Global Management System
User Manual: Global-Management-System of /wp-content/uploads/2017/11
Open the PDF directly: View PDF .
Page Count: 9
![](asset-1.png)
SONICWALL GLOBAL
MANAGEMENT SYSTEM
Comprehensive security management, monitoring, reporng and analycs
A winning security management
strategy demands deep understanding
of the security environment to promote
better policy coordination and
decisions. Not having an enterprise-
wide view of the full security construct
often leaves organizations at risk to
preventable cyber-attacks and
compliance violations. Using numerous
tools running on different platforms and
reporting data in different formats make
security analytics and reporting
operationally inefcient. This further
impairs the organization’s ability to
quickly recognize and respond to
security risks. Organizations must
establish a systematic approach to
governing the network security
environment to overcome
these challenges.
SonicWall Global Management System
(GMS) solves these challenges. GMS
integrates management and
monitoring, analytics, forensics and
audit reporting. This forms the
foundation of a security governance,
compliance and risk management
strategy. The feature-rich GMS platform
gives distributed enterprises, service
providers and other organizations a
uid, holistic approach to unifying all
operational aspects of their security
environment. With GMS, security teams
can easily manage SonicWall rewall,
wireless access point, email security and
secure mobile access solutions, as well
as third-party network switch solutions.
This is all done via a controlled and
auditable work-stream process to keep
networks sharp, safe and compliant.
GMS includes centralized policy
management and enforcement, real-
time event monitoring, granular data
analytics and reporting, audit trails,
and more, under a unied
management platform.
Benets:
• Establishes a unied security
governance, compliance and risk
management security program
• Adopts a coherent and auditable
approach to security orchestraon,
forensics, analycs and reporng
• Reduces risk and provide a fast
response to security events
• Provides an enterprise-wide view of
the security ecosystem
• Automates workows and assures
security operaon compliance
• Reports on HIPAA, SOX, and PCI for
internal and external auditors
• Deploys fast and easy with soware,
virtual appliance or cloud deployment
opons — all at a low cost.
GOVERNS CENTRALLY
• Establish an easy path to comprehensive
security management, analyc reporng
and compliance to unify your network
security defense program
• Automate and correlate workows
to form a fully coordinated security
governance, compliance and risk
management strategy
COMPLIANCE
• Helps make regulatory bodies and
auditors happy with automac PCI,
HIPAA and SOX security reports
• Customize any combinaon of security
auditable data to help you move towards
specic compliance regulaons
RISK MANAGEMENT
• Move fast and drive collaboraon,
communicaon and knowledge across
the shared security framework
• Make informed security policy decisions
based on me-crical and consolidated
threat informaon for higher level of
security eciency
GMS provides a holisc approach to security governance, compliance and risk management
![](asset-2.png)
2
GMS satises the enterprise’s change
management requirements through a
workow automation processes and
procedures. The workow feature
assures the correctness and the
compliance of policy changes by
enforcing a rigorous process for
conguring, comparing, validating,
reviewing and approving policies prior to
deployment. The approval groups are
exible, enabling adherence to company
security policy while mitigating risk,
reducing errors, improving efciency,
and ensuring high security effectiveness.
With GMS’s workow automation and
auditing of policy changes, enterprises
gain agility and condence in deploying
the right rewall policies, at the right
time, and in conformance to compliance
regulations.
GMS provides a holisc
approach to security
governance, compliance
and risk management.
GMS Workow Automaon: Five steps to error-free policy management
1. CONFIGURE
AND COMPARE
GMS congures
policy change
orders and color-
codes dis for
clear comparisons
2. VALIDATE
GMS performs
an integrity
validaon of the
policy’s logic
3. REVIEW &
APPROVE
GMS emails
reviewers and logs
a (dis)approval
audit trail of the
policy
4. DEPLOY
GMS deploys the
policy changes
immediately or on
a schedule
5. AUDIT
The change logs
enable accurate
policy auding
and precise
compliance data
![](asset-3.png)
3
Security management and monitoring features
Feature Descripon
Centralized security and network
management
Helps administrators deploy, manage and monitor a distributed network security environment.
