Latest News

SonicWall have just updated the list of support SFP and SFP+ modules that work with SonicWall firewalls - including the new Gen7.

https://www.sonicwall.com/support/knowledge-base/supported-sonicwall-and-3rd-party-sfp-and-sfp-modules-that-can-be-used-with-sonicwall-firewalls/170504548236211/

Official SonicWall page for comparing the different model groups.

TZ Entry-Level Firewall Compare: https://www.sonicwall.com/tz-entry-level-firewall-series-products-compare-2/

Mid-Range Firewall Comparison: https://www.sonicwall.com/mid-range-products-compare/

What is the SonicWall ‘3 & Free’ Promotion?

The limited-time SonicWall ‘3 & Free’ promotion is the easy, cost-effective way for customers to upgrade to the very latest SonicWall next-generation firewall appliance for free.

Through Oct. 31, 2020, eligible customers may receive a complimentary NSa 2650, TZ350 or SOHO 250 appliance by purchasing a bundle that includes a three-year subscription of the SonicWall Advanced Gateway Security Suite from their authorized SonicWall SecureFirst partner.

This security suite includes everything you need to stay protected against today’s modern attacks, including advanced malware, ransomware, encrypted threats, viruses, spyware, zero-day exploits and more. This complete service includes:

• Capture Advanced Threat Protection (ATP) sandbox
• Gateway Anti-Virus and Anti-Spyware
• Intrusion Prevention Service
• Application Control
• Content Filtering Service
• 24×7 Support

SonicWall’s exclusive security subscription service also includes SonicWall Real-Time Deep Memory Inspection (RTDMI). A patent-pending technology, RTDMI™ enables Capture ATP to detect and block malware that does not exhibit any malicious behavior or hides weaponry via encryption. This protects your organization from zero-day attacks, malicious PDFs and Microsoft Office files.

https://blog.sonicwall.com/en-us/2020/10/3-and-fre...

SSL VPN license ultimately allows users who are working or operating remotely to connect to internal networks and resources safely and securely through the SonicWall.

Setup of SSL VPN is through the software solutions; SonicWall SSL VPN client, NetExtender, and the SonicWall mobile connect client.

Configuring SSL VPN on the 7.X SonicOS

For the address ranges within SSL VPN IP v4, you first need to create your address object.

An administrator will need to log in to your UI firewall management and choose object from the menu.

Look for match objects and addresses, and then click add.

A second window will appear where you can then include the identified range for SSL VPN.

You then need to configure the SSL VPN by navigating to within the server settings to network SSL VPN and opting for SSL VPN status on zones.

From here, you can change SSL VPN access by switching to enable or disable (note, green indicates an active status).

Within the SSL VPN server settings, you then have the option to select domain and SSL VPN port.

(Note: the port option will be required if you connect using the NetExtender and mobile connect methods. The domain will be necessary for the user to gain access to the networks and log in.)

From the client settings – SSL VPN Network, choose default device profile and set the SSL VPN for zone IP v4 and set the address object generated previously as the Network address IP v4.

The tab across the top of the window labelled client routes allows you to manage what levels of network access remote users can be permitted via their connection.

The last tab, client settings, allows administrators to input suffix, WINS, and DNS information and control the caching passwords, behaviour of NetExtender clients, and usernames.

Change create client connection profile to enable and save all changes.

Adding additional SSL VPN users

NetExtender users can authenticate SonicWall for local users, or if they’re listed within a known group, this can be done through LDAP.

To add local users, you need to be within local users and groups, which can be found within devices and users. You can now add new users by simply clicking add.

Moving to the tab labelled groups, click SSL VPN services, and move this across to member of, section.

Moving across to VPN access, you can now add all relevant areas that the user will need access to.

Again, make sure to click save before closing the window.

For the zones of SSL VPN, it’s important to check access rule information.

To do this you need to access, access rules by following policy – rules and policies, then choose SSL VPN – LAN rules. If a user requires access to other zones to obtain resources, this can all be managed in this area by verifying and adding additional access rules as you go.

