hit counter script
Dell NSA E5500 Getting Started Manual

Dell NSA E5500 Getting Started Manual

Dell sonicwall e-class nsa appliances
Table of Contents

Advertisement

Dell SonicWALL E-Class NSA Appliances
NSA E5500
NET WORK SECURIT Y
Getting Started Guide

Advertisement

Table of Contents
loading

Summary of Contents for Dell NSA E5500

  • Page 1 Dell SonicWALL E-Class NSA Appliances NSA E5500 NET WORK SECURIT Y Getting Started Guide...
  • Page 2 WARNING: A WARNING indicates a potential for property damage, personal injury, or death. © 2013 Dell, Inc. Trademarks: Dell™, the DELL logo, SonicWALL™, SonicWALL GMS™, SonicWALL Analyzer™, Reassembly-Free Deep Packet Inspection™, Dynamic Security for the Global Network™, SonicWALL SuperMassive™ Appliances, SonicWALL Dynamic Support 24x7™, SonicWALL Comprehensive Gateway Security Suite™, SonicWALL McAfee Client/Server Anti-Virus Suite™, and all other...
  • Page 3: In This Guide

    In this Guide This Getting Started Guide provides instructions for basic installation and configuration of the Dell SonicWALL Network Security Appliance (NSA) E5500 running SonicOS. After you complete this guide, computers on your Local Area Network (LAN) will have secure internet access.
  • Page 4: Table Of Contents

    Chapter 1 Sections Include Pre-Configuration Tasks - page 6 • Check Package Contents - page 7 • Obtain Configuration Information - page 8 • The Front Panel - page 10 • The Back Panel - page 11 • Front Bezel Control Features - page 12 •...
  • Page 5 - page 59 • Related Documentation - page 60 • Dynamic Tooltips - page 61 • Dell SonicWALL Live Product Demos - page 61 Chapter 6 Sections Include Rack Mounting Instructions - page 62 • Rack Mounting Instructions - page 63...
  • Page 6: Pre-Configuration Tasks

    Pre-Configuration Tasks In this Section: This section provides pre-configuration information. Review this section before setting up your Dell SonicWALL NSA E5500. • Check Package Contents - page 7 • Obtain Configuration Information - page 8 • The Front Panel - page 10 •...
  • Page 7: Check Package Contents

    Check Package Contents Before setting up your Dell SonicWALL NSA E5500, verify that your package contains the following parts: Dell SonicWALL NSA E5500 DB9 -> RJ45 (CLI) Cable Ethernet Cable Standard Power Cord* Rack Kit Getting Started Guide *The included power cord(s) are approved for use only in specific countries or regions. Before using a power cord, verify that it is rated and approved for use in your location. The power cords are for AC mains installation only.
  • Page 8: Networking Information

    Networking Information Obtain Configuration Information Select a static IP address for your LAN IP Address: SonicWALL appliance that is within the range of your local subnet. If you Please record and keep for future reference the following setup are unsure, you can use the default IP information: address (192.168.168.168).
  • Page 9 Administrator Information Obtain Internet Service Provider (ISP) Information Select an administrator account name. Admin Name: (default is admin) Record the following information about your current Internet service: If you connect Please record Select an administrator password. Admin Password: using: (default is password) No information is usually required: Some DHCP providers may require a Host name:...
  • Page 10: The Front Panel

    Press and hold the button for a few seconds to manually reset the appliance. LED (from left to right) Power LED: Indicates the Dell SonicWALL NSA E5500 is powered on. Test LED: Flickering: Indicates the appliance is initializing. Steady blinking: Indicates the appliance is in SafeMode.
  • Page 11: The Back Panel

    Description Expansion Bay Future extension. Fans (2) The Dell SonicWALL NSA E5500 includes two fans for system temperature control. Power Supply The Dell SonicWALL NSA E5500 power supply. Warning: Potential Hazard from Fan This manual contains specific warning and caution statements where they apply. Please read the Safety Instructions before...
  • Page 12: Front Bezel Control Features

