How it Works
SonicWall
Loading...
Network Security Manager
Administration Guide
36 pgs3.43 Mb0
Table of contents
Loading...

SonicWall Network Security Manager Administration Guide

Network Security Manager
On-Premises System
Administration Guide
Contents
About Network Security Manager 4
About NSM 4
About the System Option 5
Conventions 5
Guide Conventions 5 UI Conventions 6
Related Documents 7
Dashboard 8
System Information 8
CPU Usage 9
Memory Usage 9
Network Interfaces 10
Disk Usage 10
Active Users 11
Settings 12
Licenses 12
Administration 12
Time 14
Setting Time 15 Adding an NTP Server 15 Deleting an NTP Server 16
Certificates 16
Diagnostics 17
Diagnostics Tests 17 Tech Support Report 18
Firmware and Settings 18
Zero Touch 19
Shutdown/Reboot 19
Closed Network 19
Network 21
Settings 21
Interface 22
Routes 22
System Monitor 24
Settings 24
Contents
2
Live Monitor 25
Process Monitor 25
Service Monitor 26
System Report 27
High Availability 28
Status 28
Settings 29
Advanced Settings 29
Virtual IP 30
HA Modes and Terminologies 31
NSMManagement Console 32
Upgrade Instructions 32
SonicWall Support 35
About This Document 36
Contents
3

About Network Security Manager

SonicWall® Network Security Manager is a web-based application that centralizes management for the SonicWall family of network security appliance and web services. This on-premises solution automates the steps to set up an appliance and offers robust reporting and management tools.
Topics:
l About NSM l About the System Option l Conventions l Related Documents
1

About NSM

SonicWall Network Security Manager (NSM) is the next generation firewall management application that provides a holistic approach to security management. The approach is grounded in the principles of simplifying and automating various tasks to achieve better security operation and decision-making, while reducing the complexity and time required. NSM gives you everything you need for firewall management to govern the entire SonicWall network security operations with greater clarity, precision, and speed. This is all managed from a single, function-packed interface that can be accessed from any location using a browser­enabled device. Firewalls can be centrally managed to provision all of the network security services with a single-pane-of-glass experience.
The on-premises solution enables organizations to centrally and reliably manage a single small network to one or more enterprise-class deployments with the flexibility to scale without increasing management and administrative overhead. NSM offers many salient features:
l Closed Network support feature is ideal for customers that run one or more private networks that are
completely shut-off from the outside environment. Customers can license the NSM managed firewall without contacting License Manager (LM) or MySonicWall (MSW), when onboarding and patching SonicWall firewall to preserve the privacy and security of the closed networks.
l High Availability that allows two identical NSMs to be configured to provide a reliable continuous
connection to the public internet.
l Azure and KVM hypervisor deployments.
l Account Lockout feature, designed to prevent unauthorized access to the Network Security Manager
environment and other brute-force attacks, social engineering, and phishing. This disables the user account if incorrect passwords are entered after a specified number of failed attempts during a given
About Network Security Manager
4
period. Admin can set the lockout duration until the lockedaccountis released either after a specified time or manually done by an administrator when three unsuccessful log in attempts in 15 minutes are exceeded.
l Certificate management feature that enables a user interface to facilitate the management of digital
certificates for all Network Security Manager managed firewalls. This enhances trust established between parties in a secure communication session.
l NSM adds support for the firewall series Gen 7 NSa 2700 and TZ Series (270, 370, and 470) running
SonicOS as well as NSsp and Gen 7 NSv, with multi-tenancy and unified policy management features.
l Login To Unit that provides admins a fast and easy access to the managed firewall device-level UI
directly from the device inventory page of Network Security Manager.
l Multi-Device Upgrade Feature to upgrade multiple firewalls from a group of devices in NSM instead
of manually upgrading each firewall. Admins can execute them using NSMAPIs as well.
l Security feature to grant admin rights based on specific IP address ranges. The IP restrictions can be
added in 3 formats - single IP, an IP range, or a specific network with a subnet mask.
l Configure or edit virtual or network interfaces using templates.
NSM can manage both Gen6 and Gen7 SonicWall firewalls. SonicOS 6.5.4.6 is the recommended version, but NSM can on-board the older Gen6 Firewall versions as well.

About the System Option

The System command set provides a centralized user interface, where the administrator can manage and monitor the on-premises NSM solution. You use the commands associated with the System option to configure NSM, manage NSM performance, monitor activities, and manage upgrades and licensing. The tools supporting this task include:
l Dashboard
l Settings for the NSM application
l Network settings, interfaces, and routes
l Monitoring for the system parameters that comprise the on-premises solution
l High Availability option to provide a reliable continuous connection to the public internet.

