In this Guide Welcome to Dynamic Security for the Global Network™. The Dell SonicWALL E-Class Network Security Appliance (NSA) E8500 is designed to be the most scalable, reliable, and best performing multifunction appliance in its class. This Getting Started Guide provides instructions for basic installation and configuration of the Dell SonicWALL NSA E8500.
This Getting Started Guide contains the following sections: Chapter 1 Sections Include Pre-Configuration Tasks - page 6 • Check Package Contents - page 7 • Obtain Configuration Information - page 8 • The Front Panel - page 10 • The Back Panel - page 11 •...
Pre-Configuration Tasks In this Section: This section provides pre-configuration information. Review this section before setting up your Dell SonicWALL NSA E8500. • Check Package Contents - page 7 • Obtain Configuration Information - page 8 • The Front Panel - page 10 •...
Network Security Appliance E8500 Dell SonicWALL E-Class NSA Appliances NET WORK SECURIT Y NSA E8500 Getting Started Guide (x2) Missing Items? If any items are missing from your package, contact Dell SonicWALL Support: Web: http://www.sonicwall.com/us/Support.html Email: customer_service@sonicwall.com | Check Package Contents...
Networking Information Obtain Configuration Information LAN IP Address: Select a static IP address for your Dell SonicWALL appliance that is within the range of your local subnet. If you are Please record and keep the following setup information: unsure, you can use the default IP address (192.168.168.168).
Page 9
Obtain Internet Service Provider (ISP) Information Record the following information about your current Internet service: If You connect Please record using DHCP No information is usually required: Some providers may require a Host name: Static IP IP Address: Subnet Mask: Default Gateway: Primary DNS: DNS 2 (optional):...
The Front Panel Console Port X4-X7 (SFP) Access the SonicOS Command Line Interface (CLI) via the DB9 -> RJ45 cable Hot-pluggable “small form-factor pluggable transceiver” interfaces Control Buttons for high speed fiber or copper Navigate the LCD screen Ethernet communication LCD Screen HA Port Interface to display status, make...
The Back Panel Fans (2) Dual auto-throttling fans for system temperature control Power Supplies (2) Expansion Bay For SonicWall approved Dual power supplies for redundant AC power and added reliability expansion modules Field conversion is available to convert to DC mains DC power supplies use different input connector and power cables Warning: Potential Hazard from Fan This manual contains specific warning and caution statements where they apply.
Setup Wizard’s automatic launch at startup. The Dell SonicWALL NSA E8500 is equipped with a front panel bezel interface that allows an administrator to customize certain aspects of the appliance or simply monitor its status without LCD Control Buttons having to log into it through a separate terminal.
Main Menu Status Upon booting the LCD display will initially show the Main Menu. The Status menu allows you to view specific aspects of the The menu is made up of four options: appliance. Once selected, the LCD displays the Status List. This list is navigated using the Up and Down buttons.
Configure The Configure Menu allows you to configure specific aspects of the appliance. Once selected, the LCD will display a PIN request. If you choose yes, the screen notifies you that the settings are updated. Note: The Default PIN is 76642. This number spells SONIC on a phone keypad.
Page 15
LCD will display a confirmation prompt. Select Y for yes and press the Right button to confirm. The appliance will change to SafeMode. Once SafeMode is enabled, the Dell SonicWALL NSA E8500 must be controlled from the Web management interface. | Front Bezel Control Features...
10. Edit X1 IP: 11. Press Right ten times to select the tenth digit. The Dell SonicWALL NSA E8500 is assigned the default LAN IP of 192.168.168.168. The following example provides steps for 12. Press UP or Down until the cursor displays 0.
- page 21 • Registering a Secondary Appliance - page 22 Note: Registration is an important part of the setup process and is necessary in order to receive the benefits of Dell SonicWALL security services, firmware updates, and technical support.
MySonicWALL to associate a secondary unit that can share the Security Services licenses with your primary Dell SonicWALL appliance. Note: Your Dell SonicWALL NSA E8500 does not need to be powered on during account creation or during the MySonicWALL registration and licensing process.
