1. Manuals
  2. Brands
  3. Mako Manuals
  4. Gateway
  5. 7550-E
  6. Product handbook

Mako 7550-E Product Handbook

Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
Mako Networks Mako 7550-E
Product Handbook
v.1.1
Mako Networks Mako 7550-E Product Handbook v.1.1
Page 1

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the 7550-E and is the answer not in the manual?

Questions and answers

Summary of Contents for Mako 7550-E

  • Page 1 Mako Networks Mako 7550-E Product Handbook v.1.1 Mako Networks Mako 7550-E Product Handbook v.1.1 Page 1...
  • Page 2 No portion of this document may be reproduced in any form, or by any means, without prior written permission from Mako Networks Limited. This document should be read in conjunction with the Mako Networks Limited Terms and Conditions available from the Mako Networks website (http://www.makonetworks.com).

  • Page 3: Table Of Contents

    Configure: Location ....................Configure: Access ...................... Management: Home ....................Management: Company ..................... Management: User ..................... Help: Help Contacts ....................Help: Documentation ....................Help: Known Issues ....................Troubleshooting ......................Glossary of Terms ...................... Mako Networks Mako 7550-E Product Handbook v.1.1 Page 3...

  • Page 4: Limited Warranty

    MAKO NETWORKS, LTD. sole and exclusive liability and end-user’s only remedies for breach of this warranty shall be, at MAKO NETWORKS, LTD.’s option to repair, replace or credit an amount not exceeding the Purchaser’s purchase price of each product found to be...

  • Page 5: Introduction

    Firewall Central to the security of your networks is the type of firewall you use. The Mako 7550-E utilises a stateful inspection firewall. A stateful inspection firewall does not just examine packets of information, instead it makes decisions based upon information derived from all communication layers and from other applications.
  • Page 6 The Mako Networks Central Management System looks after all software updates, security patches and system updates for you. You can be assured that your Mako 7550-E will continue to be current as long as it has an up to date service licence. Optional Feature Enhancements...

  • Page 7: Unpacking And Connection

    If this is the first time you are using your Mako, place the supplied USB Key in any USB port at the front of your Mako – If your Mako was not supplied with a USB Key you do not need one in your location and can skip this step.
  • Page 8 DIRECT CONNECTION TO A COMPUTER Normally the Mako is connected between the WAN port and a hub or switch device on your office network. If you are connecting directly to a computer you will not need to obtain an Ethernet crossover cable or equivalent device.

  • Page 9: Turning On

    MakoScope LCD MakoScope LCD is the name for the Mako 7550 LCD Feedback System. By interacting with the LCD screen on the front of your Mako, you can get real time information of the status of your Mako. MakoScope LCD...

  • Page 10: Login

    Mako Networks Home Page & Login Screens Login To administer your Mako appliance(s), enter your user name and password. Then click Login. Remote VPN To log in to the web site to start a remote secure IPSec VPN session, enter your user name and password, then click Login.

  • Page 11: Home

    Home Once your Login is successful a screen like the one below will be displayed. This is the starting point for administration of your Mako devices and Users. Home Screen This document will cover Adding a New User in the Management section. For now, click on View my Makos or click on the Selection menu to go to the Selection screen.
  • Page 12 Selection screen This screen shows the Mako units you are registered as using, and allows you to select sub- menus for Reports, Configuration and Help as described below depending upon the agreement between you and your IT professional. You can also see what country the Makos are located in and their Online/Offline/Awaiting Connection status.
  • Page 13 Mako Appliance Selected The chosen Mako appliance is now shown in the session status line, near the top right of the screen. Selected Mako Select your desired operation: Reporting, Configuration or Help by clicking on the required menu from the list on the left hand side.

