SMB SSL-VPN: What is the recommended SRA deployment

Description

What is the recommended and most common deployment of SRA appliances ?

Resolution

One-port mode (one arm deployment), where only the X0 interface is utilized, and the appliance is placed in a separated, protected “DMZ” network/interface of a SonicWall security appliance, such as the SonicWall TZ appliance or NSA appliance.

 

This method of deployment offers additional layers of security control plus the ability to use SonicWall’s Unified Threat Management (UTM) services, including Gateway Anti-Virus, Anti-Spyware, Content Filtering and Intrusion Prevention, to scan all incoming and outgoing NetExtender traffic.

 

SRA can be deployed in either a new DMZ zone or an existing one:

Image

 

SRA can also be deployed in the LAN (this method is less common and less recommended). All three recommended deployments are covered by the getting started guides:

 

http://support-public.cfm.quest.com/34409_SMA_200_400_GettingStartedGuide.pdf

 

 

Related Articles

  • SMA100 End of Support No-Charge Replacement FAQ
    Read More
  • SMA1000: Post upgrade to 12.5.0 on AWS and Azure, we show the error Could not retrieve the DNS settings once we log in to AMC/CMS console
    Read More
  • Firmware version required to upgrade to version 12.5.0.
    Read More

Categories

Secure Mobile Access
SMA 100 Series
not finding your answers?
Ask the Community