• Registration Next Steps - page 23 Product Registration You must register your Dell SonicWALL NSA E8500 on MySonicWALL to enable full functionality. Login to your MySonicWALL account. If you do not have an account, you can create one at: www.mysonicwall.com...
Page 21
You can purchase additional services now or • Consulting Services: at a later time. • Implementation Service The following products and services are available for the Dell • GMS Preventive Maintenance Service SonicWALL NSA E8500: To manage your licenses, perform the following tasks: •...
Page 22
Activation Key field and then click Submit. Depending on the product, you will see an Expire date or a license key To ensure that your network stays protected if your Dell string in the Status column when you return to the Service SonicWALL appliance has an unexpected failure, you can Management page.
Page 23
Continue. The screen only displays units that are not already associated with other appliances. Your Dell SonicWALL NSA E8500 or E8500 HA Pair is now On the Service Management - Associated Products page, registered and licensed on MySonicWALL. To complete the...
Deployment Scenarios In this Section: This section provides detailed overviews of advanced deployment scenarios as well as configuration instructions for connecting your Dell SonicWALL NSA E8500. • Selecting a Deployment Scenario - page 25 • Scenario A: NAT/Route Mode Gateway - page 26 •...
An NSA appliance in addition to an existing C - L2 Bridge Mode gateway appliance. Existing Dell SonicWALL gateway appliance An NSA appliance in addition to an existing Dell B - NAT with State Sync Pair SonicWALL gateway appliance. Network Security Appliance...
Page 26
Scenario A: NAT/Route Mode Gateway For new network installations or installations where the Dell SonicWALL NSA E8500 is replacing the existing network SonicWALL NSA E-Class gateway. In this scenario, the NSA E8500 is configured in NAT/Route ISP 1 Network Security Appliance E8500 Internet mode to operate as a single network gateway.
In this scenario, one NSA E8500 operates as the primary SonicWALL NSA E-Class 2 gateway device and the other NSA E8500 is in passive mode. SonicWALL HA/Failover Pair All network connection information is synchronized between the...
WLAN Zone LAN Zone appliance integration. Using L2 Bridge Mode, a Dell SonicWALL security appliance can be non-disruptively added to any Ethernet network to provide in-line deep-packet inspection for IPv4 TCP and UDP traffic.
This section provides initial configuration instructions for Internet Explorer 8.0, 9.0, and 10.0 (do not use compatibility mode) connecting your Dell SonicWALL NSA E8500. Follow these steps if you are setting up Scenario A, B, or C. Firefox 16.0 or higher...
The Power LEDs on the front panel light up blue when you plug in the Dell SonicWALL NSA E8500. The Alarm LED may light up and the Test LED will light up and may blink while the appliance performs a series of diagnostic tests.
Using the Setup Wizard The computer you use to manage the Dell SonicWALL NSA If you cannot connect to the Dell SonicWALL NSA E8500 or the E8500 must be set up to accept a dynamic IP address, or it Setup Wizard does not display, verify the following must have an unused IP address on the 192.168.168.x/24...
LAN port. However, if a DHCP server is network settings from the DHCP server in the Dell already active on your LAN, the NSA E8500 will disable its own SonicWALL security appliance. DHCP server to prevent conflicts.
MySonicWALL if the appliance has Internet access during initial setup. If initial setup is already complete, you can synchronize To obtain a new SonicOS firmware image file for your Dell licenses from the System > Licenses page. SonicWALL NSA E8500, connect to your MySonicWALL...
Page 34
Saving a Backup Copy of Your Preferences Upgrading the Firmware Before beginning the update process, make a system backup of Perform the following steps to upload new firmware to your Dell your Dell SonicWALL NSA E8500 appliance configuration SonicWALL NSA E8500 and use your current configuration settings.
Page 35
The Test light starts blinking when the NSA E8500 appliance has rebooted into SafeMode. If you are unable to connect to the Dell SonicWALL NSA E8500 Point the Web browser on your computer to appliance’s management interface, you can restart the 192.168.168.168.
