SSL Certificate for TZ470
I am looking for some guidance on the best path forward with regards to SSL Certificate for our TZ470. Our organization has 6 users that utilize NetExtender for VPN access to our internal network. During a recent risk assessment we flagged the use of the self-signed cert that is issued by SonicWall was in use during the initial connection to the router. While the risk is low that these users could be subjected to MITM attacks it could be a possibility. This could be corrected by purchasing a SSL certificate but that would then require the router to have a FQDN and thus have the DNS record more easily known.
Is it better to leave the self-cert and not make the router widely known? Or purchase the SSL cert and update our DNS to the public IP address for the firewall?