So my new job has a mix of Cisco ASA and Sonicwall depending on the site. I've never used Sonicwall but it seems pretty straight forward for the most part, I just have a few questions I hope someone can answer.
First of all, most of these are NSA 3650's. Also, I looked online before posting here but not a lot came up really.
- Where are the historical traffic logs? Like if I want to know if 10.10.10.5 went to 172.30.30.5 yesterday at 6PM for example. All I see are real time logs with active sessions (it seems that's what it is anyway).
- Is there a way to see what rule was matched by the traffic that was allowed?
- Is there a way to simulate traffic like you can with PA and Cisco? Like say ip address x is going to y on port 80 and see what it would do?
- Are rules evaluated in order of "priority"? Is that just a weird way to say "this is the order of the rules"?
I'm sorry if this is clearly documented somewhere but I didn't see much.
Thanks!
No comments:
Post a Comment