Dec 22, 2023 |
Mar 7, 2023 Miscellaneous- Metadata updated.
- References updated.
|
Dec 7, 2022 |
Apr 25, 2022 Miscellaneous- Metadata updated.
- References updated.
|
Mar 1, 2022 Functional Update- SonicWALL - Login Banner - Public Zone
- SonicWALL - Login Banner - Trusted Zone
- SonicWALL - Login Banner - VPN Zone
- SonicWALL - Login Banner - WAN Zone
- SonicWALL - Login Banner - Wireless Zone
Miscellaneous- Metadata updated.
- References updated.
|
Feb 1, 2021 Miscellaneous- Metadata updated.
- References updated.
|
Sep 29, 2020 |
Apr 7, 2020 Functional Update- SonicWALL - Ensure default 'admin' username is not used
- SonicWALL - AAA - LDAP server is trusted
- SonicWALL - AAA - RADIUS server is trusted
- SonicWALL - Anti-Spyware - DMZ
- SonicWALL - Anti-Spyware - LAN
- SonicWALL - Anti-Spyware - WAN
- SonicWALL - Anti-Spyware - WLAN
- SonicWALL - AutoDownload Firmware - Enabled
- SonicWALL - AutoUpdate - Enabled
- SonicWALL - Client AV Enforcement On - DMZ
- SonicWALL - Client AV Enforcement On - LAN
- SonicWALL - Client AV Enforcement On - WLAN
- SonicWALL - Content Filtering On - DMZ
- SonicWALL - Content Filtering On - LAN
- SonicWALL - Content Filtering On - WLAN
- SonicWALL - Detection Prevention - ICMP packets
- SonicWALL - Detection Prevention - IP TTL Decrement
- SonicWALL - Detection Prevention - Randomize IP IDs
- SonicWALL - Detection Prevention - Stealth Mode
- SonicWALL - Disable insecure services - HTTP
- SonicWALL - Flood Protection - Layer 2 - All Interfaces
- SonicWALL - Flood Protection - Layer 2 - Threshold
- SonicWALL - Flood Protection - Layer 2 - WAN machines
- SonicWALL - Flood Protection - Layer 3 - Attack Threshold
- SonicWALL - Flood Protection - Layer 3 - Protection Mode
- SonicWALL - Flood Protection - TCP - Enforce compliance
- SonicWALL - Flood Protection - TCP - Handshake enforcement
- SonicWALL - Flood Protection - TCP - Max Seg Lifetime
- SonicWALL - Flood Protection - TCP - Timeout <= 5 minutes
- SonicWALL - Flood Protection - TCP - checksum enforcement
- SonicWALL - GAV ON - DMZ
- SonicWALL - GAV ON - LAN
- SonicWALL - GAV ON - WAN
- SonicWALL - GAV ON - WLAN
- SonicWALL - GMS hostname/IP - Review
- SonicWALL - IDP ON - DMZ
- SonicWALL - IDP ON - LAN
- SonicWALL - IDP ON - WAN
- SonicWALL - IDP ON - WLAN
- SonicWALL - Log Alert Emails - Enabled
- SonicWALL - Logging Level - Information
- SonicWALL - Login Banner - Public Zone
- SonicWALL - Login Banner - Trusted Zone
- SonicWALL - Login Banner - VPN Zone
- SonicWALL - Login Banner - WAN Zone
- SonicWALL - Login Banner - Wireless Zone
- SonicWALL - PW Policy - Lockout - Num Attempts <=3
- SonicWALL - PW Policy - Lockout Duration - >= 5 minutes
- SonicWALL - Password Policy - Affected User types
- SonicWALL - Password Policy - Change Period <=30 days
- SonicWALL - Password Policy - Complexity Level
- SonicWALL - Password Policy - Password Uniqueness >= 10
- SonicWALL - Password Policy - User Lockout - Enabled
- SonicWALL - Password Policy - minimum length >= 8
- SonicWALL - Review the DNS Server Settings
- SonicWALL - Review the NTP server configuration
- SonicWALL - SNMP Community Name - 'public' or 'private'
- SonicWALL - SSL Control - Block the conn. and log the event
- SonicWALL - SSL Control - Certs - Untrusted CA
- SonicWALL - SSL Control - Detect Expired Certificates
- SonicWALL - SSL Control - Detect MD5 Digest
- SonicWALL - SSL Control - Detect SSLv2
- SonicWALL - SSL Control - Detect Self-signed certs
- SonicWALL - SSL Control - Detect Weak Ciphers (<64 bits)
- SonicWALL - SSL Control - Enable Blacklist
- SonicWALL - SSL Control - Enable SSL Control
- SonicWALL - SSL Control - Enable Whitelist
- SonicWALL - SSL Control ON - DMZ
- SonicWALL - SSL Control ON - LAN
- SonicWALL - SSL Control ON - WAN
- SonicWALL - SSL Control ON - WLAN
- SonicWALL - Security Services - Gateway AV - CIFS/Netbios
- SonicWALL - Security Services - Gateway AV - Enabled
- SonicWALL - Security Services - Gateway AV - FTP Inbound
- SonicWALL - Security Services - Gateway AV - FTP Outbound
- SonicWALL - Security Services - Gateway AV - HTTP Inbound
- SonicWALL - Security Services - Gateway AV - HTTP Outbound
- SonicWALL - Security Services - Gateway AV - IMAP
- SonicWALL - Security Services - Gateway AV - POP3
- SonicWALL - Security Services - Gateway AV - SMTP Inbound
- SonicWALL - Security Services - Gateway AV - SMTP Outbound
- SonicWALL - Security Services - Gateway AV - TCP Stream Inbound
- SonicWALL - Security Services - Gateway AV - TCP Stream Outbound
- SonicWALL - Security Services - IDP - Enabled
- SonicWALL - Syslog server - >=1 server configured
- SonicWALL - Use non default admin access ports - 'SSH'
- SonicWALL - Use non default admin access ports - HTTP
- SonicWALL - Use non default admin access ports - HTTPS
- SonicWALL - User Inactivity Timeout - 5 minutes or less
- SonicWALL - Web Interface - Does not use self-signed cert
Informational Update- SonicWALL - AV License - Not Licensed
- SonicWALL - Flood Protection - Layer 3 - Attack Threshold
- SonicWALL - Security Services - Gateway AV - Signature Timestamp
- SonicWALL - Security Services - IDP - Signature Timestamp
- SonicWALL - Unused Interfaces
Miscellaneous- Metadata updated.
- References updated.
- Variables updated.
Added- SonicWALL - Password Policy - Affected User types - full-admins
- SonicWALL - Password Policy - Affected User types - limited-admins
Removed- SonicWALL - SNMP Configuration - Review
|