Bandura Cyber TIG BT-500 User Manual
  1. Manuals
  2. Brands
  3. Bandura Cyber Manuals
  4. Firewall
  5. TIG BT-500
  6. User manual

Bandura Cyber TIG BT-500 User Manual

Hide thumbs
Table of Contents

Advertisement

Quick Links

August 2019 ​ • ​ V ersion ​ 3 .72
USER'S MANUAL

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the TIG BT-500 and is the answer not in the manual?

Questions and answers

Summary of Contents for Bandura Cyber TIG BT-500

  • Page 1 August 2019 ​ • ​ V ersion ​ 3 .72 USER’S MANUAL...
  • Page 2 While​ ​ B andura​ ​ C yber​ ​ h as​ ​ a ttempted​ ​ t o​ ​ v erify​ ​ t hat​ ​ t he​ ​ i nformation​ ​ i n this​ ​ d ocument​ ​ i s​ ​ a ccurate​ ​...

  • Page 3: Table Of Contents

    2.2.2 Logging In 2.2.3 Changing Your Password 2.2.4 Changing Date/Time 2.2.5 Change Admin Interface Network Address 2.2.6 Confirm the Bandura Cyber TIG can Access the Internet 2.3 Console Modes 2.4 Overview of Bandura Cyber TIG Configuration 2.5 Configuring the Bridge Filters 2.6 Configuring a Resource Group...
  • Page 4 3.3.1 Exception Lists 3.3.2 Service Groups 3.3.3 IP Blacklists 3.3.4 Domain Blacklists 3.3.5 IP Whitelists 3.3.6 Domain Whitelists 3.4 Logs 3.4.1 Connections 3.4.2 Domain Logs 3.4.3 System 3.5 Users 3.5.1 Accounts 3.5.1.1 Creating a New User 3.5.1.2 Show User Sessions 3.5.1.3 Edit User 3.5.1.4 Delete User 3.5.2 Maintenance Users...
  • Page 5 3.7.8.2.4 Import and Export Certificate 3.7.8.2.5 Upload CA Certificate 3.7.8.2.6 Upload Certificate Revocation List 3.7.9 SNMP 3.7.9.1 General Settings 3.7.9.2 SNMP Users 3.7.9.2 SNMP Access 3.7.9.3 SNMP Traps 3.7.10 NTP 3.7.11 TACACS+ 3.7.12 SMTP 3.8 Providers 3.8.1 System Providers 3.8.2 HIPPIE Provider 3.9 Update Software 3.10 System 3.10.1 Active Sessions...

  • Page 6: Introduction

    Autonomous System Number (ASN) what organization the packet is coming from. Bandura Cyber TIG uses a Threat Intelligence Engine to filter packets against dynamic threat intelligence indicators to determine if the packet is malicious.
  • Page 7 STIX/TAXII support can easily integrate with additional threat intelligence sources. Transparent Bridging The Bandura Cyber TIG acts as a bridge, placed in between a firewall and the external or internal network, eliminating the need to make large configuration changes to the network.

  • Page 8: Support

    Unlike a traditional firewall, Bandura Cyber TIG is not configured in a NAT or Route mode. Instead, Bandura Cyber TIG is a Level 2 bridge that filters traffic in line. Bandura Cyber TIG can also be deployed out-of-band providing visibility into network traffic but no blocking capabilities.

  • Page 9: Specifications

    1.3 Specifications MODEL COMPARISON BT-500 BT-1G BT-10G Standard High Availability Data Center (BT-1G) (BT-1G-A) (BT-1G-X NETWORKING Bypass Mode Bypass Mode Bypass Mode Bypass Mode Bypass Mode Bridging Interface 1 Gb Copper 1 Gbit Copper 1 Gbit Copper 1 Gb Copper 1 Gb Copper RJ45 or 1Gb RJ45 or 1 Gbit...

  • Page 10: What's Included

    YOUR BANDURA CYBER TIG ARRIVES WITH AN ‘ALLOW ALL’ POLICY CONFIGURATION Once the appliance is powered on, take a look at the back of the Bandura Cyber TIG and locate the multiple ethernet ports. Depending on the model you have, you will see one or two ports labeled ‘Outside’...

