SonicWALL 5.8.1 Microscope & Magnifier User Manual


  Open as PDF
of 1490
 
Introduction
47
SonicOS 5.8.1 Administrator Guide
L2 Bridge Mode employs a secure learning bridge architecture, enabling it to pass and
inspect traffic types that cannot be handled by many other methods of transparent security
appliance integration. Using L2 Bridge Mode, a SonicWALL security appliance can be non-
disruptively added to any Ethernet network to provide in-line deep-packet inspection for all
traversing IPv4 TCP and UDP traffic. Unlike other transparent solutions, L2 Bridge Mode
can pass all traffic types, including IEEE 802.1Q VLANs, Spanning Tree Protocol,
multicast, broadcast, and IPv6, ensuring that all network communications will continue
uninterrupted.
L2 Bridge Mode provides an ideal solution for networks that a
lready have an existing
firewall, and do not have immediate plans to replace their existing firewall but wish to add
the security of SonicWALL Unified Threat Management (UTM) deep-packet inspection,
such as Intrusion Prevention Services, Gateway Anti-Virus, and Gateway Anti Spyware.
The following feature enhancements are included in SonicOS Enhanced 5.0 and higher:
Enhanced Packet Capture - Enhanced Packet Capture contains improvements in both
functionality and flexibility, including the following:
Capture control mechanism with improved granularity for custom filtering
Display filter settings independent from capture filter settings
Packet status indicating dropped, forwarded, generated, or consumed
Three-window output in the user interface that provides the packet list, decoded output
of selected packet, and hexadecimal dump of selected packet
Export capabilities that include text, HTML, hex dump, and CAP file format
Automatic buffer export to FTP server when full
Bidirectional packet capture based on IP address and port
Configurable wrap-around of capture buffer when full
User Authentication - There are a number of enhancements to user authentication,
including optional case-sensitive user names, optional enforcement of unique login names,
support for MSCHAP version 2, and support for VPN and L2TP clients changing expired
passwords (when that is supported by the back-end authentication server and protocols
used). Note that for this purpose there is a new setting on the VPN > Advanced page to
cause RADIUS to be used in MSCHAP mode when authenticating VPN client users.
IP Helper Scalability - The IP Helper architecture is enhanced to support large networks.
Improvements include changes to DHCP relay and Net-BIOS functionality. DHCP relay
over VPN is now fully integrated.
Diagnostics Page Tool Tips - Self-documenting mouseover descriptions are provided for
diagnostic controls in the graphical user interface.
BWM Rate Limiting - The Bandwidth Management feature is enhanced to provide rate
limiting functionality. You can now create traffic policies that specify maximum rates for
Layer 2, 3, or 4 network traffic. This enables bandwidth management in cases where the
primary WAN link fails over to a secondary connection that cannot handle as much traffic.
DHCP Client Reboot Behavior Control - In SonicOS Enhanced 5.0 and higher, you can
configure the WAN DHCP client to perform a DHCP RENEW or a DHCP DISCOVERY
query when attempting to obtain a lease. The previous behavior was to always perform a
RENEW, which caused lease failures on some networks, particularly certain cable modem
service providers. The new behavior it to perform a DISCOVERY, but it is configurable. A
checkbox has been added to the Network > Interfaces > WAN >DHCP Client page:
Enabled: when the appliance reboots, the DHCP client performs a DHCP RENEW
query.