Tips to protect the Administrator Access to the SonicWall Firewalls

03/26/2020 1042 12165

DESCRIPTION:

Video Tutorial:Click here for the video tutorial of this topic.

Step 1: Set up a strong password
Step 2: Enable HTTP/HTTPS access only where required
Step 3: Create Source Specific Access Rules
Step 4: Implement User Authentication
Step 5: Create and monitor user account based on requirement
Step 6: Log Automation
Step 7: Use of Reporting Software
Step 8: Storage of backup settings

RESOLUTION:

Step 1: Set up a strong password:

• Navigate to System | Administration.
• Under Administrator name Password, set a strong password. You can search for common passwords used online and avoid the same. This gives you better security.
• Administrator Name can also be changed if required. 

Step 2: Enable HTTP/HTTPS access only where required:

• Under Network | Interfaces, edit the WAN interface and disable the http and https management if you are not going to access the SonicWall from the WAN side. 
• Also enable only HTTPS access for the LAN.

Step 3: Create Source Specific Access Rules:  

• If you need to manage the SonicWall from your home, enable the https management on the WAN zone. Navigate to Firewall | Access Rules.
• Click on Drop down boxes and select WAN to WAN.
• You will have a HTTPS access rule that is auto-created. Edit the access rule and in the source field, create a new address object for your home IP address. 
  

  NOTE: The home IP address should be a static WAN IP.

Step 4: Implement User Authentication:

• It is recommended to implement user level authentication or use SSO agent with LDAP on the SonicWall so that the tracking can be done based on user. 

     
Step 5: Create and monitor User Account based on requirement: 

• It is not recommended to share the Password of the SonicWall. It is instead recommended to create separate user accounts for the Administrators and enable user login on the LAN Interface. The User accounts can be created and can be given limited administrator access if required.
• It is recommended to delete the admin user accounts if not needed. 

Step 6: Log Automation:  

• Log Automation feature sends the SonicWall logs to your email. You can set up automation in such a way that the logs are recieved if there is any critical issue with the device or any alert log. To configure automation, please go through the KB article 3800. 

Step 7: Use of Reporting Software:

• You can use Reporting Softwares like Analyzer that collect the SonicWall logs and give you a consolidated daily/weekly report of the activities based on the logs generated. 

Step 8: Storage of Backup Settings:

• To take a backup of the current settings on the SonicWall, navigate to System | Settings and click on Export Settings. Store a good known backup file with you at all times as a best practice, please refer KB article 5645