WatchGuard Technologies Firebox X 1Network IP Addresses Without the Firebox, External interface

Page 10

Installing WatchGuard System Manager

1Network IP Addresses Without the Firebox

Wide Area Network

_____._____._____._____ / ____

Default Gateway

_____._____._____._____

Local Area Network

_____._____._____._____ / ____

Secondary Network

_____._____._____._____ / ____

(if applicable)

Public Server(s)

_____._____._____._____

(if applicable)

_____._____._____._____

 

 

_____._____._____._____

Use the second table for your network IP addresses after you put the Firebox into operation.

External interface

Connects to the external network (typically the Internet) that is the security problem.

Trusted interface

Connects to the private LAN or internal network that it is necessary to protect.

Optional interface(s)

Usually connects to the DMZ or the mixed trust area of your network. The number of optional interfaces on your Firebox depend on the model you have purchased. Use optional interfaces to create zones in your network with different levels of access. Usually, you install the Web, e-mail, and FTP servers on an optional interface.

2Network IP Address With the Firebox

Default Gateway

_____._____._____._____

External Network

_____._____._____._____ / ____

Trusted Network

_____._____._____._____ / ____

Optional Network

_____._____._____._____ / ____

Secondary Network

_____._____._____._____ / ____

(if applicable)

Selecting a firewall configuration mode

Fireware appliance software users must use a routed firewall configuration mode. If you use WFS appli- ance software, you must make a decision on how to install the Firebox into your network before you install WatchGuard System Manager. This decision controls the configuration of the Firebox interfaces. To install the Firebox into your network, select the configuration mode—routed or drop-in—that matches the needs of your current network.

For more information on finding which configuration mode to use with WFS appliance software, see “WFS appliance software configuration modes” on page 9.

4

WatchGuard System Manager

Page 9 Page 11
Image 10
Page 9 Page 11
Contents WatchGuardSystem Manager User Guide Address Contents Setting Up Logging and Notification Copy the online help system to more computersLogViewer Settings Importing Certificates Microsoft Internet Explorer 5.5Apache Software License, Version 2.0, January WatchGuard Management Server Getting StartedAbout WatchGuard System Manager Log ServerInstalling WatchGuard System Manager About Hardware and Appliance SoftwareLicense Keys Network addressesTrusted interface 1Network IP Addresses Without the FireboxExternal interface Optional interfacesUses 40-bit encryption Software encryption levelsBase StrongSetting Up Your Management Server Putting the Firebox into operation on your networkMaster password Admin passwordAfter Your Installation Installation TopicsWFS appliance software configuration modes Routed configurationDrop-in configuration Use the Quick Setup Wizard during installation Adding secondary networks to your configurationTo add a secondary networks, do one of these procedures Dynamic IP support on the external interfaceEntering IP addresses About slash notationInstalling the Firebox cables Installation Topics Threat responses, alerts, and expert advice Service and SupportLiveSecurity Service Solutions Easy software updatesLiveSecurity Service Broadcasts Basic FAQs LiveSecurity Service Self Help ToolsNew from WatchGuard Interactive Support Forum Advanced FAQsKnown Issues Online TrainingWatchGuard Users Group Using the WatchGuard Users ForumWatchGuard Users Forum Online HelpCopy the online help system to more computers Product DocumentationTechnical Support Software requirementsType of Service Web Site Service TimeWe try to supply a solution in a maximum time of four hours HoursTraining and Certification About the WatchGuard System Manager Window Monitoring Your NetworkStarting WatchGuard System Manager From the Windows DesktopDevice Connecting to a FireboxDisconnecting from a Firebox LogDisconnecting from a Server Connecting to a ServerType the password for the Management Server Seeing Information about DevicesCertificates Firebox StatusBranch Office VPN Tunnels Pptp user VPN tunnels Seeing Information on Log ServersMobile user VPN tunnels No exclamation pointMonitoring VPNs Policy Manager About the WatchGuard ToolbarStarting Security Applications Firebox ManagerLog Viewer Quick Setup WizardHostWatch Historical ReportsSetting Up the Log Server Setting Up Logging and NotificationLog Server collects logs from each WatchGuard Firebox WatchGuard Log Server Configuration dialog box appears Configuration Guide for your version of appliance softwareSetting Global Logging and Notification Preferences Type the new log encryption key two times Click OKClick Save Changes or Close Click Save Changes Setting Global Logging and Notification Preferences Types of Log Messages Traffic Alarm Event DiagnosticReviewing and Working with Log Files Traffic log messagesLog File Names and Locations Alarm log messagesDiagnostic log messages Starting LogViewerBrowse to find the log file and click Open LogViewer Settings Changing LogViewer settings with WFS appliance software Click to set the format of the logs to the default colorsUsing LogViewer Select Edit FindPaste the data into any text editor Click File Merge log files Click Browse to find the files to put together Click MergeUsing LogViewer Using LogViewer Generating Reports of Network Activity Creating and Editing ReportsType the report name From Historical Reports, click AddSelect the filter Type the Firebox IP address or host name. Click Add Specifying a Report Time IntervalChange the report definition Specifying Report Sections To consolidate report sections Setting Report PropertiesType the number of items to put in the table Exporting Reports Using Report Filters Complete the Filter tabsReport Sections and Consolidated Sections When finished, click OKRunning Reports Change the filter propertiesReport Sections and Consolidated Sections Session Summary Proxied Traffic Consolidated sections Report Sections and Consolidated Sections Public Key Cryptography and Digital Certificates Managing Certificates Certificate AuthorityPKI in a WatchGuard VPN From the menu, select the correct Managing the Certificate AuthorityCertificate Authority CA Certificate GWvpn gateway name Management Server CA CertificateGenerate a New Certificate Find and Manage CertificatesPuts back a certificate that was revoked before RevokeReinstate DestroyManaging the Firebox X Edge Firebox Soho Importing CertificatesNetscape Communicator NetscapeManaging the Firebox X Edge or Soho Device Troubleshooting ideasAdministration System StatusFirewall Removing CertificatesSystem security and remote management LoggingSelect File Soho Management Clean up on PC Removing Certificates Appendix a Copyright and Licensing WatchGuard Firebox Software End-User License AgreementWatchGuard System Manager Copyright and Trademarks Licenses OpenSSL LicenseOriginal SSLeay License Apache Software License, Version 2.0, January Licenses Pcre License GNU Lesser General Public License Licenses Licenses Licenses GNU General Public License Licenses Licenses Licenses Sleepycat License Licenses Appendix B WatchGuard File Locations General File LocationsDefault File Locations Quick Setup WizardHostWatch for Fireware Appliance Software Firebox System Manager for Fireware Appliance SoftwarePolicy Manager for Fireware Appliance Software WatchGuard System Manager Policy Manager for WFS Appliance SoftwareFlash Disk Management for WFS Appliance Software Firebox System Manager for WFS Appliance SoftwareHostWatch for WFS Appliance Software LogViewerWebBlocker Server Management ServerLog Server User Interface Log Server for WFS Appliance Software Log Server for Fireware Appliance SoftwareHistorical Reports Log Merge Management Server Setup WizardManagement Server User Interface WatchGuard Certificate Authority Default File Locations Index Muvpn Wctp 100
Top Page Image Contents