What is a Firewall and Why Do I Need One?

If you’re like most people, you know what a firewall does on a very basic level. However, many are unclear as to how they work – and in some cases, if they have one enabled in their network. Below, we’ll discuss the whys and wherefores regarding firewall protection and provide some clarity to anyone asking “Do I need a firewall?”.

What Is a Firewall?

Your network security depends on a gatekeeper to sort out those who wish to communicate with or access your business network for legitimate reasons from those whose intentions are less than ethical.  A Control model defines what type of traffic the firewall allows to pass and which traffic is denied access. Some types of firewalls include:

  • Access Control Lists
  • Proxy
  • Next Generation (NGFW)

Access Control Lists

Access control lists or ACLs perform a basic function. Through some very simple rules, they determine network access based on IP addresses. However, ACLs provide only the most basic information on incoming traffic and are not nearly adequate enough to filter out traffic threats.

Proxy Firewalls

Acting as a middleman of sorts, a proxy firewall can make more intelligent decisions. The proxy firewall vets the incoming communication and determines its legitimacy.  If it decides to grant access, the information is repackaged with the proxy server as the source address. This is referred to as packet filtering. This process breaks the one to one connection between the two computers so that there is a single gateway between the network and the rest of the WWW.

Next Generation Firewalls

While the description above is a gross simplification of the process, one can easily envision hackers finding a way around a firewall through development of more sophisticated malware. Next generation firewalls (NGFWs) are even more sophisticated, combining traditional firewall protection with added filtering functionalities. They can be more granular in their inspection of incoming traffic and can detect more sophisticated application specific attacks, for example.

Why Do I Need Firewall Protection?

Make no mistake about it, hackers would love to compromise your POS system and harvest your customer’s credit card data. Some may simply want to hijack your high speed connection to send out spam email or viruses. Either way, they can do tremendous damage to your company’s reputation.

A firewall provides protection against session hacking, viruses, malicious worms and identity theft, among other things. Here are just a few of the bigger threats that are out there:

  • Viruses and their after effects
  • POS Intrusions
  • Hacking
  • Phishing (Identity Theft)
  • Denial of Service (DoS) attacks
  • Rootkits (Spyware)
  • Ransomware

Even next generation firewalls (NGFWs) aren’t 100% effective. It may be advantageous to review your current network firewall setup to ensure that the network security you currently have in place isn’t outdated. When it comes to network threats, it is often more cost effective to be proactive rather than reactive.

What Can BITS do for your business to ensure your network security?

With over 20 years’ experience in network security, the BITS team of network security experts can ensure that your network is protected from hackers, viruses and the many other security risks that exist. Working with primarily small and medium sized businesses, our network consultants can assess your current situation, install a brand new hardware based firewall or make recommended changes to your existing network security.

Take the first step to ensuring your businesses’ network security by getting a FREE network assessment from the IT professionals at Beacon. Or, call 336.447.3473. Either way, you can rest assured that you’ve taken the first step to securing your computer network from the increasingly sophisticated threats that await.

 

 

By | 2017-07-12T07:49:27+00:00 July 6th, 2017|IT Services|0 Comments

Which is Better; Hosted Email or Local Email?

The importance of a sound email system for your business cannot be overstated. Each has its advantages. And while both hosted and local email solutions have their advantages, a 3rd party hosted solution has been an option exclusive to larger companies with more substantive budgets.  The good news is that a hosted email solution is no longer out of reach to small and medium sized businesses. The only question is….

Which email solution works best for your individual needs, Hosted Email or Local Email?

If you’re in the process of auditing your current email delivery solution, you may have noticed that the landscape has changed considerably since the last time you considered your alternatives. In the past, the biggest obstacle to those who prefer a hosted email solution has been cost. This may be the biggest change in the past several years. Blackberry devices are no longer popularly used, hence the decreasing costs of support for these devices. Support for newer Android devices is a bit more reasonable. Additionally, mailbox limits have increased significantly for many hosted services. Still, both hosted email and local email solutions have their distinct advantages.

The Balance Sheet: Hosted email vs. Local Email

When faced with a decision such as this one, I like to make a balance sheet or “plus and minus” list, if you will. You’ll find just such an exercise below. Here’s the advantages and disadvantages of each, starting with hosted email.

HOSTED

Advantages

  • No need to purchase a software license.
  • No need for an internal server or a designated resource to maintain it.
  • You can get your email off site if/when network is down.
  • Spam filter is included.
  • Dedicated support.

