SonicOSX 7 Rules and Policies
- SonicOSX 7 Rules and Policies
- Settings
- Security Policy
- NAT Policy
- About NAT in SonicOSX
- About NAT Load Balancing
- About NAT64
- About FQDN-based NAT
- About Source MAC Address Override
- Viewing NAT Policy Entries
- Adding or Editing NAT or NAT64 Policies
- Deleting NAT Policies
- Creating NAT Rule Policies: Examples
- Creating a One-to-One NAT Policy for Inbound Traffic
- Creating a One-to-One NAT Policy for Outbound Traffic
- Inbound Port Address Translation via One-to-One NAT Policy
- Inbound Port Address Translation via WAN IP Address
- Creating a Many-to-One NAT Policy
- Creating a Many-to-Many NAT Policy
- Creating a One-to-Many NAT Load Balancing Policy
- Creating a NAT Load Balancing Policy for Two Web Servers
- Creating a WAN-to-WAN Security Policy for a NAT64
- DNS Doctoring
- Routing Rules
- Decryption Policy
- DoS Policy
- Endpoint Policy
- Shadow
- SonicWall Support
Configuring App/Match/Malware
Settings: Application, Custom Match and Malware Prevention Settings
| Select the Application Classification (Identification) based on: |
Zone Policy |
| Block connections when Application signatures are unavailable and rules need application | When enabled, all connections are dropped when application signatures are unavailable and policies need application details to classify the packet. |
| Block connections when Anti-Malware databases are not downloaded and rules need Malware info | When enabled, all connections are dropped when Malware (Threats, Spyware and Virus) signatures are not downloaded and policies actions need to apply anti-malware profiles. |
Application Cache
| Enable Active Application Caching | This enables/disables active application caching. |
| Use Cached Applications to Bypass DPI | This enables/disables using the cache for improved performance. If an active app cache entry is found then application identification engine is bypassed to further classify a packet. |
| Default Application Cache Timeout | This is the system default timeout. Timeout in seconds after when an entry is flushed from application cache on no further activity. |
| Default Application Cache Threshold | Number of session after when an app cache entry becomes active and usable. |
| Enable Global Application Cache Timeout | This enables a global timeout for all components of an application. When disabled then firewall controls expiration of each app cache entry and is depended on components inside each app cache entry. Timeout in seconds after when an entry is flushed from application cache on no further activity. |
| Enable Global Application Cache Threshold | This enables a global threshold for all components of an application. When disabled then firewall controls after how many sessions an application cache becomes active and usable and is depended on components inside each app cache entry. Number of session after when an app cache entry becomes active and usable. |
Security Services Settings
| Security Services Setting | Maximum Security (Recommended): Inspect all content with any threat probability (high/medium/low).
Note: For additional performance capacity in this maximum security setting, utilize SonicOSX DPI Clustering. Performance Optimized: Inspect all content with a high or medium threat probability. Note: Consider this performance optimized security setting for bandwidth/CPU intensive gateway deployments or utilize SonicOSX DPI Clustering. |
| Reduce Anti-Virus and E-Mail Filter traffic for ISDN connections | Enable or Disable. |
| Drop all packets while IPS, GAV and Anti-Spyware database is reloading | Enable or Disable. |
| HTTP Clientless Notification Timeout for Gateway AntiVirus and AntiSpyware | Indicate number of seconds before timeout. |
Was This Article Helpful?
Help us to improve our support portal