Introduction

Imagine a world without any rules, regulations, or consequences; where everyone did exactly what they wanted to do, when they wanted to do it. It would be dangerous and chaotic; nothing would be safe.

Networks live in a similar world. Even though laws have been passed, new regulations are being enforced, and the consequences are more severe, networks are still being scanned daily for weaknesses. A single weak point in your perimeter defense can cause you to lose valuable data.

This chapter covers the components that access rules require, and covers how to best plan, implement, and maintain a secure set of rules to protect your private network(s). It also discusses the Advanced Firewall settings and the BWM features available on the SonicWALL.

Theory of Access Control

The theory behind access control is simple: allow access to the required resources and deny everything else. On a SonicWALL firewall, access to any zone from the Wide Area Network (WAN) is denied, and access from the Local Area Network (LAN) to any zone is allowed. This makes the initial installation of the SonicWALL as simple as providing the interfaces with proper Internet Protocol (IP) address information, and then physically plugging the unit in. At this point, the rules required to restrict traffic into and out of a network can be implemented.

The official SonicWALL definition of access rules is, "Access rules are network management tools that allow you to define inbound and outbound access policy, configure user authentication, and enable remote...