Page 36
Note: Use the table below to complete setup for your scenario. Look for this “Next” icon to guide you to the next section. This section provides instructions for configuring a pair of Dell SonicWALL NSA E8500 appliances for high availability (HA). This section is relevant to administrators following deployment...
100Mbps hub/switch is also valid. number for the secondary Dell SonicWALL appliance. You can find the serial number on the bottom of the Dell SonicWALL security appliance, or in the System > Status screen of the secondary unit. The serial number for the primary Dell SonicWALL is automatically populated.
Page 38
Enable Preempt Mode checkbox. minimum and default is 3 probes, and the maximum is 10. To backup the firmware and settings when you upgrade the Typically, Dell SonicWALL recommends leaving the firmware version, select Generate/Overwrite Backup Failover Trigger Level (missed heart beats), Election Firmware and Settings When Upgrading Firmware.
Page 39
Configuring HA Monitoring Settings • The Election Delay Time can be used to specify an amount of time the appliance will wait to consider an After configuring the HA settings, you need to configure the interface up and stable before one of them takes the Monitoring settings for the LAN or WAN.This includes primary role.
Page 40
Primary Dell SonicWALL device. The secondary Dell SonicWALL security appliance should quickly take over. Once you have configured the HA setting on the Primary Dell SonicWALL security appliance, click the Synchronize Settings From your management workstation, test connectivity through button.
Page 41
The management interface should now display You can configure HA license synchronization by associating Logged Into: Backup SonicWALL Status: Active in the two Dell SonicWALL security appliances as HA Primary and HF upper-right-hand corner. secondary on MySonicWALL. Note that the secondary...
Page 42
On the Service Management - Associated Products page, scroll down to the Associated Products section. Note: After registering new Dell SonicWALL appliances on Under Associated Products, click HF Secondary. MySonicWALL, you must also register each appliance On the My Product - Associated Products page, in the text...
Page 43
Configuring the Secondary Bridge Interface - page 44 Connection Overview Connect the X1 port on your Dell SonicWALL NSA E8500 to the LAN port on your existing Internet gateway device. Then connect the X0 port on your NSA E8500 to your LAN resources.
Page 44
Configuring the Secondary Bridge Interface Note: Do not enable Never route traffic on the bridge-pair Complete the following steps to configure the Dell SonicWALL unless your network topology requires that all packets NSA E8500 appliance: entering the L2 Bridge remain on the L2 Bridge Navigate to the Network >...
Additional Deployment Configuration In this Section: This section provides basic configuration information to begin building network security policies for your deployment. This section also contains several SonicOS diagnostic tools and a deployment configuration reference checklist. • An Introduction to Zones and Interfaces - page 47 •...
The security features and settings configured for the zones are enforced by binding a zone to one or more physical interfaces Deny (such as, X0, X1, or X2) on the Dell SonicWALL NSA E8500. WAN and DMZ LAN or WLAN...
SonicOS supports inbound port forwarding, it is possible to hide • Network—Network Address Objects are like Range objects in multiple internal servers off the WAN IP address of the Dell that they comprise multiple hosts, but rather than being bound SonicWALL appliance.
• Custom Address Objects—displays Address Objects with Click OK. custom properties. • Default Address Objects—displays Address Objects configured by default on the Dell SonicWALL appliance. To add an Address Object: Navigate to the Network > Address Objects page. Below the Address Objects table, click Add.
Page 50
IPs 11. Select the Enable NAT Policy checkbox. are translated from the IP address of the Dell SonicWALL 12. Select the Create a reflexive policy checkbox if you want appliance WAN port to the IP address of the internal web a matching NAT Policy to be automatically created in the server.
Anti-Spyware Enabling Security Services in SonicOS You must enable each security service individually in the SonicOS user interface. See the following procedures to enable and configure the following three basic security services: Gateway Anti-Virus For more information on configuring your security services, refer to the SonicOS Administrator’s Guide.
For example, you can • Using the Active Connections Monitor - page 53 configure Dell SonicWALL Intrusion Prevention Service for incoming and outgoing traffic on the WLAN zone to add more security for internal network traffic. To apply services to network zones: Navigate to the Network >...
