| Networking, Security, and the Firewall | p. 1 |
| Introduction | p. 2 |
| Understanding Networking | p. 3 |
| The OSI Model | p. 3 |
| Moving Data Along with TCP/IP | p. 6 |
| Understanding Security Basics | p. 18 |
| The Need for Security | p. 19 |
| Introducing Common Security Standards | p. 19 |
| Common Information Security Concepts | p. 20 |
| Defining Information Security | p. 21 |
| Insecurity and the Internet | p. 23 |
| Identifying Potential Threats | p. 25 |
| Using VPNs in Today's Enterprise | p. 26 |
| The Battle for the Secure Enterprise | p. 26 |
| Making Your Security Come Together | p. 28 |
| Understanding Firewall Basics | p. 28 |
| Types of Firewalls | p. 29 |
| Firewall Ideologies | p. 32 |
| DMZ Concepts | p. 32 |
| Traffic Flow Concepts | p. 37 |
| Networks with and without DMZs | p. 41 |
| DMZ Design Fundamentals | p. 44 |
| Designing End-to-End Security for Data Transmission between Hosts on the Network | p. 46 |
| Traffic Flow and Protocol Fundamentals | p. 46 |
| Summary | p. 47 |
| Solutions Fast Track | p. 47 |
| Frequently Asked Questions | p. 49 |
| Dissecting the SonicWALL | p. 51 |
| Introduction | p. 52 |
| The SonicWALL Security Product Offerings | p. 53 |
| Firewalls | p. 53 |
| SSL VPN | p. 54 |
| Content Security Manager | p. 55 |
| The SonicWALL Firewall Core Technologies | p. 55 |
| SonicOS | p. 55 |
| Zones | p. 59 |
| Interface Modes | p. 60 |
| Access Rules | p. 60 |
| VPN | p. 61 |
| Deep Inspection | p. 61 |
| Device Architecture | p. 63 |
| The SonicWALL Product Line | p. 64 |
| Product Line | p. 65 |
| Summary | p. 79 |
| Solutions Fast Track | p. 80 |
| Frequently Asked Questions | p. 82 |
| Deploying SonicWALL Firewalls | p. 85 |
| Introduction | p. 86 |
| Managing the SonicWALL Firewall | p. 86 |
| SonicWALL Management Options | p. 87 |
| Administrative Users | p. 90 |
| The Local File System and the Configuration File | p. 90 |
| Using the Command-Line Interface | p. 91 |
| Using the Web User Interface | p. 96 |
| Securing the Management Interface | p. 97 |
| Updating and Managing SonicOS | p. 103 |
| System Recovery | p. 106 |
| Zones, Interfaces, and VLANs | p. 108 |
| Zones | p. 108 |
| Interfaces | p. 110 |
| Configuring the SonicWALL Firewall | p. 113 |
| Other Methods for Configuring the WAN Interface | p. 116 |
| Interface Speed Modes | p. 118 |
| Configuring System Services | p. 119 |
| Setting the Time | p. 120 |
| DHCP Server | p. 120 |
| IP Helper | p. 120 |
| DNS | p. 121 |
| Licenses | p. 121 |
| Syslog | p. 123 |
| Summary | p. 124 |
| Solutions Fast Track | p. 125 |
| Frequently Asked Questions | p. 126 |
| Policy Configuration | p. 127 |
| Introduction | p. 128 |
| Theory of Access Control | p. 128 |
| Zones | p. 129 |
| Interfaces | p. 133 |
| Address Objects | p. 137 |
| Address Groups | p. 137 |
| Creating Address Objects and Address Groups | p. 138 |
| Predefined Address Objects and Address Groups | p. 140 |
| Sonic WALL Access Rules | p. 149 |
| Access Rules-Part 1 | p. 150 |
| Access Rule Views | p. 150 |
| Creating Access Rules | p. 155 |
| Editing, Deleting, Enabling, and Disabling Access Rules | p. 156 |
| Resetting the Rule Base for a Specific Zone | p. 156 |
| Viewing Traffic Statistics for Specific Access Rules | p. 156 |
