Filter
Top Products
SonicWALL SRA 1200/4200 Getting Started Guide Page 7
Selecting a Deployment Scenario
The deployment scenarios described in this section are based
on actual customer deployments and are SonicWALL-
recommended deployment best practices for SRA appliances .
A SonicWALL SRA appliance is commonly deployed in “one-
arm” mode over the DMZ or Opt interface on an accompanying
gateway appliance, such as a SonicWALL NSA E7500. This
method of deployment offers additional layers of security
control, plus the ability to use SonicWALL’s UTM services,
including Gateway Anti-Virus, Anti-Spyware, Content Filtering,
Intrusion Prevention Service, and Comprehensive Anti-Spam
Service, to scan all incoming and outgoing NetExtender traffic.
The primary interface (X0) on the SonicWALL SRA connects to
an available segment on the gateway device. The encrypted
user session is passed through the gateway to the SonicWALL
SRA appliance. The SonicWALL SRA appliance decrypts the
session and determines the requested resource.
The session traffic then traverses the gateway appliance to
reach the internal network resources. The gateway appliance
applies security services, such as Intrusion Prevention,
Gateway Anti-Virus, and Anti-Spyware inspection as data
traverses the gateway. The internal network resource then
returns the requested content to the SonicWALL SRA appliance
through the gateway, where it is encrypted and sent to the
client.
Scenario Overviews
Scenario A: SRA on a New DMZ
WAN DMZ LAN
1200
SRA
Secure Remote Access
X0X1
CONSOLE
PWRTEST ALARM
SRA Appliance
OPT, X2, etc
X1
X0
X0
Remote Users
Switch
Router
Network Nodes
SonicWALL UTM Appliance
E7500
Network Security Appliance