    Note: Using the front bezel for configuration purposes prior to completing initial setup will bypass the Setup Wizard’s automatic launch at startup. The Dell SonicWALL Network Security Appliance E-Class is equipped with a front panel bezel interface that allows an administrator to customize certain aspects of the appliance or...
  • Page 13 Main Menu Status Upon booting the LCD display will initially show the Main Menu. The Status menu allows you to view specific aspects of the The menu is made up of four options: appliance. Once selected, the LCD displays the Status List. This list is navigated using the Up and Down buttons.
  • Page 14 Configure The Configure Menu allows you to configure specific aspects of the appliance. Once selected, the LCD will display a PIN request. If you choose yes, the screen notifies you that the settings are updated. Note: The Default PIN is 76642. This number spells SONIC on a phone keypad.
  • Page 15 LCD will display a confirmation prompt. Select Y for yes and press the Right button to confirm. The appliance will change to SafeMode. Once SafeMode is enabled, the NSA E5500 must be controlled from the Web management interface. | Front Bezel Control Features...
  • Page 16: Front Bezel Configuration Example

    12. Press Right to configure X1 IP. LAN IP Configuration Edit X1 IP: The Dell SonicWALL NSA E5500 is assigned the default LAN IP 13. Press Right ten times to select the tenth digit. of 192.168.168.168. Complete the following steps to change it to 192.168.168.10.
  • Page 17 | Front Bezel Configuration Example...
  • Page 18: Registering The Appliance

    • Registering and Licensing the Appliance on MySonicWALL - page 20 Note: Registration is an important part of the setup process and is necessary in order to receive the benefits of Dell SonicWALL security services, firmware updates, and technical support.
  • Page 19: Before You Register

    MySonicWALL to associate a backup unit that can share the Security Services licenses with your primary Dell SonicWALL. Note: Your Dell SonicWALL NSA E5500 does not need to be powered on during account creation or during the MySonicWALL registration and licensing process.
  • Page 20: Creating A Mysonicwall Account

    • Registration Next Steps - page 23 Product Registration You must register your Dell SonicWALL security appliance on MySonicWALL to enable full functionality. Login to your MySonicWALL account. On the main page, in the Register A Product field, type the appliance serial number and then click Next.
  • Page 21 In the MySonicWALL Service Management - Associated Products page, check the Applicable Services table for The following products and services are available for the Dell services that your SonicWALL appliance is already SonicWALL NSA E5500: licensed for. Your initial purchase may have included •...
  • Page 22 Management page. A 30-day free trial is immediately activated. The Status page displays relevant information To ensure that your network stays protected if your Dell including the activation status, expiration date, number of SonicWALL appliance has an unexpected failure, you can...
  • Page 23 Associated Products section to verify that your product registered successfully. You should see Your Dell SonicWALL NSA E5500 or E5500 HA Pair is now the HA Primary unit listed in the Parent Product section, as registered and licensed on MySonicWALL. To complete the...
  • Page 24: Deployment Scenarios

    Deployment Scenarios In this Section: This section provides detailed overviews of advanced deployment scenarios as well as configuration instructions for connecting your Dell SonicWALL NSA E5500. • Selecting a Deployment Scenario - page 25 • Scenario A: NAT/Route Mode Gateway - page 26 •...
  • Page 25 Selecting a Deployment Scenario Before continuing, select a deployment scenario that best fits your network scheme. Reference the table below and the diagrams on the following pages for help in choosing a scenario. Current Gateway Configuration New Gateway Configuration Use Scenario No gateway appliance Single SonicWALL NSA as a primary gateway.
  • Page 26 ISP 1 Network Security Appliance E5500 In this scenario, the Dell SonicWALL NSA E5500 is configured Internet in NAT/Route mode to operate as a single network gateway. Two Internet sources may be routed through the appliance for load balancing and failover purposes. Because only a single SonicWALL appliance is deployed, the added benefits of high availability with a stateful synchronized pair are not available.
  • Page 27 Network Security Appliance E5500 redundant high-availability networking. HA Link SonicWALL NSA E-Class 1 In this scenario, one Dell SonicWALL NSA E5500 operates as the primary gateway device and the other Dell SonicWALL NSA Network Security Appliance E5500 Internet E5500 is in passive mode. All network connection information is...
  • Page 28 For network installations where the Dell SonicWALL NSA Third Party Gateway E5500 is running in tandem with an existing network gateway. Internet or In this scenario, the original gateway is maintained. The Dell L2 Bridge Link LAN Segment 2 SonicWALL NSA E-Class...
  • Page 29: Initial Setup

    This section provides initial configuration instructions for Internet Explorer 8.0, 9.0, and 10.0 (do not use compatibility mode) connecting your Dell SonicWALL NSA E5500. Follow these steps if you are setting up Scenario A, B, or C. Firefox 16.0 or higher...
  • Page 30: Connecting The Lan Port