Federate policy conguraon Easily sets policies for thousands of SonicWall rewalls, wireless access points, email security,
secure remote access devices and switches from a central locaon.
Change Order Management and
Work Flow
Assures the correctness and compliance of policy changes by enforcing a process for
conguring, comparing, validang, reviewing and approving policies prior to deployment. The
approval groups are user-congurable for adherence to company security policy. All policy
changes are logged in an auditable form that ensures the rewall complies with regulatory
requirements.
All granular details of any changes made are historically preserved to help with compliance,
audit trailing, and troubleshoong.
Sophiscated VPN deployment and
conguraon
Simplies the enablement of VPN connecvity, and consolidates thousands of security policies.
Oine management Enables scheduling of conguraons and rmware updates on managed appliances to minimize
service disrupons.
Streamlined license management Simplies appliance management via a unied console, as well as the management of security
and support license subscripons.
Universal dashboard Features customizable widgets, geographic maps and user-centric reporng.
Acve-device monitoring and
alerng
Provides real-me alerts with integrated monitoring capabilies, and facilitates troubleshoong
eorts, thus allowing administrators to take preventave acon and deliver immediate
remediaon.
SNMP support Provides powerful, real-me traps for all Transmission Control Protocol/Internet Protocol (TCP/
IP) and SNMP-enabled devices and applicaons, greatly enhancing troubleshoong eorts to
pinpoint and respond to crical network events.
Applicaon Visualizaon and
Intelligence
Shows historic and real-me reports of what applicaons are being used, and by which users.
Reports are completely customizable using intuive ltering and drill-down capabilies.
Rich integraon opons Provides applicaon programming interface (API) for web services, command line interface (CLI)
support for the majority of funcons, and SNMP trap support for both service providers and
enterprises.
Dell Networking X-Series switch
management
Dell X-Series switches can now be managed easily within TZ, NSA and SuperMassive
series rewalls to oer single-pane-of-glass management of the enre network security
infrastructure.
Security reporng and analycs
Feature Descripon
Botnet Report Includes four report types: Aempts, Targets, Iniators, and Timeline containing aack vector
context such as Botnet ID, IP Addresses, Countries, Hosts, Ports, Interfaces, Iniator/Target,
Source/Desnaon, and User.
Geo IP Report Contains informaon on blocked trac that is based on the trac’s country of origin or
desnaon.
Includes four report types: Aempts, Targets, Iniators, and Timeline containing aack vector
context such as Botnet ID, IP Addresses, Countries, Hosts, Ports, Interfaces, Iniator/Target,
Source/Desnaon, and User
MAC Address Report Shows the Media Access Control (MAC) address on the report page. Includes device-specic
informaon (Iniator MAC and Responder MAC ) in ve report types:
• Data Usage > Iniators
• Data Usage > Responders
• Data Usage > Details
• User Acvity > Details
• Web Acvity > Iniators
![](asset-4.png)
4
Scalable distributed architecture
At the core of GMS is a distributed architecture that facilitates
limitless system scalability. A single instance of GMS can add
visibility and control over thousands of your network security
devices under its management, regardless of location. At the
user-experience level, the GMS universal dashboard utilizes
cutting-edge user interface design and usability concepts that
work together to provide consistent operator workows across
the security ecosystem.
GMS is an on-premises solution, deployable as a software
or a virtual appliance. Alternatively, SonicWall Cloud Global
Management System (Cloud GMS) is cloud-delivered security
management and reporting platform that accelerates and
simplify security management operations while increasing
service agility – all at a low subscription cost.
Single
Management
Console
Reporting
Converged
Infrastructure
• Centralized
management
• Error-free policy
management
• Strong access control
• Comprehensive
audit trails
• PCI, HIPAA, SOX
report templates
• Lower operating costs
Port Expansion Scalability
SonicWall Firewall
SonicWall WAN
Acceleration
X-Series Switch
with PoE
SonicWall
SonicPoint
SonicWall GMS Secure Compliance Enforcement
Benefits
Security reporng and analycs con't
Feature Descripon
Capture ATP Report Shows detail threat behavior informaon to respond to a threat or infecon.
