Detections
Analytics

Revision 1.3

Apr 7, 2020
Functional Update
  • SonicWALL - Ensure default 'admin' username is not used
  • SonicWALL - AAA - LDAP server is trusted
  • SonicWALL - AAA - RADIUS server is trusted
  • SonicWALL - Anti-Spyware - DMZ
  • SonicWALL - Anti-Spyware - LAN
  • SonicWALL - Anti-Spyware - WAN
  • SonicWALL - Anti-Spyware - WLAN
  • SonicWALL - AutoDownload Firmware - Enabled
  • SonicWALL - AutoUpdate - Enabled
  • SonicWALL - Client AV Enforcement On - DMZ
  • SonicWALL - Client AV Enforcement On - LAN
  • SonicWALL - Client AV Enforcement On - WLAN
  • SonicWALL - Content Filtering On - DMZ
  • SonicWALL - Content Filtering On - LAN
  • SonicWALL - Content Filtering On - WLAN
  • SonicWALL - Detection Prevention - ICMP packets
  • SonicWALL - Detection Prevention - IP TTL Decrement
  • SonicWALL - Detection Prevention - Randomize IP IDs
  • SonicWALL - Detection Prevention - Stealth Mode
  • SonicWALL - Disable insecure services - HTTP
  • SonicWALL - Flood Protection - Layer 2 - All Interfaces
  • SonicWALL - Flood Protection - Layer 2 - Threshold
  • SonicWALL - Flood Protection - Layer 2 - WAN machines
  • SonicWALL - Flood Protection - Layer 3 - Attack Threshold
  • SonicWALL - Flood Protection - Layer 3 - Protection Mode
  • SonicWALL - Flood Protection - TCP - Enforce compliance
  • SonicWALL - Flood Protection - TCP - Handshake enforcement
  • SonicWALL - Flood Protection - TCP - Max Seg Lifetime
  • SonicWALL - Flood Protection - TCP - Timeout <= 5 minutes
  • SonicWALL - Flood Protection - TCP - checksum enforcement
  • SonicWALL - GAV ON - DMZ
  • SonicWALL - GAV ON - LAN
  • SonicWALL - GAV ON - WAN
  • SonicWALL - GAV ON - WLAN
  • SonicWALL - GMS hostname/IP - Review
  • SonicWALL - IDP ON - DMZ
  • SonicWALL - IDP ON - LAN
  • SonicWALL - IDP ON - WAN
  • SonicWALL - IDP ON - WLAN
  • SonicWALL - Log Alert Emails - Enabled
  • SonicWALL - Logging Level - Information
  • SonicWALL - Login Banner - Public Zone
  • SonicWALL - Login Banner - Trusted Zone
  • SonicWALL - Login Banner - VPN Zone
  • SonicWALL - Login Banner - WAN Zone
  • SonicWALL - Login Banner - Wireless Zone
  • SonicWALL - PW Policy - Lockout - Num Attempts <=3
  • SonicWALL - PW Policy - Lockout Duration - >= 5 minutes
  • SonicWALL - Password Policy - Affected User types
  • SonicWALL - Password Policy - Change Period <=30 days
  • SonicWALL - Password Policy - Complexity Level
  • SonicWALL - Password Policy - Password Uniqueness >= 10
  • SonicWALL - Password Policy - User Lockout - Enabled
  • SonicWALL - Password Policy - minimum length >= 8
  • SonicWALL - Review the DNS Server Settings
  • SonicWALL - Review the NTP server configuration
  • SonicWALL - SNMP Community Name - 'public' or 'private'
  • SonicWALL - SSL Control - Block the conn. and log the event
  • SonicWALL - SSL Control - Certs - Untrusted CA
  • SonicWALL - SSL Control - Detect Expired Certificates
  • SonicWALL - SSL Control - Detect MD5 Digest
  • SonicWALL - SSL Control - Detect SSLv2
  • SonicWALL - SSL Control - Detect Self-signed certs
  • SonicWALL - SSL Control - Detect Weak Ciphers (<64 bits)
  • SonicWALL - SSL Control - Enable Blacklist
  • SonicWALL - SSL Control - Enable SSL Control
  • SonicWALL - SSL Control - Enable Whitelist
  • SonicWALL - SSL Control ON - DMZ
  • SonicWALL - SSL Control ON - LAN
  • SonicWALL - SSL Control ON - WAN
  • SonicWALL - SSL Control ON - WLAN
  • SonicWALL - Security Services - Gateway AV - CIFS/Netbios
  • SonicWALL - Security Services - Gateway AV - Enabled
  • SonicWALL - Security Services - Gateway AV - FTP Inbound
  • SonicWALL - Security Services - Gateway AV - FTP Outbound
  • SonicWALL - Security Services - Gateway AV - HTTP Inbound
  • SonicWALL - Security Services - Gateway AV - HTTP Outbound
  • SonicWALL - Security Services - Gateway AV - IMAP
  • SonicWALL - Security Services - Gateway AV - POP3
  • SonicWALL - Security Services - Gateway AV - SMTP Inbound
  • SonicWALL - Security Services - Gateway AV - SMTP Outbound
  • SonicWALL - Security Services - Gateway AV - TCP Stream Inbound
  • SonicWALL - Security Services - Gateway AV - TCP Stream Outbound
  • SonicWALL - Security Services - IDP - Enabled
  • SonicWALL - Syslog server - >=1 server configured
  • SonicWALL - Use non default admin access ports - 'SSH'
  • SonicWALL - Use non default admin access ports - HTTP
  • SonicWALL - Use non default admin access ports - HTTPS
  • SonicWALL - User Inactivity Timeout - 5 minutes or less
  • SonicWALL - Web Interface - Does not use self-signed cert
Informational Update
  • SonicWALL - AV License - Not Licensed
  • SonicWALL - Flood Protection - Layer 3 - Attack Threshold
  • SonicWALL - Security Services - Gateway AV - Signature Timestamp
  • SonicWALL - Security Services - IDP - Signature Timestamp
  • SonicWALL - Unused Interfaces
Miscellaneous
  • Metadata updated.
  • References updated.
  • Variables updated.
Added
  • SonicWALL - Password Policy - Affected User types - full-admins
  • SonicWALL - Password Policy - Affected User types - limited-admins
Removed
  • SonicWALL - SNMP Configuration - Review