Analyst firm, Enterprise Management Associates (EMA) reveals significant benefits to enterprises when using Network Security Policy Management (NSPM) solutions, while organizations without, experienced issues including non standard security policies and failed cloud migrations
SonicWall TZ 205 BWM settings for RD Gateway (SBS 2011)
We have a client using SBS 2011 with a separate Remote Desktop server on Server 2012 at the main office. Users from a branch office RDP through the SBS RD Gateway to use the Remote Desktop server. Every so often the branch office users complain about sluggish connectivity to the remote server. Can anyone recommend, in detail, the best settings on their main office TZ 205 firewall, in terms of bandwidth management, to optimize traffic for the RD Gateway while still leaving enough resources for normal web browsing, SMTP, and the branch office VPN?
Thanks!
Thanks!
Asked:
Who is Participating?
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get every solution instantly with premium.
Start your 7-day free trial.
I wear a lot of hats...
"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.
Experts Exchange Solution brought to you by
Your issues matter to us.
Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.
Start your 7-day free trial
Thanks, Aaron.
So...
Under Firewall Settings > BWM, I can change the BWM type to WAN, Global, or None. Should I choose Global here?
Under Firewall > Access Rules, I have rules for HTTP, HTTPS, and an RWW specific rule for port 987. There is a tab called Ethernet BWM. When I set BWM type (above) to WAN, the settings I change in Ethernet BWM under Access Rules do not stick. So, I'm guessing I need to set that to Global. When I choose this, I get a daunting message about BWM settings being reset on all Access Rules. I don't figure this will be a problem though since I don't have any BWM settings for any of the Access Rules yet.
Any thoughts on that?
Thanks!
So...
Under Firewall Settings > BWM, I can change the BWM type to WAN, Global, or None. Should I choose Global here?
Under Firewall > Access Rules, I have rules for HTTP, HTTPS, and an RWW specific rule for port 987. There is a tab called Ethernet BWM. When I set BWM type (above) to WAN, the settings I change in Ethernet BWM under Access Rules do not stick. So, I'm guessing I need to set that to Global. When I choose this, I get a daunting message about BWM settings being reset on all Access Rules. I don't figure this will be a problem though since I don't have any BWM settings for any of the Access Rules yet.
Any thoughts on that?
Thanks!
Ok, set it. I'll see how it goes for a day or so.
To answer your other question. There is GAV, Content Filtering, and IPS running on the SonicWall, but these problems have been going on since before those services were enabled. Ultimately, I think the issue is on the end of the branch office, but I wanted to eliminate possibilities.
To answer your other question. There is GAV, Content Filtering, and IPS running on the SonicWall, but these problems have been going on since before those services were enabled. Ultimately, I think the issue is on the end of the branch office, but I wanted to eliminate possibilities.
I ask because the tz205 with all the security running will likely have problems with more than a 10mbit connection
It's closer to 18. Do you know if it's possible to omit that traffic, by service or IP, from being scanned by those services? I'll poke around to see what I can find out.
so not only can gav, ids, and content filtering be enabled or disabled entirely, but they can be enabled per direction per interface. If you can find some off-business-hours time, run a speedtest with how it is now. Disable all security features and run a speedtest. Plug a laptop directly into the internet line, run a speedtest.
Here is a good doc on enabling some fairly tight security on a sonicwall
https://support.software.dell.com/kb/sw12434
Here is a good doc on enabling some fairly tight security on a sonicwall
https://support.software.dell.com/kb/sw12434
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Networking
From novice to tech pro — start learning today.
Question has a verified solution.
Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.
Have a better answer? Share it in a comment.
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get every solution instantly with premium.
Start your 7-day free trial.
What is your wan speed? Do you use GAV, Ids or content filtering?