SonicWall NetExtender User Manual
SonicWall NetExtender
Deliver seamless, secure network layer access from anywhere.
Abstract
While pre-congured or “fat” client is preferential for most
network users, many IT organizations are making the switch
to a thin client or SSL VPN model in order to reduce costs
and better protect their network from security risks. Unlike
a fat clients or IPSec VPN, thin client enables remote users
to access the network from any computer equipped with an
Internet connection and standard web browser.
No longer are remote users limited to using specially-
congured laptops provided by the IT depar tment, as is the
case with more traditional VPN models. IPSec VPN may
be especially useful in areas where the IT administrator
tightly controls and manages only a small number of
remote workstations, while with fat client VPN systems
administrators can allow users to have a greater level of
access. However, users now can have the best of both worlds
with SonicWall™ NetExtender thin client technology for
Secure Mobile Access 100, TZ, NSa and NSv families. The
tech brief below explains how.
Introduction
With SonicWall NetExtender, users enjoy seamless and
secure network layer access to the intranet, le, desk top
and terminal resources, including Microsoft® Outlook® and
Microsoft Of ce 365. Pushed transparently onto the client’s
desktop, laptop or smartphone, the thin client enhances users’
capabilities and signicantly reduces the IT administrative
costs and time required to maintain and manage remote access.
SonicWall NetExtender
Simplied and secure end user access for anywhere,
NetExtender adds more power to the SonicWall SMA 100
and rewalls, adding capabilities such as seamless and secure
access to any resource on the corporate network including
servers or custom applications. Unlike a fat client, NetExtender
extends thin client transparently to the client’s desktop or
laptop, and installs it automatically to facilitate this broader
level of access. It assigns remote users an IP address from
a preset pool of IP addresses, enabling them to access any
TCP/IP-based resource on the corporate network including a
wide variety of legacy applications and services. Remote users
gain Layer-3 level access to the protected internal network.
The user experience is similar to that of a traditional IPSec VPN
client, except that manual client installation is not required.
Additionally, users do not have to worry about Network
Address Translation (NAT) devices and proxies, which are the
bane of traditional IPSec-based VPNs.
NetExtender creates a virtual adapter for secure point-to-
point access to any allowed host or subnet on the internal
network. Unlike the stateless nature of the traditional SSL VPN,
NetExtender stays resident on the client machine even after
the connection is closed.
The advantage of running NetExtender as a resident
application on the remote system is that it speeds up login
times in subsequent uses. Of course, if a remote user chooses
to deploy the standalone NetExtender client on their remote
machine, but later logs in from a separate machine, he or she
can still gain access with no problems at all.
Users can access NetExtender easily in the traditional way
from any machine using the browser portal. They can also
select the Uninstall on browser exit option to have NetExtender
remove itself af ter the session ends.
Extend network access through native clients.
With NetExtender technology, remote users will gain: Access
to email through native clients residing on the user’s laptop,
including everything from Microsoft® Outlook to commercial or
property applications and exible network access.
Enforce granular access control policies.
By deploying the SonicWall NetExtender, along with SonicWall
Capture Client, on the remote workstations, administrators can
enforce a policy that requires every remote workstation that
accesses the network to have current versions of anti-virus and
anti-spyware software up and running.
Multiple NetExtender IP range and route
support, permits the administrator to
impose granular access control policies
by assigning specic IP addresses or
ranges of IP addresses, and specic
routes to individual users or groups.
This feature also helps to provide
control that is more granular over who
can access which network resources
through NetExtender.
Enhance rewall encryption
and security.
SonicWall Secure Mobile Access 100
provides a high level of security on
its own. Besides the encr yption that
is inherent to the SSL model, the
personalized SonicWall web portal
enforces a high level of granularity for
each user that the administrator controls.
The SMA 100 Series appliance grants
remote users access only to authorized
areas through the portal. NetExtender
also provides enhanced security benets.
With NetExtender, you can force all
client trafc through the SSL VPN
tunnel, and apply all security services
that are running on your primary
SonicWall Network Security Appliance
(NSA) or SonicWall TZ Series rewall —
including enforcement of the SonicWall
host-based, anti-virus solution.
Versatile, bidirectional support for
remote Windows and Linux clients.
While the application proxies support
specic protocols such as FTP, HTTP,
RDP or VNC, NetExtender is not
protocol specic. Rather, it can suppor t
any TCP/IP-based application that is
running on the local client. Besides
extended access, this also means that
communications are bidirectional. In
other words, the remote client can
initiate communications with a host
on the internal network, and the
reverse is also true — hosts on the
internal network can also initiate
communications with the remote PC.
This functionality is particularly useful
for management and administration of
remote PCs.
Flexible support for multiple
platforms.
Available as a standalone application
for all appliances, the NetExtender
client can be launched through the
SonicWall Vir tual Ofce web portal, or
as a native application on Windows®
and Linux® PCs and laptops, to access
any authorized resource on the
corporate network.
NetExtender utilizes a standard interface
across all SSL VPN clients, creating
a unied look and feel. Support for
multiple platforms provides users with
greater exibility to access remote
resources from various endpoints. Initial
distribution of NetExtender is either
through the SonicWall Virtual Ofce
portal or via a standalone installer.
After initial distribution, users can
launch NetExtender independently as a
standard application. The NetExtender
client supports domain login scripts, and
implements a custom dialer that allows
launch from the Windows Network
Connections menu.
For mobile devices and operating
systems, SonicWall Mobile Connect™, a
single unied client app for Apple® iOS,
mac OS, Google® Android™, Chrome OS
and Windows, provides smartphone,
tablet, laptop and desktop users
network-level access to corporate and
academic resources over encrypted SSL
VPN connections.
Partner Enabled Services
Need help to plan, deploy or optimize your SonicWall solution? SonicWall Advanced Services Partners are trained to provide
you with world class professional services. Learn more at www.sonicwall.com/PES.
About SonicWall
SonicWall delivers Boundless Cybersecurity for the hyper-distributed era and a work reality where everyone is remote, mobile
and unsecure. By knowing the unknown, providing real-time visibility and enabling breakthrough economics, SonicWall closes the
cybersecurity business gap for enterprises, governments and SMBs worldwide. For more information, visit www.sonicwall.com
© 2020 SonicWall Inc. ALL RIGHTS RESERVED. SonicWall is a
SonicWall, Inc.
2
1033 McCarthy Boulevard | Milpitas, CA 95035
Refer to our website for additional information.
www.sonicwall.com
trademark or registered trademark of SonicWall Inc. and/or its aliates
in the U.S.A. and/or other countries. All other trademarks and registered
trademarks are property of their respective owners.
Datasheet-NetExtender-VG-US-2884
Loading...