Manuel d'utilisation / d'entretien du produit E6500 du fabricant SonicWALL
Aller à la page of 78
PROTECTION A T THE SPEED OF BUSINESS ™ NSA E6500 G et ting St art ed Gu ide NSA_E6500_GSG.book Page 1 Wed n esday, June 17, 2009 7:16 PM.
SonicWALL NSA E6500 Ge tting Started Guide Page 1 SonicW ALL NSA E6500 Getting Started Guide This Getting St arted Guide provides instructions for basic installation and configuration of the SonicWALL Network Security Appliance (NSA) E6500 running SonicOS Enhanced.
Page 2 SonicWALL NSA E6500 SonicW ALL NSA E6500 Note: Always observe proper safety and regulatory guidelin es when re moving administrator-serviceable parts from the SonicWALL NSA E6500. Proper guidelines can be found in th e Product Safety and Regulator y Information section, on page 69 of this guide.
SonicWALL NSA E6500 Ge tting Started Guide Page 3 Pr e-Configuration T asks In this Section: This section provides pre-configuration information. Revie w this section before setting up your SonicW ALL NSA E6500.
Page 4 Check Package Conte nts Check Package Contents Before setting up your SonicWAL L NSA E6500, veri fy that your package contains the following parts: SonicW ALL NSA E6500 DB9 -> RJ45 (CLI) Cab.
SonicWALL NSA E6500 Ge tting Started Guide Page 5 Obtain Configuration Information Please record and keep for future r eference the following setup information: Registration Information Networking Inf.
Page 6 The Front Panel The Front Panel Icon Feature Description LCD Screen Displays the front panel bezel interface which c an be used to display status information, make certain configuration changes, restart the a ppliance or b oot the appliance in SafeMode.
SonicWALL NSA E6500 Ge tting Started Guide Page 7 The Back Panel Icon Feature Description Expansion Bay Future extension. Fans (2) The SonicWALL NSA E6500 includes two fans for system temperature control. Power Supply The SonicWALL NSA E6500 power supply .
Page 8 Front Bezel Control Features Fr ont Bezel Control Featur es The SonicW ALL Network Security Appliance E-Class is equipped with a front panel bezel interface that allows an administrator to customi ze certain aspects of the appliance o r simply monitor its status without having to log into it through a separate terminal.
SonicWALL NSA E6500 Ge tting Started Guide Page 9 Main Menu Upon booting the LCD di splay will initially show the Main Men u. The menu is made u p of four op tions: Use the Up and Down button to select the menu you wish to enter and click the Right button to enter it.
Page 10 Front Bezel Control Features Configure The Configure Menu all ows you to configure specific aspects of the appliance. Once se lected, the LCD will display a PIN request. Note: The Default PIN is 76642 . This number spells SONIC on a phone keypad.
SonicWALL NSA E6500 Getting St arted Guide Page 11 Configuration Options This option allows you to configure network po rt settings for the appliance. Once selected, the LCD displays a list of configurable options.
Page 12 Front Bezel Configuration Example Front Bezel Configuration Example LAN IP Config uration The SonicWALL NSA E6500 is assigned the defa ult LAN IP of 192.168.168.168. Complete the following steps to change it to 192.168.168.10. 1. Press Right to exit scre en-saver mode if not at the root menu.
SonicWALL NSA E6500 Getting St arted Guide Page 13 Register ing Y our Appliance In this Section: This section pro vides inst ructions for registering your SonicW ALL NSA E6500. • Before Y ou Register - page 14 • Creating a mysonicwall.com Account - page 15 • Registering and Licensing Y our Appliance on mysonicwall.
Page 14 Before You Register Before Y ou Register Y ou need a myso nicwall.com account to register the SonicW ALL NSA E6500. Y ou can cre ate a new mysonicwall.co m account on www .mysonicwall.com or directly from the SonicW ALL management interface . This section describes how to create an account by using the Web site.
SonicWALL NSA E6500 Getting St arted Guide Page 15 Creating a mysonicwall.com Account T o create a mysonicwall .com account, perform the following steps: 1. In your browser , navigate to www .mysonicwall.com. 2. In the login screen, click If you are not a regi stered user , Click here .
