SonicOS/X 7 About SonicOS and SonicOSX

Features in Both SonicOS and SonicOSX

This section describes a number of features introduced or enhanced in SonicOS/X 7. These features are available in both SonicOS and SonicOSX on all (or most) platforms.

For features specific to SonicOSX or available only on specific platforms, refer to any of these topics:

Key features available in both SonicOS and SonicOSX on all platforms include:

  • Actionable Dashboard

    In SonicOS/X 7, the Dashboard is enhanced with actionable alerts. The HOME | Dashboard > System page provides four screens with actionable alerts: Device, Summary, Network and Threat.

    The Device, Network and Threat dashboards provide a top-level summary of the overall health of the appliance and threat insights. The actionable alerts help administrators maintain their organization's security posture.

    An example of an actionable alert on the Device screen is, if any service is unlicensed, you can click to be redirected to the DEVICE | Settings > Licenses page and take action on missing licenses.

  • Device View - Front Panel

    You can check the physical status of your firewall from the HOME | Dashboard > System page, in the Device screen. This gives the same feel as when you are physically looking at the hardware and also provides a graphical representation of the NSv virtual firewall. Some example screens are shown below.

    TZ:

    TZ device view

    NSa Series and NSsp 13700:

    NSa device view

    NSv:

    NSv device view

    NSsp 15700:

    NSsp device view

  • Top Traffic and User Summary

    The Dashboard > System > Summary page displays:

    • Traffic distribution usage on the firewall with real-time updates of the most used applications
    • Summary of top users based on allowed or blocked sessions and by data sent and received

    Dashboard > System > Summary page

  • Insights Into Threats

    The Dashboard > System > Summary page displays a section at the right with insights into threats of several types.

    Insights on Dashboard > System > Summary

    Insights on infected hosts displays the total number of infected host machines in your network in real-time.

    Insights on critical attacks displays the total number of mission-critical attacks in your network in real-time.

    Insights on encrypted traffic displays the total number of encrypted traffic in your network in real-time.

  • Decryption Features

    SonicOS/X 7 supports several new decryption features:

    • Decryption Support for TLSv1.3

      The TLS 1.3 encryption standard is supported to inspect encrypted traffic across several protocols like HTTPS, SSH, and FTPS. Support for TLS 1.3 improves overall security on the firewall. This is implemented in Firewall Management, SSL VPN and Deep Packet Inspection (DPI).

    • Selective Blocking of Ciphers

      On the NETWORK | Firewall > Cipher Control page, you can select from over 300 ciphers and block or unblock them. Filtering controls at the top of the page make it easy to view certain cipher types or strength ratings.

      cipher control page

  • SDWAN Wizard

    The SDWAN Wizard guides you through configuring SDWAN Policies on the firewall. The wizard intuitively walks through setting up SDWAN rules to connect to HQ or Cloud SaaS applications without complex configurations. The wizard is accessed by clicking the wizard button in the top, right corner of the web management interface.

    Wizards button

    Select SDWAN Guide from the available wizards.

    Selecting SDWAN guide

    The SDWAN Guide has five screens to assist you with creating the policy.

    SDWAN Guide

  • Capture ATP

    The newly designed Capture ATP dashboard provides insights into Zero-Day threats that are coming into the organization’s network with location-based attack origin information.

    Capture ATP dashboard

  • Capture Threat Assessment 2.0

    SonicOS/X 7 supports Capture Threat Assessment (CTA) v2.0. Capture Threat Assessment is a SonicWall service that provides network traffic and threat report generation in PDF format. The service is provided directly from the SonicOS/X web management interface. You can navigate to the MONITOR | AppFlow > CTA Report page to configure settings and generate the report. Previous reports are saved in the cloud and displayed as a table on the page.

    App Visualization licensing is recommended for complete report data.

    CTA v2.0 provides a number of enhancements for the current Capture Threat Assessment cloud service and reporting on all SonicWall firewalls, as described below.

    • New report template – latest look and feel

      CTA Report cover

    • Meaningful application statistics – adds more meaningful application, threat, web and network data
    • Industry and global level statistics comparison – Industry averages let you compare your statistics alongside industry and global data
    • Risky applications analysis – rates the amount of risk compared to industry standards
    • Malware web activity – Web Activity page provides information about exposure to malware from web activity
    • Gimpse of threats – Glimpse of Threats page details the application exploits, spyware, other malware and botnet activity observed on your network
    • Report customization and advanced options – provide a way to customize the report features, control the report title and company information, and add a custom logo so you can design the report according to your requirements
    • Executive Summary with Key Findings – summarizes the overall pages into a single page for quick reference by busy executives
    • Recommendations – provides a summary of steps you can take to fix the issues found during the reporting period
  • System Logs Download

    System logs, including console logs, can be downloaded from the DEVICE | Diagnostics > Tech Support Report page. The ability to download console logs without connecting to the console port simplifies debugging and reduces the time needed for troubleshooting.

    Download system logs option

  • SSH Terminal Access

    An SSH Terminal can be accessed by clicking the Terminal icon button on the top banner of the SonicOS/X web management interface.

    Open SSH terminal session button

    Before initiating the Terminal, make sure that the interface has SSH enabled for management. To check, go to NETWORK | System > Interfaces and edit the WAN interface. The first time, click OK in the SSH Server warning dialog to accept the certificate.

    Then, enter the administrator username and password at the prompts (default admin/password).

  • SonicExpress Mobile App Compatibility

    SonicWall SonicExpress is a mobile app that lets you easily register, set up, manage and monitor your SonicWall firewalls. To set up your new SonicWall next-generation firewall, simply launch the app, use your USB phone cable to connect the firewall USB port to your smartphone, and follow the step-by-step instructions in the intuitive SonicExpress setup guide. Additionally, stay updated with the latest SonicWall security news from the app.

    The SonicExpress Setup Guide is a very user-friendly way to initialize your new firewall.

    Connecting firewall to smartphone

The key features available in both SonicOS and SonicOSX on most platforms are:

  • Network Topology View

    The HOME | Dashboard > Topology page shows an image of your firewall with hosts, access points, and other devices deployed in your network. This feature is supported on TZ, NSa and NSv series firewalls.

    The Topology view provides physical and logical connectivity of all SonicWall devices, including firewalls, wireless access points and SonicWall Switches and their connected network devices in one place for easy visualization and policy enforcement. Device insights include device type, IP address, MAC address and traffic statistics to identify trouble spots or choke points.

    Dashboard > Topology page

    You can use the buttons at the top right to refresh, display or hide labels, and change the view style.

    Move your mouse over each device to see details about it in a popup screen.

    Click the Types tab on the right to see the device type and status legend.

    Topology device types legend

    Topology device status legend

  • Authentication Partitions

    Authentication partitions control which authentication servers are used for which users. Partitions are supported on on NSsp, NSa and NSv series firewalls. You can configure partitions on the DEVICE | Users > Partitions page.

    There is always one authentication partition, the automatically created Default partition. You cannot delete this partition. You can, however, edit it and select servers, agents, and clients for it as well as subpartitions. If you disable authentication partitioning, all LDAP servers, SSO agents, TSAs, and RADIUS accounting clients are reassigned to the Default partition; when you re-enable authentication partitioning, you must reassign them. RADIUS servers are not affected and remain with their assigned partitions.

Was This Article Helpful?

Help us to improve our support portal

Techdocs Article Helpful form

  • Hidden
  • Hidden

Techdocs Article NOT Helpful form

  • Still can't find what you're looking for? Try our knowledge base or ask our community for more help.
  • Hidden
  • Hidden