Disadvantages

  • Monthly fee per user.
  • Phone access is extra.

LOCAL

Advantages

  • No mailbox limit.
  • No email phone costs.

Disadvantages

  • You need to run a server.
  • You’ll need a dedicated resource to maintain said server.
  • You’ll need to purchase spam filter software.

I’ve kept this list as general as possible so as to appeal to as wide a business audience as possible. That having been said, hosting services vary considerably in the features, services and support they provide.  If you’re in the process of evaluating which option or looking for a great IT provider, I invite you to contact Beacon directly and speak with a BITS specialist. We’re happy to answer any questions, provide needed detail and discuss alternatives. Call us at 336.232.5675 or email klackey@beacontec.com.

 

By | 2017-07-10T09:10:34+00:00 June 20th, 2017|IT Services|0 Comments

Have You Been Asking “Should I Upgrade to Windows 10”?

If you’re currently running Windows 8 or 8.1 and didn’t update by summer of 2016, it’ll cost about $120 to upgrade to Windows 10. After the debacle that was Vista, one has to wonder if it’s worth updating to Windows 10 at any cost.

Below, we’ll consider the pros and cons of updating to Windows 10. The only assumption is that you’re currently running Windows 8 or 8.1.

First, let’s discuss the reasons why NOT to update to Windows 10:

Lots of Ads – You’ll be force-fed ads for Windows Store apps as your Windows Store app usage is tracked in Windows 10. Which brings us to the all-important privacy issue…

Privacy? Who Needs Privacy? – While many of the default settings can be disabled so as to protect your privacy, Windows 10 uses Cortana. As a result, your queries are sent to the Microsoft servers, whether you like it or not.

Less Control Over Updates – With Windows 8.1, you have manual control over your updates. When you’re running Windows 10 and Microsoft pushes out an update, you get it. No matter what. I like to control my own destiny so…this one hurts.

Software Upgrade CompatibilityI first noticed this when I tried to use Photoshop CS6, the last Photoshop edition that does not require a subscription. However, CS6 will not run on the Windows 10. I am forced to buy an expensive creative cloud subscription. I already paid for the right to use Photoshop. This shortcoming is both annoying and costly. Purchasing a PC that runs 8 is less costly.

But Windows 10 has its perks, too:

CortanaYour personal PC assistant is voice activated. Rather than type your search query, you can ask Cortana and get an answer. Pretty neat feature, eh? Remember though, as mentioned above, Cortana has a big mouth. She’ll share your personal data with a Microsoft server. But if privacy isn’t an important issue for you, then it’s a pretty cool feature.

Security – In this day and age, this is a huge plus. Not only is the architecture more secure, the fingerprint authentication feature means that if your laptop falls into the wrong hands, all is not lost. I love this aspect of Windows 10.

Support – Security updates for Windows 8 runs through January of 2018. After that, you’re at your own peril. By contrast, Windows 10 will be supported through 2025.

With Beacon, Full Support Is At Your Fingertips, Regardless of OS

Regardless of which OS you choose to run, the Beacon IT Services (BITS) team can troubleshoot and remedy technology issues of all kinds. Need to upgrade to Windows 10 or restore your computers’ operating system to an earlier version? No worries. We got it. Just call a Beacon IT specialist at 336.232.5675.

By | 2017-06-12T06:17:41+00:00 June 5th, 2017|IT Services|0 Comments

What Is A Firewall and Do I Need One

A firewall is a network security system that monitors incoming and outgoing network traffic based on a set of security rules. A firewall acts as a barrier between trusted, secured internal networks and less scrupulous networks. These security measures work to prevent unauthorized access to or from private networks. They examine all messages entering or leaving a company’s intranet.

Hardware Firewalls

When we speak of hardware firewalls they are specialized network boxes that contain customized hardware and software. When configured hardware firewalls provide a protective barrier around an organization’s computer systems and the outside world. Hardware firewalls are best suited for an organization that desires a security umbrella that encapsulates multiple systems. As you might imagine this solution is a bit more expensive than its software counterpart and more suited for medium-sized businesses.

Software Firewalls

In contrast to its counterpart, software firewalls are a more attractive option for individual users and smaller businesses. Software firewalls are installed directly on an individual’s PC or workgroup server. Software firewalls can also be used in conjunction with their hardware counterpart. Software firewalls are convenient for mobile workers that need digital security when they are in the field.

