Trustwave SWG 3000 Setup Manual

Secure web gateway

Advertisement

.Trustwave.com Updated October 9, 2007
Secure Web Gateway
Version 11.5
Setup Guide

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the SWG 3000 and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Summary of Contents for Trustwave SWG 3000

  • Page 1 .Trustwave.com Updated October 9, 2007 Secure Web Gateway Version 11.5 Setup Guide...
  • Page 2: Legal Notice

    You should consult with a professional where appropriate. Neither the author nor Trustwave shall be liable for any loss of profit or any commercial damages, including but not limited to direct, indirect, special, incidental, consequential, or other damages.
  • Page 3: Formatting Conventions

    Tip: This symbol denotes a suggestion for a better or more productive way to use the product. Caution: This symbol highlights a warning against using the software in an unintended manner. Question: This symbol indicates a question that the reader should consider. Copyright © 2013 Trustwave Holdings, Inc. All rights reserved.
  • Page 4: Table Of Contents

    Requirements before Installing a Physical Appliance ..........7 2.1.2 Connecting an Appliance Using an Ethernet Cable ..........7 2.1.2.1 For SWG 3000 and SWG 5000 models: ..........7 2.1.2.2 For an SWG 7000 appliance: ............... 8 2.1.3 Connecting an Appliance Using a Serial Cable ............9 Deploying a Virtual SWG from an OVF File .................
  • Page 5: About This Guide

    7 USB Key Creator Notes and Warnings ....................... 27 Usage Instructions ......................27 About This Guide This guide provides the instructions you need to install and set up your Trustwave SWG appliance. Copyright © 2013 Trustwave Holdings, Inc. All rights reserved.
  • Page 6: Before You Begin

    2.1 Installing a Physical SWG Appliance Installation consists of connecting to the appliance. You can connect in any of the following ways: Using an Ethernet cable • Using a Serial cable (SWG 3000 and SWG 5000 only) • • Using a keyboard and monitor Instructions for connecting are provided on the following pages.
  • Page 7: Requirements Before Installing A Physical Appliance

    Hardware for connecting — ethernet cable, serial cable, or a keyboard and monitor • • Rack space for the appliance • 1U Rack space for SWG 3000 or SWG 5000 • 7U Rack space for SWG 7000 • Switch port for the internet cable •...
  • Page 8: For An Swg 7000 Appliance

    Continue with initial setup of this SWG Appliance blade using the Limited Shell, and when done, repeat Step 1 for each blade. Note: For more information on setting up the SWG 7000, contact your Trustwave representative. Copyright © 2013 Trustwave Holdings, Inc. All rights reserved.
  • Page 9: Connecting An Appliance Using A Serial Cable

    Secure Web Gateway 11.5 Setup Guide 2.1.3 Connecting an Appliance Using a Serial Cable Note: Connection using a serial cable is applicable only to SWG 3000 and SWG 5000 appliances. 1. Connect the PC to the appliance’s Serial Console, using the serial cable.
  • Page 10: Setting Up The Appliance

    • All In One (Default) – Defines the appliance as both a Policy Server and a Scanner. This value is often used for SWG 3000 or 5000 models. SWG Scanner – Defines the appliance or blade as a Scanner only.
  • Page 11: Setting Up The Appliance

    2. Enter the setup command. The current configuration status is displayed. 3. Using the data you prepared, page through the setup script entering the needed values. This displayed configuration is updated as you enter values. Copyright © 2013 Trustwave Holdings, Inc. All rights reserved.
  • Page 12: Performing Additional Configuration

    Checks connectivity to the remote devices (for Policy Server or All- in-One appliances) config_ ... Network or service configuration. Double tab to view the config_network config_time config_hardware config_upgrade config_support config_psweb config_exclude config_bridge config_access_log , and commands. Copyright © 2013 Trustwave Holdings, Inc. All rights reserved.
  • Page 13 Shows system or service status. Double tab to view the show_ ... show_bridge show_config, show_hardware, show_network show_service show_dbsize show_proxy_buffers, show_proxy_connections, show_route show_time show_version , and commands. Provides access to privileged shell supersh Copyright © 2013 Trustwave Holdings, Inc. All rights reserved.
  • Page 14: Limited Shell Configuration Commands

