This document provides administrators and engineers guidance on some of the common administration practices for SonicWall firewall appliances, which increases the overall security of an end-to end architecture.
Access to SonicWall's knowledge base and support documentation.
Update your SonicOS firmware to the current latest version to get current features and functions (for normal requirements use current General Release). Review the SonicOS Administrator Guide and the Release note for the latest information. Note: Careful consideration should be given to validate any of special requirements of each deployment location.
Backup for disaster and recovery, backup often. Create and save system export (EXP) files and a Tech Support Report (TSR) at each critical stage (before and after any change). Document and label each backup, will make easy to roll back to a good known state.
Protect Administrator accounts at all cost. Use strong passwords and change often. Limit Administration access to only where it is really needed. Limit who, where, when admin access is granted. Log all admin access will make it easy to audit.
Use Network Time Protocol (NTP) NTP is a widely used protocol used to synchronize the clocks of routers and other hardware devices on the Internet. If any of the device clocks is wrong, then not only logs and troubleshooting information can be incorrect, but also security policy objects such as schedulers can have unintended results.
Tip 1: Register the SonicWall Firewall.
A MySonicWall account is required for product registration, licensing, and firmware downloads. You must register your SonicWall security appliance on www.MySonicWall.com to enable full functionality.
Complete all required fields on the Registration form.
Verify the information is correct and click Submit.
Complete your registration by following instructions in the email from email@example.com. Activate your account within 72 hours or you will need to re-register.
Next, register your SonicWall device by following these steps:
Point your browser to the appliance LAN IP address (default https://192.168.168.168) and log in using the administrator credentials.
Click Register on the Manage tab | Licenses page
Log in using your MySonicWall account name and password.
MySonicWall gets the necessary information directly from the SonicWall appliance. When finished, you will see a message that registration has been completed.
The SonicWall license screen under the same page shows all the firewall's services and their expiration dates. Manage your services from your www.MySonicWall.com account or through the Appliance GUI. Test drive new services with SonicWall's free trial offers.
Manage Support Services allows the activation or renewal of important services.
Help! Clicking the Register link on the System | Status page doesn't work!
Your SonicWall registration activities require DNS and HTTPS to reach SonicWall's license manager. The most common causes of registration problems are:
Wrong DNS server settings
Prevention of DNS and /or HTTPS traffic by an upstream device
Make sure the DNS settings on the Manage tab, in Network | DNS is pointing to DNS servers provided by your Internet Service Provider (ISP). When WAN is configured to use a static IP address, verify valid DNS entries have been added. If WAN is configured for DHCP, it should get DNS settings automatically from the ISP. Verify it is obtaining DNS information.
Use System | Diagnostics to test network connectivity to destinations such as Gateway, DNS, the Licensing systems at LicenseManager.sonicwall.com, MySonicWall.com etc.