    The Link LED above the X0 (LAN) port will light up in green or amber depending on the link throughput speed, Note: If the Test or Alarm LEDs remain lit after the Dell indicating an active connection: SonicWALL NSA E5500 has booted, restart the •...
  • Page 31: Using The Setup Wizard

    Dell automatically. In this case: SonicWALL NSA E5500. • Log into the NSA E5500 using “admin” as the user name and “password” as the password. The Setup Wizard launches upon initial loading of NSA •...
  • Page 32: Connecting To Your Network

    Open another Web browser and navigate to: http://www.sonicwall.com. If you can view the Dell SonicWALL home page, you have configured your Dell SonicWALL NSA E5500 correctly. If you cannot view the Dell SonicWALL home page, renew your management station DHCP address.
  • Page 33: Activating Licenses In Sonicos

    Activating Licenses in SonicOS Manual upgrade using the license keyset is useful when the appliance is not connected to the Internet. The license keyset After completing the registration process in SonicOS, you must includes all license keys for services or software enabled on perform the following tasks to activate your licenses and enable MySonicWALL.
  • Page 34: Obtaining The Latest Firmware

    Obtaining the Latest Firmware Backup entry is displayed in the Firmware Management table. To obtain a new SonicOS firmware image file for your Dell To export your settings to a local file, click Export Settings. SonicWALL security appliance, connect to your A popup window displays the name of the saved file.
  • Page 35: Upgrading The Firmware With Factory Defaults

    In the confirmation dialog box, click OK. The appliance Using SafeMode to Upgrade Firmware restarts and then displays the login page. If you are unable to connect to the Dell SonicWALL security Enter your user name and password. Your new SonicOS appliance’s management interface, you can restart the image version information is listed on the System >...
  • Page 36 In the confirmation dialog box, click OK to proceed. After successfully booting the firmware, the login screen is displayed. If you booted with factory default settings, enter the default user name and password (admin / password) to access the Dell SonicWALL management interface. Initial Setup |...
  • Page 37 Initial High Availability Setup Configuring a Stateful HA Pair Before you begin the configuration of HA on the Primary Dell SonicWALL security appliance, perform the following setup: This section provides instructions for configuring a pair of Dell • On the bottom panel of the secondary Dell SonicWALL SonicWALL NSA E5500 appliances for high availability (HA).
  • Page 38 Optionally adjust the Heartbeat Interval to control how often the two units communicate. This timer is the length of You can find the serial number on the bottom of the Dell time between status checks. By default this timer is set to SonicWALL security appliance, or in the System >...
  • Page 39 3 probes, and the maximum is 10. dynamic routes in the network. When the Dynamic Typically, Dell SonicWALL recommends leaving the Route Hold-Down Time duration expires, it deletes the Failover Trigger Level (missed heart beats), Election...
  • Page 40 For more information regarding the optional settings, see the SonicOS Administrator’s Guide. Synchronize Settings Once you have configured the HA setting on the Primary Dell SonicWALL security appliance, click the Synchronize Settings button. You should see a HA Peer Firewall has been updated message at the bottom of the management interface page.
  • Page 41 Dell SonicWALL security appliance should quickly take over. From your management workstation, test connectivity through the secondary Dell SonicWALL by accessing a site on the public Internet – note that the secondary Dell SonicWALL, when active, assumes the complete identity of the primary, including its IP addresses and Ethernet MAC addresses.
  • Page 42 You can configure HA license synchronization by associating protection provided before the failover. To enable HA, you can two Dell SonicWALL security appliances as HA Primary and HF use the SonicOS UI to configure your two appliances as a HA secondary on MySonicWALL.
  • Page 43 On the My Product - Associated Products page, in the text boxes under Associate New Products, type the serial Connect the X1 port on your Dell SonicWALL NSA E5500 to the number and the friendly name of the appliance that you LAN port on your existing Internet gateway device.
  • Page 44 Configuring the Secondary Bridge Interface In the Bridged to drop-down, select the X1 interface. Configure management options (HTTP, HTTPS, Ping, Complete the following steps to configure the Dell SonicWALL SNMP, SSH, User logins, or HTTP redirects). appliance: Configuring L2 Bridge Mode |...
  • Page 45 Note: Do not enable Never route traffic on the bridge-pair unless your network topology requires that all packets entering the L2 Bridge remain on the L2 Bridge segments. You may optionally enable the Block all non-IPv4 traffic setting to prevent the L2 bridge from passing non-IPv4 traffic.
  • Page 46: Additional Deployment Configuration

