• About SonicOS and SonicOSX 7
  • What is SonicOS/X 7?
  • Where Do I Find Information?
  • SonicOS Web Interface to Admin Guides Reference
  • SonicOSX Web Interface to Admin Guides Reference
  • Guide Conventions
• Firewall Management Methods
• About the SonicOS/X Management Interface
  • Logging into SonicOS/X
  • Logging Out of SonicOS/X
  • Contemporary vs Classic Web Interface
  • Global Search
  • Online Help
  • Notification Center
  • SonicOS/X Guides (Wizards)
  • SSH Terminal Access
  • About the Top Menu Views
  • About the API and CLI
  • Legal Information
• What's New in SonicOS/X 7.0.1
• Features in Both SonicOS and SonicOSX
• Features Specific to SonicOSX
  • About Unified Policies in SonicOSX
  • About the Shadow Feature
  • About Action Profiles
• Features Specific to TZ, NSa and NSsp 13700
  • Switch Management
  • PortShield Groups
  • Access Points Management
  • WWAN and 4G/LTE
  • Storage Device Configuration
• Features Specific to NSv
  • Feature Support on NSv Series
  • Changing Between SonicOS and SonicOSX
    • Choosing the Mode in Fresh Deployments or Upgrades
    • Changing From Classic to Policy Mode
    • Changing From Policy to Classic Mode
• Features Specific to NSsp 15700
  • About Multi-Instance
• SonicWall Support

Features in Both SonicOS and SonicOSX

This section describes a number of features introduced or enhanced in SonicOS/X 7. These features are available in both SonicOS and SonicOSX on all (or most) platforms.

For features specific to SonicOSX or available only on specific platforms, refer to any of these topics:

• Features Specific to SonicOSX
• Features Specific to TZ, NSa and NSsp 13700
• Features Specific to NSv
• Features Specific to NSsp 15700

Key features available in both SonicOS and SonicOSX on all platforms include:

• Actionable Dashboard

  In SonicOS/X 7, the Dashboard is enhanced with actionable alerts. The HOME | Dashboard > System page provides four screens with actionable alerts: Device, Summary, Network and Threat.

  The Device, Network and Threat dashboards provide a top-level summary of the overall health of the appliance and threat insights. The actionable alerts help administrators maintain their organization's security posture.

  An example of an actionable alert on the Device screen is, if any service is unlicensed, you can click to be redirected to the DEVICE | Settings > Licenses page and take action on missing licenses.

• Device View - Front Panel

  You can check the physical status of your firewall from the HOME | Dashboard > System page, in the Device screen. This gives the same feel as when you are physically looking at the hardware and also provides a graphical representation of the NSv virtual firewall. Some example screens are shown below.

  TZ:

  

  NSa Series and NSsp 13700:

  

  NSv:

  

  NSsp 15700:

  

• Top Traffic and User Summary

  The Dashboard > System > Summary page displays:

  • Traffic distribution usage on the firewall with real-time updates of the most used applications
  • Summary of top users based on allowed or blocked sessions and by data sent and received

  

• Insights Into Threats

  The Dashboard > System > Summary page displays a section at the right with insights into threats of several types.

  

  Insights on infected hosts displays the total number of infected host machines in your network in real-time.

  Insights on critical attacks displays the total number of mission-critical attacks in your network in real-time.

  Insights on encrypted traffic displays the total number of encrypted traffic in your network in real-time.

• Decryption Features

  SonicOS/X 7 supports several new decryption features:

  • Decryption Support for TLSv1.3

    The TLS 1.3 encryption standard is supported to inspect encrypted traffic across several protocols like HTTPS, SSH, and FTPS. Support for TLS 1.3 improves overall security on the firewall. This is implemented in Firewall Management, SSL VPN and Deep Packet Inspection (DPI).

  • Selective Blocking of Ciphers

    On the NETWORK | Firewall > Cipher Control page, you can select from over 300 ciphers and block or unblock them. Filtering controls at the top of the page make it easy to view certain cipher types or strength ratings.

    

• SDWAN Wizard

  The SDWAN Wizard guides you through configuring SDWAN Policies on the firewall. The wizard intuitively walks through setting up SDWAN rules to connect to HQ or Cloud SaaS applications without complex configurations. The wizard is accessed by clicking the wizard button in the top, right corner of the web management interface.

