protection, which includes Gateway Anti-Virus, Intrusion Prevention Service, and Anti-Spyware; and Advanced Threat Protection, which is comprised of Capture ATP, and GEO IP and Botnet filtering. You will become familiar with a wide spectrum of SonicWall’s innovative feature set, such as Unified Threat Management (UTM), Single Sign-On, VPN, SSL VPN, and Content Filtering Service. As you examine the wide array of security features SonicOS has to offer, you will learn creating and applying app rules, application bandwidth optimization, and advanced application control implementations. Formative evaluations (knowledge checks and hands-on exercises) are incorporated throughout this course to test new skill sets.
In order to build such a high-touch, lab-intensive instructor-led class, SonicWall has moved all non-security, lecture-based topics into a complementary e-Learning curriculum. This four hour certification co-requirement covers topics like system registration, account management, upgrading firmware, and configuring management protocols like SNMP and NTP. Together, these two curricula provide the instruction necessary to successfully complete the SNSA - SonicWall Network Security Administrator certification exam. And while the e-Learning is not optional, it is also not considered a prerequisite to taking the ILT course - though some students have suggested it did help them when they later attended this class.
Related Certifications.
Log Monitor—Provides event log tracking for potential security threats. Kinesiology tape guide. The log is displayed in a table and can be sorted by column. The SonicWall Security Appliance can alert you of important events, such as an attack to the firewall. Part 3 System This part covers a variety firewall controls for managing system status information, registering the firewall, activating and managing licenses, configuring management options, managing firmware versions, and using diagnostics tools for troubleshooting. The System part describes these UI pages. Network Monitor—Monitors network path viability, dynamically displays the results and status of this monitoring, provides the data to affected client components and logs it in the system log.
Each custom Network Monitor policy defines a destination Address Object to be probed. This Address Object may be a Host, Group, Range, or FQDN. When the destination Address Object is a Group, Range or FQDN with multiple resolved addresses, Network Monitor probes each probe target and derives the Network Monitor Policy state based on the results.
Part 5 Switching. Wi-Fi Multimedia—Provides support for Wi-Fi Multimedia (WMM) on bandwidth-intensive applications such as VoIP, VoIP on Wi-Fi phones, and multimedia traffic on wireless IEEE 802.11 networks. Part 9 Firewall This part describes Access Rules and App Rules, which are application-specific policies that give you granular control over network traffic on the level of users, email users, schedules, and IP-subnets.
The primary functionality of this application-layer access control feature is to regulate Web browsing, file transfer, Email, and Email attachments. The Firewall part describes these UI pages.
Virtual Office – Displays the Virtual Office web portal inside of the SonicOS UI. Part 18 Virtual Assist This part describes the Virtual Assist feature, which allows you to support customer technical issues without having to be on-site with the customer. This capability serves as an immense time-saver for support personnel, while adding flexibility in how they can respond to support needs.
You can allow or invite customers to join a “queue” to receive support, then virtually assist each customer by remotely taking control of a customer’s computer to diagnose and remedy technical issues. The Virtual Assist part describes these UI pages. Monitoring – Configures independent management IP addresses for each unit in the HA Pair, using either LAN or WAN interfaces and configures physical/link monitoring and logical/probe monitoring. Part 21 Security Services This part includes an overview of available SonicWall Security Services as well as instructions for activating the service, including FREE trials. These subscription-based services include SonicWall Gateway Anti-Virus, SonicWall Intrusion Prevention Service, SonicWall Content Filtering Service, SonicWall Client Anti-Virus. The Security Services part describes these UI pages.
NOTE: The AppFlow feature is available on TZ series and above appliances. This part covers managing the SonicWall Security Appliance’s flow reporting statistics and configurable settings for sending AppFlow and real-time data to local or external collector servers. The SonicWall Security Appliance AppFlow provides support for external AppFlow reporting formats, such as NetFlow version 5, NetFlow version 9, IPFIX with extensions, and Quest™ Change Auditor for SonicWall. The AppFlow part describes these UI pages. WXA Setup Guide — Steps through configuring the coupled WXA series appliance for WAN Acceleration.
