Manuals
/
Brands
/
Computer Equipment
/
Network Router
/
WatchGuard Technologies
/
Computer Equipment
/
Network Router
WatchGuard Technologies
FireboxTM System 4.6
- page 68
1
68
170
170
Download
170 pages, 1.4 Mb
Service precedence
58
Contents
Main
Disclaimer
Copyright and Patent Information
WatchGuard Technologies, Inc. Firebox System Software End-User License Agreement
Page
Declaration of Conformity
FCC Certification
CE Notice
CSA Statement
Table of Contents
PART I
PART III
PART II
Page
PART IV
PART V
PART I
Introduction
Welcome to WatchGuard
WatchGuard Firebox System components
WatchGuard Firebox
WatchGuard Control Center
WatchGuard security suite
LiveSecurity Service
Minimum requirements
Software requirements
Web browser requirements
Hardware require ments
PART II
WatchGuard Services
Page
LiveSecurity broadcasts
Activating the LiveSecurity Service
Page
Page
Accessing frequently asked questions (FAQ)
Known issues
Getting Internet technical support
Getting telephone support
Training
WatchGuard Interactive Training System (WITS)
Instructor-led courses
WatchGuard users group
Subscribing to wg-users@watchguard.com
Unsubscribing from wg-users@watchguard.com
Contributing to wg-users@watchguard.com
Online Help
Starting WatchGuard Online Help
Searching for topics
Copying the Help system to additional platforms
Online Help system requirements
Context-sensitive Help
Currently available options
VPN Manager
High Availability
Mobile User VPN
SpamScreen
Obtaining WatchGuard options
PART III
Configuring a Security Policy
Page
What is a Firebox?
Placing a Firebox within a network
Internet
Opening a configuration file
Opening a configuration from the Firebox
Opening a configuration from a local hard disk
Saving a configuration file
Saving a configuration to the local hard disk
Resetting Firebox passphrases
Tips for creating secure passphrases
Setting the time zone
Reinitializing a misconfigured Firebox
Page
Center
Navigating the WatchGuard Control Center
Starting the Control Center and connecting to a Firebox
Control Center components
QuickGuide
Front panel
Firebox and VPN tunnel status
Page
Traf fic Moni tor
Working with the Control Center
Connecting to a Firebox
Changing the polling rate
Setting the maximum number of log messages
Manipulating the Traffic Monitor
Policy Manager
Changing the Policy Manager view
Firebox Monitors
LogViewer
HostWatch
Historical Reports
LiveSecurity Event Processor
Page
Running the QuickSetup wizard
Setting up a drop-in network
Setting up a routed network
Adding a secondary network
Defining a network route
Defining a host route
Changing an interface IP address
Setting the default gateway
Entering WINS and DNS server addresses
Defining a Firebox as a DHCP server
Adding a new subnet
Page
Page
Configuring default packet handling
Blocking a site permanently
Removing a blocked site
Changing the auto-block duration
Logging and notification for blocked sites
Blocking a port permanently
Removing a blocked port
Logging and notification for blocked ports
Blocking sites temporarily with service settings
Configuring a service to temporarily block sites
Viewing the Blocked Sites list
Adding an existing service
Creating a new service
Defining service properties
Adding incoming service properties
Adding outgoing service properties
Adding addresses to service properties
Working with wg_ icons
Configuring services for authentication
Modifying a service
Deleting a service
Setting up proxy services
Configuring an SMTP proxy service
Page
Configuring an FTP proxy service
Configuring an HTTP proxy service
Service precedence
Page
Page
How WebBlocker works
Reverting to old WebBlocker databases
Logging and WebBlocker
Prerequisites to using WebBlocker
Configuring the WebBlocker service
Activating WebBlocker
Scheduling operational and non-operational hours
Setting privileges
Creating WebBlocker exceptions
Manually downloading the WebBlocker database
Translation
What is dynamic NAT?