  • Page 11: First Login

    192.168.1.254. To avoid any network routing problems, you may want to turn off any other internet connections on this computer, such as WiFi. ● Connect your computer to the Admin port on the Bandura Cyber TIG, using a standard UTP CAT5, CAT5e or CAT6 ethernet cable.

  • Page 12: Logging In

    ○ IPv4 Address: ​ 1 92.168.1.2 ○ Subnet Mask: ​ 2 55.255.255.0 ○ Router: ● Click ​ O K ​ a nd check your running terminal for the pings to start hitting the Bandura Cyber TIG. Linux: ● Visit our ​...

  • Page 13: Changing Your Password

    ● Username: ​ a dmin ● Password: ​ a dmin The first screen you should see when logging into your new Bandura Cyber TIG is the registration screen. Now is the best time to register an account with the support site. Otherwise, please be sure to register as soon as possible after completing the setup process.
  • Page 14 YOUR PASSWORD CAN ALSO BE CHANGED FROM THE USERS > CHANGE PASSWORD MENU OPTION. By default, a new Bandura Cyber TIG requires passwords to be at least eight characters in length. New passwords must also contain at least three characters per group, or classes of...

  • Page 15: Changing Date/Time

    ● REVLPQWDSG​ (only one character group) 2.2.4 Changing Date/Time It is important that your Bandura Cyber TIG has the correct time. Navigate to ​ S ettings > Date/Timezone​ and set the correct timezone. Set the date and time if necessary.
  • Page 16 Enter the network where you will place the Bandura Cyber TIG into ​ H TTPS IPv4 Access​ . You cannot ping the Bandura Cyber TIG unless your IP address is added into the appropriate list. Add your network and any other networks you would like to have ping access to ​ P ing IPv4...
  • Page 17 Once you have confirmed your addresses are input correctly, click on ​ S ubmit. ​ B e sure to select Yes​ when the warning dialog box appears. This will allow the Bandura Cyber TIG to automatically give the new network HTTPS access so you can log into the UI from the new...

  • Page 18: Confirm The Bandura Cyber Tig Can Access The Internet

    ● Go to your ​ N etwork and Sharing Center ​ a nd select the radio button next to ​ O btain an IP Address Automatically​ . ● Click ​ O K ​ a nd you should be redirected to the login page of the Bandura Cyber TIG. Mac: ●...

  • Page 19: Console Modes

    Now it’s time to place the Bandura Cyber TIG in your network. Connect the ​ O utside ​ e thernet port toward the public internet, and the ​ I nside ​ e thernet port toward your internal network.

  • Page 20: Overview Of Bandura Cyber Tig Configuration

    Please be aware that attaching a networked virtual ​ k eyboard, video and mouse (KVM) ​ d evice or a serial device server to your Bandura Cyber TIG in order to remotely access console mode may be a security risk.

  • Page 21: Configuring A Resource Group

    A new Bandura Cyber TIG allows all traffic to and from the internet. Any internet address within your network, unless blocked, will be allowed.

  • Page 22: Configuring Administration

    YOU WILL IMMEDIATELY LOSE YOUR CONNECTION TO THE BANDURA CYBER TIG WHEN YOU READDRESS THE ADMINISTRATIVE PORT The Bandura Cyber TIG has many layers of security, which may or may not be required for your environment. Review your security policy, infrastructure and capabilities, and consider the following security features of the Bandura Cyber TIG: ●...

  • Page 23: Bandura Cyber Tig Menu Reference

    ● Reboot to restart the Bandura Cyber TIG (Bandura Cyber TIG will be in bypass mode during this time) ● Shutdown to turn off the Bandura Cyber TIG (Bandura Cyber TIG will be in bypass mode while turned off) ● Console Mode to do low level configuration changes or factory reset the unit ●...

  • Page 24: Connection Summary

    3.1.1 Connection Summary Connection Summary shows two graphs, one for ​ T otal Allowed Connections ​ a nd one for Total Dropped Connections​ . The vertical axis is the number of connections while the horizontal axis is grouped into categories such as Country, Exception List, IP Reputation, and Whitelist or Blacklist.

