SMB SSL-VPN: What is the recommended SRA deployment

Description

What is the recommended and most common deployment of SRA appliances ?

Resolution

One-port mode (one arm deployment), where only the X0 interface is utilized, and the appliance is placed in a separated, protected “DMZ” network/interface of a SonicWall security appliance, such as the SonicWall TZ appliance or NSA appliance.

 

This method of deployment offers additional layers of security control plus the ability to use SonicWall’s Unified Threat Management (UTM) services, including Gateway Anti-Virus, Anti-Spyware, Content Filtering and Intrusion Prevention, to scan all incoming and outgoing NetExtender traffic.

 

SRA can be deployed in either a new DMZ zone or an existing one:

Image

 

SRA can also be deployed in the LAN (this method is less common and less recommended). All three recommended deployments are covered by the getting started guides:

 

http://support-public.cfm.quest.com/34409_SMA_200_400_GettingStartedGuide.pdf

 

 

Related Articles

  • How to Provision SMA1000 in Monthly Billing (MSSP Program)
    Read More
  • SMA 1000 Series Support Matrix
    Read More
  • How to Configure SAML 2.0 SSO with Microsoft Entra ID for SonicWall SMA 1000 Series
    Read More

Categories

Secure Mobile Access
SMA 100 Series
not finding your answers?
Ask the Community
Chat