    Additional Deployment Configuration In this Section: This section provides basic configuration information to begin building network security policies for your deployment. This section also contains several SonicOS diagnostic tools and a deployment configuration reference checklist. • An Introduction to Zones and Interfaces - page 47 •...
  • Page 47: An Introduction To Zones And Interfaces

    The security features and settings configured for the zones are enforced by binding a zone to one or more physical interfaces (such as, X0, X1, or X2) on the Dell SonicWALL appliance. The X1 and X0 interfaces are preconfigured as WAN and LAN respectively.
  • Page 48: Creating A Nat Policy

    SonicOS supports inbound port forwarding, it is possible to hide in that they comprise multiple hosts, but rather than being multiple internal servers off the WAN IP address of the Dell bound by specified upper and lower range delimiters, the SonicWALL security appliance.
  • Page 49 Type menu. • Default Address Objects - displays Address Objects • If you selected Host, enter the IP address in the IP configured by default on the Dell SonicWALL security Address field. appliance. • If you selected Range, enter the starting and ending IP...
  • Page 50 This section describes how to configure a Many-to-One NAT 11. Select the Enable NAT Policy checkbox. policy. Many-to-One is the most common NAT policy on a Dell 12. Leave Create a reflexive policy unchecked. SonicWALL security appliance, and allows you to translate a 13.
  • Page 51: Enabling Security Services In Sonicos

    Anti-Spyware Enabling Security Services in SonicOS You must enable each security service individually in the SonicOS user interface. See the following procedures to enable and configure the following three basic security services: Gateway Anti-Virus For more information on configuring your security services, refer to the SonicOS Administrator’s Guide.
  • Page 52: Applying Security Services To Zones

    For example, you can • Using the Active Connections Monitor - page 53 configure Dell SonicWALL Intrusion Prevention Service for • Using Log > View - page 53 incoming and outgoing traffic on the WLAN zone to add more •...
  • Page 53: Using Ping

    The Ping test bounces a packet off a machine on the Internet the Log > View page, or it can be automatically sent to an email and returns it to the sender. This test shows if the Dell address for convenience and archiving. The log is displayed in SonicWALL security appliance is able to contact the remote a table and can be sorted by column.
  • Page 54 The SonicOS user interface provides three windows to display different views of the captured packets. Packet Capture allows you to capture and examine the contents of individual data packets that traverse your Dell SonicWALL firewall appliance. The captured packets contain both data and addressing information.
  • Page 55: Deployment Configuration Reference Checklist

    Deployment Configuration Reference Checklist Use this checklist to find more information about various deployment tasks within the SonicOS Administrator’s Guide. For this Task... See this Chapter... Inspecting the rule base for inbound and outbound rules Configuring Access Rules Setting logging levels Configuring Log Categories (“Logging Level”...
  • Page 56: Support And Training Options

    Support and Training Options In this Section: This section provides overviews of customer support and training options for the Dell SonicWALL NSA E5500. • Customer Support - page 57 • Knowledge Portal - page 57 • User Forums - page 58 •...
  • Page 57: Customer Support

    Dell SonicWALL documents based on the following Support Contract. Please review our Warranty Support Policy types of search tools: for product coverage. Dell SonicWALL also offers a full range of • Browse consulting services to meet your needs, from our innovative •...
  • Page 58: User Forums

    User Forums The Dell SonicWALL User Forums is a resource that provides users the ability to communicate and discuss a variety of security and appliance subject matters. In this forum, the following categories are available for users: • Content Security Manager topics •...
  • Page 59: Training

    Training Dell SonicWALL offers an extensive sales and technical training curriculum for Network Administrators, Security Experts and Dell SonicWALL Medallion Partners who need to enhance their knowledge and maximize their investment in Dell SonicWALL Products and Security Applications. Dell SonicWALL Training provides the following resources for its customers: •...
  • Page 60: Related Documentation

    Related Documentation See the following related documents for more information: • SonicOS Administrator’s Guide • SonicOS Release Notes • SonicOS Feature Modules • Application Firewall • Dashboard • HA License Sync • Multiple Admin • NAT Load Balancing • Packet Capture •...
  • Page 61: Dynamic Tooltips

