Getting Started with SonicWall UTM

Now in general with any networking appliance many thing you just plug it in and start configuring it for the needs of your network. But, there are always something here that in best practices terms should be completed before doing so to ensure optimum use of the appliance or even sometimes any future issues down the road.

With a SonicWall appliance, I have always had the best practice of factory defaulting the device before starting anything else. This even goes before uploading any newer firmware. This is to ensure that if there was anything imported into the device or something in QA done to it that there is nothing left over.

After factory defaulting that device, I will then grab the firmware that I would like to put on it, upload it into the device then “Boot to Factory Default” for that firmware. Yes yes, I know you say “Why would you do this again, when you just did it?” That is because you want a fresh clean slate, and having a firmware upgrade path is not a fresh clean slate. Say if the device you got has 6.2.5.3 firmware on it and you are upgrading to 6.5.3.3 firmware, who knows what even in the default settings file may have issues with that change of firmware. The second number in the SonicWall firmware versioning, is a feature implementation so there could be a new feature in there that didn’t play well with converting some settings over and then 3 years down the line you call into SonicWall support and find out oh yeah there was this issue that started when you first installed this box and now you have to Wipe and Type because of corrupted settings.

Now after Factory Defaulting, then uploading the firmware you would like and booting to Factory Default on that firmware you are going to want to configure your WAN interface and that is all. I suggest to use the commonly used public DNS servers, 8.8.8.8 or 4.2.2.2 or 1.1.1.1, so that when we go to register the device you will not run into any issues.

I will now go ahead and register and license this box before ANY configuration more than that of the WAN interface. I do not change the LAN IP or anything else, just configure your WAN interface and register and license it. Make sure you check over all the licensing to make sure it is accurate then go through the settings and make sure all of the security services enable and update their databases.

After all of this is completed, you are now ready to start configuring your device as needed and you will have a little less worry about anything else happening as you now have a rock solid foundation to move forward on.