Dell NSA E8150 User Manual
Getting Started Guide
Dell SonicWALL E-Class NSA Appliances
NETWORK SECURITY
NSA E8510
Notes, Cautions, and Warnings
NOTE: A NOTE indicates important information that helps you make better use of your system.
CAUTION: A CAUTION indicates potential damage to hardware or loss of data if instructions are not followed.
WARNING: A WARNING indicates a potential for property damage, personal injury, or death.
© 2013 Dell, Inc.
Trademarks: Dell™, the DELL logo, SonicWALL™, SonicWALL GMS™, SonicWALL Analyzer™, Reassembly-Free Deep Packet
Inspection™, Dynamic Security for the Global Network™, SonicWALL SuperMassive™ Appliances, SonicWALL Dynamic Support
24x7™, SonicWALL Comprehensive Gateway Security Suite™, SonicWALL McAfee Client/Server Anti-Virus Suite™, and all other
SonicWALL product and service names and slogans are trademarks of Dell, Inc.
Microsoft Windows, Internet Explorer, and Active Directory are trademarks or registered trademarks of Microsoft Corporation.
Other product and company names mentioned herein may be trademarks and/or registered trademarks of their respective companies
and are the sole property of their respective manufacturers.
2013 – 02 P/N 232-001858-51 Rev. A
2
In this Guide
I
o
I
o
E8510
Network Security Appliance
10GE
The Dell SonicWALL E-Class Network Security Appliance (NSA) E8510 is designed to be the most scalable, reliable, and best
performing multifunction appliance in its class.
This Getting Started Guide provides instructions for basic installation and configuration of the Dell SonicWALL NSA E8510.
Note: Always observe proper safety and regulatory guidelines when removing administrator-serviceable parts from the Dell
SonicWALL NSA E8510. Proper guidelines can be found in the Product Safety and Regulatory Information section, on page 68
of this guide.
3 | In this Guide
This Getting Started Guide contains the following sections:
Chapter 1 Sections Include
Pre-Configuration Tasks - page 6 • Dell SonicWALL NSA E8510 Package Contents - page7
• Obtain Configuration Information - page 8
• The Front Panel - page 10
• The Back Panel - page 11
• Front Bezel Control Features - page 12
• LAN IP Configuration Example - page 16
Chapter 2 Sections Include
Registering Your Appliance - page 18 • Before You Register - page 19
• Creating a MySonicWALL Account - page 20
• Registering and Licensing Your Appliance on MySonicWALL - page 20
Chapter 3 Sections Include
Deployment Scenarios - page 26 • Selecting a Deployment Scenario - page 27
• Initial Setup - page 31
• Configuring a Stateful HA Pair - page 38
• Configuring L2 Bridge Mode - page 44
4
Chapter 4 Sections Include
Additional Deployment Configuration - page 46 • An Introduction to Zones and Interfaces - page 47
• Creating a NAT Policy - page 48
• Enabling Security Services in SonicOS - page 51
• Applying Security Services to Zones - page 52
• Troubleshooting Diagnostic Tools - page 52
Chapter 5 Sections Include
Support and Training Options - page 54 • Customer Support - page 55
• Knowledge Portal - page 55
• User Forums - page 56
• Training - page57
• Related Documentation - page 58
• Dynamic Tooltips - page 59
• Dell SonicWALL Live Product Demos - page 59
• Dell SonicWALL Secure Wireless Network Integrated Solutions Guide - page 60
Chapter 6 Sections Include
Rack Mounting Instructions - page 62 • Rack Mounting Instructions - page 63
Chapter 7 Sections Include
Product Safety and Regulatory Information -
page 68
• Safety and Regulatory Information - page 69
• Warranty Information - page 73
• Copyright Notice - page 73
5 | In this Guide
Pre-Configuration Tasks
1
In this Section:
This section provides pre-configuration information. Review this section before setting up your Dell SonicWALL NSA E8510.
• Dell SonicWALL NSA E8510 Package Contents - page 7
• Obtain Configuration Information - page 8
• The Front Panel - page 10
• The Back Panel - page 11
• Front Bezel Control Features - page 12
• LAN IP Configuration Example - page 16
6
Dell SonicWALL NSA E8510 Package Contents
E8510
Network Security Appliance
10GE
1
3
4
2
5
7
6
Getting Started Guide
Dell SonicWALL E-Class NSA Appliances
NETWORK SECURITY
NSA E8510
(x2)
Before you begin the setup process, verify that your package contains the following items:
1. One Dell SonicWALL NSA E8510 appliance
2. One serial CLI cable
3. One Ethernet cable
4. Two power cords*
5. One Rack Mounting Kit
6. One Dell SonicWALL NSA E8510 Getting Started Guide
*The included power cord(s) are approved for use only in specific countries or regions. Before using a power cord, ve rify that it is rated and approved for use in you r location. The
power cords are for AC mains installation only. Field conversion DC power cable is diff erent, see Safety and Regulatory Informa tion for more information .