| Advanced Rules Options | p. 157 |
| BWM | p. 159 |
| QOS | p. 161 |
| Default Access Rules | p. 162 |
| Access Rules-Part 2 | p. 164 |
| Getting Ready to Create Access Rules | p. 164 |
| Advanced Options for Firewalls | p. 176 |
| Detection Prevention | p. 177 |
| Dynamic Ports | p. 178 |
| Source-Routed Packets | p. 178 |
| Connections | p. 179 |
| Access Rule Service Options | p. 179 |
| TCP Settings | p. 179 |
| SYN Flood Protection | p. 184 |
| SYN Flood Protection Overview | p. 186 |
| Layer 3 SYN Flood Protection | p. 186 |
| Layer 2 Protection | p. 189 |
| Multicast | p. 190 |
| Summary | p. 191 |
| Solutions Fast Track | p. 191 |
| Frequently Asked Questions | p. 194 |
| User Authentication | p. 197 |
| Introduction | p. 197 |
| Types of Users | p. 198 |
| Local Users | p. 198 |
| Local Groups | p. 199 |
| Guest Accounts | p. 200 |
| User Settings | p. 203 |
| Authentication Methods | p. 205 |
| Summary | p. 210 |
| Routing | p. 211 |
| Introduction | p. 212 |
| Routing Information Protocol (RIP) | p. 212 |
| Networking with RIP | p. 213 |
| When to Use RIP | p. 216 |
| RIP as It Applies to SonicWALL | p. 216 |
| Open Shortest Path First (OSPF) | p. 217 |
| Networking with OSPF | p. 217 |
| How OSPF Works | p. 218 |
| When to Use OSPF | p. 219 |
| Basic OSPF Configuration on a SonicWALL | p. 219 |
| Summary | p. 220 |
| Solutions Fast Track | p. 221 |
| Address Translation | p. 223 |
| Introduction | p. 224 |
| The Purpose of Address Translation | p. 224 |
| Advantages of Address Translation | p. 225 |
| Disadvantages of Address Translation | p. 226 |
| SonicWALL NAT Overview | p. 227 |
| Source NAT | p. 227 |
| Destination NAT | p. 229 |
| One-to-One NAT | p. 231 |
| Policy-Based NAT | p. 233 |
| NAT Policy Basics | p. 235 |
| Many-to-One NAT | p. 237 |
| Many-to-Many NAT | p. 238 |
| One-to-One NAT | p. 239 |
| One-to-Many | p. 241 |
| Summary | p. 243 |
| Solutions Fast Track | p. 243 |
| Frequently Asked Questions | p. 245 |
| Transparent Mode | p. 247 |
| Introduction | p. 248 |
| Interface Settings | p. 248 |
| Permanently Assigned Interfaces | p. 249 |
| Understanding How Transparent Mode Works | p. 250 |
| Configuring a Device to Use Transparent Mode | p. 251 |
| Transparent Mode Deployment Options | p. 253 |
| Summary | p. 255 |
| Solutions Fast Track | p. 255 |
| Frequently Asked Questions | p. 257 |
| Attack Detection and Defense | p. 259 |
| Introduction to the SonicOS Security Features | p. 260 |
| Understanding the Anatomy of an Attack | p. 260 |
| The Three Phases of a Hack | p. 261 |
| Script Kiddies | p. 261 |
| Black Hat Hackers | p. 262 |
| Worms, Viruses, and other Automated Malware | p. 264 |
| SonicWALL IPS | p. 268 |
| Deep Packet Inspection Overview | p. 268 |
| Configuring SonicWALL IPS | p. 269 |
| Updating SonicWALL IPS Signatures | p. 272 |
| Global-, Category-, and Signature-Level Policies | p. 272 |
| Configuring IP Address Range Inclusion and Exclusion Lists | p. 282 |
| SonicWALL Content Filtering | p. 284 |
| Configuring SonicWALL CFS | p. 290 |
| Creating Custom CFS Policies | p. 300 |
| Antivirus Services | p. 302 |
| SonicWALL Gateway Antivirus | p. 309 |
| SonicWALL Anti-Spyware | p. 310 |
