SonicWall

This document provides the steps required to configure the Sonicwall Inspector.

👍

Quick Details

Recommended Agent: Self-Managed
Supported Agents: Self-Managed
Is Auto-Discovered By: Network Discovery Inspector
Can Auto-Discover: N/A
Parent/Child Type Inspector: No
Inspection via: SSH (6.x) or API (7.x)
Data Summary: Here

Overview

See it in Action

🚧

SonicWall Version Support

While our SonicWall Inspector will work with firmware versions older than 6.5.4.9, version 6.5.4.9 is the only version fully supported by SonicWall, and therefore, the only version fully supported by Liongard. For best results, update your SonicWall devices to version 6.5.4.9.

Additionally, Liongard is able to support NSv SonicWall OSX 7 (NSv) devices.

SonicWall Inspector Deployment

The setup steps for the SonicWall Inspector vary depending on the firmware version installed on the device.

Deploying a SonicWall Inspector for Firmware Version 7.x

Deployment Methods

There are three deployment methods for setting up a SonicWall Inspector in Liongard:

If you would like to roll out the SonicWall Inspector through an On-Premises Agent, you must first install the Windows Agent on a server within the network residing behind the firewall of the SonicWall device.

If you would like to roll out the SonicWall Inspector through a Self-Hosted Agent, you must first install the Self-Hosted Agent in your data center.

If you would like to roll out the SonicWall Inspector with auto-discovery, you must first deploy a Network Discovery Inspector

Deployment using an On-Premises Agent or Self-Hosted Agent

Inspector Setup Preparation

🚧

Disabling the User Login Status Pop-up

To disable the user login status pop-up, follow SonicWall's documentation.

Step 1: Create API User Account and Assign Group Membership

  1. Navigate to Device > Users > Local Users & Groups and select Add User

  1. Complete the Name, Password, and Confirm Password fields
  2. Select the Groups tab
  3. Add the user account to the Everyone, SonicWALL Administrators, and Trusted Users Groups. For least privileges, you may be able to use the Read Only Administrator group, but this may not work on all firmware versions.

  1. Navigate to Device > Users > Local Users & Groups > Local Groups.
  2. Edit the SonicWall Administrators Group and navigate to the Administration tab.
  3. Enable the Members go straight to the management UI on web login option and click Save.

Step 2: Enable API

  1. Navigate to Device > Administration > Audit/SonicOS API, scroll down to SonicOS API, and enable SonicOS API and RFC-2617 HTTP Basic Access authentication. Click Accept.

Note: If the toggles shown are disabled, a reboot is required to enable them.

Step 3: Ensure HTTPS management is enabled on the interface that the Agent will connect to the SonicWall to

Liongard Inspector Setup

❗️

Inspector Version

When deploying a SonicWall running Firmware 7.x or higher, it is important to select the correct Inspector version as listed in the setup below. If the incorrect Inspector version is selected, the SonicWall Inspector will fail to complete.

In Liongard, navigate to Admin > Inspectors > Inspector Types > Navigate to the SonicWall Inspector > Select Add System.

Fill in the following information:

  • Environment: Select the Environment this System should be associated with
  • Friendly Name: Suggested "[Environment Name] SonicWall"
  • Agent: Select the On-premises or Self-Hosted Agent installed for this Environment
  • Inspector Version: 7.0.0-XXX...
  • Username: Liongard service credentials created in the Inspector Setup Preparation above
  • Password: Liongard service credentials created in the Inspector Setup Preparation above
  • IP/Hostname: Hostname or IP address of the SonicWall appliance
  • HTTPS Management Port: HTTPS Port
  • Schedule: The Inspector will default to run once a day at the time the Inspector is set up. Here you can adjust the schedule

Select Save. The Inspector will now be triggered to run within the minute.