Missing Items? If any items are missing from your package, contact Dell SonicWALL Support:
Web: http://www.sonicwall.com/us/Support.html
Email: customer_service@sonicwall.com
7 | Dell SonicWALL NSA E8510 Package Contents
Obtain Configuration Information
Please record and keep for future reference the following setup
information:
Registration Information
Serial Number:
Authentication Code:
Record the serial number found on the
bottom panel of your Dell SonicWALL
appliance.
Record the authentication code found on
the bottom panel of your Dell SonicWALL
appliance.
Networking Information
LAN IP Address:
. . .
Subnet Mask:
. . .
Ethernet WAN IP
Address:
. . .
Select a static IP address for your Dell
SonicWALL appliance that is within the
range of your local subnet. If you are
unsure, you can use the default IP
address (192.168.168.168).
Record the subnet mask for the local
subnet where you are installing your Dell
SonicWALL appliance.
Select a static IP address for your
Ethernet WAN. This setting only applies
if you are already using an ISP that
assigns a static IP address.
Administrator Information
Admin Name:
Admin Password:
Select an administrator account name.
(default is admin)
Select an administrator password.
(default is password)
Obtain Configuration Information | 8
Obtain Internet Service Provider (ISP) Information
Record the following information about your current Internet service:
If You connect
using
DHCP No information is usually required: Some providers
Static IP IP Address:
Please record
may require a Host name:
. . .
Subnet Mask: . . .
Default Gateway: . . .
Primary DNS: . . .
DNS 2 (optional): . . .
DNS 3 (optional): . . .
Note: If you are not using one of the network configurations
above, refer to the SonicOS Administrator’s Guide:
www.sonicwall.com/us/support
9 | Obtain Configuration Information
The Front Panel
E8510
Network Security Appliance
10GE
LCD Screen
Control Buttons
Console Port
USB Ports (2)
Reset Button
LED Indicators (left to right)
HA Port
X2-X3 (SFP)
X0-X1 (Copper)
Bypass Status LED
Access the SonicOS Command Line Interface
(CLI) via the DB9 -> RJ45 cable
For future feature extensions
Press and hold for several seconds to manually
reset the appliance
High speed Gigabit Ethernet ports
Lit: Indicates when fail to wire bypass mode
is armed
Power (2): Blue: Indicates power supplies are operating correctly,
Yellow: Indicates an unconnected power supply or failure
Test: Quick blinking: Initializing, Slow blinking: SafeMode
Solid: test mode.
Alarm: Alarm condition
HD: Future extension
Navigate the LCD screen
Interface to display status, make
conguration changes, restart the
appliance or boot into SafeMode
Hot-pluggable “small form-factor
pluggable transceiver” interfaces;
10GB SFP+ connectors are required
(not included)
High Availability
primary/secondary
Gigabit Ethernet port
X4-X5 (10 GE)
10-Gigabit Ethernet ports
10
The Back Panel
I
o
I
o
Expansion Bay
Fans (2)
Power Supplies (2)
For SonicWall approved
expansion modules
Dual auto-throttling fans for system
temperature control
Dual power supplies for redundant AC power and added reliability
Field conversion is available to convert to DC mains
DC power supplies use different input connector and power cables
Warning: Potential Hazard from Fan
This manual contains specific warning and caution statements where they apply. Please read the Safety Instructions before
use! See the Product Safety and Regulatory Information on page 68.
11 | The Back Panel
Front Bezel Control Features
Network Security Appliance
B
A
C
E
The Dell SonicWALL NSA E8510 is equipped with a front panel
bezel interface that allows an administrator to customize certain
aspects of the appliance or simply monitor its status without
having to log into it through a separate terminal.
Icon Feature Description
LCD Screen Displays the front panel bezel interface
which can be used to display status
information, perform basic
configurations, restart the appliance or
boot the appliance in SafeMode.
Control Buttons Up, Down, Left and Right buttons,
used to navigate the LCD menu system.
Note: Using the front bezel for configuration purposes prior to
completing initial setup will bypass the Setup Wizard’s
automatic launch at startup.