What Do Firewalls Protect Against?

Firewalls are vital for protecting against attacks and winning battles against cybercriminals bent on stealing sensitive business information. A firewall provides a critical choke point. This is where security audits can be imposed. They work to protect confidential information from those not authorized to access it and protect against malicious users.

Types of Firewalls

Firewalls can be broken down into three main types:

  • Packet filters – This type of firewall operates at the router level and compares each packet received to a set of established criteria. Packet-filtering firewalls evaluate IP addresses, packet type, port number etc before being dropped or forwarded.
  • Stateful inspection – Also known as dynamic packet filtering, this firewall technology monitors the state of active TCP (Transmission Control Protocol) sessions and uses this information to determine which packets to pass through.
  • Proxies – This firewall acts as an intermediary between in-house clients and servers on the internet.

The Key Takeaway

If you are a small business with sensitive data then it is critical to take steps to safeguard your business information. Whether your organization chooses to adopt a hardware based firewall solution or a software firewall application, take steps to safeguard your business today. Contact us today for a free network health audit. Your network is the backbone of your business. Our team will make sure it’s always up and running when you need it.

By | 2017-05-30T10:59:32+00:00 April 26th, 2017|IT Services|0 Comments

Ransomware: Keep Your Employees Safe and Your Business Secure

ransom-note-fonts Did you know $209 million was paid to ransomware criminals in Q1 2016?

A ransomware attack is scary when it occurs. There is little that can be done to stop a ransomware attack that is in progress. The easiest way to mitigate the damage that can be done is preventative care. First, it is important to know what Ransomware is and how it’s spread. Also, you need to know how to prevent Ransomware and how to tell if your system has been compromised.

What is Ransomware?

At this point, you may be asking “What is Ransomware?” Ransomware is a computer malware virus that installs covertly on a computer or smartphone. Pretty stealthy huh? Next, the virus executes a crypto viral extortion attack that ultimately holds your data hostage. Or it mounts a crypto virology leak ware attack that may threaten to publish your data until a ransom is paid. Hence the name “Ransomware”. Ransomware attacks have grown exponentially over the years. As a matter of fact, expert sources have collected over 250,000 unique samples of ransomware in the first quarter of 2013 alone.

Suffice it to say if you are a business you need to know how to protect your sensitive data and keep your business running smoothly.

How Ransomware Spreads

Ransomware is generally spread through trickery. This could be in the form of malicious email attachments from unknown sources. Clicking on a malicious link within an email or from a social networking site could potentially contain ransomware. Ransomware can also spread by an infection from installing software packages from unofficial software websites. They are advertised as updates for Adobe Acrobat, Java and Flash Player normally. Ransomware affects computer systems at the local level. Once ransomware infects the computer system the malware finds files like JPG, XLS, PNG and PPT file extensions. After the hacker encrypts the file the malware tells you that your data is being held for a ransom. The virus will then prompt you to make a payment and receive an encryption key to gain access. Studies show that many people have paid the ransom since the files tend to be too important to give up.

Key Takeaway on How to Prevent Ransomware

It is best to be proactive against ransomware since there isn’t much you can do once your files get encrypted.

Install Anti-Virus Software

It is critical to have adequate Anti-Virus software installed and always up to date. Anti-Virus is only as good as long as it is kept up to date since ransomware is always evolving and becoming more complex. Anti-Virus software continuously checks against the database so it is mission critical that it updates daily to check for new virus signatures.

Avoid Sketchy Downloads

Next, it is important to only download software from trusted sites. Also, be wary of sites that tell you software on your computer is outdated. Websites don’t have the ability to detect outdated software unless you give a website permission to read your hard drive. If your software ever needs an update always go to the official website.

Keep Backups of Your Files

At Beacon IT Services we require server backups for all our clients we manage. Hackers know that most individuals or smaller businesses don’t tend to keep backups of their files. Don’t be caught in this category be proactive and keep backups of your files.

Key Takeaway

The key takeaway to preventing a ransomware attack is to be proactive rather than reactive. The number one way to deal with ransomware is to be conscious of websites you are visiting and the types of content you are downloading. Keep your computer’s anti-virus software up to date and always keep backups of your businesses files.

Learn how we can help you stay safe from ransomware attacks today!