  • Page 14: Reports: Usage

    Examples of typical reports are shown on the following pages Considerations Mako Usage refers to the total traffic which has passed through the Mako device. These reports therefore give you the sum total of your networks Internet usage, broken down into the listed time periods.
  • Page 15 Mako Networks Web Site where it can be re-allocated. Please contact your reseller or ISP if you have any queries regarding your ISP charging structure.
  • Page 16 Mako Report, Last Billing Cycle PC Usage The PC Usage Reports focus on the composition of your traffic volume. The entry screen to this section is shown below. Reports, PC Usage Mako Networks Mako 7550-E Product Handbook v.1.1 Page 16...
  • Page 17 Machine Name and click on Update to save the name. Where PCs have been assigned static IP addresses via the Mako DHCP Server, a PC name can also be entered via the DHCP screen.
  • Page 18 Services PC Usage by Services A further analysis can be performed by clicking on one of the service protocols listed. In this example we will analyse the HTTP traffic (web browsing). Mako Networks Mako 7550-E Product Handbook v.1.1 Page 18...
  • Page 19 Mako Traffic Mako Traffic reports let you see how a specific PC’s Internet activity relates to other PCs on your network. This is the place to look to get a breakdown of the traffic by service (protocol, port) over a given period.
  • Page 20 PC Traffic, Mako Traffic The screen above shows a comprehensive example of a Mako Traffic report, which is displayed in the pop-up window. A large number of services are permitted through this Mako device, each one of which is monitored.
  • Page 21 Mako Guardian Usage Mako Guardian Usage is only visible if you subscribe to the Mako Guardian service. The Mako Guardian Usage reports display traffic volume by website visited. Mako Guardian Usage Screen...
  • Page 22 (in this example no blocks have been made on any of the visible sites). Mako Guardian Usage Report By clicking on one of the sites, another report will display who has accessed the site during the selected period. Mako Guardian Individual Site Usage Report Mako Networks Mako 7550-E Product Handbook v.1.1 Page 22...
  • Page 23 SharkNet IDS IDS stands for Intrusion Detection Service. SharkNet IDS shows you what traffic has been blocked by the Firewall in your Mako device. SharkNet IDS SharkNet IDS lets you analyse what type of traffic is being blocked from entering your network, where is is coming from and how dangerous it is.
  • Page 24 Some of the services have a number of skull and crossbones icons indicating the Exploit Rating of the service. The more skull and crossbones icons, the more “dangerous” the service that was dropped. Mako Networks Mako 7550-E Product Handbook v.1.1 Page 24...
  • Page 25 This report shows where the intrusions that were blocked came from. You can click on areas of most of the IDS report graphs and charts to drill down to find further information. Mako Networks Mako 7550-E Product Handbook v.1.1 Page 25...

  • Page 26: Reports: Status

    Reports: Status This screen lets you check the status of the selected Mako device. It also shows the last user selectable number of events and the date of license expiry. Reports, Status Reports: Mako MailGuard This tab is one way to access your Mako MailGuard console. If you do not subscribe to this service then this tab will not appear on your screen.

  • Page 27: Configure

    The information on this screen will be set by your reseller and in most cases will never need to be changed. This screen could differ depending upon your ISP. With a Mako 7550-E you can configure it using IP, DHCP or PPP (bridged Ethernet). Internet Configuration - IP Mako Networks Mako 7550-E Product Handbook v.1.1...
  • Page 28 This facility is not available where your ISP Connection Plan does not impose a traffic charging threshold. Your Mako appliance automatically detects computers on your network that are infected with worms and stops them from accessing the Internet. You can set how aggressive this detection is from this page.
  • Page 29 Internet. You can set how aggressive this detection is from this page. Similarly, your Mako will detect unwanted portscan attempts and block the source IP Address for a ten minute period. You can set how aggressive this detection is from this page.
  • Page 30 The information on this screen will be set by your reseller and in most cases will never need to be changed. If your ISP does not provide you with multiple IP Addresses, this screen will not be available. ISP Assigned Public IP Range Mako Networks Mako 7550-E Product Handbook v.1.1 Page 30...

  • Page 31: Configure: Network

    You may rename your network from Lan 1 to a more meaningful name (such as Office Network) if desired. You can choose to allow the Mako to respond to ICMP (ping) traffic on its LAN 1 interface by selecting the Allow radio button.
  • Page 32 You may rename your network from Lan 2 (or 3 or 4) to a more meaningful name (such as DMZ) if desired. The Mako device must be given a fixed IP address on your network. You may also change the Subnet Mask address.
  • Page 33 Internet may be disabled if an error is made. DHCP Leases When the Mako’s DHCP Server is enabled it will issue IP information to all PCs on the network. Each PC computer has an Ethernet card for connection to the network. These cards are known as NICs.
  • Page 34 Internet may be disabled if an error is made. You may enter routes to other networks that have routers on one of your LANs. Static Routes Mako Networks Mako 7550-E Product Handbook v.1.1 Page 34...

