1. Manuals
  2. Brands
  3. Symantec Manuals
  4. Gateway
  5. SGM 1600
  6. Installation manual

Symantec SGM 1600 Installation Manual

Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
Symantec™ Gateway Security 1600
Series v3.0

Installation Guide

Supported platforms:
1620, 1660

Advertisement

Table of Contents
loading

Related Manuals for Symantec SGM 1600

Summary of Contents for Symantec SGM 1600

  • Page 1: Installation Guide

    Symantec™ Gateway Security 1600 Series v3.0 Installation Guide Supported platforms: 1620, 1660...

  • Page 2: Technical Support

    Web-accessible Knowledge Base. The Technical Support group works collaboratively with the other functional areas within Symantec to answer your questions in a timely fashion. For example, the Technical Support group works with Product Engineering as well as Symantec Security Response to provide Alerting Services and Virus Definition Updates for virus outbreaks and security alerts.

  • Page 3: Contacting Technical Support

    American English. For support in other languages, select the language for the appropriate Global Site, then select the continue link for enterprise. Customers with Platinum support agreements may contact Platinum Technical Support by accessing the Platinum Web site at https://www-secure.symantec.com/platinum. When contacting the Technical Support group, have the following information available: Product release level...

  • Page 5: Table Of Contents

    Symantec Gateway Security 1600 Series back panel features ..............10 Connecting an uninterruptible power supply .......................11 Resetting the appliance to factory defaults ......................12 Restoring the appliance firmware with the Symantec Gateway Security OS Restore CD-ROM ....13 Chapter 2 Developing a security plan Defining your security policy ..........................15...
  • Page 6 Contents...

  • Page 7: Installing The Appliance

    Symantec Gateway Security 1600 Series appliance. Read the installation instructions and heed all warnings before connecting the appliance to its power source. See the Symantec Gateway Security 1600 Series Getting Started Guide for all warning information about the Symantec Gateway Security 1600 Series appliances.

  • Page 8: Installing The Symantec Gateway Security 1600 Series Appliance

    Installing the appliance Installing the Symantec Gateway Security 1600 Series appliance You can install the Symantec Gateway Security 1600 Series appliance on a flat surface or in a rack. When preparing to install your appliance, refer to the following guidelines: Prepare a smooth and level surface Place the appliance on a smooth and level surface, such as the top of a computer table or in a rack.

  • Page 9: Symantec Gateway Security 1600 Series Hardware

    Using the mounting screws provided with the rack, secure the mounting brackets to the equipment rack. Symantec Gateway Security 1600 Series hardware The Symantec Gateway Security 1600 Series v3.0 consists of the models 1620 and 1660. Both models run the same software and have the same front panel features. Front panel status indicators The front panel of the Symantec Gateway Security 1600 Series v3.0 contains status indicators to...

  • Page 10: Symantec Gateway Security 1600 Series Back Panel Features

    Symantec Gateway Security 1600 Series back panel features This section describes the back panel features of the Symantec Gateway Security 1600 Series v3.0. All models of the Symantec Gateway Security 1600 Series appliances have Ethernet ports which can connect to 10/100/1000 Base-T networks.

  • Page 11: Connecting An Uninterruptible Power Supply

    UPS unit through a USB port. The recommended supplier for UPS units is American Power Conversion (www.apcc.com). The UPS unit must support USB ports. Units that support serial ports only do not work with Symantec Gateway Security 1600 Series appliances.

  • Page 12: Resetting The Appliance To Factory Defaults

    See the Symantec Gateway Security 1600 Series Getting Started Guide for more information. You can also reset the appliance to factory defaults using the serial console menu. See the Symantec Gateway Security 1600 Series Administration Guide for more information.

  • Page 13: Restoring The Appliance Firmware With The Symantec Gateway Security Os Restore Cd-Rom

    Once the Symantec Gateway Security OS Restore CD-ROM boots, it will tell you whether it found the appropriate hardware to continue the process. If it cannot use your network card, locate another computer with a different network interface type.
  • Page 14 ROM from the drive. The CD-ROM is not ejected automatically during the restart. Turn on the security gateway using the power switch, and then perform the initial setup process again. For information regarding initial setup, see the Symantec Gateway Security 1600 Series Getting Started Guide.

