WatchGuard Technologies Firebox X manual After Your Installation, Installation Topics

Page 14

After Your Installation

Note the following:

When an interface whose IP address is bound to the Management Server goes down and then restarts, we recommend that you restart the Management Server.

If you change the computer’s IP address, you must remove the Management Server and install it again.

After Your Installation

You have satisfactorily installed, configured, and put your new WatchGuard® System Manager into opera- tion on your network. Here is some more information to think about.

Align your security policy

Your security policy controls who can get in to your network, where they can go, and who can get out. The configuration file of your Firebox® makes the security policy.

The configuration file that you make with the Quick Setup Wizard is only a basic configuration. You can make a configuration file that aligns your security policy with your requirements. To do this, add filtered and proxied policies, in addition to the basic policies you are told about in the sections before. These pol- icies expand what you let in and out of your network. Each policy can have an effect on your network.

The policies that increase your network security can decrease access to your network. The policies that increase access to your network can decrease your network security. When you select these policies, you must select a range of balanced policies. Your organization and the computer equipment to which you give protection will control your selection. Some policies that organizations usually add are HTTP and SMTP. Usually, for a new installation, we recommend that you use only packet filter policies until all your systems operate correctly. Then, as necessary, you can add proxied policies when you know more about them.

For more information about policies, see the Configuration Guide for your version of appliance software.

Features of the LiveSecurity Service

Your Firebox includes a subscription to our LiveSecurity® Service. Your subscription:

Makes sure that you get the newest network protection with the newest software upgrades

Gives solutions to your problems with full technical support resources

Prevents downtime with messages and configuration help to prevent the newest network security problems

Helps you to find out more about network security through training resources

Extends your network security with included software and other features

Installation Topics

The following sections give information that you can use while setting up your Firebox®.

Installing WatchGuard Servers on computers with desktop firewalls

Desktop firewalls can block the ports necessary for WatchGuard® Server components to operate. Before installing the Management Server, Log Server, or WebBlocker Server on a computer with an active desktop firewall, other than Windows Firewall, you might need to open the necessary ports on the desktop fire- wall. Windows Firewall users do not need to change their configuration.

8

WatchGuard System Manager

Image 14
Contents WatchGuardSystem Manager User Guide Address Contents Setting Up Logging and Notification Copy the online help system to more computersLogViewer Settings Importing Certificates Microsoft Internet Explorer 5.5Apache Software License, Version 2.0, January WatchGuard Management Server Getting StartedAbout WatchGuard System Manager Log ServerInstalling WatchGuard System Manager About Hardware and Appliance SoftwareLicense Keys Network addressesTrusted interface 1Network IP Addresses Without the FireboxExternal interface Optional interfacesUses 40-bit encryption Software encryption levelsBase StrongSetting Up Your Management Server Putting the Firebox into operation on your networkMaster password Admin passwordAfter Your Installation Installation TopicsWFS appliance software configuration modes Routed configurationDrop-in configuration Use the Quick Setup Wizard during installation Adding secondary networks to your configurationTo add a secondary networks, do one of these procedures Dynamic IP support on the external interfaceEntering IP addresses About slash notationInstalling the Firebox cables Installation Topics Threat responses, alerts, and expert advice Service and SupportLiveSecurity Service Solutions Easy software updatesLiveSecurity Service Broadcasts New from WatchGuard LiveSecurity Service Self Help ToolsBasic FAQs Interactive Support Forum Advanced FAQsKnown Issues Online TrainingWatchGuard Users Group Using the WatchGuard Users ForumWatchGuard Users Forum Online HelpCopy the online help system to more computers Product DocumentationTechnical Support Software requirementsType of Service Web Site Service TimeWe try to supply a solution in a maximum time of four hours HoursTraining and Certification About the WatchGuard System Manager Window Monitoring Your NetworkStarting WatchGuard System Manager From the Windows DesktopDevice Connecting to a FireboxDisconnecting from a Firebox LogDisconnecting from a Server Connecting to a ServerType the password for the Management Server Seeing Information about DevicesBranch Office VPN Tunnels Firebox StatusCertificates Pptp user VPN tunnels Seeing Information on Log ServersMobile user VPN tunnels No exclamation pointMonitoring VPNs Policy Manager About the WatchGuard ToolbarStarting Security Applications Firebox ManagerLog Viewer Quick Setup WizardHostWatch Historical ReportsLog Server collects logs from each WatchGuard Firebox Setting Up Logging and NotificationSetting Up the Log Server WatchGuard Log Server Configuration dialog box appears Configuration Guide for your version of appliance softwareSetting Global Logging and Notification Preferences Type the new log encryption key two times Click OKClick Save Changes or Close Click Save Changes Setting Global Logging and Notification Preferences Types of Log Messages Traffic Alarm Event DiagnosticReviewing and Working with Log Files Traffic log messagesLog File Names and Locations Alarm log messagesDiagnostic log messages Starting LogViewerBrowse to find the log file and click Open LogViewer Settings Changing LogViewer settings with WFS appliance software Click to set the format of the logs to the default colorsUsing LogViewer Select Edit FindPaste the data into any text editor Click File Merge log files Click Browse to find the files to put together Click MergeUsing LogViewer Using LogViewer Generating Reports of Network Activity Creating and Editing ReportsSelect the filter From Historical Reports, click AddType the report name Change the report definition Specifying a Report Time IntervalType the Firebox IP address or host name. Click Add Specifying Report Sections Type the number of items to put in the table Setting Report PropertiesTo consolidate report sections Exporting Reports Using Report Filters Complete the Filter tabsReport Sections and Consolidated Sections When finished, click OKRunning Reports Change the filter propertiesReport Sections and Consolidated Sections Session Summary Proxied Traffic Consolidated sections Report Sections and Consolidated Sections PKI in a WatchGuard VPN Managing Certificates Certificate AuthorityPublic Key Cryptography and Digital Certificates Certificate Authority CA Certificate Managing the Certificate AuthorityFrom the menu, select the correct GWvpn gateway name Management Server CA CertificateGenerate a New Certificate Find and Manage CertificatesPuts back a certificate that was revoked before RevokeReinstate DestroyManaging the Firebox X Edge Firebox Soho Importing CertificatesNetscape Communicator NetscapeManaging the Firebox X Edge or Soho Device Troubleshooting ideasAdministration System StatusFirewall Removing CertificatesSystem security and remote management LoggingSelect File Soho Management Clean up on PC Removing Certificates Appendix a Copyright and Licensing WatchGuard Firebox Software End-User License AgreementWatchGuard System Manager Copyright and Trademarks Licenses OpenSSL LicenseOriginal SSLeay License Apache Software License, Version 2.0, January Licenses Pcre License GNU Lesser General Public License Licenses Licenses Licenses GNU General Public License Licenses Licenses Licenses Sleepycat License Licenses Appendix B WatchGuard File Locations General File LocationsDefault File Locations Quick Setup WizardPolicy Manager for Fireware Appliance Software Firebox System Manager for Fireware Appliance SoftwareHostWatch for Fireware Appliance Software WatchGuard System Manager Policy Manager for WFS Appliance SoftwareFlash Disk Management for WFS Appliance Software Firebox System Manager for WFS Appliance SoftwareHostWatch for WFS Appliance Software LogViewerLog Server User Interface Management ServerWebBlocker Server Historical Reports Log Server for Fireware Appliance SoftwareLog Server for WFS Appliance Software Management Server User Interface Management Server Setup WizardLog Merge WatchGuard Certificate Authority Default File Locations Index Muvpn Wctp 100