Configuring SSL VPN for the 6.5 SonicOS

Similar to the SonicOS 7.x, administrators will need to log in to the management platform of SonicWall and within the navigation menu choose manage and then address objects.

From here, click add.

A second window will appear where you now have the option to add your range for SSL VPN.

To configure these settings, click on SSL VPN on the settings page and go to WAN, changing it from red to green to show it is now active.

Now all SSL VPN configurations will be enabled in this particular zone.

You can then set the domain and ports for SSL VPN as you require.

Move across to client settings where, as administrator, you can configure the range of client addresses and NetExtender settings.

For the default device profile, click on configure.

Here you can set the network address v4 IP as your address object from before and set the zone v4 IP as SSL VPN.

The tab labelled client routes will allow administrators to manage the level of access users have to two networks.

It’s essential to set the VPN appropriately as all users will be able to see the routes but may not necessarily be authorised to access all network resources.

In the settings, administrators should also enter all required DNS and WINS data and create client profile connections by enabling this action.

Adding additional users

To add new users, click on users and local users and groups. Within groups, click add SSL VPN services to move the field to member of.

Moving to VPN access, you can then add all the relevant IP addresses and objects identified to the users requirements, in terms of access via NetExtender.

Note: Client routes and VPN access must match for users to have authority to access network resources.

Remember to click save, to save all changes before closing.

SSL VPN zones access rule details

Within access rules, you can access SSL VPN LAN rules with drop-lists available.

Access rules allow access to intended end devices through SSL VPN IPs which are also required for the firewalls to understand that such traffic is allowed through.

You can also test all connections and configurations by installing the SonicWall NetExtender.

Two final points to note:

Remember, within the user’s section of the menu toolbar, you must add in however many users that will have login credentials. Each user then must become a member of SSL VPN services group and have to subnet added to VPN access within the allow list.

In-network interfaces make sure to click on configure on the WAN interface and tick the HTTPS box beside the user login – this helps to minimise login failed attempts occurring when users access SSL VPN via a web portal.

For further information on a SonicWall VPN licence and more call 0330 1340 230, today.

Read the next article: Best Practices for SSL VPNs

SonicWall's security appliance features SSL VPN, providing secure remote access to networks using the NetExtender client.

COVID19 has had a dramatic effect on the world. With companies changing the way they operate and work and teams are looking at different ways to communicate and access information.

Most people who are using some form of device connected online will have had, or fallen victim to a data breach, where their personal information has been compromised.

Fortnite

TZ570 and TZ670 Series firewall customers now have a new way to ease and enhance their onboarding experience.

For most of us, mobile devices are becoming the go-to means for getting work done in a digitally connected world. By 2023, the number of mobile device users will increase to 7.33 billion — and by 2025, 72% of those accessing applications and the web will do so with smartphones alone.

Network admins are also utilizing mobile devices to get work done: These devices allow them to extend their presence, enabling faster responses and easier network configuration and setup.

As part of our commitment to anytime, anywhere cybersecurity, SonicWall is launching the SonicExpress mobile app. The SonicExpress mobile app greatly simplifies firewall onboarding: device registration, initial setup, basic configuration, and monitoring for 7th generation SonicWall firewalls, including the recently launched TZ670 and TZ570 series. Designed for the Apple and Android platforms, the SonicExpress app is now available for download from the Apple App Store and the Google Play Store.

Onboarding as easy as 1, 2, 3

The typical onboarding process involves appliance registration and several other steps that must be completed in order to get a new firewall ready for configuration and use. With SonicExpress, the onboarding experience of a new firewall involves just three simple steps:

1. Launch the SonicExpress App on a mobile device
2. Connect a mobile device USB cable to the new firewall
3. Finish setup

Designed with intuitive interfaces, the SonicExpress app guides the user through device registration and initial setup in less than a minute.