Deployment via Auto-Discovery

If you have set up a Network Discovery Inspector, it will auto-discover your SonicWall Inspectors. After completing the Inspector Setup Preparation steps above, follow these steps:

Navigate to Admin > Inspectors > Select SonicWall Inspector > Select the Discovered Systems tab

Here you can Activate your Discovered SonicWall Inspector(s):

  1. Individually select the three dots Action menu to the left of the Discovered SonicWall Inspector(s)
  2. Edit the SonicWall Inspector(s) to include the following credentials gathered in the Inspector Setup Preparation
  • Username: Liongard service credentials created in the Inspector Setup Preparation
  • Password: Liongard service credentials created in the Inspector Setup Preparation
  • Inspector Version: 7.0.0-XXX...
  1. Save the Inspector(s)
  2. Select the checkbox to the left of the Inspector(s) that you would like to Activate
  3. Select the Actions drop-down menu above the Discovered Systems table
  4. Select Activate Launchpoints

Deploying a SonicWall Inspector for Firmware Version 6.x

Deployment Methods

There are three methods for setting up a SonicWall Inspector in Liongard:

If you would like to roll out the SonicWall Inspector through an On-Premises Agent, you must first install the Windows Agent on a server within the network residing behind the firewall of the SonicWall device.

If you would like to roll out the SonicWall Inspector through a Self-Hosted Agent, you must first install the Self-Hosted Agent in your data center.

If you would like to roll out the SonicWall Inspector through Auto-discovery, you must first deploy a Network Discovery Inspector

🚧

Remotely Inspect SonicWall through A VPN Tunnel

Liongard can inspect a SonicWall using an Agent at a different location if you have persistent site-to-site tunnels set up.

If you need to allow your SonicWall device's SSH management interface over a VPN tunnel, please review SonicWall's Documentation to learn more.

Deployment using an On-Premises Agent

❗️

Liongard Agent Version

The SonicWall Inspector requires an Agent using version 3.2.1 or newer. If you are experiencing failures, ensure your Agents are upgraded. For more information, review our documentation.

Inspector Setup Preparation

You'll need to configure the SonicWall device to communicate with the Liongard On-premises Agent. Follow the steps below:

Step 1: Create new Host Address Objects for LAN zone

❗️

Location of Address Objects

Some versions of the SonicWall firmware place address objects under the Objects menu and not the Network menu

  1. Navigate to Network > Address Objects
  2. Select Custom
  3. Click ADD
  4. Create Address Object using the following information:
  • Zone should be LAN/LAN for the Liongard On-premises Agent
  • Type should be Host
  • Liongard Agent (IP Address) - x.x.x.x/255.255.255.255 (where x.x.x.x is the network address of the server where the Windows Agent has been installed)

Step 2: Create Liongard Address Group

  1. Navigate to Network > Address Objects > Address Groups
  2. Add Group > Suggested name “Liongard Monitor Group”
  3. Add the Liongard network object
  4. Click Save

Step 3: Enable SSH Management on Internal Interface

  1. Click Interfaces > Configure LAN
  2. Check SSH Management
  3. Click OK

Step 4: Enable SSH Access on LAN

❗️

Location of Access Rules

Some versions of the SonicWall firmware place Access Rules under the Rules menu and not the Firewall menu

  1. Click Firewall > Access Rules > Grid View > LAN to LAN
  2. Under Configure column > Click Edit/Pencil for SSH Management
  3. Change Source to "Liongard Group" from above

Step 5: Create a Naming Convention for the Liongard Service Account (e.g. liongard.svc)

📘

Naming Convention

Please refer to your organization's naming convention policies when creating usernames. Usernames we state in the documentation are suggestions only.

  1. Click Users > Local Users > Add User
  2. User name: liongard.svc
  3. Create password
  4. Comment: Liongard Service
  5. Go to Groups tab
  6. Add SonicWall Administrators
  7. Click OK

🚧

SSH Password Complexity Requirements

Please note that SonicWall has different password complexity requirements for SSH access than it does for the web UI. These requirements can vary between versions of the firmware.

More information can be found in SonicWall's documentation.

