1. Manuals
  2. Brands
  3. Dell Manuals
  4. Firewall
  5. NSA E8500
  6. Getting started manual

Dell NSA E8500 Getting Started Manual

Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
Dell SonicWALL E-Class NSA Appliances
NSA E8500
NET WORK SECURIT Y
Getting Started Guide

Advertisement

Table of Contents
loading

Related Manuals for Dell NSA E8500

Summary of Contents for Dell NSA E8500

  • Page 1 Dell SonicWALL E-Class NSA Appliances NSA E8500 NET WORK SECURIT Y Getting Started Guide...
  • Page 2 WARNING: A WARNING indicates a potential for property damage, personal injury, or death. © 2013 Dell, Inc. Trademarks: Dell™, the DELL logo, SonicWALL™, SonicWALL GMS™, SonicWALL Analyzer™, Reassembly-Free Deep Packet Inspection™, Dynamic Security for the Global Network™, SonicWALL Dynamic Support 24x7™, SonicWALL Comprehensive Gateway Security Suite™, SonicWALL McAfee Client/Server Anti-Virus Suite™, and all other SonicWALL product and service names and slogans...

  • Page 3: In This Guide

    In this Guide Welcome to Dynamic Security for the Global Network™. The Dell SonicWALL E-Class Network Security Appliance (NSA) E8500 is designed to be the most scalable, reliable, and best performing multifunction appliance in its class. This Getting Started Guide provides instructions for basic installation and configuration of the Dell SonicWALL NSA E8500.

  • Page 4: Table Of Contents

    This Getting Started Guide contains the following sections: Chapter 1 Sections Include Pre-Configuration Tasks - page 6 • Check Package Contents - page 7 • Obtain Configuration Information - page 8 • The Front Panel - page 10 • The Back Panel - page 11 •...
  • Page 5 • Dynamic Tooltips - page 59 • Dell SonicWALL Live Product Demos - page 59 • Dell SonicWALL Secure Wireless Network Integrated Solutions Guide - page 60 Chapter 6 Sections Include Rack Mounting Instructions - page 62 • Rack Mounting Instructions...

  • Page 6: Pre-Configuration Tasks

    Pre-Configuration Tasks In this Section: This section provides pre-configuration information. Review this section before setting up your Dell SonicWALL NSA E8500. • Check Package Contents - page 7 • Obtain Configuration Information - page 8 • The Front Panel - page 10 •...

  • Page 7: Check Package Contents

    Network Security Appliance E8500 Dell SonicWALL E-Class NSA Appliances NET WORK SECURIT Y NSA E8500 Getting Started Guide (x2) Missing Items? If any items are missing from your package, contact Dell SonicWALL Support: Web: http://www.sonicwall.com/us/Support.html Email: customer_service@sonicwall.com | Check Package Contents...

  • Page 8: Obtain Configuration Information

    Networking Information Obtain Configuration Information LAN IP Address: Select a static IP address for your Dell SonicWALL appliance that is within the range of your local subnet. If you are Please record and keep the following setup information: unsure, you can use the default IP address (192.168.168.168).
  • Page 9 Obtain Internet Service Provider (ISP) Information Record the following information about your current Internet service: If You connect Please record using DHCP No information is usually required: Some providers may require a Host name: Static IP IP Address: Subnet Mask: Default Gateway: Primary DNS: DNS 2 (optional):...

  • Page 10: The Front Panel

    The Front Panel Console Port X4-X7 (SFP) Access the SonicOS Command Line Interface (CLI) via the DB9 -> RJ45 cable Hot-pluggable “small form-factor pluggable transceiver” interfaces Control Buttons for high speed fiber or copper Navigate the LCD screen Ethernet communication LCD Screen HA Port Interface to display status, make...

  • Page 11: The Back Panel

    The Back Panel Fans (2) Dual auto-throttling fans for system temperature control Power Supplies (2) Expansion Bay For SonicWall approved Dual power supplies for redundant AC power and added reliability expansion modules Field conversion is available to convert to DC mains DC power supplies use different input connector and power cables Warning: Potential Hazard from Fan This manual contains specific warning and caution statements where they apply.

