SonicOS 5.8 Firmware Introduces the Dashboard — Part 2

Cisco, Cloudera, Featured, Professional Development, Project Management, Routing & Switching, Technology, Training in Business

rearviewmirrorBBesides monitoring various aspects of traffic, the SonicWALL Visualization Dashboard also offers a Create Rule option, allowing you to control the traffic and change the format of the view from a list to a graph or flow chart.

This monitor requires having a minimum of a TZ210 or higher model as well as the Application Visualization license. You will also need to enable AppFlow to Local Collector and Real Time Data Collection (which you find under LOG > Flow Reporting > Settings), and it will require a restart of the appliance.

  • Threats Reports: Delivers real time threat protection data from other SonicWalls deployed globally, so you’ll have an awareness of what threats are currently occurring regionally and abroad. 
  • User Monitor: There is a user tab in AppFlow Monitor, but this monitor emphasizes users of SSLVPN, GVC VPN Clients, and users authenticated by a web login.
  • BWM Monitor: Similar to launching the Real Time monitor, BWM Monitor will display Bandwidth Management usage for ingress and egress traffic. It divides into several BWM usage charts into high, medium, and low ingress and egress bandwidth usage, as well as dropped packets.

To launch this monitor you would have to set Firewall Settings > BWM to global, but  you are creating App Rules with a Bandwidth management as an action setting that will need to be set to WAN.

  • Connection Monitor: Shows current connections on the network, which you can apply filters to (such as source and destination IP or ports) to monitor. You can also filter by protocols or a particular interface. The type of information you will see are source and destination IPs involved in the current connection, as well as protocols, Bytes transmitted and received, and the amount of packets transmitted and received. There is also a Flush option to the right of each connection.
  • Packet Monitor:  An extremely helpful monitor when troubleshooting traffic crossing from one zone to another. For example, trying to find out why a NAT policy may not be working when creating a NAT policy that wants to translate traffic from the WAN zone to the LAN zone.

When you click on Packet Monitor you can select the configure tab and you can select from two filters:

  • Monitor Filter: This filter determines what packets should be captured in the monitor. You can specify filters, such as interface name, Ether type, IP type, source and destination IP, or ports. Forwarded packets by the firewall, consumed packets by internal resources within the firewall, and dropped packets. There is an option to monitor by firewall/app rules under the monitor filter, for filtering by firewall access rules you must enable packet monitor in the firewall access rule settings itself.
  • Display Filter: This is where the monitor filter settings determine what packets will be captured by the packet monitor. The filter options are similar to those within the monitor filter settings.

Related Courses:
Network Security Basic Administration Training (NS-101)
SonicWALL Network Security Advanced Administration
Dell SonicWALL Secure Remote Access Basic Administrator (SRABA)

Please support our Sponsors here :