- Products
- Network Security
Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
Security ServicesComprehensive security for your network security solution
Network Security ManagerModern Security Management for today’s security landscape
- Advanced Threat Protection
Capture ATPMulti-engine advanced threat detection
Capture Security applianceAdvanced Threat Protection for modern threat landscape
- Access Security
Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
Secure Mobile AccessRemote, best-in-class, secure access
Wireless Access PointsEasy to manage, fast and secure Wi-FI
SwitchesHigh-speed network switching for business connectivity
- Email Security
Email SecurityProtect against today’s advanced email threats
- Cloud Security
Cloud App SecurityVisibility and security for Cloud Apps
Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
- Endpoint Security
Capture ClientStop advanced threats and rollback the damage caused by malware
Content Filtering ClientControl access to unwanted and unsecure web content
- Product Widgets
- Product Menu Right Image
-
- Network Security
- Solutions
- Solutions Widgets
- Solutions Image Widgets
-
- Solutions Widgets
- Partners
- Partner Widgets
- Partners Image Widgets
-
- Partner Widgets
- Support
- Support Widget
- Support Image Widgets
-
- Support Widget
- Products
- Network Security
- Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
- Security ServicesComprehensive security for your network security solution
- Network Security ManagerModern Security Management for today’s security landscape
- Advanced Threat Protection
- Capture ATPMulti-engine advanced threat detection
- Capture Security applianceAdvanced Threat Protection for modern threat landscape
- Access Security
- Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
- Secure Mobile AccessRemote, best-in-class, secure access
- Wireless Access PointsEasy to manage, fast and secure Wi-FI
- SwitchesHigh-speed network switching for business connectivity
- Email Security
- Email SecurityProtect against today’s advanced email threats
- Cloud Security
- Cloud App SecurityVisibility and security for Cloud Apps
- Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
- Endpoint Security
- Capture ClientStop advanced threats and rollback the damage caused by malware
- Content Filtering ClientControl access to unwanted and unsecure web content
- Product Widgets
- Product Menu Right Image
-
- Network Security
- Solutions
- Solutions Widgets
- Solutions Image Widgets
-
- Solutions Widgets
- Partners
- Partner Widgets
- Partners Image Widgets
-
- Partner Widgets
- Support
- Support Widget
- Support Image Widgets
-
- Support Widget
Tips to protect the Administrator Access to the SonicWall Firewalls
03/26/2020 
1,043 People found this article helpful
100,098 Views
Description
Video Tutorial:Click here for the video tutorial of this topic.
Step 1: Set up a strong password
Step 2: Enable HTTP/HTTPS access only where required
Step 3: Create Source Specific Access Rules
Step 4: Implement User Authentication
Step 5: Create and monitor user account based on requirement
Step 6: Log Automation
Step 7: Use of Reporting Software
Step 8: Storage of backup settings
Resolution
Step 1: Set up a strong password:
- Navigate to System | Administration.
- Under Administrator name Password, set a strong password. You can search for common passwords used online and avoid the same. This gives you better security.
- Administrator Name can also be changed if required.
Step 2: Enable HTTP/HTTPS access only where required:
- Under Network | Interfaces, edit the WAN interface and disable the http and https management if you are not going to access the SonicWall from the WAN side.
- Also enable only HTTPS access for the LAN.
Step 3: Create Source Specific Access Rules:
- If you need to manage the SonicWall from your home, enable the https management on the WAN zone. Navigate to Firewall | Access Rules.
- Click on Drop down boxes and select WAN to WAN.
- You will have a HTTPS access rule that is auto-created. Edit the access rule and in the source field, create a new address object for your home IP address.
NOTE: The home IP address should be a static WAN IP.
Step 4: Implement User Authentication:
- It is recommended to implement user level authentication or use SSO agent with LDAP on the SonicWall so that the tracking can be done based on user.
Step 5: Create and monitor User Account based on requirement:
- It is not recommended to share the Password of the SonicWall. It is instead recommended to create separate user accounts for the Administrators and enable user login on the LAN Interface. The User accounts can be created and can be given limited administrator access if required.
- It is recommended to delete the admin user accounts if not needed.
Step 6: Log Automation:
- Log Automation feature sends the SonicWall logs to your email. You can set up automation in such a way that the logs are recieved if there is any critical issue with the device or any alert log. To configure automation, please go through the KB article 3800.
Step 7: Use of Reporting Software:
- You can use Reporting Softwares like Analyzer that collect the SonicWall logs and give you a consolidated daily/weekly report of the activities based on the logs generated.
Step 8: Storage of Backup Settings:
- To take a backup of the current settings on the SonicWall, navigate to System | Settings and click on Export Settings. Store a good known backup file with you at all times as a best practice, please refer KB article 5645
Related Articles
Categories
- Firewalls > TZ Series
- Firewalls > SonicWall SuperMassive E10000 Series
- Firewalls > SonicWall SuperMassive 9000 Series
- Firewalls > SonicWall NSA Series
YES
NO