Simplified initial firewall setup

Zero-touch deployments require firewalls to connect to the internet using a DHCP address on the WAN interface. However, in certain deployments, WAN interfaces are assigned static IP addresses or configured over a PPPoE interface. For closed network deployments, there is typically no internet connectivity for the firewall being set up. The app helps with these and other initial setup configurations by connecting the firewall using the USB interface.

The SonicWall Express Setup Guide walks users through the process of getting their firewall registered and set up for specific deployment use cases. Alternately, users can choose to register the firewall without going through the entire setup process by simply scanning a QR code.

Monitoring your firewall

The SonicExpress app allows users to monitor firewalls for threat alerts, resource utilization and system status via an intuitive dashboard. It offers the flexibility of being able to check the health of your network from anywhere and the convenience of being able to make easy, quick changes necessary to ensure the security posture of your network.

There’s more coming

This is just the initial release of the app — we’ll be adding more features in future releases, including firmware management and advanced configuration capabilities similar to those available on the web management interface.

For a firsthand look at the new SonicExpress App, you can download it directly from the Apple App Store or Google Play Store.

Today, SonicWall announce the following new technology that simplifies proven security for newly extended distributed enterprises, governments and MSSPs; expand breakthrough economics to high-security environments; maximize investments by delivering proven, future-proof security; and make security administration easier and more accessible to more organizations.

• New SonicOS 7.0 simplifies the security experience with an all-new user interface and experience (UI/UX), which is smartly organized, includes intelligent device dashboards, re-designed topologies, SonicExpress mobile app support, and simplified policy creation and management.
  
  
• New SonicOSX 7.0 lets governments and enterprises scale faster, protect more and maintain control. The enhanced OS simplifies complex policy, audit and management controls — all while delivering the fresh, modern and easy-to-use UI/UX available on the new SonicOS 7.0 offering.
• New SonicWall Network Security Manager (NSM) 2.0 helps organizations re-gain visibility for sprawling, mass-scale environments. Optimize, control, monitor and manage tens of thousands of network security devices, including firewalls, managed switches and access points. A cloud-native management platform, NSM is designed for speed, scalability and reliability across the largest distributed enterprises.
• New SonicWall NSsp 15700 high-end firewalls, with multiple 100/40/10 GbE interfaces, TLS 1.3 support and compute-cluster-like processing capacity, help enterprises, governments, data centers and MSSPs get more from their investments as resource utilization and connection requirements grow with the explosion of connected devices and users.
• New SonicWall TZ570 and TZ670 next-generation firewalls are the first desktop firewall form factor to offer multi-gigabit (5/10G) interfaces for connectivity with SonicWall Switches or other networking devices in SD-Branch deployments — all with more than three times the threat performance and TLS 1.3 support.
• New SonicWall NSv 270, 470 and 870 virtual firewalls simplify protection of private and public cloud assets with scalable, virtual and cost-effective security.
• New SonicWall SonicExpress allows administrations to manage security on the go. Complete the most common management tasks, including firewall registration, setup, configuration and monitoring, and easily onboard new firewalls within minutes with three easy steps: register, connect and manage.
• New SonicWall CSa 1000 stops advanced cyberattacks that target large networks via an all-new on-premise appliance. CSa includes access to RTDMITM, which provides network-based protection against the future of side-channel attacks such as Meltdown, Spectre, Foreshadow, PortSmash, Spoiler, MDS and TPM-Fail.

For the full announcement, please read the press release, explore additional details on the SonicWall blog and see the new line of NSsp firewalls, TZ firewalls, NSv firewalls, NSM 2.0 and CSa 1000. SonicWall’s commitment has always been to help protect you, your business and your brand in the new business normal. Today, it’s never been easier to realize true cybersecurity by breaking free from the constraints of the past.

Using the SonicOS 6.2.5.3 or earlier versions of these firewalls, we’ll take a look at how you can block unwanted HTTPS websites, the steps and procedures to follow as well as some of the advanced features to implement.

Starting at the very beginning….