LCD Control Buttons
The LCD interface is controlled by a D-pad, consisting of four
buttons: up, down, left, right. The table below describes the
functions of the buttons:
Button Navigation Features
Up/Down Selects options and navigates up and
Left Cancels changes and returns to the
Right Confirms choices and enters menus.
down lists.
previous menu.
Also sets the appliance to screen-saver
mode when used from the main menu.
Front Bezel Control Features | 12
Main Menu
Status
Upon booting the LCD display will initially show the Main Menu.
The menu is made up of four options:
Contains basic status values including
system resources, connections and port
configuration values.
Allows configuration of basic system
values including X0 (LAN) and X1
(WAN) port configuration. Requires
system PIN for access, default: 76642.
Provides the ability to restart the
appliance. Requires system PIN for
access.
Provides the ability to restart and boot
the appliance into SafeMode. Requires
system PIN for access.
Use the Up and Down button to select the menu you wish to
enter and click the Right button to enter it.
The Status menu allows you to view specific aspects of the
appliance. Once selected, the LCD displays the Status List.
This list is navigated using the Up and Down button s. Status
options available include:
• Appliance serial number
• Firmware / ROM versions
• Appliance name
• Date and Time
•Uptime
• CPU statistical readings
• Current number of connections
• Interface (X0, X1) network settings
• Interface (X0, X1) data transfer statistics
The X1 DNS1-3 entries will only be displayed if they have been
set from the Configure menu. If their value is still 0.0.0.0
(default value), they will not appear in the Status List.
13 | Front Bezel Control Features
Configure
The Configure Menu allows you to configure specific aspects of
the appliance. Once selected, the LCD will display a PIN
request.
Note: The Default PIN is 76642. This number spells SONIC
on a phone keypad. The PIN number can be changed
from the System > Administration page.
If you choose yes, the screen notifies you that the settings are
updated.
All numbers are inputted using the 4 buttons. Select the
individual digit field using the Left and Right button and select
the desired number using the Up and Down Button. Digits
increase incrementally from 0 to 9. Press the Right button to
confirm your PIN and enter the Configuration Menu.
The appliance allows the user to navigate in and out of the
Configuration Menu without having to re-enter the PIN.
However, once the appliance enters Screen-Saver Mode,
whether from the 6 second time out or from pressing the Left
button from the Main Menu, the PIN number must be re-entered
again to access the Configuration Menu.
After entering a new value for a setting in the configuration
menu, you are asked if you want to commit changes. Using the
4-way D-pad, press the Right button for yes or the Left button
for no.
Configuration Options
This option allows you to configure network port settings for the
appliance. Once selected, the LCD displays a list of
configurable options. Status options available include:
• X0 IP and subnet
• X1 Mode
• X1 IP and subnet
• X1 Gateway
• X1 DNS settings (3 available)
• Restore defaults
The X1 Mode can be set to Static (default option) or to DHCP. If
DHCP is selected, manual configuration options are not shown
for X1 IP, subnet, gateway and DNS.
Front Bezel Control Features | 14
The Restore Defaults option will reset the appliance to default
factory settings. If selected it will prompt for confirmation twice
before restoring defaults.
If an option is selected but not modified, the appliance will
display a message stating that no changes were made and will
return the user to the edit value screen. If a change was made,
it will prompt the user for confirmation before effecting the
change.
Screen-Saver
If no button is pressed for over 60 seconds, or if the Left button
is pressed from the Main Menu, the appliance will enter ScreenSaver mode. In this mode, the Status List will cycle, displaying
every entry for a few seconds.
If the Up or Down button is pressed while in Screen-Saver
mode, the appliance will display the adjacent status entry.
Restart
This option allows you to safely restart without resorting to
power cycling the appliance. Once selected, the LCD will
display a confirmation prompt. Select Y for yes and press the
Right button to confirm. The appliance will reboot.
SafeMode
This option will set the appliance to SafeMode. Once selected,
the LCD will display a confirmation prompt. Select Y for yes and
press the Right button to confirm. The appliance will change to
SafeMode. Once SafeMode is enabled, the Dell SonicWALL
NSA E8510 must be controlled from the Web management
interface using the default LAN IP address, 192.168.168.168.
15 | Front Bezel Control Features
To exit Screen-Saver mode, press the Right button.
LAN IP Configuration Example
The Dell SonicWALL NSA E8510 is assigned the default LAN IP
of 192.168.168.168. The following example provides steps for
changing the default IP address to 192.168.168.10.
1. Press Right to exit screen-saver mode if not at the root
menu.