Page 16 Registering and Licensing Your Appliance on mysonicwall.com Licensing Secu rity Services and Softwar e The Service Management - Associated Product s page in mysonicwall.com list s security services, support options, and software such as ViewPoint that you can purchase or try with a free trial.
SonicWALL NSA E6500 Getting St arted Guide Page 17 T o manage your licenses, perform the following tasks: 1. In the mysonicwall.com Se rvice Manage ment - Associated Products page, check the Applicable S ervices table for services that your SonicWALL appliance is already licensed for .
Page 18 Registering and Licensing Your Appliance on mysonicwall.com Register ing a Second Appliance as a Backup T o ensure that your network sta ys protected if your SonicWALL appliance has an unexpected fa ilure, you can associate a second SonicW ALL with the first in a high availabil ity (HA) pair .
SonicWALL NSA E6500 Getting St arted Guide Page 19 Deployment Scenar ios In this Section: This section pro vides det ailed overvi ews of advanced deployment scenario s as well as configuration instructions for connecting your SonicW ALL NSA E6500.
Page 20 Select ing a Deployment S cenario Selecting a Deployment Scenario Before continuing, select a deployment scenario that best fits your network scheme. Reference the table below a nd the diagrams on the following pages for help in choosing a scenario.
SonicWALL NSA E6500 Getting St arted Guide Page 21 Scenar io A: NA T/Route Mode Gateway For new network installations or installations where the SonicW ALL NSA E6500 is replacing the existing network gateway . In this scenario, the SonicW ALL NSA E6500 is configured in NA T/Route mode to operate as a single netw ork gateway .
Page 22 Select ing a Deployment S cenario Scenar io B: State Sync Pair in NA T/Route Mode For network installations with two Soni cW ALL NSA E-Series appliances configured as a stateful sync hronized pair for redundant high-availabi lity networking.
SonicWALL NSA E6500 Getting St arted Guide Page 23 Scenar io C: L2 Br idge Mode For network installations where th e SonicW ALL NSA E6500 is running in tandem with an existi ng network gateway .
Page 24 Initi al Setup Initial Setup This section provides initial configuration instructions for connecting your SonicWALL NSA E6500. Follow these steps if you are setting up scenario A , B , or C .
SonicWALL NSA E6500 Getting St arted Guide Page 25 Connecting the LAN Port 1. Connect one end of the prov ide d ethernet cable to the computer you are using to manage the SonicW ALL NSA E6500. 2. Connect the other end of the cable to the X0 port on your SonicW ALL NSA E6500.
Page 26 Initi al Setup Accessing the Mana gement Interfa ce The computer you u se to manage the Soni cW ALL NSA E6500 must be set up to accept a dyna mic IP address, or it must have an unused IP add ress on the 192.168.168.x/24 su bnet, such as 192.168.
SonicWALL NSA E6500 Getting St arted Guide Page 27 Connecting to Y our Network The SonicWALL NSA E6500 ships with the internal DHCP server active on the L AN port. However , if a DHCP server is already active on your LAN, the Son icW ALL will disable its own DHCP server to prevent conflicts.
Page 28 Initi al Setup Activating Licenses in Son icOS After completing the registration process in SonicOS, you mu st perform the following tasks to activa te y our license s and enable your licensed.
SonicWALL NSA E6500 Getting St arted Guide Page 29 Upgrading Firmwar e on Y our SonicW ALL The following procedures are for upgradi ng an existing SonicOS Enhanced image to a newer version: • Obtain.
Page 30 Initi al Setup Upgrading the Firmwar e Perform the following steps to upload new firmware to your SonicW ALL appliance and use your current configuration settings upon startup. Tip: The appliance must b e properly registered before it can be upgraded.
SonicWALL NSA E6500 Getting St arted Guide Page 31 3. Point the Web browser on your computer to 192.168.168.168 . The SafeMod e management interface displays. 4. If you have made any configuration changes to the security appliance, select the Create Backup On Next Boot checkbox to make a backup copy of your current settings.
