Comments

• As Larry pointed out in the other thread there isn't actually much difference between the resolved fixes between 5051 and 5052...

  in Gen7 Firmware 7.0.1-5050 released Comment by TKWITS April 2022
• Let me search for you: https://www.sonicwall.com/support/knowledge-base/configuring-one-time-passwords/170505594681886/

  in NSa 4600 - OTP Authentication Comment by TKWITS April 2022
• You are approaching GRC concepts which are generally outside the topic of conversation here. Risk factors are determined by the organization, not by a standards body or government group (not even NIST CSF). So answers to these questions are up to the Security / Compliance officer of the company. Business agreements should…

  in Risks associated with DPI-SSL exlusion list Comment by TKWITS April 2022
• @nandrew Are you going to have any server equipment at the colo? Whats the end goal with this setup?

  in Configure TZ570 and Fiber DIA and EPL between buildings Comment by TKWITS April 2022
• @jasni26 Open a ticket with support. It's gonna be painful but they may have a hotfix.

  in Gen7 Firmware 7.0.1-5050 released Comment by TKWITS April 2022
• To answer the only question I can see, you do not NEED to use L2 bridge mode. Though it all depends on what you want to accomplish. It sounds like you want to use the EPL to extend the DIA to your 'main' office firewall?

  in Configure TZ570 and Fiber DIA and EPL between buildings Comment by TKWITS April 2022
• Is there a reason you are using both Sonicwalls? Why complicate things when you can just have your main office patched into the switch on the EPL? Really, this is basic networking and routing.

  in Configure TZ570 and Fiber DIA and EPL between buildings Comment by TKWITS April 2022
• Do you have Capture ATP enabled and set to wait for result before allowing download?

  in NSa 4700 (Gen 7 firewall) - Failed , Stalled & Incomplete Downloads (Intermittent) Comment by TKWITS April 2022
• Does the server pass SSL certificate checks? e.g. https://www.digicert.com/tools/

  in TZ 470 with SonicOS 7.0.1-5051 not displaying Let's Encrypt webite SSL certificate properly Comment by TKWITS April 2022
• Whatever use-case you are in, my suggestion would be to VLAN out your IoT devices and exclude the VLAN from DPI-SSL.

  in Just how does exclusion/inclusion work in client dpi-ssl? Comment by TKWITS April 2022
• To expand Ajishlal's input, keep your SSLVPN Client Settings \ Client Routes the same (include LAN subnet address object), but adjust the VPN Access settings per-user.

  in Restrict SSLVPN access to my LAN network Comment by TKWITS April 2022
• If you enabled SSL Control look there... Or read the logs.

  in TZ 470 with SonicOS 7.0.1-5051 not displaying Let's Encrypt webite SSL certificate properly Comment by TKWITS April 2022
• Two weeks on a production TZ570 with no issues. Roll outs to other models this week.

  in SonicOS 7.0.1-5051 gets available Comment by TKWITS April 2022
• As you said, there is no include / exclude overlap logic. All that can be said is be very specific with your groups. I must question why you'd want to exclude 'LAN Subnets'...

  in Just how does exclusion/inclusion work in client dpi-ssl? Comment by TKWITS April 2022
• Have you considered adding an exception to IPS for the NSA2700's WAN IP address?

  in IP Spoof? Comment by TKWITS March 2022
More Comments