  • Page 25: Filters

    3.1.3 Filters Filters allow you to adjust what data is shown in all graphs across the dashboard: ● Time Frame Presets ● Time Frame Start ● Time Frame End ● Traffic Direction ● Resource Group Time Frame Presets can be selected to quickly see the last 30 minutes, 1 hour, 24 hours, 7 days, 30 days, or 360 days.
  • Page 26 One or more Resource comprise a Resource Group, and each Resource is the internet address of one of your local computers or networks. If the Bandura Cyber TIG receives traffic for a computer listed in a Resource, then it will allow traffic according to the associated Resource Group.

  • Page 27: Creating A Resource Group

    3.2.1 Creating a Resource Group Click on ​ A dd New Resource Group​ to add a new resource group, then add a name, description, direction. You can select your type of Drop Action and whether or not you want the Resource Group to use Blacklists and Whitelists.

  • Page 28: Edit

    Delete a Resource Group along with all of its associated Delete Resources, Country Policies, Risk Thresholds, Exception Lists, Country Policies, Throttles and Alerts 3.2.2 Edit You can rename a Resource Group, change its description, direction, drop action preference, blacklist or whitelist inclusion, or assign it a GMC Policy by clicking on the ​ E dit ​ i con shown in the actions list.

  • Page 29: Resources

    3.2.3 Resources You can add resources to a Resource Group by clicking the ​ R esources​ icon shown in the actions list. Resources are a list of your local internet addresses and place restrictions on your local network. An address found in a Resource gets processed based on its associated Resource Group, but if an address is not found in any Resource Group, then it will be processed according to one of the DEFAULT Resource Groups.

  • Page 30: Country Policies

    ● AH (Authentication Header) ● GRE (Generic Routing Encapsulation) Note that if the Bandura Cyber TIG allows traffic in one direction, it will also allow response traffic. If you allow outbound traffic on TCP port 80, then you will still receive inbound responses, even though they are otherwise blocked.

  • Page 31: Risk Thresholds

    Click on a country to select it, or use the list of countries to search. The countries displayed in green are allowed, and red shows those that are blocked. 3.2.5 Risk Thresholds You can edit the Risk Thresholds associated with a policy by clicking the ​ R isk Threshold ​ i con shown in the actions list.

  • Page 32: Exception Lists

    There are seventeen threat categories to choose from on this screen. All IPs included in the threat intelligence are placed in one or more of these categories. Each category has an associated risk threshold slider which has a range of 1 to 100. Each IP in the threat intelligence also has an associated score that can range from 1 to 100, with a higher score representing a higher chance of it being malicious.
  • Page 33 ● Activation Interval ​ i s the amount of time, in seconds, that the traffic has to be excessive before the alert is triggered. ● Re-raise timeout ​ i s the amount of time delay before the Bandura Cyber TIG will trigger an alert again.

  • Page 34: Live Stats

    You can delete a Resource Group by clicking the ​ D elete ​ i con shown in the actions list. The Bandura Cyber TIG will ask if you really want to delete the Resource Group. Deleting a Resource Group will delete all of its associated Resources, Country Policies, Risk Thresholds,...

  • Page 35: Manage Lists

    Exception Lists ​ a re collections of internet protocol addresses and networks that you specifically want to allow or deny from your network. They are called exceptions because they override the basic operation of your Bandura Cyber TIG, which generally allows or blocks internet traffic by country.
  • Page 36 Once you have created your Exception List, you will need to configure the list: Edit Rename the Exception List or change its description Add networks to Exception Lists Exceptions Delete Delete the Exception List and all of its associated networks Click on the ​...

  • Page 37: Service Groups

    3.3.2 Service Groups Service Groups define Protocols and Ports for services, and they can be used across multiple Resource Groups for allowing or blocking defined services. Click on the ​ A dd Service Group ​ t o create a new Service Group. Enter a name and description, then click on the ​...

  • Page 38: Domain Blacklists

    3.3.3 Blacklists 3.3.3.1 IPv4 Blacklists Blacklists are databases of known cyber threat addresses. Enable or disable the provided blacklists or search for a specific IP across all blacklists. Blacklists block inbound and outbound requests to IPs in enabled lists. 3.3.3.2 Domain Blacklists Domain lists block outbound requests to domains in enabled lists.

