SonicWall Cloud Edge Frequently Asked Questions

01/19/1970 1 1678

DESCRIPTION:

Prerequisites

What are the prerequisites to get started with SonicWall Cloud Edge Secure Access?

• Create or validate your My SonicWall account
• Enable valid licenses (trial/permanent)
• Activate the SonicWall Cloud Edge Secure Access software
• Review System Requirements.

Licensing

Do I need to have a SonicWall Firewall to activate SonicWall Cloud Edge Secure Access?

You can activate SonicWall Cloud Edge Secure Access from a SonicWall Network Security appliance and activate it without a Network Security appliance.

Installation

What are different browsers supported for SonicWall Cloud Edge Secure Access client web access?

It supports all modern browsers except Internet explorer 11

Platforms currently supported by SonicWall Cloud Edge Secure Access?

Currently , SonicWall Cloud Edge Secure Access client installers installed on Windows, MacOS . iOS and Android.

Networks

Can one network have multiple regions?

Yes, one network can have multiple gateways to lower latency and increase in the performance. Users/members will automatically be routes to the closest region.

Can one region have multiple gateways?

Yes, one region can have several gateways to improve redundancy and load-balancing between the gateways.

Does a single gateway support multiple tunnel connection?

Yes, it can have multiple tunnel connection

Do we have any max number or practical limitation on Number of Gateways, how many concurrent tunnels, number of users, or so for a tenant?

As such no limit on creating Gateways, 50 concurrent users/tunnels are recommended per gateway as this is 1Gib interface. hence bandwidth matter for best performance. Up to 50 concurrent tunnels per GW performs good

Connecting Infrastructure

Does SonicWall Cloud Edge Secure Access support IPSec tunnel?

Yes, a site-to site connection between your network and your cloud infrastructure can be easily implemented with any IaaS provider.

What are requirements for connecting to on-prem infrastructure?

• Your internal network follows industry-accepted design patterns
• No overlapping subnets reside on your VPC’s or DC
• Your cloud Edge network does not overlap with your internal network subnet
• All subnet masks are either Class B or C

Can I run the WireGaurd connector on a Linux machine?

Yes, if pre-requisites fulfilled.

Pre-requisites:

On Ubuntu:

• Install:

• curl
• Dig
• Software-properties-common

On CentOS/RedHat EL7

• Install:

• Curl
• Bind-utils

What are different cloud resources that can be connected?

• Amazon AWS
• Alibaba cloud
• Microsoft Azure
• Google Cloud Platform
• Heroku Enterprise
• IBM cloud

What IP Sec devices and versions are officially supported for Cloud Edge Gateway? What information are available on Cloud Edge for troubleshooting S2S VPN such as connection establishment fails with a VPN gateway always, VPN is disconnected periodically or disconnected intermittently. 

CloudEdge supports all IPSEC versions IKE1 and IKE2 with different encryptions and settings available. IPSEC troubleshooting is easy to troubleshoot. we display connections status RED/GREEN on CE console which tells the tunnel status. With regards to verify IPSEC tunnel intermittent disconnect and other issues , we can also verify IPSEC status with the vendors like AWS, AZure, Firewalls etc. As an example if IPSEC created from AWS, then AWS provide capabilities to verify IPSEC tunnel status from  its dashboard.

Groups and Members

How can I add users/member?

You can add members by sending them invites by adding their emails or add users through your IDP.

Different IDP supported by SonicWall Cloud Edge Secure Access

• Integrate Identity providers
• Azure Active directory
• Google Suite
• SAML 2.0 (Twilio, OneLogin, Auth0)
• On-premise Active directory

Can a member be assigned different roles and permissions?

Yes, a member assigned in different roles manage and connect to the network- Admin, Manager, Billing and User.

Securing the Platform

Can I use multi factor authentication for client login?

Yes, various multi factor authentication methods are supported- SMS/Push notifications, Google authenticator and Duo Security

What are the different applications that is supported on the browser-based (client-less) connection?

• SSH application
• HTTP and HTTPS connection
• RDP
• VNC

Can I limit client access based on Geo-location?

You can create a granular set of rules under Policies that can limit the access to internal and cloud resources based on Groups, Date and Time, Geo-location, Operating System and Browsers.

Where can I download agents for client-based access?

You can download the Agents under Downloads tab in your Management console. Those links are also available to the end-users.

Monitoring

Can I integrate Splunk Cloud for log collection?

Yes, Splunk Cloud integrated to collect data for analysis and review of user-activity on the network.

Compliance

Is SonicWall Cloud Edge Secure Access HIPPAA compliant?

Yes, SonicWall Cloud Edge Secure Access is HIPAA compliant. It also adheres to GDPR and SOC2 Type 2 compliance standards.

Troubleshooting

How to troubleshoot performance issue when connected via Cloudedge?

The ISP used matter in general, there are different cases in which ISP’s just drop UDP. Sometimes performance is slow on the Gateway due to UDP drop on ISP. We can verify the performance by running speed test on source without agents/tunnel and with agents. In case performance lag is high with/without agent then we can recreate the gateway , this helps to improve the performance