  • Page 12: Front Bezel Control Features

    Setup Wizard’s automatic launch at startup. The Dell SonicWALL NSA E8500 is equipped with a front panel bezel interface that allows an administrator to customize certain aspects of the appliance or simply monitor its status without LCD Control Buttons having to log into it through a separate terminal.

  • Page 13: Main Menu

    Main Menu Status Upon booting the LCD display will initially show the Main Menu. The Status menu allows you to view specific aspects of the The menu is made up of four options: appliance. Once selected, the LCD displays the Status List. This list is navigated using the Up and Down buttons.

  • Page 14: Configuration Options

    Configure The Configure Menu allows you to configure specific aspects of the appliance. Once selected, the LCD will display a PIN request. If you choose yes, the screen notifies you that the settings are updated. Note: The Default PIN is 76642. This number spells SONIC on a phone keypad.
  • Page 15 LCD will display a confirmation prompt. Select Y for yes and press the Right button to confirm. The appliance will change to SafeMode. Once SafeMode is enabled, the Dell SonicWALL NSA E8500 must be controlled from the Web management interface. | Front Bezel Control Features...

  • Page 16: Lan Ip Configuration Example

    10. Edit X1 IP: 11. Press Right ten times to select the tenth digit. The Dell SonicWALL NSA E8500 is assigned the default LAN IP of 192.168.168.168. The following example provides steps for 12. Press UP or Down until the cursor displays 0.
  • Page 17 | LAN IP Configuration Example...

  • Page 18: Registering Your Appliance

    - page 21 • Registering a Secondary Appliance - page 22 Note: Registration is an important part of the setup process and is necessary in order to receive the benefits of Dell SonicWALL security services, firmware updates, and technical support.

  • Page 19: Before You Register

    MySonicWALL to associate a secondary unit that can share the Security Services licenses with your primary Dell SonicWALL appliance. Note: Your Dell SonicWALL NSA E8500 does not need to be powered on during account creation or during the MySonicWALL registration and licensing process.

  • Page 20: Creating A Mysonicwall Account

    • Registration Next Steps - page 23 Product Registration You must register your Dell SonicWALL NSA E8500 on MySonicWALL to enable full functionality. Login to your MySonicWALL account. If you do not have an account, you can create one at: www.mysonicwall.com...
  • Page 21 You can purchase additional services now or • Consulting Services: at a later time. • Implementation Service The following products and services are available for the Dell • GMS Preventive Maintenance Service SonicWALL NSA E8500: To manage your licenses, perform the following tasks: •...
  • Page 22 Activation Key field and then click Submit. Depending on the product, you will see an Expire date or a license key To ensure that your network stays protected if your Dell string in the Status column when you return to the Service SonicWALL appliance has an unexpected failure, you can Management page.
  • Page 23 Continue. The screen only displays units that are not already associated with other appliances. Your Dell SonicWALL NSA E8500 or E8500 HA Pair is now On the Service Management - Associated Products page, registered and licensed on MySonicWALL. To complete the...

  • Page 24: Deployment Scenarios

    Deployment Scenarios In this Section: This section provides detailed overviews of advanced deployment scenarios as well as configuration instructions for connecting your Dell SonicWALL NSA E8500. • Selecting a Deployment Scenario - page 25 • Scenario A: NAT/Route Mode Gateway - page 26 •...

  • Page 25: Selecting A Deployment Scenario

    An NSA appliance in addition to an existing C - L2 Bridge Mode gateway appliance. Existing Dell SonicWALL gateway appliance An NSA appliance in addition to an existing Dell B - NAT with State Sync Pair SonicWALL gateway appliance. Network Security Appliance...
  • Page 26 Scenario A: NAT/Route Mode Gateway For new network installations or installations where the Dell SonicWALL NSA E8500 is replacing the existing network SonicWALL NSA E-Class gateway. In this scenario, the NSA E8500 is configured in NAT/Route ISP 1 Network Security Appliance E8500 Internet mode to operate as a single network gateway.

  • Page 27: Configuring A Stateful Ha Pair

    In this scenario, one NSA E8500 operates as the primary SonicWALL NSA E-Class 2 gateway device and the other NSA E8500 is in passive mode. SonicWALL HA/Failover Pair All network connection information is synchronized between the...