🚧

SonicWall Password Supported Characters

Please note that SonicWall does not support certain characters in system passwords, which may cause authentication issues between Liongard and SonicWall if you attempt to use an unsupported character.

More information can be found in SonicWall's documentation.

Liongard Inspector Setup

In Liongard, navigate to Admin > Inspectors > Inspector Types > Navigate to the SonicWall Inspector > Select Add System.

Fill in the following information:

  • Environment: Select the Environment this System should be associated to
  • Friendly Name: Suggested "[Environment Name] SonicWall"
  • Agent: Select the On-premises Agent installed for this Environment
  • Inspector Version: Latest
  • SSH Username: Liongard service credentials created in the Inspector Setup Preparation above
  • SSH Password: Liongard service credentials created in the Inspector Setup Preparation above
  • IP/Hostname: Hostname or IP address of the SonicWall appliance
  • SSH Port: SSH Port
  • Enable Detailed Output: Toggling this on will run the show current-config, show tsr all, and show tech-support-report commands during the inspection. There is a risk of performance degradation to your SonicWall device if you enable these commands.
  • Schedule: The Inspector will default to run once a day at the time the Inspector is set up. Here you can adjust the schedule

Select Save. The Inspector will now be triggered to run within the minute.

Deployment using a Self-Hosted Agent

Inspector Setup Preparation

You'll need to configure the SonicWall device to communicate with the Liongard Self-Hosted Agent. Follow steps below:

Step 1: Create New Host Address Objects for WAN Zone

  1. Go to Network > Address Objects
    2, Select Custom
  2. Click ADD
  3. Create address object using the information below:
  • Zone should be WAN if the Liongard Self-Hosted Agent is being used.
  • Type should be Host
  • Liongard Agent x.x.x.x/255.255.255.255 (where x.x.x.x is the IP Address of the Agent you wish to run the inspection through)

Step 2: Create Address Group Liongard Group

  1. Navigate to Network > Address Objects > Address Groups
  2. Add Group > Name “Liongard Monitor Group”
  3. Add the Liongard network object
  4. Click Save

Step 3: Enable SSH Management on Internal Interface

  1. Click Interfaces > Configure WAN
  2. Check SSH Management
  3. Click OK

Step 4: Enable SSH Access on WAN

  1. Click Firewall > Access Rules > Grid View > WAN to WAN > Under Configure column click Edit/Pencil for the service named SSH Management
  2. Change Source to "Liongard Group"

❗️

Verify SSH Security Access

  1. By default, SonicWall opens up the SSH port from any IP on the WAN interface. Make certain to verify the steps from "Enable SSH Access on WAN".

  2. Verify the WAN to WAN access group for SSH has been locked down to Liongard and any other needs for your organization

Step 5: Create a Naming Convention for the Liongard Service Account (e.g. liongard.svc)

📘

Naming Convention

Please refer to your organization's naming convention policies when creating usernames. Usernames we state in the documentation are suggestions only.

  1. Click Users > Local Users
  2. Click Add User
  3. Suggested Username: liongard.svc
  4. Create password
  5. Comment: Liongard Service
  6. Go to Groups tab, add SonicWall Administrators
  7. Click OK

Liongard Inspector Setup

In Liongard, navigate to Admin > Inspectors > Inspector Types > Navigate to the SonicWall Inspector > Select Add System.

Fill in the following information:

  • Environment: Select the Environment this System should be associated to
  • Friendly Name: Suggested "SonicWall [Environment Name]"
  • Agent: Select the Self-Hosted Agent
  • Inspector Version: Latest
  • SSH Username: Liongard service credentials created in the Inspector Setup Preparation above
  • SSH Password: Liongard service credentials created in the Inspector Setup Preparation above
  • IP/Hostname: Hostname or IP address of the SonicWall appliance
  • SSH Port: SSH Port
  • Enable Detailed Output: Toggling this on will run the show current-config, show tsr all, and show tech-support-report commands during the inspection. There is a risk of performance degradation to your SonicWall device if you enable these commands.
  • Scheduling: The Inspector will default to run once a day at the time the Inspector is set up. Here you can adjust the schedule

Select Save. The Inspector will now be triggered to run within the minute.