By | 2017-03-17T06:47:43+00:00 March 17th, 2017|IT Services|0 Comments

Why Your Internet Speed Might Be Slow

A common issue we hear from time to time is “why is my internet speed so slow”. A slow internet connection can be caused by many reasons. Internet speed can be influenced by a need for a higher tiered Internet Service, too many people using your connection and hardware issues.

If you feel like your internet has been slowly trudging along for some time then it may be time to troubleshoot your connection

First, you need to check and see if your organization or business is actually paying for high-speed internet. It could be as simple as a need for a higher tier of internet service. At, Beacon IT Services we recommend at minimum 30 Mbps (megabytes per second) download and 5 Mbps upload speed for a small business. A common issue could be you are not actually paying for high-speed internet.

Next, another factor that affects internet speed is the number of people using your connection. For example, if you have 20 employees uploading and downloading large files simultaneously, it could become an issue. You are placing a lot of demand on your internet connection. When larger numbers of employees are uploading and download large files your connection can start to act finicky.

Another issue that could contribute to slow internet issues is hardware. It is possible your modem could be outdated. Your wireless router might just not be up to snuff. Let’s evaluate some differences between wireless routers.

wireless router

Wireless AC routers have the latest edge in speed along with stronger signal strength. If your business relies heavily on its internet connection, then this may be the most appropriate option.

Wireless N routers can operate at multiple signals and have between 2 to 3 antennas.

Wireless G routers are backward compatible with Wireless B devices. These routers tend to perform slower than Wireless N and Wireless AC routers.

Wireless B routers are no longer manufactured. They operate in the same frequency range as many household appliances which can potentially cause interference.

When diagnosing your internet speed, it is important to evaluate the performance of your router against your daily business operations. For example, a graphic design agency is going to have different requirements than a construction company.

Troubleshooting Internet Speed Issues

Step 1 Reboot your network equipment

  • First, remove the power cable from the device or unplug the power cable from the wall outlet.
  • Wait about 10-12 seconds
  • Plug the power cord back into the device or back into the wall outlet
  • Wait a few seconds for the device to turn on, load all of its settings, and reconnect your devices to the internet access

Step 2 Check your internet service speed

Go to speedtest.net to start your free internet scan. Simply press “Begin Test” this website will give you the current Download Speed and Upload Speed.

Step 3 Contact your internet service provider

If you notice any discrepancies between what your internet service provider is offering you and what you are receiving then it is time to contact them.

Internet speed is ultimately dependent upon your internet service provider. Your ISP may change their network’s configuration or suffer technical difficulties that inadvertently cause your internet connection to run slowly. ISPs may also intentionally install filters or controls on the network that can lower your performance. Don’t hesitate to contact your service provider if you notice discrepancies over your connection.

 

 

 

By | 2017-03-21T13:44:54+00:00 March 3rd, 2017|IT Services|0 Comments

Top Reasons You May Need a Managed Service Partner (MSP)

We understand and know that managing technology and users is an everyday task. However, for many business owners, managing the IT infrastructure that keeps their business running can be a very complex and intimidating undertaking. This is when partnering with a Managed Service Provider (MSP) can be extremely beneficial as they can focus on managing the daily activities of your IT needs while you focus on your core business.

Here are some signs that you may need an MSP partner:

1. You do not have dedicated IT staff

nuzzo-illustration-thin-300x291Small businesses often rely on a “computer-savvy” staff member to handle their IT support.   These staff members are not IT experts and are resolving issues in a reactive fashion as they occur.   A dedicated IT expert has the time and resources to anticipate hardware and software upgrades, as well as to protect a company from the latest security threats.  Additionally, there is an opportunity cost as you are removing employees from their core business responsibilities that they were hired to perform.  MSPs deal with recurring issues from multiple clients and stay up-to-date on the latest IT developments.

2. Your technology budget is fluctuating and unpredictable

If you find that your IT costs vary widely each month, it may be time to shift to managed services. With an outsourced support model, you’ll pay a fixed fee no matter how much support you utilize. This allows you to create—and stick to—a predictable budget. And when something goes wrong, you won’t be stuck paying sky-high emergency support.

3. You are continuously having technology problems

When you don’t have the proper IT resources available, security and down-time can become serious problems that can dramatically hinder an organization’s ability to grow. Many technicians also solve just the symptoms of a problem without addressing the root causes, which leaves your technology in a break-fix cycle that is never-ending and nightmarish. This is a key indicator that your company could benefit from having additional IT support.  When you turn the hassle of your technology over to managed services providers, you can rest assured that your issues are being remediated the correct way, the first time around. This will result in an increased quality and reliability of computer systems and networks, which will save your company both time and money.