  • Page 28: Configuring L2 Bridge Mode

    WLAN Zone LAN Zone appliance integration. Using L2 Bridge Mode, a Dell SonicWALL security appliance can be non-disruptively added to any Ethernet network to provide in-line deep-packet inspection for IPv4 TCP and UDP traffic.

  • Page 29: Initial Setup

    This section provides initial configuration instructions for Internet Explorer 8.0, 9.0, and 10.0 (do not use compatibility mode) connecting your Dell SonicWALL NSA E8500. Follow these steps if you are setting up Scenario A, B, or C. Firefox 16.0 or higher...

  • Page 30: Connecting The Lan Port

    The Power LEDs on the front panel light up blue when you plug in the Dell SonicWALL NSA E8500. The Alarm LED may light up and the Test LED will light up and may blink while the appliance performs a series of diagnostic tests.

  • Page 31: Accessing The Management Interface

    Using the Setup Wizard The computer you use to manage the Dell SonicWALL NSA If you cannot connect to the Dell SonicWALL NSA E8500 or the E8500 must be set up to accept a dynamic IP address, or it Setup Wizard does not display, verify the following must have an unused IP address on the 192.168.168.x/24...

  • Page 32: Connecting To Your Network

    LAN port. However, if a DHCP server is network settings from the DHCP server in the Dell already active on your LAN, the NSA E8500 will disable its own SonicWALL security appliance. DHCP server to prevent conflicts.

  • Page 33: Activating Licenses In Sonicos

    MySonicWALL if the appliance has Internet access during initial setup. If initial setup is already complete, you can synchronize To obtain a new SonicOS firmware image file for your Dell licenses from the System > Licenses page. SonicWALL NSA E8500, connect to your MySonicWALL...
  • Page 34 Saving a Backup Copy of Your Preferences Upgrading the Firmware Before beginning the update process, make a system backup of Perform the following steps to upload new firmware to your Dell your Dell SonicWALL NSA E8500 appliance configuration SonicWALL NSA E8500 and use your current configuration settings.
  • Page 35 The Test light starts blinking when the NSA E8500 appliance has rebooted into SafeMode. If you are unable to connect to the Dell SonicWALL NSA E8500 Point the Web browser on your computer to appliance’s management interface, you can restart the 192.168.168.168.
  • Page 36 Note: Use the table below to complete setup for your scenario. Look for this “Next” icon to guide you to the next section. This section provides instructions for configuring a pair of Dell SonicWALL NSA E8500 appliances for high availability (HA). This section is relevant to administrators following deployment...

  • Page 37: Configuring High Availability

    100Mbps hub/switch is also valid. number for the secondary Dell SonicWALL appliance. You can find the serial number on the bottom of the Dell SonicWALL security appliance, or in the System > Status screen of the secondary unit. The serial number for the primary Dell SonicWALL is automatically populated.
  • Page 38 Enable Preempt Mode checkbox. minimum and default is 3 probes, and the maximum is 10. To backup the firmware and settings when you upgrade the Typically, Dell SonicWALL recommends leaving the firmware version, select Generate/Overwrite Backup Failover Trigger Level (missed heart beats), Election Firmware and Settings When Upgrading Firmware.
  • Page 39 Configuring HA Monitoring Settings • The Election Delay Time can be used to specify an amount of time the appliance will wait to consider an After configuring the HA settings, you need to configure the interface up and stable before one of them takes the Monitoring settings for the LAN or WAN.This includes primary role.
  • Page 40 Primary Dell SonicWALL device. The secondary Dell SonicWALL security appliance should quickly take over. Once you have configured the HA setting on the Primary Dell SonicWALL security appliance, click the Synchronize Settings From your management workstation, test connectivity through button.
  • Page 41 The management interface should now display You can configure HA license synchronization by associating Logged Into: Backup SonicWALL Status: Active in the two Dell SonicWALL security appliances as HA Primary and HF upper-right-hand corner. secondary on MySonicWALL. Note that the secondary...
  • Page 42 On the Service Management - Associated Products page, scroll down to the Associated Products section. Note: After registering new Dell SonicWALL appliances on Under Associated Products, click HF Secondary. MySonicWALL, you must also register each appliance On the My Product - Associated Products page, in the text...
  • Page 43 Configuring the Secondary Bridge Interface - page 44 Connection Overview Connect the X1 port on your Dell SonicWALL NSA E8500 to the LAN port on your existing Internet gateway device. Then connect the X0 port on your NSA E8500 to your LAN resources.
  • Page 44 Configuring the Secondary Bridge Interface Note: Do not enable Never route traffic on the bridge-pair Complete the following steps to configure the Dell SonicWALL unless your network topology requires that all packets NSA E8500 appliance: entering the L2 Bridge remain on the L2 Bridge Navigate to the Network >...
  • Page 45 | Configuring L2 Bridge Mode...