Part 26 Appendices Appendix A: OAuth, Social Login, and LHM This appendix describes SonicWall’s implementation of the Open Authentication (OAuth) Social Login feature and Lightweight Hotspot Messaging (LHM) feature as well as how to configure SonicOS to work with social networking services such as Facebook, Twitter, or Google+. Appendix B: BGP This appendix describes of SonicWall’s implementation of Border Gateway protocol (BGP), how BGP operates, and how to configure BGP for your network. Appendix C: IPv6 This appendix describes the SonicOS implementation of IPv6, how IPv6 operates, and how to configure IPv6 for your network. Appendix D: VPN Auto Provisioning This appendix describes the VPN Auto Provisioning feature, which simplifies the provisioning of site-to-site VPNs between two SonicWall firewalls. Appendix E: SonicWall Support This appendix contains information about using the SonicWall Support Portal for documentation and self-help tools as well as how to contact SonicWall Tech Support. Convention Use Bold Highlights items you can select in the SonicOS management interface. Menu Item Menu Item Indicates a multiple step Management Interface menu choice.
For example, Security Services Content Filter means select Security Services, then select Content Filter. Screen Text Indicates text as you would see it on a computer screen or would enter in a field or on a command line. For example, myDevice show alerts Message Icons These special messages refer to noteworthy information, and include a symbol for quick identification. Dynamic User Interface Table statistics and log entries are dynamically updated within the user interface without requiring users to reload their browsers. Active connections, user sessions, VoIP calls, and similar activities can be disconnected or flushed dynamically with a single click on the Delete icon in the Flush or Logout column. This dynamic interface is designed to have no impact on the Web server, CPU utilization, bandwidth or other performance factors.
You can leave your browser window on a dynamically updating page indefinitely with no impact to the performance of your firewall. Navigating the Management Interface Navigating the management interface is facilitated by a hierarchy of menu items on the navigation bar (left side of your browser window). When you click a menu item, related management functions are displayed as submenu items in the navigation bar. If the navigation bar continues below the bottom of your browser, up-and-down arrow buttons appear in the bottom right corner of the navigation bar. Mouse over the up or down arrow to scroll the navigation bar up or down.
You also can use the scroll wheel on your mouse. Icons and Buttons in the Management Interface. Common icons Action Icon Description Edit Displays a dialog (secondary or popup window) for editing the settings. Delete Deletes a table entry. Comment Displays text from a field entry or information about the table entry. Funnel Indicates access rules with bandwidth management. Upload Uploads a file to a common database or external switch.
Print Print PDF Report Exports the data flow to a printer or file. For some UI pages, prints a pdf file. Send Report Downloads a visualization report. Email Sends the log to an email address. Refresh Updates the real-time data in a table, chart, or other display.
Notes Displays a popup balloon containing status or statistics about an entry in tables. Statistics Displays a popup balloon containing statistics about an entry in tables or general status about the table or page. Clear Statistics Updates the statistics shown in the traffic tables. Configure Allows for customization of the display. The function changes with the page containing the icon.
NOTE: The Configure icon and Configure button have different functions. Left-arrow Displays a pop-up balloon containing the respective VPN policy in the middle of the page. Priority Displays a pop-up containing statistics about an entry in tables or general status about the table or page. Enabled Indicates the interface or service is enabled. Clicking on the icon disables the interface or service. Indicates the option or event is enabled. Clicking on the icon disables the option or event.
Or Indicates a service, such as Guest Services, is enabled for the user/group. Mousing over the icon displays a popup message. Or Solid indicates that all members of the category, group, or event are enabled. Or Semi-solid indicates that some are enabled, some are disabled. Disabled Indicates the interface or service is disabled. Clicking on the icon enables the interface or service.
Indicates the option or event is disabled. Clicking on the icon enables the option or event. Or Indicates that all members of the category, group, or event are disabled. Link Provides a link to another page in the UI. Clicking the link displays the page.
Import Imports certificate information or images. Reboots the firewall with the firmware version listed in the same row Export Exports a VPN policy to a file in either encrypted or non-encrypted format. Exports the data flow into a comma separated variable (.csv) file. The default file name is sonicflow.csv. Exports the log as a CSV-format file. Clicking this icon displays a dialog that allows you to open or save the log in CSV format. Exports the log as a plain text-format (.txt) file.
