How to whitelist a block of ip's in SonicWall NSA 2400

We have a new SonicWall NSA 2400, and have an upcoming penetration test. They have requested we whitelist a block if their IP's in the SonicWall to allow tests to run.

I have navigated to Security Services --> Intrusion Prevention --> Configure IPS Settings

added the scope requested and turned on the exclusion ability.

If anyone is familiar with needing to do this, have I done enough, or do I need to make some additional changes? How do I make those additional changes if necessary?

Thanks.
tjwo94Asked:
Who is Participating?
 
arnoldConnect With a Mentor Commented:
You would define the block as untrusted and exempt it from the filtration/restrictions. Do not add it as trusted.
http://help.mysonicwall.com/sw/eng/general/ui1/6600/Access/Add_Rule.htm
0
 
arnoldCommented:
Are you sure the request is not a social engineering test of the penetration test?
I.e. you hire a firm to test the security of your home.  A week before the test is run you receive a letter from the firm asking you for the key to your home so they can perform the complete test.  Would you send the key or advise them where it can be located?
0
 
tjwo94Author Commented:
I appreciate your questions, but your questions, nor my response to them are answers to the question at hand. What is being performed, both how and why is necessary.
0
Managing Security & Risk at the Speed of Business

Gartner Research VP, Neil McDonald & AlgoSec CTO, Prof. Avishai Wool, discuss the business-driven approach to automated security policy management, its benefits and how to align security policy management with business processes to address today's security challenges.

 
tjwo94Author Commented:
Thank you.
0
 
arnoldCommented:
IMHO, a penetration test means they have to co tend with your existing configuration to make sure it is not open. Whitelisting their block means their attack vector is simplified.
0
 
tjwo94Author Commented:
The block being whitelisted isn't the block being used for the attack, there are other things being performed that require the requested block to be available.
0
 
arnoldCommented:
If they are performing an internal security analysis, you may want to setup a VPN connection. I.e. the second phase often deals with whether internal systems are susceptible to web based, attachment, virus style attack vectors.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.