2. Press Down to select the Configuration entry.
3. Press Right to enter Configuration Mode.
4. Input PIN (76642 by default; SONIC on a phone keypad.)
5. Press Up or Down until the cursor displays 7, press Right.
6. Continue this process until all of the numbers are entered.
7. Press Right to commit changes.
8. Press Down until X0 IP is selected (four times).
9. Press Right to configure X0 IP.
10. Edit X0 IP:
11. Press Right ten times to select the tenth digit.
12. Press UP or Down until the cursor displays 0.
13. Press Right once to select the next digit.
14. Press UP or Down until the cursor displays 1.
15. Press Right once to select the next digit.
16. Press Up or Down until the cursor displays 0.
17. Press Right to finish editing the X0 IP.
18. Press Right again to confirm changes.
LAN IP Configuration Example | 16
17 | LAN IP Configuration Example
Registering Your Appliance
2
In this Section:
This section provides instructions for registering your Dell SonicWALL NSA E8510.
• Before You Register - page 19
• Creating a MySonicWALL Account - page 20
• Registering and Licensing Your Appliance on MySonicWALL - page 20
Note: Registration is an important part of the setup process and is necessary in order to receive the benefits of Dell SonicWALL security
services, firmware updates, and technical support.
18
Before You Register
You need a MySonicWALL account to register the Dell
SonicWALL NSA E8510. You can create a new MySonicWALL
account on www.mysonicwall.com or directly from the Dell
SonicWALL management interface. This section describes how
to create an account by using the Web site.
You can use MySonicWALL to register your Dell SonicWALL
appliance and activate or purchase licenses for Security
Services, Analyzer Reporting and other services, support, or
software before you even connect your device. This allows you
to prepare for your deployment before making any changes to
your existing network.
For a High Availability configuration, you must use
MySonicWALL to associate a secondary unit that can share the
Security Services licenses with your primary appliance.
Note: Your Dell SonicWALL NSA E8510 does not need to be
powered on during account creation or during the
MySonicWALL registration and licensing process.
Note: After registering a new Dell SonicWALL appliance on
MySonicWALL, you must also register the appliance
from the SonicOS management interface. This allows
the unit to synchronize with the Dell SonicWALL
License Server and to share licenses with the
associated appliance, if any. See the Accessing the
Management Interface section, on page 33.
19 | Before You Register
Creating a MySonicWALL Account
To create a MySonicWALL account, perform the following steps:
1. In your browser, navigate to:
www.mysonicwall.com
2. In the login screen, click the Register Now link if you are
Not a registered user.
3. Complete the Registration form and then click Register.
4. Verify that the information is correct and then click Submit.
5. In the screen confirming that your account was created,
click Continue.
Registering and Licensing Your Appliance on MySonicWALL
This section contains the following subsections:
• Product Registration - page20
• Licensing Application Intelligence and Control - page 21
• Registering a Secondary Appliance - page 23
• Registration Next Steps - page 24
Product Registration
You must register your Dell SonicWALL appliance on
MySonicWALL to enable full functionality.
1. Login to your MySonicWALL account. If you do not have an
account, you can create one at:
www.mysonicwall.com
2. On the main page, in the Register A Product field, type the
appliance serial number and then click Next.
3. On the My Products page, under Add New Product, type
the friendly name for the appliance, select the Product
Group if any, type the authentication code into the
appropriate text boxes, and then click Register.
4. On the Product Survey page, fill in the requested
information and then click Continue.
Creating a MySonicWALL Account | 20
Licensing Application Intelligence and Control
In SonicOS 5.8 and higher, Application Intelligence and
Application Control are available as licensed services.
• The Intelligence component is licensed as App
Visualization, and provides identification and reporting of
application traffic on the Dashboard > Real-Time Monitor and
App Flow Monitor pages.
• The Control component is licensed as App Control, and
allows you to create and enforce custom App Control and App
Rules policies for logging, blocking, and bandwidth
management of application traffic handled by your network.
Application Visualization and App Control are licensed together
in a bundle with other security services including Dell
SonicWALL Gateway Anti-Virus (GAV), Anti-Spyware, and
Intrusion Prevention Service (IPS).
Note: Upon registration on MySonicWALL, or when you load
SonicOS 5.8 onto a registered Dell SonicWALL
appliance, supported Dell SonicWALL appliances
begin an automatic 30-day trial license for App
Visualization and App Control, and application
signatures are downloaded to the appliance.
Once the App Visualization feature is manually enabled on the
Log > Flow Reporting page by selecting the Enable Flow
Reporting and Visualization checkbox, you can view real-time
application traffic on the Dashboard > Real-Time Monitor
page and application activity in other Dashboard pages for the
identified/classified flows from the Dell SonicWALL application
signature database.