Boot Imports certificate information or images. Reboots the firewall with the firmware version listed in the same row. Information or or Displays popup dialogs containing more detailed information than displayed on the page. Question Mark Help Tooltip or Displays information about an option or setting on a page, report, or dialog; see. Search Searches a table for the specified data. Red signifies the feature is disabled.
Collapse or or Hides a chart, table, or section of a management interface page to allow more display room for other data. Expand or or Redisplays a hidden chart, table, or section of a management interface page. Display or Opens a new tab in your browser that displays only the report or graph associated with a submenu item. For more information, see. Pause Freezes the data flow. The time and date also freeze.
The Pause icon appears gray if the data flow has been frozen. NOTE: On some pages, Pause and Play are the same icon that toggles between functions. That is, when clicked, the Pause icon becomes the Play icon, and when clicked, the Play icon becomes the Pause icon. Stop Stops services for an appliance. Start Resumes stopped services for an appliance.
Reject Disables a built-in common name, but does not delete it. Accept Add Enables a built-in common name. Displays a dialog (secondary or popup window) for adding entries to a table. Remove Removes a local user from a group. Clock Displays a popup balloon containing information about account and session expirations. Displays a popup balloon containing information about schedules. Chart Format: Bar Chart Flow (Area) Chart Toggles the display of a chart between bar and flow (area) formats.
NetExtender Launches and configures NetExtender. Display Icons Most submenus in the Dashboard menu have a Display icon associated with them. Clicking on the icon for a submenu item opens a new tab in your browser that displays only the report or graph associated with that submenu item. You can display all these submenu items or only the ones of interest. When the submenu item is in a new tab, you can move the tab to a new browser window to display separately from the management interface. Other submenus that display sometimes rapidly changing data also have a Display icon associated with them.
This icon is located at the top of the submenu page near the Mode option. This Display icon works the same as those of the Dashboard submenus and is also associated with them.
Common Buttons The Management Interface uses buttons to facilitate certain actions. Some buttons are common throughout the Management Interface while others apply to only one or two pages. Describes the functions of common buttons used in the management interface. Common buttons Action Button Description Accept Applies the changes entered on certain Interface Management pages. OK Applies the changes entered on the Interface Management page or for a dialog, applies the changes and closes the dialog. Save Applies the changes made in a dialog and then closes the dialog.
Apply Applies the changes made in a dialog, but does not close the dialog. Cancel Discards the changes entered on the Interface Management page or for a dialog, discards any changes made in the dialog and closes the dialog. Close Discards any changes made in the dialog and closes the dialog. Help Displays the help page for the dialog.
Add Displays a dialog that allows you to add elements, such as zones, services, and access/firewall rules, to your appliance. Configure Displays a configuration dialog for configuring SonicOS settings. NOTE: The Configure button and Configure icon have different functions.
Default Erases current values and restores factory default values. Create Rule Displays the dialog for creating AppFlow rules. Refresh Updates real-time data in a table. Update Updates entries in a table. Delete Deletes the selected items from a table.
Delete Box Deletes the item, especially in a filter. Delete All Deletes all items except default and system-generated items in a table. Remove Deletes the selected items from a table. Remove All Deletes all items in a table. Flush Removes one or more selected items in a table.
Flush All Removes all items in a table. Purge Deletes one or more selected FQDN objects from a table. Purge All Deletes all FQDN objects from a table. Clear Clears the packet monitor queue and the displayed statistics for the capture buffer, mirroring, and FTP logging. Clear Statistics Clears the counters and the displayed statistics; restarts the counters. Filter View Correlates data among tabs in the AppFlow Monitor page. Adds or deletes a filter based on selected criteria.
Sonicwall Study Guide
Filter Add Adds the selected element to the filter Install Installs a SonicWall SSO Agent feature. Preview Displays the HTML message in a dialog for verification of how the message looks. Example Template Reverts the HTML message code to the default HTML message. Go Performs the specified lookup. Lookup Performs the specified lookup. Right Arrow Moves an item from a generic list to a specific list.
Left Arrow Removes an item from a specific list to a generic list. Double Right Arrow Moves items from a generic list to a specific list. Double Left Arrow Removes items from a specific list to a generic list. Status bar The Status bar at the bottom of the management interface window displays the status of actions executed in the management interface. If the action was not completed, the Status bar displays an error message.