Beacon IT Services (BITS) provides Managed IT and Cloud Computing services to businesses throughout the Triad.  See what other local businesses had to say about BITS here.   Please contact us if you like more information about our services.

By | 2017-05-16T07:30:10+00:00 November 30th, 2016|IT Services|0 Comments

3 Reasons to buy a server warranty

Server Warranty

Electronics warranties have been and probably always will be a contested item.  Whether you are buying a TV, stereo, or IT equipment for your business, the decision to add an extended warranty always comes up.  While the idea of protecting our recent purchase may be initially appealing, most of us will quickly decline the option to add multi year warranties to our home electronics and even home PCs or tablets.  The cost of these warranties usually doesn’t make sense when compared to the price of the original item and the risk associated with the item being damaged.  If your TV breaks, there is no additional cost incurred other than replacing the TV (and maybe a little frustration). However, when it comes to business class IT equipment, there are a few more factors that should be considered before deciding to pass on an extended warranty.

1. The cost of the equipment –   Purchasing a business class server for the office is clearly going to be more costly than that new TV for the living room.  It is not uncommon to spend $6,000 -$10,000 on a new server.  Buying an extended warranty that guarantees the life of your server for 5 years starts to make more sense.  Most small businesses can get 3-5 years of life from a server without having to upgrade.

2. The cost of equipment going down – When you buy a server you are trusting that equipment to run a variety of business critical systems, applications, and/or data.  Therefore the warranty is not only covering the cost of the equipment but also the cost of services it provides.  Should the server crash, it typically takes up to 2-3 weeks for a new server to be ordered and installed.  All of a sudden the cost of the warranty seems very small when compared to purchasing another server plus recovering the cost office being down for 3 weeks.

3. Maintenance and service costs – Most business class servers not only offer a warranty of the equipment should it fail, but also provide Professional Support to ensure that any failures are resolved, sometimes in as little as 4 hours. Should the server stop working, a technician from the manufacturer will show up on site with the replacement part as well as have it it installed.  Also depending on the hardware type and service package, the warranty will also include software upgrades and patches to ensure that everything is up to date.

By | 2016-06-24T08:13:12+00:00 April 22nd, 2016|IT Services|0 Comments

How To Speed Up PC Boot Time

ID-100246980

One of the top complaints I receive from day to day is “my PC is booting slowly”. This can be caused by many different factors, but below are a few tasks that any user can do to help speed up boot time of their PC.

Cleanup of Startup Items

  1. While logged into your Windows profile hit the Windows Key and R at the same time.
  2. This will open the Run window. Type ‘msconfig’ without the quotes into the box and hit Enter.
  3. Click the Startup tab.
  4. In the far left hand column there are multiple check boxes next to your startup items.
  5. Review items and for those items you deem as unnecessary to start at boot, uncheck the box.
  6. Hit apply once satisfied and then you should be prompted to reboot.

I would suggest leaving any anti-virus programs, as well as, pointing devices enabled. Common startup items that should be disabled are iTunes, Apple Help, any printer software, etc.

Increase Amount of Processors Used At Boot

  1. While logged into your Windows profile hit the Windows Key and R at the same time.
  2. This will open the Run window. Type ‘msconfig’ without the quotes into the box and hit Enter.
  3. Click the Boot tab.
  4. Click the ‘Advanced options…’ button.
  5. Click the check box next to ‘Number of processors:’.
  6. From the drop down select the highest number available.
  7. Click OK.
  8. Click OK again and then you should be prompted to reboot.

Image courtesy of Stuart Miles at FreeDigitalPhotos.net

By | 2017-03-21T13:44:39+00:00 March 23rd, 2016|IT Services|0 Comments

SonicWALL Hidden Features and Configuration Options

sonicdiag2

Earlier I stumbled across a hidden set of features and settings in a TZ215 by going to /diag.html and figured Id share this with everyone in case you were unaware of it as I was.  It appears to be available in all of the TZ series devices, the SOHO, and likely others.  On the main page you will see the following disclaimer.

sonicdiag3

Under Internal Settings there are quite a few settings and options.  Some more useful than others.  For me the option I needed was “Disable Port Scan Detection” under the Firewall section.  Below is a rough list of some of the options.  Keep in mind these options are undocumented, unsupported, and it is suggested to only make changes to these values if instructed by Dell Technical Support.  Enjoy!