In earlier versions of the HTTPS traffic filtering, IP addresses would carry out the work, and filtering would be carried out based on these IP server addresses.

When we talk about Content Filtering, this applies to all domains entered within lists you create as well as those that match these lists (Match Objects), which can all be entered in your Allowed and Forbidden lists.

These points can be found with the Firewall application pages.

Ultimately, what this means is that when you enable Filtering for HTTPS Content, the information will be scrutinised under CFS, Configure, CFS window.

This CFS setting is globally applied and relates to:

• Forbidden Domains
• Allow Domains
• CFS Allow/Forbidden List (App Rules)
• CFS Category List (App Rules)

Keyword Blocking

From here you can get hostnames in two particular ways:

1. Finding the hostname to get rating info, by examining SSL Hello. If upon examination, you discover it supports the SSL server name and extension, you will be able to find the hostname in SSL Hello Client.

2. Finding the Common Name, again, by examining the Server Hello certificate.

How to block HTTPS Content

To ensure that the content you want to block is 100% blocked, you also need to configure this for HTTPS.

To do this, you need to log in to your SonicWall management system and choose the Security Services and Content Filter tab.

From here, within the Content-Type, make sure SonicWall CFS is selected and click on Configure.

Finally, change this to Enable and to make sure all changes are saved, click OK.

Users and Zone Screens

Within the SonicWall firewall settings, you can also add the custom list for Allow or Forbidden in CFS by selecting zone and user screens through CFS Policy Assignment heading.

Once this has been changed, make sure to click accept.

Within the Content-Type, click Configure once, and only once, SonicWall CFS has been selected.

Then you can move on to the Custom tab list.

To add custom lists, click on the Add button below the Forbidden Domains box and enter the sites/apps that you would like to block.

When you’re finished, click OK to save changes.

How to configure your custom policies to include your Allow/Forbidden list

Whatever has been included within the Forbidden box automatically applies to default policies.

However, to ensure the same applies to the Custom CFS policy, this needs to be manually agreed and input.

To do this, locate the Customs CFS Policy, Edit, and click on the Settings tab.

Change the field Source to Global for Forbidden Domains and click OK.

How, using App rules, you can add Allow and Forbidden Customised Lists to CFS

Going back into Security Services and locating the Content Filtering Page, make sure to choose App Rules found in CFS Policy Assignment – then click on Accept.

To match objects…

Open up your SonicWall firewall settings and find Match Objects. Choose the option Add New.

Here you will then be able to add your customised list of forbidden and allowed websites and domain names by selecting CFS Allow or Forbid.

You also have the option of loading such lists from files containing the names of your chosen domains – however, note, each domain should be on a separate line to the previous for it to be recognised, and there is a maximum file size of 8192 bytes.

Custom List Objects differ from CFS zones and users as it can’t be used as a standalone as it will only appear with a CFS Category List.

In these instances, it’s important to set your App Rules.

To do this, you need to go into your SonicWall application control and look for the App Rules.

Here you can tick the box to Enable and choose to Add New to create your own App Rules.

All messages recorded

SonicWall firewalls are sophisticated security applications used to provide you with maximum protection.

As such, they also provide you with detailed log messages showing users when CFS has blocked HTTPS websites.

Note: Users can’t and won’t see full logs, only that the page they have requested is not permitted at this time.

To find out more about SonicWall and how we can help protect you and your users further, call us on 0333 2405667 or visit this page.

Read the next article: How your SonicWall Firewall can protect you against even the worst cyber attacks

SonicOS 7.0 is the upcoming unified feature release that runs on all Gen 7 firewalls. Key highlights of the upcoming SonicOS are:

• New UX/UI (Dashboard, Device information, API, Topology view, Optimized policy engine)
• Storage support
• TLS 1.3 support
• Global search for static data
• Gen7 Connections scalability (SPI, DPI, DPI SSL)
• WWAN USB card support (5G/LTE/4G/3G)
• Gen7 SonicExpress Mobile app support
• SonicWall Switch Integration support
• NSM 2.0 support (Gen7 Zero-Touch Registration and Provisioning)

One of the most common questions we get asked is how to use the controlled features within firewall software to block pop-ups and apps such as YouTube etc.

