:::: MENU ::::
Posts tagged with: SonicWall

Indy Motor Speedway

After a great morning session (see Session 1 and Session 2 for Notes for the details of the info presented in the Road Show Presentation) at the the Sonicwall Road show presentations we headed over to the Indy Motor Speedway for the lunch and afternoon festivities.

Sonicwall provided lunch in one of suites above the track near the start/finish line.  There was an awesome spread of food and great conversation.

After lunch we headed to the Garages and Pit Road during the Firestone Indy Lights Qualifying.  We had a great time checking out the cars of the Indy Cup drivers as well as the Indy Lights.

Here are some photos from the afternoon… go here for all the photos.

Sonicwall Road Show @ Indy Speedway Sonicwall Road Show @ Indy Speedway
Sonicwall Road Show @ Indy Speedway Sonicwall Road Show @ Indy Speedway
Sonicwall Road Show @ Indy Speedway Sonicwall Road Show @ Indy Speedway
Sonicwall Road Show @ Indy Speedway Sonicwall Road Show @ Indy Speedway
Sonicwall Road Show @ Indy Speedway Sonicwall Road Show @ Indy Speedway

Sonicwall Roadshow Part 2

CDP Demo

Dee Bhatia – CDP Regional Sales Manager


Slides of CDP “Suite
Local Backup
CDP to Local Archive
Bare Metal – Acronis Backup w/ Sonicwall Logo




Neil Jones
Email Security Specialist

Spam Math: 2005 30 billion per day 2009 140 billion messages per day
Does Spam Pay: Howard Carmack sends 10m emails per day earns $200k per year


Product Updates:
Backspatter Attacks were added Last fall
Apply Real-Time reputation to an email’s text, picture, URL, etc

“5 Minute updates is key, Updates once per hour is not sufficient [for spam filtering]”.

Leverage the 1million plus firewalls and offer customers basic Spam services as a add-on to the existing products.

Sonicwall Demo Site: LiveDemo.Sonicwall.com


Available Promotions
”Three and Free” buy three years of UTM and get the appliance free

Sonicwall Roadshow Part 1

Sonicwall RoadShowDolph Smith– Sonicwall SE

One of the largest threats we face is the content “we” create: Wikipedia, Facebook, etc.

Not every threat is web based.


Dave Perry – Director of Software Engineering

Ten Things your Firewall Should Do
What are your employees doing? Web Surfing, Twitter, Facebook, Downloading files, IM, Video, Games, Email

Facts at work:
25% of employees do peer to peer sharing
16% of men 8% of women admit viewing pornography at work
25% of the office internet traffic is non-business related

Non-Traditional Malware
Prediction – Malware disguised as “Benign social networking links” will be the top threat to data security in 2009 “HiJacks your need to be liked”

1. Manage Streaming video
2. Bandwidth management

3. Webmail Data Loss
4. Application use enforcement
5. Deny FTP upload
6. Keep P2p2 apps under control
7. Manage streaming music
8. Prioritize Application bandwidth
9. Block Confidential Docs
10. Block/log forbidden files


Product Updates
UTM Products

SonicOS 5.5 Update (Due out in Fall)

- SSO Improvements
- 4WAN links
- Active/Active UTM (UTM processing on HA host spare)

Content Filter “We know we have dropped the ball” we have 4 people working on that project and expect a more enterprise robust feature set by fall.

Customizing the Sonicwall Content Filter


Tweaking our Sonicwall Gear Continues, and I have to say it responds quite well to our ever changing needs.  Several of our ministries needed our content filtering tweaked for their needs but IT and our Leadership team didn’t want to open entire categories in the filter to allow specific sites across the board especially since are using that content filtering for our core network AND our public Wifi, so enter Sonicwall Single Sign On Agent (SSO).

Sonicwall has offered the SSO agent since the release of version 4 last fall, but it took us quite a while to get this project on the top of the list and get it tested before we deployed it into production.  Basically the SSO agent allows for the user’s Windows workstation to authenticate the user who is logged into that workstation against the firewall.

The configuration process is fairly basic (although because of several issues I won’t say easy). 

What you need to make this happen:

  • A Sonicwall Firewall with and active Content Filtering Service subscription and the CFS enabled
  • The Sonicwall SSO agent installed on a networked machine (in our case a virtual server)
  • A working MS Active Directory structure for your domain.
  • User(s) added to groups defined in Active Directory.

The biggest hurdle we had was the SSO agent failing on us.  We would get everything running in our test environment and then the agent service would stop and then there was no web access.  You can set the device to fail open if the SSO agent fails, but we elected to drop down to the default CSF policy for all users if the agent fails.  After we downloaded a more recent version of the SSO agent, moved it to a more stable server and that seemed to resolve that issue.

First you need to adjust the content filter to allow access to the specific sites you want to allow some users to access. 

  • The catch, you can’t allow/deny access to a specific url based on the logged-in user or group. To resolve this issue we had to first allow the specific sites we need to access through the content filter. This is a simple white list in the content filter. 
    • Note this excludes the url from all content filters
  • Then utilize the firewall, which has the AD group specific granularity you need.
    • Create a firewall rule to allow access to the sites for specified groups and deny for all others.
    • This is all of course only on the authenticated side. Other zones and non Windows machines follow the default rules and provisioned the exceptions by user. Since firewall rules are higher priority than CFS the site can be an exception in the CFS but only those who are in the allow group are able to view the site.