  • Page 39: Domain Whitelists

    3.3.4 Whitelist 3.3.4.1 IPv4/IPv6 Whitelist Internet addresses included in the global whitelist will be allowed even if they are from a blocked country, risk category or blacklist. Each Resource Group obeys whitelists by default. This can be changed by editing an individual Resource Group. Enter the ​...
  • Page 40 The auto whitelisting feature allows you to enter a domain name and the Bandura Cyber TIG automatically pulls and updates the IP’s associated with that domain. Each IP is compiled into your ​ W hitelisted A Records ​ o r ​ W hitelisted MX Records ​ e xception list. These exception lists must be included in your policies in order for the domain whitelist to take effect.

  • Page 41: Logs

    3.4.1 Connections The ​ C onnections Log ​ s hows information of data packets being filtered by the Bandura Cyber TIG. The Connections Log will tell you the following information of the packets: ●...

  • Page 42: Domain Logs

    Filter your results for a more precise search or export the logs via CSV or PDF. 3.4.3 System System Logs ​ a llow you to display internal operating messages of the Bandura Cyber TIG, and administer command history. You can also stream this data to other computers using ​ E xternal Syslog Servers​...

  • Page 43: Users

    3.5 Users 3.5.1 Accounts The Bandura Cyber TIG is protected by usernames and passwords, and no one can modify the internal operation of the device unless they have a registered account. There is one predefined user account: User ID: admin...
  • Page 44 Since the Bandura Cyber TIG keeps extensive and precise records of all its activity, including the actions of administrative users, these personal user accounts add a level of security and accountability, and helps prevent misunderstanding and fraud. Here are the rules for all usernames: ●...
  • Page 45 Once you add the trusted networks, delete the “Allow All” networks. You can limit what times a user can log into the Bandura Cyber TIG. The hours per day is set for the entire week. You can edit each day separately on the Edit Access Restrictions screen.

  • Page 46: Show User Sessions

    3.5.1.2 Show User Sessions You can view an audit log of a Bandura Cyber TIG administrators actions by clicking the ​ S how User Sessions ​ i con shown in the actions list. This brings up a list of the administrators last sessions, with login and logout times.

  • Page 47: Edit User

    3.5.1.3 Edit User You can edit the characteristics of a Bandura Cyber TIG administrator by clicking the ​ E dit User icon shown in the actions list. You can change the account password, assign roles, enable or disable the account, or generate a one time password.
  • Page 48 You can change a users password by clicking on ​ C hange Password​ . Passwords are restricted according to the settings found in the Bandura Cyber TIG Configuration General Settings. If​ ​ y ou​ ​ a re​ ​ u nfamiliar​ ​ w ith​ ​ t he​ ​ B andura Cyber TIG's​ ​ p assword​ ​ p olicy,​ ​ y ou​ ​ m ay​ ​ w ant​ ​ t o​ ​ r eview the​...

  • Page 49: Delete User

    3.5.1.4 Delete User You can delete a Bandura Cyber TIG administrator by clicking the ​ D elete ​ i con shown in the actions list. A user account must be disabled before it can be deleted. When an account is disabled, even if the correct password is entered, the user will not be able to login.

  • Page 50: Change Password

    3.5.3 Change Password Change Password​ allows you to change the password on your own account. If​ ​ y ou​ ​ a re​ ​ u nfamiliar​ ​ w ith​ ​ t he​ ​ B andura Cyber TIG's​ ​ p assword​ ​ p olicy,​ ​ y ou​ ​ m ay​ ​ w ant​ ​ t o​ ​ r eview the​ ​ s ettings​ ​...

  • Page 51: Network

    ● The Bandura Cyber TIG and your management computer both need ready access to network cabling for both the old and new networks. ● Properly identify the Administrative​ ​ E thernet​ ​ N etwork​ ​ P ort​ on the Bandura Cyber TIG, as illustrated in the Physical​ ​ F eatures​ diagrams.