Applying Changes Click the Accept button at the top of the management interface to save any configuration changes you made on the page. If the settings are contained in a dialog (secondary window) within the Management Interface, the settings are applied automatically to the firewall when you click OK. To apply the settings without closing the dialog, some dialogs have an Apply button. To cancel any configuration changes before applying them, click the Cancel button at the top of a management interface page or the bottom of a dialog. NOTE: Not all UI elements have Tooltips.
If a Tooltip does not display after hovering your mouse over an element for a couple of seconds, you can safely conclude that it does not have an associated Tooltip. Tooltips with Values When applicable, Tooltips display the minimum, maximum, and default values for form entries. These entries are generated directly from the SonicOS firmware, so the values are correct for the specific platform and firmware combination you are using. Several tables include a tooltip that displays the maximum number of entries that the appliance supports. For example, the Firewall Address Objects page displays the maximum number of address groups the appliance supports. These entries are generated directly from the SonicOS firmware, so the values are correct for the specific platform and firmware combination you are using.
Tables that display the maximum entry tooltip include NAT policies, access rules, address objects, and address groups. Configuring Tooltips The behavior of the Tooltips can be configured in the Web Management Settings on the System Administration page. Tooltips are enabled by default.
To disable Tooltips, clear the Enable Tooltip checkbox. The duration of time before Tooltips display can be configured. Navigating Dynamic Tables In the SonicOS dynamic user interface, table statistics and log entries dynamically update without requiring you to reload your browsers.You can navigate tables in the management interface with a large number of entries by using the navigation buttons located on the upper-right top corner of the table.The table navigation bar includes buttons for moving through table pages: A number of tables now include an option to specify the number of items displayed per page. Sorting Tables Tables are sorted automatically by the first column of data (not the # column). Many tables can be re-sorted by clicking on the headings for the various columns.
On tables that are sortable, the cursor becomes a pointing hand when you mouse over the column headings. On some sortable tables, a Click to sort by tooltip appears when you mouse over the column headings.
When tables are sorted, entries with the same value for the column are grouped together with the common value shaded as a sub-heading. In the following example, the Route Packets table is sorted by Priority. Removing Table Entries Active connections, user sessions, VoIP calls, and similar activities can be disconnected or flushed dynamically with a single click on the Delete icon in the Flush or Logout column. To flush one or more selected items in the table, click the Flush button. To flush all the items in the table, click the Flush All button. To delete one or more selected FQDN objects from a table, click the Purge button. To flush all the FQDN objects from the table, click the Purge All button.
Displaying Statistics Several tables include a table Statistics icon that displays a brief, dynamically updating summary of information for that table entry. Some tables with the Statistics icon are. NOTE: The terms wizards and guides are interchangeable. Each firewall includes a Configuration Guide option that steps you through various firewall configurations, such as Setup, PortShield interface, Public Server, VPN policies, LAN network, wireless LAN network, and 3G/4G Modem.
Clicking Wizards accesses the Configuration Guide dialog. Help Each firewall includes Web-based online help that explains how to use management interface pages and how to configure the firewall. Clicking Help accesses the context-sensitive help for the page. Some of the dialogs also have a Help button that accesses context-sensitive help for the window.
Logout Each firewall includes a Logout option that terminates the management interface session and displays the authentication page for logging into the firewall. Clicking Logout logs you out of the firewall. Mode Each appliance includes a Mode option that toggles the configuration mode of the management interface between. Non-Config mode – You can only view the settings of the firewall and cannot make any changes or view some management interface pages.
Clicking the arrow next to Mode: Configuration/Non- Config, allows you to toggle between configuration mode and non-configuration mode. Command Line Interface (CLI) The SonicOS Enterprise Command Line Interface (E-CLI) provides a concise and powerful way to configure SonicWall network security appliances without using the SonicOS web-based management interface. You can use the CLI commands individually on the command line or in scripts for automating configuration tasks. Registering Your SonicWall Security Appliance After you have established your Internet connection, it is recommended you register your SonicWall Security Appliance.
Registering your SonicWall Security Appliance provides these benefits.