    Dell SonicWALL Live Product Demos SonicOS features dynamic tooltips that appear over various The Dell SonicWALL Live Demo Site provides free test drives of elements of the GUI when the mouse hovers over them. Dell SonicWALL security products and services through...
  • Page 62: Rack Mounting Instructions

    Rack Mounting Instructions In this Section: This section provides illustrated rack mounting instructions for the Dell SonicWALL NSA E5500. • Rack Mounting Instructions - page 63...
  • Page 63 Rack Mounting Instructions Assemble the Slide Rail Fasten 4 screws to the rail. WASHERS*8 M4 SCREW*8 | Rack Mounting Instructions...
  • Page 64 Assemble the Slide Rail Fasten two-sided screws to the rail. M5 SCREW*8 M5 Nut*8...
  • Page 65 Assemble Inner Rail to Chassis Fasten 6 screws to attach the inner channel onto the chassis. M4 SCREW*6 | Rack Mounting Instructions...
  • Page 66 Insert Chassis to Frame Slide inner channel into rails. Push hook down to separate.
  • Page 67 | Rack Mounting Instructions...
  • Page 68: Product Safety And Regulatory Information

    Product Safety and Regulatory Information In this Section: This section provides regulatory along with trademark and copyright information. • Safety and Regulatory Information - page 69 • Warranty Information - page 73 • Copyright Notice - page 73...
  • Page 69: Safety Instructions

    The appliance must be returned to a Dell SonicWALL • Mount in a location away from direct sunlight and sources of heat. A maximum authorized service center for replacement with the same or equivalent type ambient temperature of 104º...
  • Page 70 • Das im Lieferumfang enthaltene bzw. die im Lieferumfang enthaltenen werden: Netzkabel sind nur für die Verwendung in bestimmten Ländern und Regionen • Das Dell SonicWALL Modell ist für eine Montage in einem standardmäßigen 19- zugelassen. Überprüfen Sie bitte vor der Verwendung eines Netzkabels, ob es Zoll-Rack konzipiert.
  • Page 71 安全說明 •必須維護可靠的機架裝載設備接地。必須特別留意電源供應 器連線,而不是直接連接到電源板之類的分支電路。 需要滿足以下條件以進行正確安裝: •從工廠運出時,這個戴爾 SonicWALL 產品包括為後備交流電 •戴爾 SonicWALL 設備被設計成安裝在一個標準的 19 吋機架安 源和增加可靠性而附帶的兩個電源。 裝櫃。需要滿足以下條件以進行正確安裝: •要斷開交流電源,兩條電源線都必須被拔除。 •使用機架製造商推薦的裝載硬體,確認機架足夠裝置所需 •隨附的電源線僅限於特定的國家或地區使用。使用前,請確 •請確認裝置內不會滲入水分或過多的濕氣。 認電源線的額定值且已被認可在你的地區上使用。 •裝置週邊請保持通風,特別是裝置通風口側。建議裝置與牆 •這個型號出貨時附帶的交流電源,是標準三芯器具耦合器的 壁間至少要有 1 英吋 (25.44 公釐 ) 的淨空。 配置。 •纜線的路徑應遠離電源線、日光燈,以及會產生雜訊的來源, •切勿在交流電源線還連接著電源時移除或安裝電源。 如無線電、發送器與寬頻放大器。 •當安裝及後續接觸產品背面之後,必須用工具將指旋螺釘鎖 •本產品的設計目的不是安裝並使用於住家或一般大眾可接觸 緊。 到的公共區域。如果是安裝在學校,本設備只能安裝在受訓人 員能接觸到的安全位置。 •架設位置需遠離陽光直射與熱源。建議周圍溫度最高溫不 要 風扇潛在危險警告 超過...
  • Page 72 Caution: Modifying this equipment or using this equipment for purposes not shown EN 60950-1 (2006) +A11 in this manual without the written consent of Dell, Inc. could void the user’s authority to operate this equipment. National Deviations: AR, AT, AU, BE, BR, CA, CH, CN, CZ,...
  • Page 73: Warranty Information

    Specifications and descriptions subject to change without notice. Warranty Information All Dell SonicWALL appliances come with a 1-year Limited Hardware Warranty which provides delivery of critical replacement parts for defective parts under warranty. Visit the Warranty Information page details on your product’s warranty: http://www.sonicwall.com/us/en/support/Services.html#tab=warranty...

Table of Contents