SonicAdmin80 Cybersecurity Overlord ✭✭✭
Comments
-
I also feel like DPI-SSL might be more hassle than it's worth at this point, maybe stuff like endpoint protection and DNS filtering are easier to cover some of the same areas without all the management overhead with DPI-SSL.
-
@Community Manager I actually can't create a support case for it because support is backdated to October 2nd. How should I proceed?
-
DPI and DPI-SSL are different things. DPI is what gives you all the Next-Gen Firewall features and should be enabled if you want to utilize the security services. DPI-SSL is broadening this to SSL encrypted traffic and requires a cert in each device. So it could be said that using DPI-SSL will make it possible to inspect…
-
Not yet. I'll do that.
-
Everything online is constantly scanned so I don't think those alerts have much value. I always disable it from the diag page. What might have value would be dynamic blocking logic, where ports would be blocked by source IP if the firewall detects probing to consecutive ports in a short time period.
-
Yea looks like it, couldn't find anything relevant in the diag page.
-
Yea latest & greatest aren't the same release with SonicWall. 😂 People have reported that importing a config backup may bring back the missing items. YMMV
-
I haven't used Meraki but my understanding is that it goes off completely and without any grace periods. At least that's what I understood from a recent reddit post. Someone also said that Meraki had made mistakes where despite customers renewing the services on time the order didn't go through properly and access was cut…
-
That might be it, but since it's written in broad terms it leaves all options open. Critical Update isn't defined and it could apply to any product. It both cases it should be defined to which products they apply and in what cases. Blocking all traffic might be ok if it's clear that it only applies to appliances sold as a…
-
There's also this: "(e) Failure to maintain current support services may result in: (1) a reduction or elimination of functionality, including the loss of security services; and/or (2) blocking of all traffic through the relevant appliance or service." So they can brick appliances at their will. Looks like SonicWall really…
-
Thanks, I'll check it out. At least it seems to be working, so perhaps only a display issue.
-
I also have DNS Filtering enabled. Are you seeing any other side effects? For me everything seems to be working.
-
That page has the same recommendation: For NSv deployments running a previous version of SonicOS 6.5.4.v, upgrading via the System Update option in the NSv management console is recommended for this release. The System Update option updates both SonicOS and SonicCore to the latest version. For more information and…
-
Same, but I mostly deal with lower end units anyway. The 4700 is the first model from the range that comes with redundant components so more like server hardware I guess. But still, the OS should run from memory and storage only used for logging, right?
-
This has happened at least twice over the years for different DDNS services from what I remember and it usually takes SonicWall quite a long time to release a fix. For my home use, I've moved DDNS functionality to my 5G gateway instead which receives faster updates.