SonicWall Firewall (UTM) Clustering Deployment Scenario

Description

SonicWall Firewall (UTM) Clustering Deployment Scenario

Resolution

UTM Clustering consists of two SonicWall Network Security (NSA) series appliances setup in series to pass traffic through both units. The first appliance is configured in NAT mode, and takes care of Gateway Anti-Virus (GAV) and inbound Anti-Spyware. The second appliance is configured as an L2 Bridge, and runs Intrusion Prevention Service (IPS) and outbound Anti-Spyware. This allows for improved performance by splitting up security services amongst the two UTM appliances.

The appliances are configured in the following way:

SonicWall Appliance 1:

  • IPS: Global enabled
  • GAV: Global Disabled
  • Anti-Spyware: Global enabled, Outbound Anti-Spyware enabled, All of HTTP/POP3/SMTP/FTP/IMAP is Disabled

SonicWall Appliance 2:

  • IPS: Global Disabled
  • GAV: Global enabled (all protocols can be enabled or just the default ones)
  • Anti-Spyware: Global enabled, Outbound Anti-Spyware is Disabled, Some or all of HTTP/POP3/SMTP/FTP/IMAP is Enabled

Source: SonicOS Enhanced 5.0.0.12 and 5.0.0.13 Release Notes

Related Articles

  • SonicOS 8.1.0 FAQ
    Read More
  • SonicWall GEN8 TZs and GEN8 NSas Settings Migration
    Read More
  • Getting started with SonicWall firewalls
    Read More

Categories

Firewalls
SonicWall NSA Series
Firewalls
SonicWall SuperMassive 9000 Series
Firewalls
SonicWall SuperMassive E10000 Series
Firewalls
TZ Series
not finding your answers?
Ask the Community