  • Page 35: Configure: Firewall

    PCs are visible to the Internet. This is a very secure setting of your Mako device and should not be changed except in cases of specific need. Changes to permissions which Deny access tend to improve firewall security.
  • Page 36 This is not necessary when you are changing access for all PCs on your local network. NB: Changes made can take up to two minutes to apply to your Mako. If you want a change to apply immediately, click on the Perform Refresh button at the bottom of the Firewall pages.
  • Page 37 If you are unsure of what local IP address you should use you can click on the [lookup] link which will show you all PCs the Mako is aware of behind it. Once you have added a rule you can edit it by clicking on the Spanner icon.
  • Page 38 More complex firewall configurations are covered in the next section. An example of the Basic screen when rules have been configured in the Advanced section appears below. Mako Networks Mako 7550-E Product Handbook v.1.1 Page 38...
  • Page 39 Add. To remove a Pinhole click on the corresponding Delete button. The screen shot below is an example of Advanced rules configuration. The screen shows the rule flagged as Advanced on the Basic configuration page, earlier. Mako Networks Mako 7550-E Product Handbook v.1.1 Page 39...
  • Page 40 Reseller in the Syslogs Report section of the website. The Trace Logging option is also available in the Outbound Advanced and Intranet Advanced sections. Mako Networks Mako 7550-E Product Handbook v.1.1 Page 40...
  • Page 41 This establishes a hierarchy in the application of rules. Once you have added a rule you can edit it by clicking on the Spanner icon. Mako Networks Mako 7550-E Product Handbook v.1.1 Page 41...
  • Page 42 Please review the discussion at the beginning of the Firewall section for background information on the issues involved. Firewall, Advanced Outbound The screen shows an example of rules set up to prevent unwanted traffic from being passed out through the firewall. Mako Networks Mako 7550-E Product Handbook v.1.1 Page 42...
  • Page 43 Intranet: Basic The Intranet Firewall rules allow you to allow or deny traffic between your four Mako 7550 protected networks. It is not normally recommended to change from the default settings as you could reduce the security provided by separating the networks.
  • Page 44 Intranet: Advanced As with Outbound Security, the Advanced screen permits more complex permissions to be set Firewall, Advanced Intranet Mako Networks Mako 7550-E Product Handbook v.1.1 Page 44...
  • Page 45 VPN Firewalling enables you to control the flow of data across Mako to Mako VPNs and Third Party VPNs. Normally, once a VPN is created the traffic flows freely from network to network. If you want to restrict access to the VPN to specified computers or to a certain type of traffic, VPN Firewalling is the answer.

  • Page 46: Configure: Vpn

    Mako devices have two types of VPNs available, Mako to Mako and Remote Access. Mako to Mako If you have two or more Mako units, this screen allows you to set up secure virtual private network communications between each pair of Mako protected networks.
  • Page 47 IP addressing schemas for your offices. The corresponding changes to the secure profile of the Mako unit at the other end of the VPN link will be made automatically. It is not necessary to update both configurations.
  • Page 48 Invitation If you wish to have a Mako to Mako VPN between your Mako and a Mako that belongs to another company, you can do so with Mako VPN Invitations. Invitation: Send Invitation To create a VPN between a Mako you can administer and one you cannot, you need to know the email address of the administrator of the other Mako.
  • Page 49 Invitation: Accept Invitation Once you have received a Mako to Mako VPN Invitation by email, you need to go to the Accept Invitation screen and enter your key. VPN, Mako to Mako, Invitation, Accept Invitation Simply copy the key and click continue. If the Require Reconfirmation box was checked by the invitation initiator then the initiator will need to complete this process.
  • Page 50 Third Party VPN If you use a non-Mako router to connect to the Internet at a remote site, you can create a VPN connection between your Mako and the third-party device. The third-party device must support: IPSec VPN’s • 3DES IPSec Encryption Algorhythm •...
  • Page 51 Third Party VPN setup You can now either enter a Pre-Shared Key or create one automatically by clicking the [random] link. Then click Add. The Mako will then be awaiting the third-party device to form the connection. Third Party VPN Established You can modify any of the settings of an established Third Party VPN by clicking on the Spanner icon.
  • Page 52 Remote Access Mako Networks offers two types of Remote VPN connection – IPSec and PPTP. IPSec is more complicated to setup and generally requires additional software on the client but is very secure. PPTP is easier to setup and most Operating Systems support PPTP natively but it is less secure than an IPSec VPN.
  • Page 53 .vpn extension appended to identify then as a VPN user and not an administration user. Once a user is recorded their access can be individually enabled or disabled at any time, as shown in the previous section. Mako Networks Mako 7550-E Product Handbook v.1.1 Page 53...
  • Page 54 You then must set a range of LAN IP Addresses that will be issued to PPTP VPN users when they connect to the Mako and have the option of issuing an internal DNS Server and WINS Server IP to the PPTP VPN users.

