SonicWall Firewall Out-of-the-Box Response Integration Setup Primer
SonicWall Firewall Out-of-the-Box Response Integration Setup Primer
Each mode has a specific set of features and requirements that need to be accounted for before proceeding with the setup. These will be listed below.
Features
SonicWall Simplified
The SonicWall Simplified solution works by fortifying your system’s security using a Lumu-provided URL. This URL contains a database of malicious FQDNs to strengthen threat detection. You can also include IPs to further enhance your system’s defense.
Limitations- Keep in mind the specific limitations inherent to SonicWall regarding Dynamic External Address Group File.
- For each list, there’s a cap of 254 elements due to performance concerns.
- If your Firewall can take a higher cap, we recommend you contact our support in order to adequately manage that cap.
SonicWall Enhanced
The SonicWall Enhanced solution works by incorporating a URL List Group fed with malicious URLs that Lumu has identified. To enable this integration, keep in mind the following:
- Make sure you have an additional CFS license to activate this functionality.
- A machine or virtual machine running Python or Docker to execute all associated additional resources.
- We are flexible in terms of workspace conditions. You can choose between the following:
System Requirements
- An Active Lumu Defender subscription
- SonicWall Operating System 6.5 or 7
- A Machine/VM with Python or Docker (Enhanced mode only)
- SonicWall Firewall with CFS license (Enhanced mode only)
Integration Setup
Once you are certain of which integration type suits your needs, make sure to follow the detailed setup instructions for your solution in the following links:
Related Articles
SonicWall Firewall Simplified Out-of-the-Box Response Integration
Requirements SonicWall Firewall SonicWall Operating System 6.5 or 7 For SonicOS 6.5, the integration is tested with SonicOS 6.5.4.5-53n or above. Please follow the instructions in the corresponding section to deploy it. Lumu License Lumu Defender ...SonicWall Capture Client (EDR) Out-of-the-Box Response Integration
This article describes the required procedure to integrate SonicWall Capture Client (EDR) with Lumu for automated response procedures. This is one of our featured Out-of-the-Box Response Integrations. Requirements Sonicwall Capture Client - Advanced ...Juniper SRX Firewall Out-of-the-box Response Integration
To learn more about Out-of-the-box Integrations and their benefits, please refer to this article. In this article, you will find out how to configure Juniper SRX Firewall to receive and block adversaries detected by Lumu and improve the detection & ...Check Point Next Generation Firewall (NGFW) Out-of-the-box Response Integration
The Lumu Defender API offers a framework to help you leverage Lumu’s integrations with your existing cybersecurity stack, including Security Information and Event Management (SIEM), Security Orchestration, Automation, and Response (SOAR), Endpoint ...Netgate pfSense® Firewall Out-of-the-box Response Integration
This integration lets you generate integration URLs with customized lists according to the needs of your organization. With Threat Types lists, you can define the type of adversary to be included in your lists. To learn more about Out-of-the-box ...