With everyone shifting to working from home due to COVID-19, reporting on SonicWall's VPN activity is top of mind for many overstretched IT teams right now. To help, we've made some additions to Fastvue Reporter for SonicWall to provide better visibility into SonicWall's VPN connections and ensure your remote infrastructure is holding up. And yes, it also supports SonicWall SMA! With Fastvue Reporter for SonicWall's new VPN Dashboard and VPN Report, you can monitor the number of active sessions throughout the day to help plan for extra capacity, or use the reports to find who has not connected recently. You can also easily see when most people connect and disconnect, and proactively respond to unexpected disconnections or excessive invalid login attempts.
SonicWall Analytics is the replacement for SonicWall's 'Analyzer' product which has reached End of Life (EOL) status. There is an online demo where you can get a feel for what SonicWall Analytics provides so I took it for a spin. Here's my short review of SonicWall Analytics and some initial thoughts.
We have noticed two issues in SonicWall's logging that you need to be aware of if you are running SonicOS 6.2.7 and above, and you need to report or alert on search terms entered into Google.
Unfortunately, all traffic going through SonicWall's DPI-SSL feature is logged with incredibly small size values - only a few bytes for each URL. This means that you will not see any DPI-SSL traffic in Fastvue Reporter's bandwidth dashboards or reports, as it essentially gets drowned out by all the correctly logged HTTP traffic. This article explains your options.
This article describes how to use Fastvue Reporter for SonicWall to report on machines potentially infected with WannaCry Ransomware on your network. The first and second variations of WannaCry ransomware access specific domains before the installation phase. You can therefore report on all machines that have accessed these domains to help identify potentially infected machines.
The WannaCry Ransomware infection is currently causing havoc around the globe. Fortunately there are security patches available from Microsoft that fix the underlying security hole in SMB that the ransomware exploits. However it is a good idea to keep an eye on any machines on your network that are or were infected. With Fastvue Reporter, you can create a simple alert to receive instant notifications when machines on your network make requests to the domains that WannaCry accesses before installing.
SonicOS Enhanced 126.96.36.199 now logs Referrer URLs in the 'Syslog Website Accessed' events, providing massive benefits to your Fastvue Web Usage Reports!
Fastvue Reporter is used in hundreds of schools and educational institutions throughout world, and a popular use case, especially in the United Kingdom, is to monitor Internet searches and web activity to help identify [...]
SonicWALL have released a firmware update (188.8.131.52-20n) that features a complete re-working of their Content Filtering System (CFS), as well as a new sandboxing feature called Capture Advanced Threat Protection (ATP) feature. These new features are amazing, but there is a problem we'd like all our customers to be aware of before upgrading.
There is a bug in SonicWALL's syslog feature where all allowed URLs are logged with the Category 'Not Rated' even though they have been correctly processed through SonicWALL's Content Filtering System (CFS). Fortunately there is a workaround.
The Fastvue Reporter for SonicWALL Getting Started Guide recommends not to install Fastvue Reporter on your SonicWALL Analyzer or GMS server as both applications install a web server and compete for port 80 and [...]
Fastvue Reporter for SonicWALL analyzes log messages from any SonicWALL device and provides important insights on the data flowing in and out of your organization in the form of live dashboards, alerts and reports. Behind the scenes, integration with corporate directories (Active Directory, LDAP) enables simplified Internet usage reporting across departments, IT security groups, offices, and of course users.