Page 32 Configuring a State Sync Pair in NAT/Route Mode Configuri ng a State Sync Pair in NA T/Route Mode This sectio n provides instructions fo r configuring a pa ir of SonicW ALL NSA E6500 appliances for high availability (HA). This section is re levant to ad ministrators following deployment scenario B .
SonicWALL NSA E6500 Getting St arted Guide Page 33 • Connect the HA ports on the Primary SonicW ALL and Backup SonicW ALL appliances with a CA T6-rated crossover cable (red crossover cable). The Primary and Backup SonicW ALL security appliances must have a dedicated connection using the HA inte rface.
Page 34 Configuring a State Sync Pair in NAT/Route Mode failovers, especially wh en the SonicW ALL is under a heavy load. 6. Set the Probe Level for the interva l in seconds between communication with upstream or downstream systems. SonicW ALL recommends that you set the interval for at least 5 seconds.
SonicWALL NSA E6500 Getting St arted Guide Page 35 Synchronizing Settings Once you have con figured the HA setti ng on the Primar y SonicW ALL security appliance, click the Synchronize Settings button. Y ou shoul d see a HA Peer Firewall has been up dated message at the bottom of the m anagement interface page.
Page 36 Configuring a State Sync Pair in NAT/Route Mode Adjusting High Availability Settings On the High A vailability > Settings page, there are four user- configurable timers that can be adjusted to suit your network’s needs: • Heartbeat Interval (s econds) – This timer is the length of time between status checks.
SonicWALL NSA E6500 Getting St arted Guide Page 37 HA License Config uration Overview Y ou can config ure HA license synchronization by associating two SonicWALL security appliances as HA Primary and HA Secondary on mysonicwall.co m. Note that the Backup appliance of your HA pair is referred to as the HA Secondary unit on mysonicwall.
Page 38 Configuring a State Sync Pair in NAT/Route Mode Associating Pr e-Register ed Appliance s T o associate two already-registered SonicWALL security appliances so that they can use HA license synchro nization, perform the following steps: 1. Login to mysonicwall.
SonicWALL NSA E6500 Getting St arted Guide Page 39 Configur ing L2 Bridge Mode This section provides in structions to configure the So nicW ALL NSA E6500 appliance in tandem with an existing In ternet gateway device. This section is relevant to users following deployment scenario C .
Page 40 Configuring L2 Bridge Mode Configuring the Sec ondary Bridge Interfa ce Complete the followin g steps to configure the SonicWALL appliance: 1. Navigate to the Network > Interfaces page from the navigation panel. 2. Click the Configure icon in the righ t column of the X0 (LAN) interface.
SonicWALL NSA E6500 Getting St arted Guide Page 41 Additional Deployment Configuration In this Section: This section provides ba sic configuration information to begin building network security policies for your deployment. This sec tion also contains several SonicOS diagnostic tool s and a deployment configuration reference checklist.
Page 42 An Introduction to Zones and Int erfaces An Introduction to Zones and Interfaces Zones spli t a network infr astructure into logical areas, each w ith its own set of usage rules, securi ty services, and policies.
SonicWALL NSA E6500 Getting St arted Guide Page 43 T o create an access rule: 1. On the Firewall > Acce ss Rules page in the matrix view , click the arrow connecting the two zones that need a rule.
Page 44 Creating Network Access Rules • Select the from and to zones from the From Zone and T o Zone menus. • Select the service or group of services a f fected by the access rule from the Service list. If the service is not listed, you must defin e the service in the Add Service window .
SonicWALL NSA E6500 Getting St arted Guide Page 45 5. Click on the QoS tab if you want to apply DSCP or 802.1p Quality of Service coloring /marking to traffic governed by this rule. See the So nicOS Enhanced Administrator ’s Guide for more information on mana ging QoS marking in access rules.
Page 46 Creating a NAT Policy • MAC Address – MAC Address Objects allow for the identificati on of a host by its hardware address or MAC (Media Access Control) address. • FQDN Address – FQDN Address Objects allow for the identificati on of a host by its Fully Qualified Domain Names (FQDN), such as www .
SonicWALL NSA E6500 Getting St arted Guide Page 47 6. Click OK . Configuring NA T Policies NA T policies allow you to control Network Address T ranslation based on matching combinations of Source IP ad dress, Destination IP address and Dest inatio n Services.