  • Page 55: Configure: Services

    Documentation for Services that carry an additional cost can be downloaded in PDF format from the Documentation section of the Mako Networks website. If you would like this documentation emailed to you, please send an email to support@makonetworks.com.
  • Page 56 Services that are not allocated to a bin use the last bin by default. Quality of Service, Basic By placing a tick in the Show advanced bandwidth settings box you can allocate upstream bandwidth percentages across the Bins. Advanced QoS Bandwidth Settings Mako Networks Mako 7550-E Product Handbook v.1.1 Page 56...
  • Page 57 Mako Networks neither endorses or in any way guarantees the services provided by either of these parties. The Dynamic DNS service provided by Mako Networks is provided as a convenience to the users of its products and Mako Networks has no control over any aspect of DynDNS.org or no-ip.com.

  • Page 58: Configure: Location

    Configure: Location The Location section allows you to update and view the non-technical details of your Mako device. Mako Information This screen allows you to review or update information relating to the physical location of your Mako. Location By clicking the edit button you can add additional location information.

  • Page 59: Configure: Access

    Configure: Access From this screen you can view which users have access to this Mako. You can change access rights to Resticted Users. Access Control Mako Networks Mako 7550-E Product Handbook v.1.1 Page 59...

  • Page 60: Management: Home

    This button links you through to the Management: Users: Add User screen described later in this document. Information This is where you store Company related contact information. This is separate from Mako contact information. Company Information Mako Networks Mako 7550-E Product Handbook v.1.1...

  • Page 61: Management: User

    This is the default screen when you click on the User tab. It lists all the Users for your Company or lets you choose which Company’s Users you want to view if you have more than one Company. User Search Mako Networks Mako 7550-E Product Handbook v.1.1 Page 61...
  • Page 62 Manage User submenu depending upon which browser you are using. Manage User From the Manage User screen you can view the contact information for the User and edit it by clicking the Edit button as shown below. Mako Networks Mako 7550-E Product Handbook v.1.1 Page 62...
  • Page 63 Edit User Once you have edited the Users details, click save and the main page will refresh to reflect your newly entered details. Mako Networks Mako 7550-E Product Handbook v.1.1 Page 63...
  • Page 64 If you wish to change the Username the User has to log into the system, you may also action this from this page. Event Log The Event Log is a history of all recent changes that have been made to the selected User. User Event Log Mako Networks Mako 7550-E Product Handbook v.1.1 Page 64...
  • Page 65 You can choose the type of user to create and whether you want to grant access to all your Company’s Makos or just some. When you have completed this information, click the Add button at the bottom of the page. Mako Networks Mako 7550-E Product Handbook v.1.1 Page 65...

  • Page 66: Help: Help Contacts

    This screen contains the technical contact details for your company and its IT Provider(s). Help Contacts Help: Documentation This section contains downloadable PDF documentation on nearly every aspect of the Mako System as well as product literature. Documentation Mako Networks Mako 7550-E Product Handbook v.1.1...

  • Page 67: Help: Known Issues

    Help: Known Issues This area contains known issues and ways to resolve them. Known Issues Mako Networks Mako 7550-E Product Handbook v.1.1 Page 67...

  • Page 68: Troubleshooting

    Troubleshooting The website provides you with detailed help on obtaining reports on your traffic, updating the configuration of your Mako, and updating your customer details. Your Secure Customer Login: Web Site: http://www.makonetworks.com UserName: Password: What to do if: YOU LOSE YOUR SECURE CUSTOMER PASSWORD It is vital that you take great care of your password.

  • Page 69: Glossary Of Terms

    Hyper Text Transfer Protocol. The service which transfers HTML formatted web pages to a Browser. A device which extends the connectivity of an ethernet local area network to provide for additional computer connections. Mako Networks Mako 7550-E Product Handbook v.1.1 Page 69...
  • Page 70 Virtual Private Network. A method of establishing one or more secure encrypted channels between selected Internet subscribers. Web, or World Wide Web The client-server application which makes web sites available to Browsers. Mako Networks Mako 7550-E Product Handbook v.1.1 Page 70...

Table of Contents