Deployment via Auto-Discovery

If you have set up a Network Discovery Inspector, it will auto-discover your SonicWall Inspectors. After completing the Inspector Setup Preparation above (either for an inspection via an On-Premises Agent or via a Self-Hosted Agent), follow the steps below:

Navigate to Admin > Inspectors > Select SonicWall Inspector > Select the Discovered Systems tab

Here you can Activate your Discovered SonicWall Inspector(s):

  1. Individually select the three dots Action menu to the left of the Discovered SonicWall Inspector(s)
  2. Edit the SonicWall Inspector(s) to include the following credentials gathered in the Inspector Setup Preparation
  • SSH Username: Liongard service credentials created in the Inspector Setup Preparation
  • SSH Password: Liongard service credentials created in the Inspector Setup Preparation
  1. Save the Inspector(s)
  2. Select the checkbox to the left of the Inspector(s) that you would like to Activate
  3. Select the Actions drop-down menu above the Discovered Systems table
  4. Select Activate Launchpoints

Roll out Inspectors at Mass via CSV Import

Use this process when rolling out multiple SonicWall Inspectors at once.

🚧

CSV Import for v7 Devices

A CSV import will work for both v6 and v7 devices.

If deploying Inspectors for v7 devices, the "Inspector Version" will need to be changed on the Inspectors' configuration screen in Liongard after the import is complete.

For more information, review our documentation.

For more information detailed information, please watch check out our documentation.

To import SonicWall Inspectors via CSV Import, navigate to Admin > Inspectors > SonicWall > Select the down arrow icon in the top right-hand to Download CSV Import Template.

In the CSV Template, each row, starting on row three, will represent an Inspector. Fill in the following information for each Inspector you want to roll out:

  • Agent.Name: This column is case sensitive. Copy and paste the associated Agent name from the Admin > Agents screen
  • Inspector.Name: Enter "sonicwall-inspector"
  • Environment.Name: This column is case sensitive. Copy and paste the associated Environment name from the Dashboard screen
  • Alias: Enter the Desired Friendly Name
  • Config.SSH_USER:
    • v6 Devices: Enter the Liongard service username created in the Inspector Setup Preparation above
    • v7 Devices: Use the API username created in the Inspector Setup Preparation above
  • SecureConfig.SSH_PASSWORD:
    • v6 Devices: Enter Liongard service password created in the Inspector Setup Preparation above
    • v7 Devices: Enter the API password created in the Inspector Setup Preparation above
  • Config.SSH_HOST: Enter the hostname or IP address of the SonicWall appliance
  • Config.SSH_PORT:
    • v6 Devices: Enter the SSH Port
    • v7 Devices: Use the HTTPS Port
  • Config.ENABLE_DETAILED_OUTPUT: Enter True or False
  • FreqType: Enter "days"
  • FreqInterval: Enter "1"

When ready to Import the CSV Template of Inspectors, navigate to Admin > Inspectors > SonicWall > Select the up arrow icon in the top right-hand to Import CSV > Select your saved template.

After the successful import notification, reload your browser to find your imported Inspectors.

These Inspectors will automatically trigger themselves to run within a minute.

Optional: Turn on Flexible Asset/Configuration Auto-Updating

If you would like this Inspector's data to be sent to ConnectWise and/or IT Glue, turn on Flexible Assets/Configurations for this Inspector:

  • ConnectWise: Admin > Integrations > ConnectWise > Configuration Types > Confirm the "Configuration Auto-Updating" toggle is enabled
  • IT Glue: Admin > Integrations > IT Glue > Flexible Assets > Confirm the "Flexible Asset Auto-Updating" toggle is enabled

SonicWall Quick Tips/FAQs

Inspector FAQs