sonicdiag1

 

Trace Log:

  • Trace Log: [Current \/]
  • [Download Trace Log]
  • [Clear Trace Log]

ARP Settings:

  • Enable ARP bridging
  • Enable open ARP behavior (WARNING: Insecure!!)
  • Enable Source IP Address validation for being directly connected
  • Only allow ARP entries with unicast addresses
  • Limit ARPS of non-responsive IPs
  • Bypass ARP processing on L2 bridge interfaces
  • Enable Gratuitous ARP Compatibility Mode
  • Never broadcast more than 100 Gratuitous ARPs in any 60 second period.
  • Periodically broadcast system ARPs every 60 minutes.
  • Ignore ARPs with primary-gateway’s MAC received on other interfaces
  • [Send System ARPs…]

Routing and Network Settings:

  • Flush flows on alternate path when normal route path is enabled (affects existing connections)
  • Update route version when route is enabled/disabled (affects existing connections)
  • Enable TCP packet option tagging
  • Fix/ignore malformed TCP headers
  • Enable TCP sequence number randomization
  • Perform SYN validation when not operating in strict TCP compliance mode
  • [Clear OSPF Process]
  • Clear DF (Don’t Fragment) Bit
  • Allow first fragment of size lesser than 68 bytes
  • Enable ICMP Redirect on DMZ zone
  • Disable learning-bridge filtering on L2 bridge interfaces
  • Never add static default routes to the NSM route database
  • Enable stack traffic sending by DP core

DHCP Settings:

  • Enable DHCP Server Network Pre-Discovery
  • DHCP Server Conflict Detect Period: 300 Seconds
  • Number of DHCP resources to discover: 10
  • Timeout for conflicted resource to be rechecked: 1800 Seconds
  • Timeout for available resource to be rechecked: 600 Seconds
  • [Save DHCP Leases To Flash]
  • Send DHCPNAK if the ‘requested IP address’ is on the wrong network
  • Time interval of DHCP lease database to be refreshed: 600 Seconds
  • Number of DHCP leases in database to be refreshed: 10
  • Aggressively recycle expired DHCP leases in advance

VoIP Settings:

  • Maximum ‘public’ VoIP Endpoints: 2048
  • H.323 Force Odd Media Control Port
  • Auto-add SIP endpoints
  • Transform SIP URIs to have an explicit port
  • Permit B2BUA to bind established calls together
  • SIP connection refresh interval (seconds): 40
  • Flush active media for SIP INVITEs without SDP
  • Flush unused media for SIP INVITEs without SDP
  • [Reset SIP Databases]

VPN Settings:

  • Do not adjust TCP MSS option for VPN traffic
  • Use interoperable IKE DH exchange
  • Fragment VPN packets after applying ESP
  • Use SPI/CPI parameter index for IPsec/IPcomp passthru connections
  • Accept Reserved ID Type in Quick Mode.
  • Trust Built-in CA certificates for IKE authentication and Local certificate import.
  • Enable Compatibility with Android 4.0 Client.
  • Encryption Settings:
  • Enable Hardware Encryption
  • Disable SSLv3
  • Disable TLSv1

DP stack Settings:

  • Enable DP stack processing

Firewall Settings:

  • FTP bounce attack protection
  • Allow orphan data connections
  • Allow TCP/UDP packet with source port being zero to pass through firewall
  • FTP protocol anomaly attack protection
  • IP Spoof checking
  • Disable Port Scan Detection
  • Trace connections to TCP port: 0
  • Include TCP data connections in traces
  • Enable Tracking Bandwidth Usage for default traffic
  • Enable to bandwidth manage WAN to WAN traffic
  • Decrease connection count immediately after TCP connection close
  • Protect against TCP State Manipulation DoS
  • Disable CSRF Token Validation
  • Disable Secure Session ID Cookie
  • [Flush Connections]
  • Deschedule Packet Count:
  • Refresh sub-domains of wildcard FQDN address objects

Security Services Settings:

  • Apply IPS Signatures Bidirectionally
  • Enable IP fragment reassembly in DPI
  • Extra dev debug info
  • Disable TCP expected sequence adjustment in DPI
  • Disable App-Firewall SMTP CHUNKING modification
  • Disable Gateway AV POP3 Auto Deletion
  • Disable Gateway AV POP3 UIDL Rewriting
  • Disable Gateway AV SMB read/write ordering enforcement
  • Log Virus URI.
  • Do not apply signatures containing file offset qualifiers
  • that trigger on TCP Streams with unidentified protocols.
  • Minimum HTTP header length (0 to disable): 0
  • Enable incremental updates to IDP, GAV and SPY signature databases.
  • Enable enforcement of a limit on maximum allowed advertised TCP window with any DPI-based service enabled.
  • 256 Set a limit on maximum allowed advertised TCP window with any DPI-based service enabled (KBytes).
  • Disable signature database reload.
  • 1500 Threshold above which size limits are enforced on Regex Automaton.
  • 3000 Maximum allowed size for Regex Automaton.
  • Limit IPS CFT scan.
  • Enforce Host Tag Search for CFS
  • [Reset AV Info]
  • [Reset Client CF Enforcement Info]
  • [Reset Client CF Enforcement Cache]
  • [Reset Licenses & Security Services Info]
  • [Reset HTTP Clientless Notification Cache]
  • [Reset Cloud AV Cache]

DPI-SSL settings:

  • Rewritten certificate SN modifier:
  • Client spoofed certificate caching:
  • Remove TCP timestamp option:
  • Drop SSL packets when memory low:
  • Allow SSL without proxy when connection limit exceeded:
  • Disable Endpoint TCP Window Setup:
  • Disable Server Facing Session Reuse:
  • Block connections to sites with untrusted certificates:
  • 512 Max stream offset to check for SSL client-hello resemblance:
  • TCP window multiplier (N * 64k):
  • Override max proxied SSL connections:
  • Disable SSLv3 client connections in DPI-SSL:
  • SSL Version:
  • Cipher Methods

High Availability Settings:

  • Enable Network Monitor probing on Idle unit
  • HA Failover when Packet Pool is Low on Active Unit
  • Suppress Alarm on HA Transition to Active
  • Always restart HA backup for watchdog task
  • Send gratuitous ARP to DMZ or LAN on transparent mode while HA failover
  • Maximum number of gratuitous ARP of transparent mode per interface while HA failover: 256
  • Maximum number of gratuitous ARP while HA failover: 1
  • Send Syslog messages from both HA units with unique serial numbers

PPPOE Settings:

  • Allow LCP requests to PPPOE Server
  • Log LCP Echo Requests and Replies between client and server
  • Enable PPPoE End-Of-List Tag
  • PPPOE Netmask: 255.255.255.0

Dial-Up Settings:

  • Display dialup status on console
  • PPPDU Max Configuration Failures: 9
  • [Restart Dial-Up Devices]
  • One-Touch Configuration Helpers
  • [DPI and Stateful Firewall Security]
  • Preview applicable changes
  • [Stateful Firewall Security]
  • Preview applicable changes

Management Settings:

  • Use Standby Management SA
  • Allow SGMS to preempt a logged in administrator
  • Prioritize the following selected traffic types below to be highest and above all other traffic types:
  • ICMP SNMP HTTPS

User Authentication Settings:

  • Post authentication user redirect URL: [ ]
  • Log an audit trail of all SSO attempts in the event log
  • (X) in the event log
  • ( ) in memory to download as ssoAuthLog.wri, max. buffer size: 64 KBytes.
  • – When buffer is full: (X) stop ( ) wrap. Download ssoAuthLog.wri Download and reset ssoAuthLog.wri
  • For user IP addreses: [All \/]
  • Include SSO polling Include SSO bypass Include additional non-initiation of SSO
  • Try to negotiate SSO agent protocol to version: 5 (default protocol version is 5)
  • [Logout All users]
  • Diagnostics Settings:
  • Disable SonicSetup/Setup tool Server
  • Trace message level: [Warning \/]
  • For diagnostic testing purposes, auto-restart system every 60 minutes.
  • Secured www.mysonicwall.com crash analysis

Watchdog Settings:

  • Do not restart for watchdog task
  • Restart quickly after an exception
  • Restart when packet pool is low

IPHelper Settings:

  • Enable no source port matching for replies from DHCP servers.
  • Disable Reverse Path check for Source IP.
  • Disable ingress egress check.