OR. The Ping test bounces a packet off a machine on the Internet and returns it to the sender. This test shows if the Dell SonicWALL appliance is able to contact the remote host. If...
Support and Training Options In this Section This section provides overviews of customer support and training options for the Dell SonicWALL NSA E8500. • Customer Support - page 55 • Knowledge Portal - page 55 • User Forums - page 56 •...
Designed for customers with Dell SonicWALL E-Class The Knowledge Portal is a resource which allows users to solutions, Dell SonicWALL E-Class Support 24x7 delivers the search for Dell SonicWALL documents based on the following enterprise-class support features and quality of service that types of search tools: enterprise companies require to keep their networks running •...
User Forums The Dell SonicWALL User Forums is a resource that provides users the ability to communicate and discuss a variety of security and appliance subject matters. In this forum, the following categories are available for users: • Content Security Manager topics •...
Training Dell SonicWALL offers an extensive sales and technical training curriculum for Network Administrators, Security Experts and Dell SonicWALL Medallion Partners who need to enhance their knowledge and maximize their investment in Dell SonicWALL Products and Security Applications. Dell SonicWALL Training provides the following resources for its customers: •...
Dell SonicWALL Live Product Demos SonicOS features dynamic tooltips that appear over various The Dell SonicWALL Live Demo Site provides free test drives of elements of the GUI when the mouse hovers over them. Dell SonicWALL security products and services through...
Network Integrated Solutions Guide Looking to go wireless? Have questions about what it takes to build a truly “secure” wireless network? Check out the Dell SonicWALL Secure Wireless Network Integrated Solutions Guide. This book is the official guide to Dell SonicWALL’s market-leading wireless networking and security devices.
Rack Mounting Instructions In this Section: This section provides illustrated rack mounting instructions for the Dell SonicWALL NSA E8500. • Rack Mounting Instructions - page 63 Note: For more information on rack mounting requirements, see the Safety and Regulatory Information...
Product Safety and Regulatory Information In this Section: This section provides regulatory along with trademark and copyright information. • Safety and Regulatory Information - page 69 • Warranty Information - page 73 • Copyright Notice - page 73...
• Mount the Dell SonicWALL appliances evenly in the rack in order to prevent a hazardous condition caused by uneven mechanical loading.
Page 70
The Lithium Battery used in the Dell SonicWALL Internet security appliance may alle vier Befestigungen der Montageschien verwendet werden. not be replaced by the user. The appliance must be returned to a Dell SonicWALL • Ein angemessen dimensionierter und geprüfte Sicherung, sollte Bestandteil der authorized service center for replacement with the same or equivalent type Haus-Installation sein.
Page 71
•將 戴爾 SonicWALL 裝置平坦地裝設在機架中,如此才能避免 Lithiumbatterie darf nicht vom Benutzer ausgetauscht werden. Zum Austauschen 因不均勻的機械負荷造成危險狀況。 der Batterie muss die Dell SonicWALL in ein von Dell SonicWALL autorisiertes Service-Center gebracht werden. Dort wird die Batterie durch denselben oder •必須使用四顆與機架設計相容的安裝螺釘,並用手鎖緊螺釘, entsprechenden, vom Hersteller empfohlenen Batterietyp ersetzt. Beachten Sie 確定安裝牢固。選擇一個安裝位置,將四個裝載洞孔對齊...
Page 72
線) 。此導體必須連接到安全接地電路。 Caution: Modifying this equipment or using this equipment for purposes not shown •切勿在交流電源線還連接著電源時移除或安裝電源。 in this manual without the written consent of Dell, Inc. could void the user’s authority to operate this equipment. •當安裝及後續接觸產品背面之後,必須用工具將指旋螺釘鎖 緊。 BMSI Statement 警告使用者:...
Application of council Directive 2004/108/EC (EMC) and 2006/95/EC (LVD) Standards to which conformity is declared All Dell SonicWALL appliances come with a 1-year Limited Hardware Warranty EN 55022 (2006) +A1 (2007) Class A which provides delivery of critical replacement parts for defective parts under EN 55024 (1998) +A1 (2001), +A2 (2003) warranty.