Audits
Settings
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Theme
Light
Dark
Auto
Help
Plugins
Overview
Plugins Pipeline
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Release Notes
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Settings
Theme
Light
Dark
Auto
Detections
Plugins
Overview
Plugins Pipeline
Release Notes
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
Analytics
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Audits
TNS SonicWALL v5.9
Changelog
Revision 1.3
Changelog
Revision 1.3
Apr 7, 2020
Functional Update
SonicWALL - Ensure default 'admin' username is not used
SonicWALL - AAA - LDAP server is trusted
SonicWALL - AAA - RADIUS server is trusted
SonicWALL - Anti-Spyware - DMZ
SonicWALL - Anti-Spyware - LAN
SonicWALL - Anti-Spyware - WAN
SonicWALL - Anti-Spyware - WLAN
SonicWALL - AutoDownload Firmware - Enabled
SonicWALL - AutoUpdate - Enabled
SonicWALL - Client AV Enforcement On - DMZ
SonicWALL - Client AV Enforcement On - LAN
SonicWALL - Client AV Enforcement On - WLAN
SonicWALL - Content Filtering On - DMZ
SonicWALL - Content Filtering On - LAN
SonicWALL - Content Filtering On - WLAN
SonicWALL - Detection Prevention - ICMP packets
SonicWALL - Detection Prevention - IP TTL Decrement
SonicWALL - Detection Prevention - Randomize IP IDs
SonicWALL - Detection Prevention - Stealth Mode
SonicWALL - Disable insecure services - HTTP
SonicWALL - Flood Protection - Layer 2 - All Interfaces
SonicWALL - Flood Protection - Layer 2 - Threshold
SonicWALL - Flood Protection - Layer 2 - WAN machines
SonicWALL - Flood Protection - Layer 3 - Attack Threshold
SonicWALL - Flood Protection - Layer 3 - Protection Mode
SonicWALL - Flood Protection - TCP - Enforce compliance
SonicWALL - Flood Protection - TCP - Handshake enforcement
SonicWALL - Flood Protection - TCP - Max Seg Lifetime
SonicWALL - Flood Protection - TCP - Timeout <= 5 minutes
SonicWALL - Flood Protection - TCP - checksum enforcement
SonicWALL - GAV ON - DMZ
SonicWALL - GAV ON - LAN
SonicWALL - GAV ON - WAN
SonicWALL - GAV ON - WLAN
SonicWALL - GMS hostname/IP - Review
SonicWALL - IDP ON - DMZ
SonicWALL - IDP ON - LAN
SonicWALL - IDP ON - WAN
SonicWALL - IDP ON - WLAN
SonicWALL - Log Alert Emails - Enabled
SonicWALL - Logging Level - Information
SonicWALL - Login Banner - Public Zone
SonicWALL - Login Banner - Trusted Zone
SonicWALL - Login Banner - VPN Zone
SonicWALL - Login Banner - WAN Zone
SonicWALL - Login Banner - Wireless Zone
SonicWALL - PW Policy - Lockout - Num Attempts <=3
SonicWALL - PW Policy - Lockout Duration - >= 5 minutes
SonicWALL - Password Policy - Affected User types
SonicWALL - Password Policy - Change Period <=30 days
SonicWALL - Password Policy - Complexity Level
SonicWALL - Password Policy - Password Uniqueness >= 10
SonicWALL - Password Policy - User Lockout - Enabled
SonicWALL - Password Policy - minimum length >= 8
SonicWALL - Review the DNS Server Settings
SonicWALL - Review the NTP server configuration
SonicWALL - SNMP Community Name - 'public' or 'private'
SonicWALL - SSL Control - Block the conn. and log the event
SonicWALL - SSL Control - Certs - Untrusted CA
SonicWALL - SSL Control - Detect Expired Certificates
SonicWALL - SSL Control - Detect MD5 Digest
SonicWALL - SSL Control - Detect SSLv2
SonicWALL - SSL Control - Detect Self-signed certs
SonicWALL - SSL Control - Detect Weak Ciphers (<64 bits)
SonicWALL - SSL Control - Enable Blacklist
SonicWALL - SSL Control - Enable SSL Control
SonicWALL - SSL Control - Enable Whitelist
SonicWALL - SSL Control ON - DMZ
SonicWALL - SSL Control ON - LAN
SonicWALL - SSL Control ON - WAN
SonicWALL - SSL Control ON - WLAN
SonicWALL - Security Services - Gateway AV - CIFS/Netbios
SonicWALL - Security Services - Gateway AV - Enabled
SonicWALL - Security Services - Gateway AV - FTP Inbound
SonicWALL - Security Services - Gateway AV - FTP Outbound
SonicWALL - Security Services - Gateway AV - HTTP Inbound
SonicWALL - Security Services - Gateway AV - HTTP Outbound
SonicWALL - Security Services - Gateway AV - IMAP
SonicWALL - Security Services - Gateway AV - POP3
SonicWALL - Security Services - Gateway AV - SMTP Inbound
SonicWALL - Security Services - Gateway AV - SMTP Outbound
SonicWALL - Security Services - Gateway AV - TCP Stream Inbound
SonicWALL - Security Services - Gateway AV - TCP Stream Outbound
SonicWALL - Security Services - IDP - Enabled
SonicWALL - Syslog server - >=1 server configured
SonicWALL - Use non default admin access ports - 'SSH'
SonicWALL - Use non default admin access ports - HTTP
SonicWALL - Use non default admin access ports - HTTPS
SonicWALL - User Inactivity Timeout - 5 minutes or less
SonicWALL - Web Interface - Does not use self-signed cert
Informational Update
SonicWALL - AV License - Not Licensed
SonicWALL - Flood Protection - Layer 3 - Attack Threshold
SonicWALL - Security Services - Gateway AV - Signature Timestamp
SonicWALL - Security Services - IDP - Signature Timestamp
SonicWALL - Unused Interfaces
Miscellaneous
Metadata updated.
References updated.
Variables updated.
Added
SonicWALL - Password Policy - Affected User types - full-admins
SonicWALL - Password Policy - Affected User types - limited-admins
Removed
SonicWALL - SNMP Configuration - Review