Wireless Settings:

  • Wireless Advanced Settings
  • Set Local Bit for Virtual Access Point BSSID MAC Address
  • Allow same Virtual Access Point groups to be used for dual radios
  • Supported SonicPoint Type: [All \/]
  • SonicPoint-N System Self Maintenance: [Weekly (3:00AM Every Sunday) \/]
  • Legacy SonicPoint A/B/G and SonicPoint-G Only Management Enforcement
  • [Update All SonicPoint’s Firmware]
  • SonicPoint KeepAlive Enforcement
  • SonicPoint Provisioning Protocol TCP Window Size: 1400
  • Use Default TCP Window Size For SonicPointN Provisioning Protocol
  • SonicPointN Provisioning Protocol TCP MSS Setting:
  • (X) Use Default Value.
  • ( ) Customized TCP MSS: 1460 bytes.
  • Prefer SonicPointN 2.4GHz Auto Channel Selection to be 1, 6 and 11 only
  • SonicPointN SSH Management Enable
  • Enable SonicPoint (N) IP address retaining
  • SonicPointN Logging Enable
  • Erase SonicPoint Crash Log generated by previous firmware image when SonicPoint image is updated
  • SonicPoint-Ni/Ne Noise Sensitivity Level: (The higher noise sensitivity level should be selected when RF environment is getting noiser) [Medium \/]
  • SonicPointN Reboot When Noise Safe Mode Detected
  • Use SNAP packet between SonicPoint / SonicPointN and Gateway
  • Send Need Fragment ICMP packet to SonicPoint / SonicPointN client
  • Enable intra-WLAN Zone communication for bonjour packet
  • WLAN DHCP lease / ARP delivery success rate enhancement
  • Wireless Guest Services Redirect Interval: 15 Seconds
  • Legacy WiFiSec Enforcement support
  • Do not apply WiFi security enforcement on reply traffic from WLAN to any other zone
  • Enable WLAN traffic DP core processing capability
  • Enable intra-WLAN Zone communication for broadcast packet
  • Enable local wireless zone traffic to bypass gateway firewalling

Tooltip Settings:

  • Enable tooltip with no descriptions

Preferences Conversion:

  • Preference Processor Server: convert.global.sonicwall.com
  • Site Relative Directory: /popup
  • Enable checking when importing settings

Anti-Spam Service:

  • Disable SYN Flood Protection for Anti-Spam-related connections
  • Use GRID IP reputation check only
  • Disable GRID IP reputation checking for Outbound SMTP connections
  • Do NOT disable custom user email policies when Anti-spam is enabled
  • Allow Limited Admin users to configure Anti-Spam Service.
  • Bypass SHLO Check when Junk Store is unavailable (while Email Security is operational).
  • Do NOT verify incoming SHLO
  • Marked as replay if incoming SHLO time stamp is more than: 3600 secs
  • [Clear Statistics]
  • [Reset GRID Name Cache]
  • [Delete Policies and Objects]
  • CASS Cloud Service Address: [Resolve Automatically \/]

Email System Detection:

  • Enable Email System Detection

TZ Default Port Assignment:

  • TZ Basic (LAN/WAN) Mode

Remote Assistance:

  • Enable Remote Assistance

SSLVPN Settings:

  • NetExtender(for Windows) Version: [ ]
  • Hide Remote EPC feature

WAN Acceleration Settings:

  • Enable checking of connection responses by remote WAN Acceleration device
  • Temporarily bypass TCP Acceleration for failed proxied connections (minutes): 15
  • Temporarily bypass TCP Acceleration for short-lived proxied connections (minutes): 60
  • Skip TCP Acceleration for stateful control channels (but accelerate data channels)
  • Enable Transparent CIFS acceleration
  • Enable WXA Web Cache Redirection
  • [Zero debug stats]
  • [Show debug stats]
  • [Open WXA Internal Settings Page]
  • [SSH to WXA appliance]

Backend Server Communication:

  • Prevent communication with DELL Backend servers
  • Server Connection Timeout (sec): 30

Log Settings:

  • Exempt unfiltered events from global, category-level and group-level changes
  • [Restore Unfiltered Event Settings]
  • Main Log Process Reschedule Interval: 100
  • Log Entries
  • SMTP Read Timeout (sec): 10

IPv6 Settings:

  • Enable enforcement of IPv6 Ready Logo requirement

ICMP Settings:

  • Enable enforcement of Dropping Unreachable ICMP packet
  • Enable enforcement of Dropping Time Exceed ICMP packet

Debug Option:

  • Disable Pkt Monitor Application Detection
By | 2017-01-24T09:51:07+00:00 March 10th, 2016|IT Services|0 Comments
Load More Posts