  • Page 15: Developing A Security Plan

    Networking and applications software Information in files and databases The firewall component of Symantec Gateway Security 1600 Series v3.0 is the main tool for enforcing access security gateway access, allowing you to define a set of rules that allow or deny access to specific resources throughout your network.

  • Page 16: Becoming Security Conscious

    Developing a security plan Educating users What external users will have access to your network? Where will they come from and where do you want to allow them to go? During what hours? For what period of time? Do you intend to implement a service network? Do you intend to implement a de-militarized zone (DMZ)? What types of services do you want to allow for external users and hosts? What type of authentication will you require for external users? (Strong authentication is...

  • Page 17: Security Policy Worksheets

    Developing a security plan Security policy worksheets For instance, if you plan to limit Web services to a single server during specific hours, let this be known to the affected groups and users. If you plan to pass all email through a dedicated server, or if external users will be disallowed from accessing certain systems by Telnet, consider passing these changes along before implementation.
  • Page 18 Developing a security plan Security policy worksheets What are your network access points? ______________________________________________________________________ ______________________________________________________________________ Name of the primary administrator: ____________________________________ Table 2-1 to list all persons involved in administering the system. Table 2-1 Administrator names Name Email Phone Pager ______________________ ______________________ ______________________...

  • Page 19: Collecting Hardware Information

    _____ Email _____ Pager _____ Client program _____ SNMP V1 _____ SNMP V2 15 Do you have other Symantec security gateways on your network now? _____ Yes _____ No 16 If yes, what version? ________________________________ 17 Do you plan to combine security gateways for failover?

  • Page 20: Collecting Your Tcp/Ip Address

    _____ Yes _____ No If yes, list. ______________________________________________________________________ ______________________________________________________________________ Will you be using Symantec Client VPN? _____ Yes _____ No Collecting your TCP/IP address It is important to think about the TCP/IP requirements for your site. This includes information about running Domain Name Services (DNS), types and names of domains on your network, and making a list of protocols used that need to pass through your security gateway.

  • Page 21: Defining Your Allowed Tcp/Ip Services

    Developing a security plan Security policy worksheets Do you have someone at your site who is knowledgeable about, and comfortable working with DNS and how to configure it properly? _____ Yes _____ No If yes, who? ______________________________________________________________________ Check the address types being used at your site: _____ Registered IP address _____ Private IP address (RFC 1918) _____ Unregistered IP address...
  • Page 22 Developing a security plan Security policy worksheets To define your allowed TCP/IP services Table 2-2 and check the access type (if any) you will allow for the following services. Table 2-2 Allowed TCP/IP access type Access group All users All internal users Selected group No access Table 2-3...

  • Page 23: Collecting Email Information For Security Gateway Notifications

    Developing a security plan Security policy worksheets Collecting email information for security gateway notifications You need to know information about email notifications. Use this section to collect data such as type of mail server, mail server IP address, and mail transport protocol. To collect email information for security gateway notifications Record the name and IP address of your mail server: Name: __________________________________...

  • Page 24: Access Lists

    Developing a security plan Security policy worksheets Will you be using an external caching/proxy server? If Yes, record the server name and IP address. _____ Yes _____ No Proxy server name:___________ Address:______________ Do you plan to use the content filtering service for security gateway? _____ Yes _____ No Do you plan to restrict access to any specific URLs?

  • Page 25: Defining Your Network Architecture

    Developing a security plan Security policy worksheets Table 2-5 Entity identification (Continued) IP address/Fully qualified domain Entity type Internal/external name _______________________ _______________________ _______________________ Table 2-6 to list all allowed user identities. Table 2-6 User identification User name Group name Client VPN Clientless VPN ________________________________ _______________________...
  • Page 26 Developing a security plan Security policy worksheets Table 2-7 to create a list of all internal servers. Your internal network consists of at least the security gateway host and a router. Table 2-7 Internal network servers DNS name services Mail server Web server Other server Service...
  • Page 27 Developing a security plan Security policy worksheets Table 2-10 to list your router IP addresses. Table 2-10 Router IP addresses Router IP addresses ______________________________________ _______________________________________ ______________________________________ _______________________________________ ______________________________________ _______________________________________ ______________________________________ _______________________________________ ______________________________________ _______________________________________ Your external network can also include external servers, such as an external Web server. Use Table 2- to list all external network servers.
  • Page 28 Developing a security plan Security policy worksheets...

Table of Contents