HIPPA, PCI and SOX reports Includes pre-dened PCI, HIPAA and SOX report templates to sasfy security compliance
audits.
Rogue Wireless Access Point
Reporng
Shows all wireless devices in use as well as rogue behavior from ad-hoc or peer-to-peer
networking between hosts and accidental associaons for users connecng to neighboring
rogue networks.
Flow analycs and reports Provides a ow reporng agent for applicaon trac analycs and usage data through IPFIX
or NetFlow protocols for real-me and historical monitoring. Oers administrators an eecve
and ecient interface to visually monitor their network in real-me, providing the ability to
idenfy applicaons and websites with high bandwidth demands, view applicaon usage per
user and ancipate aacks and threats encountered by the network.
• A Real-Time Viewer with drag and drop customizaon
• A Real-Time Report screen with one-click ltering
• A Top Flows Dashboard with one-click View By buons
• A Flow Reports screen with ve addional ow aribute tabs
• A Flow Analycs screen with powerful correlaon and pivong features
• A Session Viewer for deep drill-downs of individual sessions and packets.
Intelligent reporng and acvity
visualizaon
Provides comprehensive management and graphical reports for SonicWall rewalls, email
security and secure mobile access devices. Enables greater insight into usage trends and
security events while delivering a cohesive branding for service providers.
Centralized logging Oers a central locaon for consolidang security events and logs for thousands of appliances,
providing a single point to conduct network forensics.
Real-me and historic next-
generaon syslog reporng
Through a revoluonary enhancement in architecture, streamlines the me-consuming
summarizaon process, allowing for near real-me reporng on incoming syslog messages. Also
provides the ability to drill down into data and customize reports extensively.
Universal scheduled reports Schedules reports that are automacally created and mailed out across mulple appliances of
various types to authorized recipients.
Applicaon trac analycs Provides organizaons with powerful insight into applicaon trac, bandwidth ulizaon and
security threats, while providing powerful troubleshoong and forensics capabilies.
![](asset-5.png)
5
SonicWall Global Management System (GMS)
On-premise GMS provides a complete and scalable security management, analyc and reporng plaorm for distributed enterprises
and data centers while Cloud GMS is ideal for service providers (i.e. MSP and MSSP).
• Capture Threat Research
• Capture Labs
• Capture Sandbox
• Application Control
• Content Filtering
• Botnet Filtering
• Anti-Malware
• Intrusion Prevention
• SSL Inspection
Firewall Security Services Layers
Global Remote Users
Headquarter
Distributed Enterprise
Branch Offices
Secure Mobile Access
Secure Wireless Zone
SonicPoint ACe
Internal Firewall
LAN Zone
DMZ Zone
Server Zone
Guest Zone
Email Security
Switch
WAN Acceleration
IoT Zone
Internal Firewall
Internal Firewall
Internal Firewall
Gateway Firewall
Global
Management
System (GMS)
(Software or virtual
appliance)
International Offices
Retail Locations
POS
Guest IoT
POS
Internet
VPN
• Capture Threat Research
• Capture Labs
• Capture Sandbox
• Application Control
• Content Filtering
• Botnet Filtering
• Anti-Malware
• Intrusion Prevention
• SSL Inspection
Firewall Security Services Layers
Enterprise Clients
SMB Clients
Secure Mobile Access
Secure Wireless Zone
SonicPoint ACe
Internal Firewall
LAN Zone
DMZ Zone
Server Zone
Guest Zone
Email Security
Switch
WAN Acceleration
IoT Zone
Internal Firewall
Internal Firewall
Internal Firewall
Gateway Firewall
Cloud GMS
Console
Cloud GMS
Console
International Clients
Retail Clients
POS
Guest IoT
POS
Cloud GMS
Managed Security Service
Provider (MSSP)
MSSP’s managed firewalls
MSSP’s co-managed firewalls
On-Premise SonicWall Global Management System Environments
Cloud-based SonicWall Global Management System Environments
![](asset-6.png)
6
Context-sensive dashboards display a variety of informaonal widgets, such as geographical maps, syslog reports, bandwidth
summaries, top websites accessed, or the data that is most relevant to specic users.
