How do I deploy SonicWall's Web Application Firewall (WAF) solution?

Description

SMB SSL-VPN: How do I deploy SonicWall's WAF solution? (Web Application Firewall FAQ)

Resolution

One-Arm Mode Deployment

A WAF-enabled SonicWall SRA appliance is commonly deployed in tandem in “one-arm” mode over the DMZ or Opt interface on an accompanying gateway appliance, for example, a SonicWall Unified Threat Management (UTM) appliance, such as a SonicWall NSA E7500 appliance.
 
The primary interface (X0) on the SonicWall SRA connects to an available segment on the gateway device. The encrypted user session from the client is passed through the gateway to the SonicWall SRA appliance. The SonicWall SRA appliance decrypts the SSL encrypted session, normalizes encoded data, scans the HTTP request for intrusions, and enforces authorization controls and access policies to determine if the requested resource should be allowed or blocked. If the HTTP request is safe, then it traverses the gateway appliance to reach the backend Web site. The Web site then returns the requested content to the SonicWall SRA appliance through the gateway, where the HTTP response is again scanned for intrusions and SSL encrypted. The SRA forwards the encrypted response to the client.

 

 

 

 

Related Articles

  • How to Provision SMA1000 in Monthly Billing (MSSP Program)
    Read More
  • SMA 1000 Series Support Matrix
    Read More
  • How to Configure SAML 2.0 SSO with Microsoft Entra ID for SonicWall SMA 1000 Series
    Read More

Categories

Secure Mobile Access
SMA 100 Series
not finding your answers?
Ask the Community
Chat