Using SonicWall firewall software, we’ll talk you through how to block a program, as well as use some of the advanced features within the operating system.

Blocking programs using SonicWall Firewall

Our step by step guide below is based on the SonicWall management system.

Firstly, you need to login to your firewall system and click on Manage displayed across the top of the bar.

Then look for Rules Advanced Application Control (in some operating systems this page can be found under Security Services.

On this page, you then need to choose and tick the box that states Enable App Control, and for these changes to be accepted, click the Accept button to enable this control feature.

Then within the App Control Advanced and category, choose Multimedia, and click Configure.

Finally, within the Edit App Category window, within the Log and Block criteria, choose to Enable for both of these.

Once complete, click, OK.

If there is a multimedia site or a specific app that you would like to block, for example, YouTube the steps to block individual apps are as follows:

Go into App Control Advanced and look for Advanced Application Control.

Within this section, you can then choose the app or multimedia site in question, i.e., YouTube.

You then need to click Configure.

Again, within the Edit App section, and under the Log and Block criteria, you need to choose the option Enable for the individual site you have selected to be blocked from your network.

To ensure all changes are saved, click OK.

SonicWall Application Control

The SonicWall firewall has several signatures covering a variety of multimedia sites and apps, providing you with the option of whether you would like these programs blocked or not.

It’s important to know how to block unwanted apps and programs on an individual level, but it is also worth noting the signatures included within SonicWALL’s App Control.

The list of most up to date signatures can be found HERE.

Local Area Networks and Application Control

In some instances, it may be applicable to enable application control if you are operating using a Local Area Network (LAN).

To do this, on the top bar, locate Manage, and scroll to Navigate to Network / Zones.

From here, you can simply click on the configure button located under the network zone that you wish to enable the App Control for.

Make sure that you tick the box labelled, Enable App Control Service (found at the bottom right of the pop-up page).

Click OK so all changes can be saved.

Does it work?

This is a good question, and if we’re honest, the only way to truly find out is to test it!

To test, we’d advise you to log in to a site or app that you have recently blocked, such as the YouTube example we mentioned above – and do this from a host behind the SonicWall.

When logging in, use either HTTP or HTTPS, so you get the message reading, `the connection was reset page`. A message will also be logged in the SonicWall, which states that the connection was reset and that ultimately the site you are trying to access is unavailable at the moment.

If you use the HTTPS route, YouTube will display on your screen; however, you won’t be able to see anything or play any videos or content, and a further error message will also be displayed on the screen.

Within your SonicWall firewall, these attempted logins will be recorded for you to see.

If you are using earlier versions of SonicWall

If you are using earlier versions of firmware and SonicOS 6.2, the steps below will allow you to block apps and sites similar to what we have mentioned above.

Firstly, you need to login to your SonicWall management and locate your firewall within the App Control Advanced tab (this page may also be named Security Services).

Make sure to tick the box named Enable App Control - click Accept for all changes to be saved.

Then, in App Control Advanced, View Style, choose within the category, Multimedia.

Click Configure and move to Edit App Category, wherein the Log and Block criteria, change these to Enable.

Finally, hit OK.

Blocking specific and individual apps and sites

Again, we’ll use the example of YouTube as the app to block. Within the App Control Advanced page, look for the View Style Application.

Here you will be able to select the individual site or app you are looking to block/restrict.

Once you have chosen the site, click configure and move to Edit App Control App, change the Log and Block criteria to Enable.

Again, make sure to click OK, so all changes are saved.

SonicWall Firewall settings are designed with users in mind, so you will find them to be straightforward and easy to manoeuvre.

If you want any further information on SonicWall, Firewalls, and how to ensure your networks are 100% protected, call us on