{"id":531,"date":"2023-05-18T09:42:29","date_gmt":"2023-05-18T09:42:29","guid":{"rendered":"https:\/\/haithamaleryani.com\/?page_id=531"},"modified":"2023-05-31T08:27:07","modified_gmt":"2023-05-31T08:27:07","slug":"sonicwall","status":"publish","type":"page","link":"https:\/\/haithamaleryani.com\/index.php\/sonicwall\/","title":{"rendered":"SonicWALL"},"content":{"rendered":"\n<p class=\"has-x-large-font-size\"><strong>SonicWALL<\/strong><\/p>\n\n\n\n<p class=\"has-medium-font-size\">My experience with SonicWALL is mostly with their NSa series firewalls. The projects I worked on involve <\/p>\n\n\n\n<div class=\"wp-block-group is-layout-constrained\">\n<p class=\"has-large-font-size\">Securely exposing a locally hosted web server: <\/p>\n\n\n\n<ul>\n<li class=\"has-medium-font-size\">Configured &#8220;Allow Policies&#8221; &#8211; To allow incoming traffic to enter a network typically from a given source IP.<\/li>\n\n\n\n<li class=\"has-medium-font-size\">Configured &#8220;Deny Policies&#8221; &#8211; Although firewalls have implicit deny policies further restrictions were sometimes needed. For this project the firewall was configured to drop all incoming traffic originating from non-US IP. This was in response to several unauthorized connection attempts from countries like Russia.<\/li>\n\n\n\n<li class=\"has-medium-font-size\">Port Forwarding &#8211; In order to permit the public to reach a locally hosted server port forwarding specifically for port 80 and 443 needs to be configured (port 80 were forwarded to port 443 for security purposes).<\/li>\n\n\n\n<li class=\"has-medium-font-size\">NAT &#8211; To translate the public FQDN of the web server to its IP address.<\/li>\n\n\n\n<li class=\"has-medium-font-size\">PAT &#8211; To map the web servers public IP to its private IP.<\/li>\n\n\n\n<li class=\"has-medium-font-size\">DHCP &#8211; Although DHCP is typicality done on a DHCP server SonicWALL has limited yet effective DHCP capabilities. The web server required a private IP address which it got from the firewall.<\/li>\n\n\n\n<li class=\"has-medium-font-size\">VLAN &#8211; The web server was secured inside a VLAN of its own.<\/li>\n<\/ul>\n<\/div>\n\n\n\n<div class=\"wp-block-group is-layout-constrained\">\n<p class=\"has-large-font-size\">Creating a secure site-to-site connection <\/p>\n\n\n\n<ul>\n<li class=\"has-medium-font-size\">This connection was created between a LAN and AWS for business continuity and disaster recovery purposes.<\/li>\n<\/ul>\n<\/div>\n\n\n\n<div class=\"wp-block-group is-layout-constrained\">\n<p class=\"has-large-font-size\">Network QoS configuration <\/p>\n\n\n\n<ul>\n<li class=\"has-medium-font-size\">Prioritize video conferencing traffic during the pandemic and resolve ongoing latency issues that occurred during peak working hours.<\/li>\n<\/ul>\n<\/div>\n\n\n\n<div class=\"wp-block-group is-layout-constrained\">\n<p class=\"has-large-font-size\">Content Filtering <\/p>\n\n\n\n<ul>\n<li class=\"has-medium-font-size\">In order to prevent employees from accessing malicious sites implement an effective firewall content filter based on the SonicWALLs content filter database.<\/li>\n<\/ul>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>SonicWALL My experience with SonicWALL is mostly with their NSa series firewalls. The projects I worked on involve Securely exposing a locally hosted web server: Creating a secure site-to-site connection Network QoS configuration Content Filtering<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_eb_attr":"","om_disable_all_campaigns":false,"_mi_skip_tracking":false,"site-sidebar-layout":"default","site-content-layout":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"disabled","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":""},"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/haithamaleryani.com\/index.php\/wp-json\/wp\/v2\/pages\/531"}],"collection":[{"href":"https:\/\/haithamaleryani.com\/index.php\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/haithamaleryani.com\/index.php\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/haithamaleryani.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/haithamaleryani.com\/index.php\/wp-json\/wp\/v2\/comments?post=531"}],"version-history":[{"count":44,"href":"https:\/\/haithamaleryani.com\/index.php\/wp-json\/wp\/v2\/pages\/531\/revisions"}],"predecessor-version":[{"id":743,"href":"https:\/\/haithamaleryani.com\/index.php\/wp-json\/wp\/v2\/pages\/531\/revisions\/743"}],"wp:attachment":[{"href":"https:\/\/haithamaleryani.com\/index.php\/wp-json\/wp\/v2\/media?parent=531"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}