Using simple dynamic NAT
Enabling simple dynamic NAT
Adding dynamic NAT entries
Reordering dynamic NAT entries
Using service-based NAT
Enabling service-based NAT
Configuring service-based NAT exceptions
Configuring a service for incoming static NAT
Adding external IP addresses
Setting static NAT for a service
Page
Page
Notification
Ensure logging with failover logging
WatchGuard logging architecture
Designating Event Processors for a Firebox
Adding an Event Processor
Enabling Syslog logging
Editing an Event Processor setting
Removing an Event Processor
Reordering Event Processors
Synchronizing Event Processors
Setting up the LiveSecurity Event Processor
Installing the Event Processor program
Running an Event Processor on Windows 98
Running an Event Processor on Windows NT or Windows 2000
Viewing the Event Processor
Starting and stopping the Event Processor
Setting the log encryption key
Setting global logging and notification preferences
Setting the interval for log rollover
Scheduling log reports
Controlling notification
Customizing logging and notification by service or option
Setting logging and notification for a service
Setting logging and notification for default packet-handling options
Setting logging and notification for blocked sites and ports
Management
Connecting a Firebox with OOB management
Enabling the Management Station
Preparing a Windows NT Management Station for OOB
Preparing a Windows 95/98 Management Station for OOB
Preparing a Windows 2000 Management Station for OOB
Configuring the Firebox for OOB
Establishing an OOB connection
Page
PART IV
Administering a Security Policy
Page
Implementing Authentication
Using host aliases
Adding a host alias
Modifying a host alias
Removing a host alias
What is user authentication?
User authentication types
How user authentication works
Configuring Firebox authentication
Configuring Windows NT Server authentication
Configuring RADIUS server authentication
Configuring CRYPTOCard server authentication
Configuring SecurID authentication
Using authentication to define remote user VPN access
Firebox Monitors
Starting Firebox Monitors and connecting to a Firebox
Setting Firebox Monitors view properties
Bandwidth Meter
ServiceWatch
StatusReport
Page
Page
Page
Authentication list
Blocked Sites list
HostWatch
Connecting to a Firebox
Replaying a log file
Controlling the HostWatch display
Modifying view properties
Page
Files
Viewing files with LogViewer
Starting LogViewer and opening a log file
Setting LogViewer preferences
Searching for specific entries
Copying and exporting LogViewer data
Displaying and hiding fields
Working with log files
Consolidating logs from multiple locations
Copying log files
Forcing the rollover of log fi les
Setting log encryption keys
Page
Activity
Starting Historical Reports
Viewing the reports list
Creating and editing reports
Creating a new report
Specifying report sections
Specifying a report time span
Consolidating report sections
Setting report properties
Exporting reports
Exporting reports to HTML format
Exporting a report to WebTrends for Firewalls and VPNs
Exporting a report to a text file
Using report filters
Creating a new filter
Editing a filter
Deleting a filter
Applying a filter
Scheduling and running reports
Scheduling a report
Manually running a report
Report sections and consolidated sections
Page
Consolidated Sections
Page
PART V
WatchGuard Virtual Private Networking
Page
Private Networking
Configuration checklist
Using DVCP to connect to devices
How does DVCP work?
Basic and Enhanced DVCP
Creating a tunnel to a SOHO or SOHO|tc
Editing a tunnel to a device
Removing a tunnel to a device
Defining a Firebox as an Enhanced DVCP Client
Branch office VPN with IPSec
Configuring a gateway
Configuring a tunnel with manual security
Configuring a tunnel with dynamic security
Creating an IPSec policy
Changing IPSec policy order
Configuring services for branch office VPN with IPSec
Configuring WatchGuard VPN
WatchGuard VPN configuration models
Setting up WatchGuard VPN
Changing remote network entries
Preventing IP spoofing with WatchGuard VPN
Configuring incoming services to allow VPN
Verifying successful WatchGuard VPN configuration
Remote User VPN
Configuration checklist
Configuring shared servers for RUVPN
Adding remote access users
Adding a member to built-in RUVPN user groups
Configuring services to allow incoming RUVPN
By individual service
Using the Any service
Configuring the Firebox for Remote User PPTP
Activating Remote User PPTP
Entering IP addresses for Remote User sessions
Configuring the Firebox for Mobile User VPN
Purchasing a Mobile User VPN license
Entering license keys
Preparing Mobile User VPN configuration files
Saving the configuration to a Firebox
Distributing the software and configuration files
Configuring debugging options
Debugging Mobile User VPN
Debugging Remote User VPN (PPTP)
User VPN
Preparing the client computers
Remote host operating system
Windows 95/98 platform preparation
Windows NT platform preparation
Setting up RUVPN for Windows 2000
Configuring the remote host for RUVPN with PPTP
Using Remote User PPTP
Starting Remote User PPTP
Running Remote User PPTP
Configuring debugging options
Page
Index
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Page
Q
R
S
T
U
V
W
Z