How do I deploy SonicWall's Web Application Firewall (WAF) solution?

Description

SMB SSL-VPN: How do I deploy SonicWall's WAF solution? (Web Application Firewall FAQ)

Resolution

One-Arm Mode Deployment

A WAF-enabled SonicWall SRA appliance is commonly deployed in tandem in “one-arm” mode over the DMZ or Opt interface on an accompanying gateway appliance, for example, a SonicWall Unified Threat Management (UTM) appliance, such as a SonicWall NSA E7500 appliance.
 
The primary interface (X0) on the SonicWall SRA connects to an available segment on the gateway device. The encrypted user session from the client is passed through the gateway to the SonicWall SRA appliance. The SonicWall SRA appliance decrypts the SSL encrypted session, normalizes encoded data, scans the HTTP request for intrusions, and enforces authorization controls and access policies to determine if the requested resource should be allowed or blocked. If the HTTP request is safe, then it traverses the gateway appliance to reach the backend Web site. The Web site then returns the requested content to the SonicWall SRA appliance through the gateway, where the HTTP response is again scanned for intrusions and SSL encrypted. The SRA forwards the encrypted response to the client.

 

 

 

 

Related Articles

  • SMA100 End of Support No-Charge Replacement FAQ
    Read More
  • SMA1000: Post upgrade to 12.5.0 on AWS and Azure, we show the error Could not retrieve the DNS settings once we log in to AMC/CMS console
    Read More
  • Firmware version required to upgrade to version 12.5.0.
    Read More

Categories

Secure Mobile Access
SMA 100 Series
not finding your answers?
Ask the Community