SonicWALL 5.6.5.1 Welder User Manual


 
4
SonicOS Enhanced 5.6.5.1 Release Notes
P/N 232-002002-00 Rev B
MAC-IP Spoof Detection and Prevention Provides additional protection against MAC address and IP
address based spoofing attacks (such as Man-in-the-Middle attacks) through configurable Layer 2 and
Layer 3 admission control.
Packet Mirroring Provides the ability to capture copies of specified network packets from other ports.
This is commonly used for network appliances that require monitoring of network traffic, such as an
intrusion detection system. Customers can now gather data from one of the other ports on a SonicWALL to
look for threats and vulnerabilities and help aid with diagnostics and troubleshooting.
Route-based VPN with Dynamic Routing Support Extends support for advanced routing (either OSPF
or RIP) to VPN networks. This simplifies complex VPN deployments by enabling dynamic routing to
determine the best path that traffic should take over a VPN tunnel.
Signature Download through a Proxy Server Provides the ability for SonicWALL security appliances to
download signatures even when they access the Internet through a proxy server. This feature also allows
for registration of SonicWALL security appliances through a proxy server without compromising privacy.
Single Sign-on for Terminal Services and Citrix Provides support for transparent authentication of
users logged in from a Terminal Services or Citrix server. This transparent authentication enables
Application Firewall and CFS policy enforcement in Terminal Services and Citrix environments.
NOTE: The SonicWALL Terminal Services Agent is not supported in SonicOS 5.6.5.1 due to limitations of
current SSO agent functionality that prevent its use with Active/Active Clustering.
SSL VPN Enhancements SonicOS 5.6 provides a number of SSL VPN enhancements:
o Bookmarks for SSH and RDP Provides support for users to create bookmarks on the SSL VPN
Virtual Office to access systems using SSH, RDP, VNC, and Telnet services.
o Granular User Controls Allows network administrators to configure different levels of policy
access for NetExtender users based on user ID.
o One-Time Password Provides additional security by requiring users to enter a randomly
generated, single-use password in addition to the standard user name and password credentials.
o Separate Port and Certificate Control Provides separate port access for SSL VPN and HTTPS
management certificate control, allowing administrators to close HTTPS management while leaving
SSL VPN open.
o Virtual Assist Provides a remote assistance tool to SonicWALL security appliance users.
SonicWALL Virtual Assist is a thin client remote support tool provisioned via a Web browser. It
enables a technician to assume control of a customer’s PC or laptop for the purpose of providing
remote technical assistance.
Unbounded Multiple WAN Support Provides the ability to enable any number of WAN Ethernet
interfaces for WAN Load Balancing and Failover on SonicWALL appliances.
VPN Policy Bound to VLAN Interface Allows users to bind a VPN policy to a VLAN interface when
configuring a site-to-site VPN.
WebCFS Server Failover Provides the ability to enable WebCFS server failover, allowing a SonicWALL
security appliance to contact another server for URL rating information if the local server is unavailable. This
ensures performance continuity for Web navigation and Web content filtering functionality.