SMB SSL-VPN: What is the recommended SRA deployment

Description

What is the recommended and most common deployment of SRA appliances ?

Resolution

One-port mode (one arm deployment), where only the X0 interface is utilized, and the appliance is placed in a separated, protected “DMZ” network/interface of a SonicWall security appliance, such as the SonicWall TZ appliance or NSA appliance.

 

This method of deployment offers additional layers of security control plus the ability to use SonicWall’s Unified Threat Management (UTM) services, including Gateway Anti-Virus, Anti-Spyware, Content Filtering and Intrusion Prevention, to scan all incoming and outgoing NetExtender traffic.

 

SRA can be deployed in either a new DMZ zone or an existing one:

Image

 

SRA can also be deployed in the LAN (this method is less common and less recommended). All three recommended deployments are covered by the getting started guides:

 

http://support-public.cfm.quest.com/34409_SMA_200_400_GettingStartedGuide.pdf

 

 

Related Articles

  • SMA1000: How to Check Equipment ID (Hardware ID) for EPC on Windows 11
    Read More
  • SMA1000: Troubleshooting RDP Connection Failures Through VPN Tunnel
    Read More
  • Remote Desktop (RDP) security warnings when connecting to Remote Desktop shortcuts with SonicWall CSE App
    Read More

Categories

Secure Mobile Access
SMA 100 Series
not finding your answers?
Ask the Community
Chat