SonicWall Firewall (UTM) Clustering Deployment Scenario

Description

SonicWall Firewall (UTM) Clustering Deployment Scenario

Resolution

UTM Clustering consists of two SonicWall Network Security (NSA) series appliances setup in series to pass traffic through both units. The first appliance is configured in NAT mode, and takes care of Gateway Anti-Virus (GAV) and inbound Anti-Spyware. The second appliance is configured as an L2 Bridge, and runs Intrusion Prevention Service (IPS) and outbound Anti-Spyware. This allows for improved performance by splitting up security services amongst the two UTM appliances.

The appliances are configured in the following way:

SonicWall Appliance 1:

  • IPS: Global enabled
  • GAV: Global Disabled
  • Anti-Spyware: Global enabled, Outbound Anti-Spyware enabled, All of HTTP/POP3/SMTP/FTP/IMAP is Disabled

SonicWall Appliance 2:

  • IPS: Global Disabled
  • GAV: Global enabled (all protocols can be enabled or just the default ones)
  • Anti-Spyware: Global enabled, Outbound Anti-Spyware is Disabled, Some or all of HTTP/POP3/SMTP/FTP/IMAP is Enabled

Source: SonicOS Enhanced 5.0.0.12 and 5.0.0.13 Release Notes

Related Articles

  • SSH password authentication fails after OpenSSH upgrade
    Read More
  • Where can I download SonicWall stencils?
    Read More
  • Configuring High Availability Monitoring settings
    Read More

Categories

Firewalls
SonicWall NSA Series
Firewalls
SonicWall SuperMassive 9000 Series
Firewalls
SonicWall SuperMassive E10000 Series
Firewalls
TZ Series
not finding your answers?
Ask the Community
Chat