Solved

How to whitelist a block of ip's in SonicWall NSA 2400

Posted on 2013-01-04
7
5,134 Views
Last Modified: 2013-01-07
We have a new SonicWall NSA 2400, and have an upcoming penetration test. They have requested we whitelist a block if their IP's in the SonicWall to allow tests to run.

I have navigated to Security Services --> Intrusion Prevention --> Configure IPS Settings

added the scope requested and turned on the exclusion ability.

If anyone is familiar with needing to do this, have I done enough, or do I need to make some additional changes? How do I make those additional changes if necessary?

Thanks.
0
Comment
Question by:tjwo94
  • 4
  • 3
7 Comments
 
LVL 77

Expert Comment

by:arnold
ID: 38746155
Are you sure the request is not a social engineering test of the penetration test?
I.e. you hire a firm to test the security of your home.  A week before the test is run you receive a letter from the firm asking you for the key to your home so they can perform the complete test.  Would you send the key or advise them where it can be located?
0
 

Author Comment

by:tjwo94
ID: 38750998
I appreciate your questions, but your questions, nor my response to them are answers to the question at hand. What is being performed, both how and why is necessary.
0
 
LVL 77

Accepted Solution

by:
arnold earned 500 total points
ID: 38751019
You would define the block as untrusted and exempt it from the filtration/restrictions. Do not add it as trusted.
http://help.mysonicwall.com/sw/eng/general/ui1/6600/Access/Add_Rule.htm
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Closing Comment

by:tjwo94
ID: 38751048
Thank you.
0
 
LVL 77

Expert Comment

by:arnold
ID: 38751109
IMHO, a penetration test means they have to co tend with your existing configuration to make sure it is not open. Whitelisting their block means their attack vector is simplified.
0
 

Author Comment

by:tjwo94
ID: 38751125
The block being whitelisted isn't the block being used for the attack, there are other things being performed that require the requested block to be available.
0
 
LVL 77

Expert Comment

by:arnold
ID: 38751145
If they are performing an internal security analysis, you may want to setup a VPN connection. I.e. the second phase often deals with whether internal systems are susceptible to web based, attachment, virus style attack vectors.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Business Broadband for Small Office in Dubai 2 80
Fortigate 100D NTP Issue 4 78
Cisco ASA 3 25
Ping configured interface on Sonicwall 16 43
Occasionally, we encounter connectivity issues that appear to be isolated to cable internet service.  The issues we typically encountered were reset errors within Internet Explorer when accessing web sites or continually dropped or failing VPN conne…
I found an issue or “bug” in the SonicOS platform (the firmware controlling SonicWALL security appliances) that has to do with renaming Default Service Objects, which then causes a portion of the system to become uncontrollable and unstable. BACK…
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

785 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question