Network access rule logic list, Bandwidth management – SonicWALL Internet Security Appliances User Manual

Network Access Rules Page 133

Network Access Rule Logic List

It is important to fully consider the logic behind the new rule before it is added to the list. Use the
following guidelines to help you evaluate the impact of a rule before adding it to the list:
1. State the intent of the rule. For example, “This rule restricts all IRC access from the LAN to the

Internet.”

2. Is the intent of the rule to allow or deny traffic?
3. What is the direction of the traffic? From the LAN to the WAN, or from the WAN to the LAN?
4. List IP services affected by the rules.
5. List the computers on the LAN affected by the rule.
6. List the computers on the WAN affected by the rule. If allowing traffic from the WAN to the LAN,

it is better to allow WAN traffic only to certain computers on the LAN.

7. Does the rule prevent users from accessing critical resources on the Internet?
8. Does the rule create any security vulnerabilities?
9. Does the rule conflict with any existing rules?

Bandwidth Management

The SonicWALL can be configured for bandwidth management of outbound (WAN) network traffic
via bandwidth management. It allows network administrators to prioritize traffic. Each Service
added via a Rule has a checkbox to enable bandwidth management for the Service.
Select Enable Bandwidth Management in the Add Rule window then enter the Guaranteed
Bandwidth in Kbps for the Service, and enter the Maximum Bandwidth in number of Kbps for the
Service. Before you can enable and configure bandwidth management for Rules, you must enable
it on the Ethernet page in the Advanced section.
Alert Bandwidth management is very complex and requires extensive knowledge of networks and
networking protocols. Incorrect bandwidth management may cause network problems or
degradation of network performance. See Bandwidth Management in Chapter 10, Advanced for
more information.