Intuive graphical reports simplify managed appliance monitoring. Easily idenfy trac anomalies based on usage data for a specic
meline, iniator, responder or service. Export reports to a Microso® Excel® spreadsheet, portable document format (PDF) le or
directly to a printer.
![](asset-7.png)
7
Feature Summary
Soluon GMS (On-Premise) GMS (Cloud)
Reporng S S
Policy Management S S
Monitoring S S
Deployment Opons
Deployable as Virtual Appliance SCloud
Deployable as Soware Applicaon SCloud
Deployable for management and reporng in an IPv6 network S S
Reporng
Comprehensive Set of Graphical Reports S S
Compliance Reporng S N
Customizable Reporng with Drill Down Capabilies S S
Centralized Logging S S
Mul-threat Reporng S S
User-based Reporng S S
Applicaon Usage Reporng S S
New Aack Intelligence S S
Bandwidth and Services Report per Interface S S
Reporng for SonicWall UTM Firewall Appliances S S
Reporng for SonicWall SRA SSL VPN Appliances S N
Universal Scheduled Reports S N
Next-generaon Reporng Syslog and IPFIX IPFIX
Flexible and Granular Near Real-Time Reporng S S
User-centric Reporng S S
Per User Bandwidth Reporng S S
More Granular Services Reporng S S
Client VPN Acvity Reporng S N
More Detailed Summary of Services over VPN Report S N
Rogue Wireless Access Point Reporng S N
SRA SMB Web Applicaon Firewall (WAF) Reporng S N
Management
Ubiquitous Access S S
Alerts and Nocaons S S
Diagnosc Tools S S
Mulple Concurrent User Sessions S S
Oine Management and Scheduling S S
Management of Security Firewall Policies S S
Management of Security VPN Policies S S
Management of Email Security Policies S N
Management of Secure Remote Access/SSL VPN Policies S N
Management of Value Added Security Services S S
S = Standard
N = Not available
![](asset-8.png)
8
Feature Summary
Soluon GMS (On-Premise) GMS (Cloud)
Management con't
Dene Policy Templates at the Group Level S S
Policy Replicaon from Device to a Group of Devices S S
Policy Replicaon from Group Level to a Single Device S S
Redundancy and High Availability S S
Provisioning Management S S
Scalable and Distributed Architecture S S
Dynamic Management Views S S
Unied License Manager S S
Command Line Interface (CLI) S N
Web Services Applicaon Programming Interface (API) S N
Role Based Management (Users, Groups) S S
Universal Dashboard S N
Backup of preference les for rewall appliances S S
Monitoring
IPFIX Data Flows in Real me S S
SNMP Support S N
Acve Device Monitoring and Alerng S S
SNMP Relay Management S N
VPN and Firewall Status Monitoring S S
Live Syslog Monitoring and Alerng S N
S = Standard
N = Not available
Minimum system requirements
Below are the minimum requirements for SonicWall GMS with
respect to the operating systems, databases, drivers, hardware
and SonicWall-supported appliances:
Operating system1
Windows Server 2016
Windows Server 2012 Standard 64-bit
Windows Server 2012 R2 Standard 64-bit (English and Japanese
language versions)
Windows Server 2012 R2 Datacenter
Hardware requirements
Use the GMS Capacity Calculator to determine the hardware requirements for
your deployment.
Virtual appliance requirements
Hypervisor: ESXi 6.5, 6.0 or 5.5
Use the GMS Capacity Calculator to determine the hardware requirements for
your deployment.
