Using this Document

This document has been redesigned to provide a summary of an end-to-end deployment and configuration. It offers a brief overview of the necessary steps and refers to other guides for more detailed information when needed. The document begins by explaining how to connect to and prepare the firewall. Following that, it outlines the best practices for enabling features for a typical TZ Series use case.

Preparing and Connecting the Firewall
Prerequisites	Describes those chores that need to be done before you start configuring your firewall. See Prerequisites
Preparing the Firewall	Summarizes the steps to run the setup wizard, diagnose connectivity issues, configure the LAN settings, and update the firmware. See Preparing the Firewall
Configuring Features and Options
Zones and Policies	Overview of security zones and their implementation in SonicOS is provided. The concept of grouping interfaces into logical entities for easier management and consistent policy application is explained, along with information about predefined security zones, default zone settings, and access rules. For more information on Zones refer to SonicOS 8 Objects Guide and Policies refer to SonicOS 8 Rules and Policies Administration Guide for Classic Mode. See Zones and Policies
Using Capture ATP and RTDMI	Describes the Capture ATP, a security solution that uses a multi-engine sandbox and Real-Time Deep Memory Inspection™ (RTDMI) to detect and stop Zero-day threats in real time. It shares threat intelligence across platforms and effectively detects previously unknown threats, analyzing over 100,000 malware samples and events daily. For more information on Capture ATP refer to SonicOS 8 Capture ATP Administration Guide. See Using Capture ATP and RTDMI
Security Services	The SonicOS 8 framework provides various security services such as Gateway Anti-Virus, Anti-Spyware, Intrusion Prevention, Geo-IP filtering, Botnet Filter, Application Control, and Content Filtering. These services can be used together to enhance environmental protection. For more information on Security Services refer to SonicOS 8 Security Services Administration Guide.
SNMP	SNMP (Simple Network Management Protocol) is a network protocol used with the User Datagram Protocol (UDP) to monitor the status of the SonicWall Security Appliance and receive notifications of critical events on the network. The SonicWall Security Appliance supports SNMP v1/v2c/v3 and most Management Information Base II (MIB-II) groups, except egp and at. SNMPv3 enhances security by authenticating and encrypting packets. For information on SNMP refer to SonicOS 8 Firewall Administration Guide
Email Automation Setup and Tuning	Automate email dispatch for log and alert management, including recipient addresses, manual or automatic sending, dispatch frequency, and email format. Additionally, automate email audit records, health check notifications, mail server settings, and FTP log automation, while identifying similarities between email and FTP log automation processes. For information on Email Automation Setup and Tuning refer to SonicOS 8 Device Log Administration Guide. See Email Automation Setup and Tuning
User Authentication	Describes how to set up user authentication, user reporting, and session tracking on a network firewall. It covers LDAP authentication, user status monitoring, and the use of Single Sign-On (SSO) for better visibility into user activities. It also discusses alternative methods for implementing SSO, such as using SonicWall's agents and the Directory Services Connector for integrating with directory services. For information on user authentication refer to SonicOS 8 Users Administration Guide. See User Authentication
Syslog Setup	The syslog server is a centralized system for logging. It collects error and system logs in one place and coordinates system events across multiple systems. The logs can then be sent to a SIEM/XDR platform for a Security Operations Center (SOC) to monitor. For information on syslog setup refer to SonicOS 8 Device Log Administration Guide. See Syslog Setup
DPI-SSL	DPI-SSL decrypts and inspects encrypted internet traffic, enhancing security and preventing data leakage for HTTPS and other SSL/TLS-based traffic. It can be deployed in Client DPI-SSL and Server DPI-SSL scenarios. For information on DPI-SSL refer to SonicOS 8 DPI SSL Administration Guide. See DPI-SSL
AppFlow Reporting and Monitoring	AppFlow feature helps manage firewall flow reporting and statistics in various formats. It allows users to effectively monitor and assess firewall performance. For information on AppFlow reporting and monitoring refer to SonicOS 8 AppFlow Device Administration Guide and SonicOS 8 Monitor Guide. See AppFlow Reporting and Monitoring