Configuring SonicWALL Firewalls

This chapter covers the details of the security features in SonicWALL appliances. These devices are packed with features that make life easier for administrators easy to configure VPNs, built-in Dynamic Host Control Protocol (DHCP) server, advanced Network Address Translation (NAT) functionality, enhanced logging capabilities, and much more. However, a firewall s primary responsibility has always been security, keeping the bad bits out and letting the good bits in.
In addition to the strong feature set for network administration, SonicWALL appliances offer an equally strong set of protective tools. SonicWALLs have always protected networks against classic attacks such as Land, Teardrop, Ping of Death, and other network-layer=based attacks. These defensive features allow for Interface/Zone specific settings based on the level of risk Interface/Zone faces.
Moreover, while protecting at the network layer is both important and efficient, in today s world of application-layer-specific attacks, it does not provide sufficient security coverage by itself. Several optional services are available for SonicWALL appliances that provide additional security features, such as Intrusion Prevention, Content Filtering, Network Antivirus, Gateway Antivirus, Email Filtering, and Real Time Blacklists. Combine a well-defined and properly configured rule base with the optional services, and a complete picture emerges. However, what are we protecting ourselves from?
There are almost as many ways to attack a network as there are hackers who try it, but the majority of attack methods can be categorized as either automated or manual. Automated attacks cover the kinds of...