  • Page 46: Additional Deployment Configuration

    Additional Deployment Configuration In this Section: This section provides basic configuration information to begin building network security policies for your deployment. This section also contains several SonicOS diagnostic tools and a deployment configuration reference checklist. • An Introduction to Zones and Interfaces - page 47 •...

  • Page 47: An Introduction To Zones And Interfaces

    The security features and settings configured for the zones are enforced by binding a zone to one or more physical interfaces Deny (such as, X0, X1, or X2) on the Dell SonicWALL NSA E8500. WAN and DMZ LAN or WLAN...

  • Page 48: Creating A Nat Policy

    SonicOS supports inbound port forwarding, it is possible to hide • Network—Network Address Objects are like Range objects in multiple internal servers off the WAN IP address of the Dell that they comprise multiple hosts, but rather than being bound SonicWALL appliance.

  • Page 49: Configuring Address Objects

    • Custom Address Objects—displays Address Objects with Click OK. custom properties. • Default Address Objects—displays Address Objects configured by default on the Dell SonicWALL appliance. To add an Address Object: Navigate to the Network > Address Objects page. Below the Address Objects table, click Add.
  • Page 50 IPs 11. Select the Enable NAT Policy checkbox. are translated from the IP address of the Dell SonicWALL 12. Select the Create a reflexive policy checkbox if you want appliance WAN port to the IP address of the internal web a matching NAT Policy to be automatically created in the server.

  • Page 51: Enabling Security Services In Sonicos

    Anti-Spyware Enabling Security Services in SonicOS You must enable each security service individually in the SonicOS user interface. See the following procedures to enable and configure the following three basic security services: Gateway Anti-Virus For more information on configuring your security services, refer to the SonicOS Administrator’s Guide.

  • Page 52: Applying Security Services To Zones

    For example, you can • Using the Active Connections Monitor - page 53 configure Dell SonicWALL Intrusion Prevention Service for incoming and outgoing traffic on the WLAN zone to add more security for internal network traffic. To apply services to network zones: Navigate to the Network >...

  • Page 53: Using Ping

    OR. The Ping test bounces a packet off a machine on the Internet and returns it to the sender. This test shows if the Dell SonicWALL appliance is able to contact the remote host. If...

  • Page 54: Chapter 5 Support And Training Options

    Support and Training Options In this Section This section provides overviews of customer support and training options for the Dell SonicWALL NSA E8500. • Customer Support - page 55 • Knowledge Portal - page 55 • User Forums - page 56 •...

  • Page 55: Customer Support

    Designed for customers with Dell SonicWALL E-Class The Knowledge Portal is a resource which allows users to solutions, Dell SonicWALL E-Class Support 24x7 delivers the search for Dell SonicWALL documents based on the following enterprise-class support features and quality of service that types of search tools: enterprise companies require to keep their networks running •...

  • Page 56: User Forums

    User Forums The Dell SonicWALL User Forums is a resource that provides users the ability to communicate and discuss a variety of security and appliance subject matters. In this forum, the following categories are available for users: • Content Security Manager topics •...

  • Page 57: Training

    Training Dell SonicWALL offers an extensive sales and technical training curriculum for Network Administrators, Security Experts and Dell SonicWALL Medallion Partners who need to enhance their knowledge and maximize their investment in Dell SonicWALL Products and Security Applications. Dell SonicWALL Training provides the following resources for its customers: •...

  • Page 58: Related Documentation

    • RF Management • Single Sign On • SSL Control • Virtual Access Points • Dell SonicWALL GVC Administrator’s Guide • Dell SonicWALL GMS Administrator’s Guide • Dell SonicWALL GAV Administrator’s Guide • Dell SonicWALL IPS Administrator’s Guide • Dell SonicWALL Anti-Spyware Administrator’s Guide •...