Conventions

The Network Security Manager On-Premises SystemAdministration Guide makes use of the following conventions:
l Guide Conventions
l UI Conventions

Guide Conventions

The following text conventions are used in this guide:
5
About Network Security Manager
Convention Use
Bold text Used in procedures to identify
elements in the user interface like dialog boxes, windows, screen names, messages, and buttons. Also used for file names and text or values you are being instructed to select or type into the interface.
Menu view or mode | Menu item > Menu item Indicates a multiple step menu
choice on the user interface. For example, Manager View | HOME > Firewall > Groups means that you are in the Manager View with the
HOME option selected. Then click on Firewall in the left-hand menu, and select Groups.
Computer code
<Computer code italic>
Indicates sample code or text to be typed at a command line.
Represents a variable name when used in command line instructions within the angle brackets. The variable name and angle brackets need to be replaced with an actual value. For example, in the segment
serialnumber=<your serial number>
replace the variable and brackets with the serial number from your device: serialnumber=C0ABC00000321.
Italic
Indicates the name of a technical manual. Also indicates emphasis on certain words in a sentence, such as the first instance of a significant term or concept.
,

UI Conventions

When acquiring devices for management and reporting, the Status option uses colored icons to indicate the various states of the devices being monitored and managed.
Status Icon
Definition
Indicates that a process is in progress. In some instances, specific details are provided. For example, Requesting Licenses.
About Network Security Manager
6
Status Icon
Definition
Indicates that a process has completed successfully. May provide the message Success or something with more detail like Device parameters set up in Cloud Capture Security Center complete.
Also indicates that a configuration is in sync and acquired.
Indicates that a task is in process or pending the completion of another task. The message Pending is usually displayed, as well.
Indicates a potential issue or a warning. Messages provide additional detail to help you resolve the issue.
Indicates an error. Additional information may be provided via an information icon. Click the icon or mouse over it to see the message:
Indicates an alert.
Indicates the device is online.
Indicates the device is offline.
Indicates unmanaged devices.
Indicates managed devices.
Indicates that Zero Touch Connection is disabled for a device.

Related Documents

The NSM documentation includes the following:
l About Network Security Manager provides an overview of the product and describes the base modes
of operation, the navigation and icons, and the Notification Center.
l The Network Security Manager Getting Started Guide describes how to license and configure a basic
NSM setup.
l The NSM Administration Guide reviews the management tasks for administering your security
infrastructure.
l The Network Security Manager Reporting and Analytics Administration Guide discusses how to use
the reporting and analytics features.
l Network Security Manager On-Premises System Administration describes the system administration
tasks for an on-premises deployment of NSM.
l The NSM Release Notes summarizes the new features for the product.
About Network Security Manager
7

Dashboard

The System Dashboard provides information and status for the On-Premises NSM implementation.
2
You can customize the interval for the Dashboard by sliding the orange bar above the graphs to the left or the right. You can select one of several predefined intervals. The ranges differ from the Past 24 hours to the Past 5 days. Refresh the data by clicking the Refresh icon on the right.
The data in the Dashboard includes:
l System Information
l CPU Usage
l Memory Usage
l Network Interfaces
l Disk Usage
l Active Users

System Information

The information about the system hosting the On-Premises NSM is displayed in the upper left tile on the Dashboard. This is a read only data; the tile has no active links.
Dashboard
8

CPU Usage

The CPUUsage tile summarizes the CPU usage in graph form. You can easily see when the high and low usage times occur, and by adjusting the time interval to shorter period, you can see better granularity on the graph.
Click on the icon in the upper right corner to Show System Report. This redirects you to System Monitor > System Report to view a more detailed graph on CPU Utilization.

Memory Usage

The Memory Usage tile summarizes the memory usage in graph form. You can easily see when the high and low usage times occur, and by adjusting the time interval to shorter period, you can see better granularity on the graph.
Dashboard
9
Click on the icon in the upper right corner to Show System Report. This redirects you to System Monitor > System Report to view a more detailed graph on Memory Utilization.

Network Interfaces

The Network Interfaces tile lists the network interfaces for your system. The icon shows the status of the interfaces.
Click on the icon in the upper right corner to Show Network Interfaces. This redirects you to Network > Interfaces to view the details on each interface.

Disk Usage

The Disk Usage tile summarizes the memory usage using a pie chart. Click on either the Free or Used segment to see the percentage allocated to each.
Dashboard
10
Click on the icon in the upper right corner to Show System Report. This redirects you to System Monitor > System Report; you may need to scroll down to view the Disk Utilization graph.

Active Users

The Active Users tile lists the users who are currently logged in.
Click on the icon in the upper right corner to Show Active Users. This redirects you to Home | User Management > Status to view more information about the user and their session. You can also log out a user from this page.
Dashboard
11
Loading...
+ 25 hidden pages
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use