VMware Hardware Compatibility Guide:
http://www.vmware.com/resources/compatibility/search.php
Supported databases
External databases: Microsoft SQL Server 2012 and 2014
Bundled with the GMS application: MySQL
Internet browsers
Microsoft® Internet Explorer 11.0 or higher (do not use compatibility mode)
Mozilla Firefox 37.0 or higher
Google Chrome 42.0 or higher
Safari (latest version)
GMS gateway
SonicWall SuperMassive™ E10000 Series, SonicWall SuperMassive™ 9000
Series, E-Class Network Security Appliance (NSA), and NSA Series
Supported SonicWall appliances managed by GMS
SonicWall Network Security Appliances: SuperMassive E10000 and 9000
Series, E-Class NSA, NSA, and TZ Series appliances®
SonicWall Secure Mobile Access (SMA) appliances: SMA Series and
E-Class SRA
SonicWall Email Security appliances
All TCP/IP and SNMP-enabled devices and applications for active monitoring
![](asset-9.png)
© 2017 SonicWall Inc. ALL RIGHTS RESERVED. SonicWall is a trademark
or registered trademark of SonicWall Inc. and/or its aliates in the U.S.A.
and/or other countries. All other trademarks and registered trademarks
are property of their respecve owners.
SonicWall, Inc.
5455 Great America Parkway | Santa Clara, CA 95054
Refer to our website for addional informaon.
www.sonicwall.com
9
DataSheet-SonicWallGlobalManagementSystem-US-VG-MKTG305
Global Management System (GMS) ordering informaon
Product SKU
SNWL CLOUD GMS MANAGEMENT WORKFLOW AND REPORTING LIC FOR TZ 1YR 01-SSC-3435
SNWL CLOUD GMS MANAGEMENT, WORKFLOW AND REPORTING LIC FOR NSA 1YR 01-SSC-3879
SNWL CLOUD GMS MANAGEMENT AND WORKFLOW LIC FOR TZ/SOHO 1YR 01-SSC-3664
SNWL CLOUD GMS MANAGEMENT AND WORKFLOW LIC FOR NSA 1YR 01-SSC-3665
SONICWALL GMS 5 NODE SOFTWARE LICENSE 01-SSC-7680
SONICWALL GMS 10 NODE SOFTWARE LICENSE 01-SSC-3363
SONICWALL GMS 25 NODE SOFTWARE LICENSE 01-SSC-3311
SONICWALL GMS 1 NODE SOFTWARE UPGRADE 01-SSC-7662
SONICWALL GMS 5 NODE SOFTWARE UPGRADE 01-SSC-3350
SONICWALL GMS 10 NODE SOFTWARE UPGRADE 01-SSC-7664
SONICWALL GMS 25 NODE SOFTWARE UPGRADE 01-SSC-3301
SONICWALL GMS 100 NODE SOFTWARE UPGRADE 01-SSC-3303
SONICWALL GMS 250 NODE SOFTWARE UPGRADE 01-SSC-3304
SONICWALL GMS 1000 NODE SOFTWARE UPGRADE 01-SSC-3306
SONICWALL GMS CHANGE MANAGEMENT AND WORKFLOW 01-SSC-0424
SONICWALL GMS E-CLASS 24X7 SOFTWARE SUPPORT FOR 1 NODE (1 YR) 01-SSC-7675
SONICWALL GMS E-CLASS 24X7 SOFTWARE SUPPORT FOR 5 NODE (1 YR) 01-SSC-6524
SONICWALL GMS E-CLASS 24X7 SOFTWARE SUPPORT FOR 10 NODE (1 YR) 01-SSC-6514
SONICWALL GMS E-CLASS 24X7 SOFTWARE SUPPORT FOR 25 NODE (1 YR) 01-SSC-3334
SONICWALL GMS E-CLASS 24X7 SOFTWARE SUPPORT FOR 100 NODE (1 YR) 01-SSC-3336
SONICWALL GMS E-CLASS 24X7 SOFTWARE SUPPORT FOR 250 NODE (1 YR) 01-SSC-3337
SONICWALL GMS E-CLASS 24X7 SOFTWARE SUPPORT FOR 1000 NODE (1 YR) 01-SSC-3338
About Us
SonicWall has been ghting the cyber-criminal industry for over 25 years, defending small, medium size businesses and enterprises
worldwide. Our combination of products and partners has enabled a real-time cyber defense solution tuned to the specic needs of
the more than 500,000 global businesses in over 150 countries, so you can do more business with less fear.