I am using Sonicwall SRA 4200 SSL VPN Appliance, I configured a portal and let the user access to my internal Sharepoint site, in my configuration, I created a policy to allow "All service" on 192.168.9.10 which is the ip address of my Sharepoint server. It work fine but I am thinking, should I grant "All service" or just grant the least privilege only. I tried to grant other service such as "Netxtender" which mean, only the user connected to SSL VPN with Netxtender who can access to Sharepoint.
If the "All services" in Sonicwall ssl vpn appliance safety? What is the best practice to access Sharepoint via SSL VPN.