SonicWALL TZ 180 Recommends Manual page 16

Solution
Optimize your firewall
access rules
Optimize your VPN
settings
Audit your User
accounts
Establish, a logging
baseline
Deliver logs and alerts
by email
Security Best Practices for TZ 180 Running SonicOS Standard
Description
On any firewall rule, enable fragmented
packet handling, and verify that the
connection timeout for the rule is
appropriate to the referenced service. For
example, telnet connections tend to be
long-lasting, so TCP timeout should be set
accordingly. Similarly, timeout can be set
lower for short-lived services, thus keeping
the connection cache clean.
Navigate to the VPN > Advanced page
and verify that fragmented packet
handling/NAT traversal/IKE DPD is
enabled, and if you use Microsoft
networking across VPN tunnels, uncheck
the box next to Disable all VPN Windows
Networking (NetBIOS) Broadcasts.
When creating VPN policies, be sure to
check the box next to Enable Windows
Networking (NetBIOS) Broadcasts on
the Advanced tab of the VPN policy.
Navigate to the Users > Local Users page
and audit user entries at least once a month
to verify there are not inappropriate
accounts. Also enforce the use of complex
passwords, and require users to change
passwords on a regular basis. Three months
is the recommended interval. Do not allow
the use of common accounts, in which the
username and password are known to a
wide audience.
On the Log > View page, it is
recommended to enable all categories and
alerts for at least the first few days of a new
installation, allowing a better understand
the various functions. This generates a lot
of log messages, so after a few days,
configure logs a level appropriate for your
environment.
On the Log > Automation page, enter in
the fully-qualified domain name (FQDN)
or IP address of a mail server that you relay
SMTP mail through, and a working email
address that the appliance uses to notify in
case of alerts, and to email the logs to on a
periodic basis. This is strongly
recommended.
SonicWALL TZ 180 Recommends Guide
Related Information
For more information on
firewall access, refer to the
"Configuring Network Access
Rules" chapter in the SonicOS
Standard 3.8 Administrator's
Guide.
For more information on VPN
settings, refer to the
"Configuring Advanced VPN
Settings" chapter in the SonicOS
Standard 3.8 Administrator's
Guide.
For more information on user
accounts, refer to the
"Configuring Local Users"
chapter in the SonicOS Standard
3.8 Administrator's Guide.
For more information on
logging baselines, refer to the
"Viewing Log Events" chapter
in the SonicOS Standard 3.8
Administrator's Guide.
For more information on logs
and alerts, refer to the
"Configuring Log Automation"
chapter in the SonicOS Standard
3.8 Administrator's Guide.
11