| E-Mail Filter | p. 316 |
| RBL Filter | p. 319 |
| Summary | p. 322 |
| Solutions Fast Track | p. 322 |
| Frequently Asked Questions | p. 324 |
| Creating VPNs with SonicWALL | p. 325 |
| Introduction | p. 326 |
| Understanding IPSec | p. 327 |
| IPSec Modes | p. 327 |
| Protocols | p. 329 |
| Key Management | p. 329 |
| Security Associations | p. 330 |
| IPSec Tunnel Negotiations | p. 330 |
| Phase 1 | p. 331 |
| Phase 2 | p. 332 |
| Public Key Cryptography | p. 333 |
| PKI | p. 334 |
| Certificates | p. 334 |
| OCSP (CRLs) | p. 335 |
| VPNs in SonicWALL Appliances | p. 336 |
| Site-to-Site VPNs | p. 336 |
| SonicWALL Group VPN | p. 346 |
| L2TP VPNs | p. 355 |
| Gateway Redundancy | p. 359 |
| Summary | p. 360 |
| Solutions Fast Track | p. 361 |
| Links | p. 364 |
| Frequently Asked Questions | p. 364 |
| High Availability | p. 367 |
| Introduction | p. 368 |
| The Need for HA | p. 368 |
| Configuring Hardware Failover in SonicWALL Firewalls | p. 369 |
| Hardware and Software | p. 369 |
| Network Requirements | p. 370 |
| Licensing and Security Services | p. 370 |
| Loose Ends: Configuring Monitoring Addresses and Management IPs | p. 371 |
| Configuring Monitoring Links | p. 372 |
| Tips, Tricks, Traps, and Tuning | p. 373 |
| Failover Function Test | p. 373 |
| Cabling an HA Pair | p. 373 |
| Adding a SonicWALL Unit to a HF Configuration | p. 375 |
| Determining When to Failover | p. 376 |
| How HF "Fails Over" | p. 376 |
| Tuning | p. 377 |
| Summary | p. 379 |
| Solutions Fast Track | p. 379 |
| Troubleshooting the SonicWALL | p. 381 |
| Introduction | p. 382 |
| Troubleshooting Methodology | p. 382 |
| Troubleshooting Tools | p. 383 |
| Active Connections | p. 383 |
| CPU Monitor | p. 387 |
| DNS Name Lookup | p. 388 |
| Find Network Path | p. 388 |
| Packet Trace | p. 389 |
| Ping | p. 392 |
| Process Monitor | p. 393 |
| Real-Time Blacklist Lookup | p. 393 |
| Reverse Name Resolution | p. 394 |
| Traceroute | p. 394 |
| ARP Cache | p. 395 |
| System Status | p. 396 |
| Routing Table | p. 396 |
| Putting It All Together | p. 397 |
| Network Troubleshooting | p. 397 |
| Debugging the SonicWALL Appliance | p. 398 |
| SonicWALL Logs | p. 399 |
| View | p. 399 |
| Syslog | p. 400 |
| ViewPoint | p. 405 |
| Category | p. 406 |
| Automation | p. 408 |
| Name Resolution | p. 409 |
| Reports | p. 410 |
| ViewPoint | p. 411 |
| Additional Tools | p. 411 |
| Advanced Diagnostics | p. 412 |
| Technical Support Report | p. 415 |
| SonicWALL LED Behavior | p. 417 |
| Summary | p. 418 |
| Solutions Fast Track | p. 418 |
| Frequently Asked Questions | p. 420 |
| Enterprise SonicWALL Management | p. 423 |
| SonicWALL Management and Reporting | p. 424 |
| SonicWALL ViewPoint | p. 424 |
| Configuring ViewPoint | p. 430 |
| SonicWALL Global Management System Installation and Configuration | p. 432 |
| SQL Server Setup | p. 434 |
| Java Database Connectivity (JDBC) Driver | p. 445 |
| Distributed Reporting | p. 454 |
| Registering SGMS | p. 456 |
| Configuring GMS | p. 457 |
| Adding SonicWALL Appliances to SGMS | p. 461 |
| Summary | p. 484 |
| Solutions Fast Track | p. 484 |
| Frequently Asked Questions | p. 486 |
| Index | p. 487 |
| Table of Contents provided by Ingram. All Rights Reserved. |
