SonicWALL SMA - Page 32

To Next Page

To Previous Page

SonicWallSMAConnectTunnel12.0DeploymentPlanningGuide

CommonVPNConfigurations

forPartners.We’llalsosetupaQuarantinezoneforusers(employeesorpartners)whosedevicesfailtomatch

theprofilesthatwespecify.

Creatingazoneissimplyawayofsettingoneormoreconditionsthatusersmustmeetbeforetheyaregranted

secure,remoteaccesstoresources.In

ourexample,theuserwillbeclassifiedintotheTrustedzoneifacertain

antivirusprogramisrunning(NortonAntiVirusisusedinthisex ample,butyoucansubstituteanotherprogram).

Iftheprogramisnotrunning,theuserisclassifiedintotheUntrustedzone.

Theconditionsyousetin

arealdeploymentwillofcoursebedifferent—thisisjustademonstrationofhowEPC

works.

Topics:

• CreatingaStandard ZoneforTrustedUsersonpage32

• CreatingaStandard ZoneforPartnersonpage32

• CreatingaQuarantineZoneforUntrustedUsersonpage33

CreatingaStandardZoneforTrustedUsers

TocreateaStandardzonenamedTrustedforemployees:

1FromthemainnavigationmenuinAMC,clickEndPointControl.

2IfthelinknexttoEndPointControlisDisabled,clickthelinkandselecttheEnableEndPointControl

checkboxontheConfigureGeneralApplianceOptionspage.

3 ClickNew,andthenselectStandardzonefromthemenu.The

ZoneDefinition‐StandardZonepage

appears.

4IntheNamefield,typeTrusted.

5IntheAllProfileslist,selectthecheckboxnexttoWindowsantivirus,andthenclicktherightarrows(>>)

toaddittotheInUselist.Toseetheattributesinthisbuilt‐inprofile,clickits

name.

6TheclientdevicewillbecheckedatlogintoseeifitisrunningeitherNortonAntivirusorMacAfee

VirusScan.Ifyouwantthischecktoreoccurduringagivensession,settheintervalinminutesinthe

RecurringEPCarea.

7Whenyouarefinishedconfiguringthezone,clickSave.

TheStandardzonenamedTrustedisnow

displayedinthelistofEndPointControlzones.Tomatchthisprofile,auser ’sdevicemustberunningthe

securityprogramsyouspecifiedinStep5.

Inthisex ample,wewillclassifydevicesthatdonotmatchtheStandardzonewecreated

intoaQuarantinezone

namedUntrusted;seeCreatingaQuarantineZoneforUntrustedUsersonpage33

CreatingaStandardZoneforPartners

TocreateaStandardzonenamedPartnerzoneforpartners:

1FromthemainnavigationmenuinAMC,clickEndPointControl.

2 ClickNew,andthenselectStandardzonefromthemenu.

3IntheNamefield,typePartner zone.

4Tocreateadeviceprofile,clickNew,andthenselectaplatformfromtheshortcutmenu(forexample,

MicrosoftWindows).

5Enteraname

forthedeviceprofileintheNamefield.Forexample,Symantec AV.

Main Page

SonicWALL SMA - Page 32

Table of Contents

Related product manuals