Sonicwall Response Integration

Overview

SonicWall is an American cybersecurity company that sells a range of Internet appliances primarily directed at content control and network security. These include devices providing services for network firewalls, unified threat management (UTM), virtual private networks (VPNs), virtual firewalls, SD-WAN, cloud security and anti-spam for email. 

 

Prerequisites

  • Logsign 6.3.26+ versions support this integration.

 

Configure On Sonicwall

Forwarding settings are completed as follows:

  1. Log in to the Sonicwall portal.
  2. In the Main menu, click Network > Address Objects.

 

 

  1. Click “+Add” button for create a new group.
  2. In this part, you can define the custom group and you can add ip to the group.

 

(Note: Creating and adding groups are explained here. For Sonicwall integration, host, user and password are needed.)

 

Configure On Logsign

Forwarding settings are completed as follows:

  1. Click Settings > Integrations > Responses.
  2. In the ‘Search’ part, write Sonicwall.
  3. Click ‘Configure’ and then click ‘+Device’.

  1. Define the settings as follows:
  • Device Name: Define the Device Name.
  • Host: The IP address of the Sonicwall device/product to be integrated with Logsign.
  • Username: Specify the user you have defined in Sonicwall.
  • Password: Specify the password you have defined in Sonicwall.

 

Methods

BLOCK-IP

 

 

  • Device Name: Define the Device Name.
  • Ip: Specify the ip you have blocked in Sonicwall.
  • Group Name: In Sonicwall you can add whatever object you want to include in the group.
  • Zone: You can select the relevant zone for the process you want to do.
  • Expire Time: The duration of how long the object that we add to the group will stay in that group is specified.







UNBLOCK-IP

 

  • Device Name: Define the Device Name.
  • IP: Specify the unblock IP address.

 

BLOCK-FQDN

 

  • Device Name: Define the Device Name.
  • Group Name: In Sonicwall you can add whatever object you want to include in the group.
  • Zone: You can select the relevant zone for the process you want to do.
  • Domain: Specify the domain you want to block.



UNBLOCK-FQDN

Device Name: Define the Device Name.

Domain: Specify the domain you want to unblock.

Was this article helpful?
0 out of 0 found this helpful

Articles in this section

See more
Become a Certified Logsign User/Administrator
Sign-up for Logsign Academy and take the courses to learn about Logsign USO Platform in detail. Enjoy the courses, and get your badges and certificates. In these courses, you'll learn how to use Logsign in your work and add value to your career.
Visit Our Blog
Our Logsign USO Platform illustrate our expertise. So do the blog. Through our blog posts, deepen your knowledge on various SecOps topics or get updated about important news & modern approaches for cybersecurity. Get into the habit of reading valuable information provided by Logsign. Be a step ahead.