-
Products
-
SonicPlatform
SonicPlatform is the cybersecurity platform purpose-built for MSPs, making managing complex security environments among multiple tenants easy and streamlined.
Discover More
-
-
Solutions
-
Federal
Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn MoreFederalProtect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn More - Industries
- Use Cases
-
-
Partners
-
Partner Portal
Access to deal registration, MDF, sales and marketing tools, training and more
Learn MorePartner PortalAccess to deal registration, MDF, sales and marketing tools, training and more
Learn More - SonicWall Partners
- Partner Resources
-
-
Support
-
Support Portal
Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn MoreSupport PortalFind answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn More - Support
- Resources
- Capture Labs
-
- Company
- Contact Us
What is Stealth Mode?
05/12/2023 
145 People found this article helpful
489,173 Views
Description
What is Stealth Mode?
Resolution
Normally, when a connection is attempted to the SonicWall or a node behind it from the WAN or DMZ, the SonicWall sends a reset packet back to the client that initiated the connection then drops it. This is the correct behavior based on the IP protocol specifications. However, some users prefer that security devices not respond at all, as any response confirms that a device exists at the IP address to which the client tried to connect. If the security device does not respond, the result is as if the remote node is trying to connect to an IP address that is not assigned to anything. This is known as stealth mode.
By default, the SonicWall responds to any denied connection with a reset packet. The SonicWall can be configured to operate in stealth mode by selecting the option on the appropriate page:
- Firmware 6.X (and prior): on the Access > Services tab
- SonicOS Standard: on the Firewall | Access Rules | Advanced page
- SonicOS Enhanced: on the Firewall | Advanced page
- SonicOS 6.5 : Navigate to the Manage | Firewall Settings | Advanced Settings
- SonicOS 7.X ( Gen 7 ) : Navigate to the Network | Firewall | Advanced | Settings
If the SonicWall firewall appliance is running SonicOS Enhanced firmware, it is possible to enable stealth mode for specific access rules. When creating new access rules on the Firewall > Access Rules page, traffic may be blocked by specifying either the "deny" or "discard" action. Choosing the deny action means that a reset packet will be sent to the machine requesting the blocked traffic. Choosing the discard action means that no reset packet will be sent in response to blocked traffic. Instead, the firewall will act as though it were in stealth mode for the access rule in question.
Related Articles
- How to Block Google QUIC Protocol on SonicOSX 7.0?
- How to block certain Keywords on SonicOSX 7.0?
- How internal Interfaces can obtain Global IPv6 Addresses using DHCPv6 Prefix Delegation
Categories
- Firewalls > TZ Series
- Firewalls > SonicWall SuperMassive E10000 Series
- Firewalls > SonicWall SuperMassive 9000 Series
- Firewalls > SonicWall NSA Series
YES
NO