To begin using App Control, sele ct the Enable App Control
checkbox on the Firewall > App Control Advanced page.
To create policies using Ap p Rules, which is included with the
App Control license, select Enable App Rules on the
Firewall > App Rules page.
The Dell SonicWALL Licensing server provides the App
Visualization and App Control license keys to the Dell
SonicWALL appliance when you begin a 30-day trial (upon
registration) or purchase a Security Services license bundle.
For more information regarding Application Intelligence and
Control, reference the following documents on:
www.sonicwall.com/us/support/:
• SonicOS 5.8 Application Control Feature Module
• SonicOS 5.8 NetFlow Reporting Feature Module
21 | Registering and Licensing Your Appliance on MySonicWALL
Licensing Security Services and Software
The Service Management - Associated Products page in
MySonicWALL lists security services, support options, and
software such as Analyzer that you can purchase or try with a
free trial. For details, click the Info button. Your current licenses
are indicated in the Status column with either a license key or
an expiration date. Y ou can purchase additional services now or
at a later time.
The following products and services are available for the Dell
SonicWALL NSA E8510:
• Service Bundles:
• Client/Server Anti-Virus Suite
• Comprehensive Gateway Security Suite
• Gateway Services:
• Gateway AV / Anti-Spyware/Intrusion Prevention Service
• Content Filtering: Premium Edition
• Stateful High Availability
• Active/Active High Availability
• Application Visualization
• Application Control
• Comprehensive Anti-Spam (CASS)
• Desktop and Server Software:
• Enforced Client Anti-Virus and Anti-Spyware
• Global VPN Client
• Global VPN Client Enterprise
• VPN Policy Upgrade (for site-to-site VPN)
• SSL-VPN
• Virtual Assist
• Global Management System
• Analyzer
• Support Services:
• Dynamic Support 24x7
• Software and Firmware Updates
• Consulting Services:
• Implementation Service
• GMS Preventive Maintenance Service
To manage your licenses, perform the following tasks:
1. In the MySonicWALL Service Management - Associated
Products page, check the Applicable Services table for
services that your Dell SonicWALL appliance is already
licensed for. Your initial purchase may have included
security services or other software bundled with the
appliance. These licenses are enabled on MySonicWALL
when the Dell SonicWALL appliance is delivered to you.
2. If you purchased a service subscription or upgrade from a
sales representative separately, you will have an
Activation Key for the product. This key is emailed to you
after online purchases, or is on the front of the certificate
that was included with your purchase. Locate the product
on the Services Management page and click Enter Key in
that row.
Registering and Licensing Your Appliance on MySonicWALL | 22
3. In the Activate Service page, type or paste your key into
the Activation Key field and then click Submit. Depending
on the product, you will see an Expire date or a license key
string in the Status column when you return to the Service
Management page.
4. To license a product of service, do one of the following:
• To try a Free Trial of a service, click Try in the Service
Management page. A 30-day free trial is immediately
activated. The Status page displays relevant information
including the activation status, expiration date, number of
licenses, and links to installation instructions or other
documentation. The Service Management page is also
updated to show the status of the free trial.
• To purchase a product or service, click Buy Now.
5. In the Buy Service page, type the number of licenses you
want in the Quantity column for either the 1 year, 2 year , or
3 year license row and then click Add to Cart.
6. In the Checkout page, follow the instructions to complete
your purchase.
The MySonicWALL server will generate a license key for the
product. The key is added to the license keyset. You can use
the license keyset to manually apply all active licenses to your
Dell SonicWALL appliance.
Registering a Secondary Appliance
To ensure that your network stays protected if your Dell
SonicWALL appliance has an unexpected failure, you can
associate a second appliance with the first in a high availability
(HA) pair. You can associate the two appliances as part of the
registration process on MySonicWALL. The second Dell
SonicWALL appliance will automatically share the Security
Services licenses of the primary appliance.
To register a second appliance and associate it with the
primary, perform the following steps:
1. Login to your MySonicWALL account.
2. On the main page, in the Register A Product field, type the
appliance serial number and then click Next.
3. On the My Products page, under Add New Product, type
the friendly name for the appliance, select the Product
Group if any, type the authentication code into the
appropriate text boxes, and then click Register.
4. On the Product Survey page, fill in the requested
information and then click Continue. The Create
Association Page is displayed.
23 | Registering and Licensing Your Appliance on MySonicWALL
Loading...