Firewall Audit and Management for SonicWall Firewalls

Audits: the key to better security and compliance.

Are you using SonicWall-Firewalls?

Can you answer the following questions spontaneously – without time-consuming research?

Which users have which access rights?
Are all security services licensed and active?
Are any temporary rules still active that were originally created for testing purposes?
Is the system protected against outages?
What happens if the firewall or internet connection fails?
Are there any temporary NAT policies and access rules that are no longer needed?

Firewall Toolbox provides you with fast, precise answers and significantly simplifies firewall audits. This saves time and increases the efficiency of your security checks.

Why should firewall systems be audited regularly?

Audits address the following topics:

Regulatory compliance (NIS-2, GDPR)
Regular adaptation to evolving threats
Vulnerability identification
Performance optimization
Protection against internal threats

How does Firewall Toolbox work?

The Firewall Toolbox software requires two key files:

the SonicWall System Export (EXP) and the
SonicWall Technical Support Report (TSR).

These files can be downloaded manually or automatically from the firewall via API. An API connection to MySonicWall can also be integrated, if desired.

A user-friendly wizard guides you through the data transfer process. Once all information has been collected, it is processed and uploaded in a structured format to an SQL database for analysis.

The tool then generates a variety of reports, providing the auditor with easy access to the most important information about the current status of the firewall.

The appearance of the reports can be customized by using a custom logo and adjusting the heading color scheme.

Currently, two main modules are implemented: Security Audit and Configuration Audit. Initial functionality for the Documentation and Troubleshooting modules is also available.

Reports

Es gibt drei Hauptkategorien von Berichten, die jeweils eine Vielzahl von Unterberichten enthalten:

Security Audit Reports

Firewall rules/NAT policies that have never been used
Disabled rules
Rules with no traffic for a defined period
VPN cryptography check (weak ciphers, etc.)
Users in administrative groups
External user authentication
VPN access rights
Firewall audit settings and data

Configuration Audit Reports

Firmware status / available updates
History (upgrades / uploaded configurations)
Status and expiration dates of security services
Security services per zone
High availability status / settings
WAN failover status / usage
Firmware history (upgrades / uploaded configurations)

Sample reports here: https://firewall-toolbox.com/resources/

Documentation

Das Hauptziel der ersten Versionen der Firewall Toolbox besteht darin, leistungsstarke Audit-Funktionen bereitzustellen. Viele der erzeugten Berichte können jedoch bereits jetzt für Dokumentationszwecke genutzt werden.

In der aktuellen Version enthält die Toolbox zudem erste dokumentationsbezogene Funktionen, wie z.B.:

All Firewall Rules (IPv4 / v6)
All Nat Policies (IPv4 / v6)
Interface Configuration

Maintenance and system hygiene

When API access is enabled, Firewall Toolbox optimizes your firewall management by automatically detecting and securely removing outdated rules and NAT policies. A full backup of your settings is created before each action, allowing you to restore the entire configuration or individual objects at any time.

During API access, many objects—such as rules, NAT policies, VPN tunnels, address objects, groups, and schedules—are exported in an editable and re-uploadable format. This makes it easy to rebuild a clean, optimized configuration from scratch using a tool like Postman.

Flyer

You can download the current product-flyer here:

Guided Audits

Do you need help conducting a SonicWall firewall audit? Benefit from my knowledge and 25 years of SonicWall experience:

More information here: https://www.martinschmitz.it/begleitete-audits/