Action Connectors
      Back to home
      1. Radiant Help Center
      2. Getting Started
      3. Action Connectors

      Action Connector: SonicWall API

      Set up the action connector for SonicWall to enable one-click containment in Radiant Security.

      Summary

      This configuration will establish a trusted relationship between Radiant Security and your SonicWall firewall to enabled automated and one-click execution tasks. This action connector supports the following automated actions:

      • Block IP Address

      At the end of this configuration, you will provide Radiant Security with these values:

      • Administrator Username
      • Administrator Password
      • SonicWall Base URL (public IP)

      Prerequisites

      • User Privileges: SonicWALL Administrator

      • Network connectivity

      Note: Radiant Security needs to be able to connect to the Firewall HTTPs management to be able to execute the actions. Radiant Security IP addresses are listed in the table below.

      Radiant IPs
      100.21.80.201
      52.11.97.167
      35.164.70.154

      Add an administrator in SonicWall

      1.    Login to your SonicWall firewall.

      		  

      2.    Navigate to Device > Settings > Administration - Audit/SonicOS API.

      3.    Enable the SonicOS API toggle button.

      4.    Enable RFC-2617 HTTP Basic Access authentication.

      5.    Click Accept to apply the changes.

      		 Untitled (15)
      6.    Navigate to Network > System > Interfaces.
      7.    Click the interface assigned to WAN and click the Pencil button to edit it.
      8.    For User Login, enable the HTTPS option. Untitled (16)
      9.    Click OK to apply the changes.  
      10.    Navigate to Device > Users > Local Users & Groups.
      11.    Click Add User and enter the following information:
      • Name: RadiantSecurityAdmin
      • Password: Set a secure password

      Keep all of the other default settings unchanged.

      		 Untitled(1) (1)
      12.    Click the Groups tab.  
      13.    Select SonicWALL Administrators from the left panel and click the right facing arrow to add it to the right panel.  
      14.    Click Save.  
      15.    On the top panel click Local Groups.
        • Click SonicWALL Administrators to edit it.
        • Click Administration.
        • Enable Members go straight to the management UI on web login.
        • Click Save.
      		  
      Untitled(2) (1)

      Create the action connector

      1. Login to Radiant Security.
      2. From the navigation menu, select Settings > Action Connectors and click + Add Connector to create a new action connector.
      3. Search for and select SonicWall API and then click Credentials.Captura de Tela 2024-02-23 às 17.19.55
      4. Under Credential Name, enter a credential name (use a descriptive name such as Sonicwall - Credentials).
      5. Under Required Credentials, add the information you obtained from SonicWall Firewall:
        • Username: Administrator username
        • Password: Adminiator password
        • API Base URL: SonicWall Base URL (public IP/URL of the firewall)
          Captura de Tela 2024-02-23 às 17.21.01
      6. Click Add Connector to save your changes.

      Authenticating on the API

      SonicWall API uses Basic Authentication, so we need to encode the user and password as base64 following the format "user:password" and pass it on the Authorization header:

      Example

      user = admin
      password = 12345

      admin:12345 -> base64 encode -> YWRtaW46MTIzNDU=

      Header:
      Authorization: Basic YWRtaW46MTIzNDU=

       

      We value your opinion. Did you find this article helpful? Share your thoughts by clicking here or reach to our Product and Customer Success teams at support@radiantsecurity.ai 

       

      Last updated: 2024-08-23