TNS SonicWALL v5.9

Audit Details

Name: TNS SonicWALL v5.9

Updated: 12/22/2023

Authority: TNS

Plugin: SonicWALL

Revision: 1.10

Estimated Item Count: 101

File Details

Filename: TNS_Best_Practices_SonicWALL_5.9.audit

Size: 108 kB

MD5: 94bf7e93fb2b1bea5608ccacb8e9d017
SHA256: e909b668b439179a0ad089fef0e1cc7ac0a2fc3dce4c4883feb1889dfc976982

Audit Items

DescriptionCategories
SonicWALL - Ensure default 'admin' username is not used

IDENTIFICATION AND AUTHENTICATION

SonicWALL - AAA - LDAP server is trusted

CONFIGURATION MANAGEMENT

SonicWALL - AAA - RADIUS server is trusted

CONFIGURATION MANAGEMENT

SonicWALL - Anti-Spyware - DMZ

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - Anti-Spyware - LAN

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - Anti-Spyware - WAN

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - Anti-Spyware - WLAN

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - AutoDownload Firmware - Enabled

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - AutoUpdate - Enabled

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - AV License - Not Licensed

CONFIGURATION MANAGEMENT

SonicWALL - Client AV Enforcement On - DMZ

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - Client AV Enforcement On - LAN

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - Client AV Enforcement On - WLAN

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - Content Filtering On - DMZ

ACCESS CONTROL

SonicWALL - Content Filtering On - LAN

ACCESS CONTROL

SonicWALL - Content Filtering On - WLAN

ACCESS CONTROL

SonicWALL - Detection Prevention - ICMP packets

SYSTEM AND COMMUNICATIONS PROTECTION

SonicWALL - Detection Prevention - IP TTL Decrement

SYSTEM AND COMMUNICATIONS PROTECTION

SonicWALL - Detection Prevention - Randomize IP IDs
SonicWALL - Detection Prevention - Stealth Mode
SonicWALL - Disable insecure services - HTTP
SonicWALL - Flood Protection - Layer 2 - All Interfaces

SYSTEM AND COMMUNICATIONS PROTECTION

SonicWALL - Flood Protection - Layer 2 - Threshold

SYSTEM AND COMMUNICATIONS PROTECTION

SonicWALL - Flood Protection - Layer 2 - WAN machines

SYSTEM AND COMMUNICATIONS PROTECTION

SonicWALL - Flood Protection - Layer 3 - Attack Threshold

SYSTEM AND COMMUNICATIONS PROTECTION

SonicWALL - Flood Protection - Layer 3 - Protection Mode

SYSTEM AND COMMUNICATIONS PROTECTION

SonicWALL - Flood Protection - TCP - checksum enforcement
SonicWALL - Flood Protection - TCP - Enforce compliance

SYSTEM AND COMMUNICATIONS PROTECTION

SonicWALL - Flood Protection - TCP - Handshake enforcement
SonicWALL - Flood Protection - TCP - Max Seg Lifetime

SYSTEM AND COMMUNICATIONS PROTECTION

SonicWALL - Flood Protection - TCP - Timeout <= 5 minutes

SYSTEM AND COMMUNICATIONS PROTECTION

SonicWALL - GAV ON - DMZ

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - GAV ON - LAN

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - GAV ON - WAN

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - GAV ON - WLAN

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - GMS hostname/IP - Review

CONFIGURATION MANAGEMENT

SonicWALL - IDP ON - DMZ

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - IDP ON - LAN

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - IDP ON - WAN

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - IDP ON - WLAN

SYSTEM AND INFORMATION INTEGRITY

SonicWALL - Log Alert Emails - Enabled

AUDIT AND ACCOUNTABILITY

SonicWALL - Logging Level - Information

AUDIT AND ACCOUNTABILITY

SonicWALL - Login Banner - Public Zone

ACCESS CONTROL

SonicWALL - Login Banner - Trusted Zone

ACCESS CONTROL

SonicWALL - Login Banner - VPN Zone

ACCESS CONTROL

SonicWALL - Login Banner - WAN Zone

ACCESS CONTROL

SonicWALL - Login Banner - Wireless Zone

ACCESS CONTROL

SonicWALL - Password Policy - Affected User types

IDENTIFICATION AND AUTHENTICATION

SonicWALL - Password Policy - Affected User types - full-admins

IDENTIFICATION AND AUTHENTICATION

SonicWALL - Password Policy - Affected User types - limited-admins

IDENTIFICATION AND AUTHENTICATION