Page 48 Enabling Securit y Services in SonicOS Enabling Security Services in SonicOS Y ou must enable each security service ind ividually in the SonicOS user interface.
SonicWALL NSA E6500 Getting St arted Guide Page 49 T roubleshooting Diagnostic T ools SonicOS provides a number of diagnosti c tools to help you maintain your network and trouble shoot problems. Several tool s can be accessed on the System > Diagnostics page, and others are available on other screens.
Page 50 Troubleshooting Diagnost ic Tools The SonicOS user interface provides three windows to displa y different views of the captured packet s: • Captured Packets • Packet Detail •H e x D u m p Click the Configure button to customize the setti ngs for the capture.
SonicWALL NSA E6500 Getting St arted Guide Page 51 Using the Active Connection s Monitor The Active Conn ec tions Monitor displays real-time, exportable (plain text or CSV), filterable views of al l connections to and through the SonicWALL security appliance.
Page 52 Troubleshooting Diagnost ic Tools Using Log > View The SonicW ALL security appliance maintains an Event log for tracking potential security threat s. Y ou can view the log in the Log > Vie w page, or it can be automatically sent to an email address for convenience an d archiving.
SonicWALL NSA E6500 Getting St arted Guide Page 53 Deployment Configuration Reference Checklist Use this checklist to find more information about various deployment tasks within the SonicOS Enhanced Admi nistrator’s Guide . For this T ask... Se e this Chapter .
Page 54 Deployment Configuration Referen ce Checklist NSA_E6500_GSG.book Page 54 We dnesday, June 17, 2009 7:16 PM.
SonicWALL NSA E6500 Getting St arted Guide Page 55 Support and T raining Options In this Section: This section provides ove rviews of customer suppor t and training options for the SonicW ALL NSA E6500.
Page 56 Customer Support Customer Support SonicW ALL offers W eb-based and telephone support to customers who have a va lid W ar ranty or wh o purchased a Support Contract.
SonicWALL NSA E6500 Getting St arted Guide Page 57 User Forums The SonicWALL User Forums is a resource that provides users the ability to communicate and discuss a variety of security and appliance subject matters.
Page 58 Training T raining SonicW ALL offers an extensive sales and technical training curriculum for Network Administ rators, Security Experts and SonicW ALL Medallion Partners who need to enhance th eir knowledge and maximize their investment in SonicWALL Products and Security Applications.
SonicWALL NSA E6500 Getting St arted Guide Page 59 Related Documentation See the following relate d documents for more information: • SonicOS Enhanced 5.
Page 60 Dynamic Tooltip s Dynamic T ooltips SonicOS features a dynamic tooltips that appear over various elements of the GUI when t he mouse hovers over them.
SonicWALL NSA E6500 Getting St arted Guide Page 61 NSA_E6500_GSG.book Page 61 We dnesday, June 17, 2009 7:16 PM.
Page 62 SonicWALL Live Product Demos NSA_E6500_GSG.book Page 62 We dnesday, June 17, 2009 7:16 PM.
SonicWALL NSA E6500 Getting St arted Guide Page 63 Rack Mounting Instructions In this Section: This section provides il lust rated rack mounting instructions for the SonicW ALL NSA E6500.
Page 64 Rack Mounting Instructions Rack Mounting Instructions -3#2%7 7 !3(%23 & ASTENSCREWSTOTHERAIL !SSEMBLETHE3LIDE2AIL ! " ! " NSA_E6500_GSG.
SonicWALL NSA E6500 Getting St arted Guide Page 65 -3#2%7 -.UT !SSEMBLETHE3LIDE2AIL & ASTENTWOSIDEDSCREWSTOTHER AIL # # NSA_E6500_GSG.
Page 66 Rack Mounting Instructions !SSEMBLE)NNER2AILTO#HASSIS & ASTENSCREWSTOATTACHTHEINNERCHANNELONTOTHECHASSIS -3#2%7 $ $ NSA_E6500_GSG.
SonicWALL NSA E6500 Getting St arted Guide Page 67 )NSER T#HASSISTO& R AME 0USHHOOKDO WNTOSEPARATE 3LIDEINNERCHANNELINTORAILS NSA_E6500_GSG.
