Tips to protect the Administrator Access to the SonicWall Firewalls
03/26/2020 1041 10766
Video Tutorial:Click here for the video tutorial of this topic.
Step 1: Set up a strong password
Step 2: Enable HTTP/HTTPS access only where required
Step 3: Create Source Specific Access Rules
Step 4: Implement User Authentication
Step 5: Create and monitor user account based on requirement
Step 6: Log Automation
Step 7: Use of Reporting Software
Step 8: Storage of backup settings
Step 1: Set up a strong password:
- Navigate to System | Administration.
- Under Administrator name Password, set a strong password. You can search for common passwords used online and avoid the same. This gives you better security.
- Administrator Name can also be changed if required.
Step 2: Enable HTTP/HTTPS access only where required:
- Under Network | Interfaces, edit the WAN interface and disable the http and https management if you are not going to access the SonicWall from the WAN side.
- Also enable only HTTPS access for the LAN.
Step 3: Create Source Specific Access Rules:
Step 4: Implement User Authentication:
- It is recommended to implement user level authentication or use SSO agent with LDAP on the SonicWall so that the tracking can be done based on user.
Step 5: Create and monitor User Account based on requirement:
- It is not recommended to share the Password of the SonicWall. It is instead recommended to create separate user accounts for the Administrators and enable user login on the LAN Interface. The User accounts can be created and can be given limited administrator access if required.
- It is recommended to delete the admin user accounts if not needed.
Step 6: Log Automation:
- Log Automation feature sends the SonicWall logs to your email. You can set up automation in such a way that the logs are recieved if there is any critical issue with the device or any alert log. To configure automation, please go through the KB article 3800.
Step 7: Use of Reporting Software:
- You can use Reporting Softwares like Analyzer that collect the SonicWall logs and give you a consolidated daily/weekly report of the activities based on the logs generated.
Step 8: Storage of Backup Settings:
- To take a backup of the current settings on the SonicWall, navigate to System | Settings and click on Export Settings. Store a good known backup file with you at all times as a best practice, please refer KB article 5645