Filter
Top Products
Introduction
44
SonicOS 5.8.1 Administrator Guide
connections. Once the primary and backup appliances have been associated as a high
availability pair on mysonicwall.com, you can enable this feature by selecting Enable
Stateful Synchronization in the High Availability > Advanced page.
• Application Firewall - Application Firewall provides a way to create application-specific
policies to regulate Web browsing, file transfer, email, and email attachments. Application
Firewall enables application layer bandwidth management, and also allows you to create
custom policies for any protocol. It gives you granular control over network traffic on the
level of users, email users, and IP subnets.
• HTTPS Filtering - HTTPS Filtering allows administrators to control user access to Web
sites when using the encrypted HTTPS protocol. HTTPS Filtering is based on the ratings
of Web sites, such as Gambling, Online Banking, Online Brokerage and Trading, Shopping,
and Hacking/Proxy Avoidance.
Note HTTPS Filtering is IP-based, so IP addresses must be used rather than domain
names in the Allowed or Forbidden lists. You can use the nslookup command in a
DOS cmd window to convert a domain name to its IP address(es). There may be
more than one IP address associated with a domain, and if so, all must be added to
the Allowed or Forbidden list.
• SSL Control - SSL Control is a system that provides visibility into the handshake of Secure
Socket Layer (SSL) sessions, and a method for configuring policies to control the
establishment of SSL sessions.
• Certificate Blocking - The certificate blocking feature provides a way to specify which
HTTPS certificates to block. This feature is closely integrated with SSL Control.
• Inbound NAT Load Balancing with Server Monitoring - Inbound NAT Load Balancing
with Server Monitoring detects when a server is unavailable and stops forwarding requests
to it. Inbound NAT Load Balancing spreads the load across two or more servers. When
Stateful High Availability (Stateful High Availability) is configured, during a failover,
SonicOS forwards all requests to the alternate server(s) until it detects that the offline
server is back online. Inbound NAT Load Balancing also works with SonicWALL SSL VPN
appliances.
• Top Global Malware Report Page - The Top Global Malware page in the user interface
displays a summary of threats stopped by the SonicWALL security appliance. The Security
shows two types of reports:
–
A Global Report that displays a summary of threat data received from all SonicWALL
security appliances worldwide.
–
An Individual Appliance Report that displays a summary of attacks detected by the local
SonicWALL security appliance.
• Registration & License Wizard - As part of the Top Global Malware page, SonicOS
Enhanced provides a License Wizard for both firewall registration and the purchase of
security service licenses. The available security services are the same as those that enable
Global Reports by providing threat data from SonicWALL devices around the world.
• Multiple SSH Support - SonicOS Enhanced provides support for multiple concurrent SSH
sessions on the SonicWALL security appliance. When connected over SSH, you can run
command line interface (CLI) commands to monitor and manage the device. The number
of concurrent SSH sessions is determined by device capacity. Note that only one session
at a time can configure the SonicWALL, whether the session is on the GUI or the CLI (SSH
or serial console). For instance, if a CLI session goes to the config level, it will ask you if
you want to preempt an administrator who is at config level in the GUI or an SSH session.