Page 68 Rack Mounting Instructions NSA_E6500_GSG.book Page 68 We dnesday, June 17, 2009 7:16 PM.
SonicWALL NSA E6500 Getting St arted Guide Page 69 Pr oduct Safety and Regulatory Information In this Section: This section pro vides regula tory alo ng with trademark and copyright information.
Page 70 Safety and Regulator y Information Safety and Regulatory Information Rack Mounting the SonicW ALL The above SonicW ALL appliances ar e designed to be mounted in a standard 19-inch rack mount cabinet.
SonicWALL NSA E6500 Getting St arted Guide Page 71 Wärmequellen befindet. Die Umg ebungstemperatur darf nicht mehr als 40 °C betragen. • Achten Sie darauf, das sich die Netzwerkkabel nicht in der un- mittelbaren Nähe von Stromleitungen, Leuchtstoffröhre n und Störquellen wie Funksendern oder Breitbandver stärkern be- finden.
Page 72 Safety and Regulator y Information FCC Part 15 Class A Notice NOTE: This equipment was tested and found to comply with t he limits for a Class A digital device, pursuant to Part 15 of the FCC Rules.
SonicWALL NSA E6500 Getting St arted Guide Page 73 Copyright Notice © 2008 SonicWALL, Inc. All rights reserved. Under the copyright laws, this manual or the software descr ibed within, cannot be copied, in whole or part, without the written consent of the manufacturer , except in the normal use of the software to make a backup copy .
Page 74 Notes NSA_E6500_GSG.book Page 74 We dnesday, June 17, 2009 7:16 PM.
SonicWALL NSA E6500 Getting St arted Guide Page 75 Notes NSA_E6500_GSG.book Page 75 We dnesday, June 17, 2009 7:16 PM.
Page 76 Notes NSA_E6500_GSG.book Page 76 We dnesday, June 17, 2009 7:16 PM.
SonicWA LL, Inc. 1 1 43 Borregas A venue T + 1 40 8.7 4 5. 9600 ww w.sonicwall.com S u n n y v a l eC A9 4 0 8 9 - 1 3 0 6 F + 1 4 0 8 . 7 4 5 . 9 3 0 0 PROTECTION A T THE SPEED OF BUSINESS ™ PN: 232-001051-52 Rev A 06/09 © 2 0 0 9S o n i c W A L L ,I n c .
Un point important après l'achat de l'appareil (ou même avant l'achat) est de lire le manuel d'utilisation. Nous devons le faire pour quelques raisons simples:
Si vous n'avez pas encore acheté SonicWALL E6500 c'est un bon moment pour vous familiariser avec les données de base sur le produit. Consulter d'abord les pages initiales du manuel d'utilisation, que vous trouverez ci-dessus. Vous devriez y trouver les données techniques les plus importants du SonicWALL E6500 - de cette manière, vous pouvez vérifier si l'équipement répond à vos besoins. Explorant les pages suivantes du manuel d'utilisation SonicWALL E6500, vous apprendrez toutes les caractéristiques du produit et des informations sur son fonctionnement. Les informations sur le SonicWALL E6500 va certainement vous aider à prendre une décision concernant l'achat.
Dans une situation où vous avez déjà le SonicWALL E6500, mais vous avez pas encore lu le manuel d'utilisation, vous devez le faire pour les raisons décrites ci-dessus,. Vous saurez alors si vous avez correctement utilisé les fonctions disponibles, et si vous avez commis des erreurs qui peuvent réduire la durée de vie du SonicWALL E6500.
Cependant, l'un des rôles les plus importants pour l'utilisateur joués par les manuels d'utilisateur est d'aider à résoudre les problèmes concernant le SonicWALL E6500. Presque toujours, vous y trouverez Troubleshooting, soit les pannes et les défaillances les plus fréquentes de l'apparei SonicWALL E6500 ainsi que les instructions sur la façon de les résoudre. Même si vous ne parvenez pas à résoudre le problème, le manuel d‘utilisation va vous montrer le chemin d'une nouvelle procédure – le contact avec le centre de service à la clientèle ou le service le plus proche.