Collect Firewall Metadata with Lumu VA and SonicWall

Collect Firewall Metadata with Lumu VA and SonicWall

Requirements

  1.  Admin access to configure a syslog server on SonicWall.
  2. A GMS server or On-Prem Analytics server installed and configured server or On-Prem Analytics server installed and configured on SonicWall firewall.
  3. An address Object created on the Firewall for SonicWall Analytics system on SonicWall firewall.
  4. The most recent version of the Lumu Virtual Appliance installed.

These are the general steps you should follow to configure a syslog server on a SonicWall Firewall to send all metadata to Lumu:

Steps to configure SonicWall

Deploy and Set Up Lumu VA

All the detailed steps and guidance to create, download, and install a virtual appliance on your preferred hypervisor or Cloud solution are available in our documentation:

  1. Deploy Virtual Appliances
  2. Configure Virtual Appliances and set up collector

Set up a Lumu VA Firewall Log Collector

Go to the Lumu Virtual Appliance and refresh the VA Collectors settings by running the command lumu-appliance collectors refresh . If the appliance is running, it should be stopped for setting up collectors.

Example of screen when setting up a Firewall CollectorExample of screen when setting up a Firewall Collector

Select the option that refers to SonicWall Firewall and the format that suits you best, then inform the following data:

  1. Protocol type : you can select between TCP and UDP according to your infrastructure and your SonicWall’s settings.
  2. Port number : provide a number between 1024 and 65535, inclusive.
  3. Timezone : The timezone for setting up the VA. Use the canonical ID (e.g. America/Chicago). You can use this external article for reference.
Example of screen when setting up a Firewall CollectorExample of screen when setting up a Firewall Collector

Configure SonicWall to Send Metadata to Lumu VA

Once you have installed and configured a Lumu Virtual Appliance with the respective firewall collector, the next step is to set up SonicWall to forward firewall metadata to Lumu. You can find all the details about setting up syslog server on SonicOS 7.X and SonicOS 6.5 in their official documentation:

  1. How can I configure a syslog server on a SonicWall firewall?

    Still can’t find an answer?
    Send a message to our experts.
    Contact Us

        • Related Articles

        • Collect Metadata with Lumu VA

          The Lumu Virtual Appliance (VA) offers the option to create VA collectors, a seamless way to integrate the network metadata of your entire enterprise into the Lumu cloud with the lowest impact on the network operation. Collecting metadata other than ...

        • Lumu Virtual Appliance Firewall Collectors Catalog

          In the following table, you will find a complete list of Firewall Collectors available for deployment as part of Lumu's Virtual Appliances. Collector Logo Collect Firewall Metadata with Lumu VA and WatchGuard Collect Firewall Metadata with Lumu VA ...

        • Collect MikroTik Firewall Metadata with Lumu VA

          Requirements MikroTik Router OS 6 or newer. Have admin access to create a new Forwarding configuration. Have the most recent version of the Lumu Virtual Appliance installed. These are the general steps you should follow to configure a syslog server ...

        • Collect Firewall Metadata with Lumu VA and Huawei USG Firewall

          Requirements A Huawei USG Firewall device. Have admin access to create a new Forwarding configuration. Have the most recent version of the Lumu Virtual Appliance installed. These are the general steps you should follow to configure a syslog server on ...

        • Collect Firewall Metadata with Lumu VA and Check Point

          Requirements Admin access to configure a syslog server on Check Point firewall. The most recent version of the Lumu Virtual Appliance installed. These are the general steps you should follow to configure a syslog server on a Check Point firewall to ...