Dell SonicWALL SRA 4200/1200 Getting Started Guide 9Selecting a Deployment ScenarioThe deployment scenarios described in this section are basedon actual customer deployments and are Dell SonicWALL-recommended deployment best practices for SRA appliances.A SRA appliance is commonly deployed in “one-arm” modeover the DMZ or Opt interface on an accompanying gatewayappliance, such as a Dell SonicWALL NSA E7500. This methodof deployment offers additional layers of security control, plusthe ability to use Dell SonicWALL’s UTM services, includingGateway Anti-Virus, Anti-Spyware, Content Filtering, IntrusionPrevention Service, and Comprehensive Anti-Spam Service, toscan all incoming and outgoing NetExtender traffic.The primary interface (X0) on the Dell SonicWALL SRAconnects to an available segment on the gateway device. Theencrypted user session is passed through the gateway to theSRA appliance. The Dell SonicWALL SRA appliance decryptsthe session and determines the requested resource.The session traffic then traverses the gateway appliance toreach the internal network resources. The gateway applianceapplies security services, such as Intrusion Prevention,Gateway Anti-Virus, and Anti-Spyware inspection as datatraverses the gateway. The internal network resource thenreturns the requested content to the Dell SonicWALL SRAappliance through the gateway, where it is encrypted and sentto the client.Scenario OverviewsScenario A: SRA on a New DMZWAN DMZ LANSRA ApplianceOPT, X2, etcX1 X0X0Remote UsersSwitchRouterNetwork NodesDell SonicWALL UTM ApplianceE7500Network Security Appliance