    (higher case and lower case) and digits. It is also recommended to change the password frequently. Enter the change_password command and confirm current and new passwords. Copyright © 2013 Trustwave Holdings, Inc. All rights reserved.
  • Page 15 For example, if the search is on http://mize and the search domain is Trustwave.com, the appliance will try to resolve to http://mize.Trustwave.com. IMPORTANT: It is mandatory to configure the DNS Server that has the ability to resolve external IP addresses The current DNS configuration is displayed.
  • Page 16 All other traffic will flow uninterrupted. config_access_log Enables or disables the access log. disable_ ... Disables the service. The disable command includes the disable_service_snmpd and disable_service_ssh commands. Copyright © 2013 Trustwave Holdings, Inc. All rights reserved.
  • Page 17 Rebuilds the appliance configuration in extreme situations where the appliance, for whatever reason, was disconnected for a period of time. This action restarts the appliances and may take several minutes. Copyright © 2013 Trustwave Holdings, Inc. All rights reserved.
  • Page 18: Limited Shell Monitoring Commands

    IP traffic monitor • General Interface Statistics • Detailed Interface Statistics • Statistical breakdowns • LAN station monitor • For example, select IP traffic monitor to display the IP traffic monitor details. Copyright © 2013 Trustwave Holdings, Inc. All rights reserved.
  • Page 19 7000-SWG. reboot Enables you to remotely reboot the appliance. restart_role Restarts all role services. save_exclude_logs Saves Exclude logs in the Exclude directory. save_support_logs Saves Support logs in the Support directory. Copyright © 2013 Trustwave Holdings, Inc. All rights reserved.
  • Page 20 Displays the service configuration status for snmpd. • show_service_ssh: Displays the service configuration status for ssh. show_dbsize Shows the file size of the data- bases connected with your appliance. show_proxy_buffers Shows the status of proxy buffers. Copyright © 2013 Trustwave Holdings, Inc. All rights reserved.
  • Page 21 Shows the currently installed SWG version. supersh Enables root access to the appliance. This command is reserved for Trustwave Support only. tcpdump Allows the user to intercept and display TCP/IP and other packets being transmitted or received over a network to which the computer is attached.
  • Page 22: Swg Installation Utility

    USB key with the relevant version ISO files. If you have not yet configured a bootable USB key, refer to USB Key Creator on page 26. (The necessary files for the USB key installation are found in the Support section of the Trustwave website.) •...
  • Page 23: Upgrading The Policy Server And All-In-One

    Therefore, the list is dynamic. The following is a sample menu: The format of the filenames is designed so that the first *** numbers displayed are the version number, and the subsequent b** is the build number. Copyright © 2013 Trustwave Holdings, Inc. All rights reserved.
  • Page 24: Scanning Servers Upgrade

    9.0 M02 and up) allows you to decide which groups of remote devices to upgrade and in what order. Note: Scanners can be divided into specialized ‘groups’, which enables upgrading for specific devices only. Copyright © 2013 Trustwave Holdings, Inc. All rights reserved.
  • Page 25: Limited Shell

    4. New upgrade group. Enter 1. 5. The scanner is listed under Group 1. Press N when prompted to change the configuration. This will start the upgrade process. 6. Start the Upgrade: Press Y. Copyright © 2013 Trustwave Holdings, Inc. All rights reserved.
  • Page 26: Upgrading From Version 10.2

    To upgrade the Policy Server to Version 11: When running version 10.2, the OS update will display in the Available Updates tab. icon on the left and select Install Now. 1. Right-click the Copyright © 2013 Trustwave Holdings, Inc. All rights reserved.
  • Page 27: Usb Key Creator

    • 7.2 Usage Instructions To download and install files: 1. Navigate to the Trustwave Support section of the Trustwave website. Proceed to the SWG Downloads and Documentation section/Product Downloads. 2. Log in with valid email and password credentials. 3. Download the USB Creator for Windows. The file is titled Trustwave_Disk-on-Key.zip and includes the TrustwaveUSB.exe and TrustwaveUSBTOOL.avi files.)
  • Page 28 Secure Web Gateway 11.5 Setup Guide 4. Create a working directory, unzip the files, and run SETUP to install the program. 5. From the Trustwave Support website section, copy the SWG Installation Utility files and the ISO into the working directory.
  • Page 29 ® About Trustwave Trustwave is a leading provider of compliance, Web, application, network and data security solutions delivered through the cloud, managed security services, software and appliances. For organizations faced with today's challenging data security and compliance environment, Trustwave provides a unique approach with comprehensive solutions that include its TrustKeeper®...

This manual is also suitable for:

Swg 5000Swg 7000

Table of Contents