  

  Select SDWAN Guide from the available wizards.

  

  The SDWAN Guide has five screens to assist you with creating the policy.

  

• Capture ATP

  The newly designed Capture ATP dashboard provides insights into Zero-Day threats that are coming into the organization’s network with location-based attack origin information.

  

• Capture Threat Assessment 2.0

  SonicOS/X 7 supports Capture Threat Assessment (CTA) v2.0. Capture Threat Assessment is a SonicWall service that provides network traffic and threat report generation in PDF format. The service is provided directly from the SonicOS/X web management interface. You can navigate to the MONITOR | AppFlow > CTA Report page to configure settings and generate the report. Previous reports are saved in the cloud and displayed as a table on the page.

  App Visualization licensing is recommended for complete report data.

  CTA v2.0 provides a number of enhancements for the current Capture Threat Assessment cloud service and reporting on all SonicWall firewalls, as described below.

  • New report template – latest look and feel

    

  • Meaningful application statistics – adds more meaningful application, threat, web and network data
  • Industry and global level statistics comparison – Industry averages let you compare your statistics alongside industry and global data
  • Risky applications analysis – rates the amount of risk compared to industry standards
  • Malware web activity – Web Activity page provides information about exposure to malware from web activity
  • Gimpse of threats – Glimpse of Threats page details the application exploits, spyware, other malware and botnet activity observed on your network
  • Report customization and advanced options – provide a way to customize the report features, control the report title and company information, and add a custom logo so you can design the report according to your requirements
  • Executive Summary with Key Findings – summarizes the overall pages into a single page for quick reference by busy executives
  • Recommendations – provides a summary of steps you can take to fix the issues found during the reporting period

• System Logs Download

  System logs, including console logs, can be downloaded from the DEVICE | Diagnostics > Tech Support Report page. The ability to download console logs without connecting to the console port simplifies debugging and reduces the time needed for troubleshooting.

  

• SSH Terminal Access

  An SSH Terminal can be accessed by clicking the Terminal icon button on the top banner of the SonicOS/X web management interface.

  

  Before initiating the Terminal, make sure that the interface has SSH enabled for management. To check, go to NETWORK | System > Interfaces and edit the WAN interface. The first time, click OK in the SSH Server warning dialog to accept the certificate.

  Then, enter the administrator username and password at the prompts (default admin/password).

• SonicExpress Mobile App Compatibility

  SonicWall SonicExpress is a mobile app that lets you easily register, set up, manage and monitor your SonicWall firewalls. To set up your new SonicWall next-generation firewall, simply launch the app, use your USB phone cable to connect the firewall USB port to your smartphone, and follow the step-by-step instructions in the intuitive SonicExpress setup guide. Additionally, stay updated with the latest SonicWall security news from the app.

  The SonicExpress Setup Guide is a very user-friendly way to initialize your new firewall.

  

The key features available in both SonicOS and SonicOSX on most platforms are:

• Network Topology View

  The HOME | Dashboard > Topology page shows an image of your firewall with hosts, access points, and other devices deployed in your network. This feature is supported on TZ, NSa and NSv series firewalls.

  The Topology view provides physical and logical connectivity of all SonicWall devices, including firewalls, wireless access points and SonicWall Switches and their connected network devices in one place for easy visualization and policy enforcement. Device insights include device type, IP address, MAC address and traffic statistics to identify trouble spots or choke points.

  

  You can use the buttons at the top right to refresh, display or hide labels, and change the view style.

  Move your mouse over each device to see details about it in a popup screen.

  Click the Types tab on the right to see the device type and status legend.

  

  

• Authentication Partitions

  Authentication partitions control which authentication servers are used for which users. Partitions are supported on on NSsp, NSa and NSv series firewalls. You can configure partitions on the DEVICE | Users > Partitions page.

  There is always one authentication partition, the automatically created Default partition. You cannot delete this partition. You can, however, edit it and select servers, agents, and clients for it as well as subpartitions. If you disable authentication partitioning, all LDAP servers, SSO agents, TSAs, and RADIUS accounting clients are reassigned to the Default partition; when you re-enable authentication partitioning, you must reassign them. RADIUS servers are not affected and remain with their assigned partitions.