Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


How to whitelist a block of ip's in SonicWall NSA 2400

Posted on 2013-01-04
Medium Priority
Last Modified: 2013-01-07
We have a new SonicWall NSA 2400, and have an upcoming penetration test. They have requested we whitelist a block if their IP's in the SonicWall to allow tests to run.

I have navigated to Security Services --> Intrusion Prevention --> Configure IPS Settings

added the scope requested and turned on the exclusion ability.

If anyone is familiar with needing to do this, have I done enough, or do I need to make some additional changes? How do I make those additional changes if necessary?

Question by:tjwo94
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
LVL 80

Expert Comment

ID: 38746155
Are you sure the request is not a social engineering test of the penetration test?
I.e. you hire a firm to test the security of your home.  A week before the test is run you receive a letter from the firm asking you for the key to your home so they can perform the complete test.  Would you send the key or advise them where it can be located?

Author Comment

ID: 38750998
I appreciate your questions, but your questions, nor my response to them are answers to the question at hand. What is being performed, both how and why is necessary.
LVL 80

Accepted Solution

arnold earned 2000 total points
ID: 38751019
You would define the block as untrusted and exempt it from the filtration/restrictions. Do not add it as trusted.
Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!


Author Closing Comment

ID: 38751048
Thank you.
LVL 80

Expert Comment

ID: 38751109
IMHO, a penetration test means they have to co tend with your existing configuration to make sure it is not open. Whitelisting their block means their attack vector is simplified.

Author Comment

ID: 38751125
The block being whitelisted isn't the block being used for the attack, there are other things being performed that require the requested block to be available.
LVL 80

Expert Comment

ID: 38751145
If they are performing an internal security analysis, you may want to setup a VPN connection. I.e. the second phase often deals with whether internal systems are susceptible to web based, attachment, virus style attack vectors.

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A 2007 NCSA Cyber Security survey revealed that a mere 4% of the population has a full understanding of firewalls. As business owner, you should be part of that 4% that has a full understanding.
In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster. To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…
Suggested Courses

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question