  • Page 59: Dynamic Tooltips

    Dell SonicWALL Live Product Demos SonicOS features dynamic tooltips that appear over various The Dell SonicWALL Live Demo Site provides free test drives of elements of the GUI when the mouse hovers over them. Dell SonicWALL security products and services through...

  • Page 60: Dell Sonicwall Secure Wireless Network Integrated Solutions Guide

    Network Integrated Solutions Guide Looking to go wireless? Have questions about what it takes to build a truly “secure” wireless network? Check out the Dell SonicWALL Secure Wireless Network Integrated Solutions Guide. This book is the official guide to Dell SonicWALL’s market-leading wireless networking and security devices.
  • Page 61 | Dell SonicWALL Secure Wireless Network Integrated Solutions Guide...

  • Page 62: Chapter 6 Rack Mounting Instructions

    Rack Mounting Instructions In this Section: This section provides illustrated rack mounting instructions for the Dell SonicWALL NSA E8500. • Rack Mounting Instructions - page 63 Note: For more information on rack mounting requirements, see the Safety and Regulatory Information...

  • Page 63: Rack Mounting Instructions

    Rack Mounting Instructions Assemble the Slide Rail Fasten 4 screws to the rail. WASHERS*8 M4 SCREW*8 | Rack Mounting Instructions...
  • Page 64 Assemble the Slide Rail Fasten two-sided screws to the rail. M5 SCREW*8 M5 Nut*8...
  • Page 65 Assemble Inner Rail to Chassis Fasten 6 screws to attach the inner channel onto the chassis. M4 SCREW*6 | Rack Mounting Instructions...
  • Page 66 Insert Chassis to Frame Slide inner channel into rails. Push hook down to separate.
  • Page 67 | Rack Mounting Instructions...

  • Page 68: Product Safety And Regulatory Information

    Product Safety and Regulatory Information In this Section: This section provides regulatory along with trademark and copyright information. • Safety and Regulatory Information - page 69 • Warranty Information - page 73 • Copyright Notice - page 73...

  • Page 69: Safety And Regulatory Information

    • Mount the Dell SonicWALL appliances evenly in the rack in order to prevent a hazardous condition caused by uneven mechanical loading.
  • Page 70 The Lithium Battery used in the Dell SonicWALL Internet security appliance may alle vier Befestigungen der Montageschien verwendet werden. not be replaced by the user. The appliance must be returned to a Dell SonicWALL • Ein angemessen dimensionierter und geprüfte Sicherung, sollte Bestandteil der authorized service center for replacement with the same or equivalent type Haus-Installation sein.
  • Page 71 •將 戴爾 SonicWALL 裝置平坦地裝設在機架中,如此才能避免 Lithiumbatterie darf nicht vom Benutzer ausgetauscht werden. Zum Austauschen 因不均勻的機械負荷造成危險狀況。 der Batterie muss die Dell SonicWALL in ein von Dell SonicWALL autorisiertes Service-Center gebracht werden. Dort wird die Batterie durch denselben oder •必須使用四顆與機架設計相容的安裝螺釘,並用手鎖緊螺釘, entsprechenden, vom Hersteller empfohlenen Batterietyp ersetzt. Beachten Sie 確定安裝牢固。選擇一個安裝位置,將四個裝載洞孔對齊...
  • Page 72 線) 。此導體必須連接到安全接地電路。 Caution: Modifying this equipment or using this equipment for purposes not shown •切勿在交流電源線還連接著電源時移除或安裝電源。 in this manual without the written consent of Dell, Inc. could void the user’s authority to operate this equipment. •當安裝及後續接觸產品背面之後,必須用工具將指旋螺釘鎖 緊。 BMSI Statement 警告使用者:...

  • Page 73: Warranty Information

    Application of council Directive 2004/108/EC (EMC) and 2006/95/EC (LVD) Standards to which conformity is declared All Dell SonicWALL appliances come with a 1-year Limited Hardware Warranty EN 55022 (2006) +A1 (2007) Class A which provides delivery of critical replacement parts for defective parts under EN 55024 (1998) +A1 (2001), +A2 (2003) warranty.

Table of Contents