  • Page 52: Https Access Settings

    You can authorize access from both Internet Protocol version 4 and version 6 networks. By default, the Bandura Cyber TIG will allow ping access from all IPv4 networks, as is indicated by the 0.0.0.0/0 address. After you allow access to your own local management networks, you can remove this "allow all"...

  • Page 53: Ipsec Settings

    IPsec has two modes: ● Tunnel​ ​ M ode​ : ​ between the Bandura Cyber TIG and all the computers on a specific network. This is done via a peer​ ​ n ode​ , which has two network ports: one that connects to the Bandura Cyber TIG via an untrusted network, and another which is connected to your trusted destination network.
  • Page 54 Things to consider before creating an IPsec connection: ● Do not use Tunnel mode when your Bandura Cyber TIG is on the same network as your destination, since your data will travel twice on the same network: once encrypted and once decrypted, and so may defeat the purpose of IPsec.

  • Page 55: Arp Table

    ​ R esource​ ​ G roup​ . ● In an egress resource group, create Rules​ ​ f or the Bandura Cyber TIG's administration​ ​ i nterface​ , allowing the protocols ESP​ (​ E ncapsulating Security Payload), AH​...
  • Page 56 You may also need an entry here if you create an IPv6 Transport​ ​ M ode​ ​ I Psec​ connection to a node that is on the same network as the administrative interface of the Bandura Cyber TIG. You may need to enter the MAC address for that IPv6 address. If you don't provide a static entry for that IPv6 address, the Bandura Cyber TIG might not be able to establish the IPsec connection.

  • Page 57: Settings

    This mechanism is designed to prevent an intruder from attempting to break into the Bandura Cyber TIG merely by guessing a large number of passwords. While an account is temporarily locked, even the correct password will be rejected.
  • Page 58 Minimum Password Length ​ s ets the lower limits for the length of administrative passwords. Password History Count ​ i s the number of old passwords saved by the Bandura Cyber TIG for each administrator account. An administrator cannot reuse an old password.

  • Page 59: Bypass

    Bandura Cyber TIG is turned off. Startup Mode ​ w ill dictate what mode the Bandura Cyber TIG boots into. ​ L ast Mode​ will boot the Bandura Cyber TIG into the mode enabled during the last shutdown.

  • Page 60: Gmc

    Bandura Cyber TIG allows you to enable or disable specific services that the Bandura Cyber TIG syncs with GMC. The various services available are UPv4 Whitelist, Blacklist Selection, and Whitelist Selection.

  • Page 61: Alarm

    ● Account Locked Out: ​ A n administrator account was locked due to multiple incorrect password attempts. ● Self Test Failure: ​ T he Bandura Cyber TIGs internal consistency checks failed. ● Auto Update Failure: ​ A ttempt to download new versions of HIPPIE data or PCELs failed.

  • Page 62: Banner

    The visual alarm will remain flashing until all of the alarms are cleared. 3.7.7 Banner The ​ B anner Text ​ i s displayed prior to logging into the Bandura Cyber TIG. This banner can display a security policy, conditions of use, or a liability or disclaimer text. This warning message includes buttons to “Accept”...
  • Page 63 Certificates: ​ M anage Public Key Certificates for secure communications on the Bandura Cyber TIG. HTTP Access: ​ L imit administrative access to the Bandura Cyber TIG from only specific networks.

  • Page 64: General Settings

    The ​ h ttps​ ​ ​ w eb browser function uses a secure internet protocol along with an encryption certificate installed on the Bandura Cyber TIG. ​ T ransport​ ​ L ayer​ ​ S ecurity​ (TLS​ ) ​ and ​ S ecure​...

  • Page 65: View Existing Certificate

    Public Key Certificate from a Certificate Authority. ● Import​ ​ C ertificate​ : ​ Install a public key certificate in your Bandura Cyber TIG. Use this if you created the Bandura Cyber TIG's Certificate on another computer.

  • Page 66: Generate And Install New Self Signed Certificate

    Bandura Cyber TIG. Be sure to get a new security certificate for your Bandura Cyber TIG before the existing one expires. You can either create a new self-signed​ ​ c ertificate​ , or you can obtain an authoritatively-signed certificate​...
  • Page 67 Like many similar security certificates, the one that comes with your Bandura Cyber TIG has an expiration date, which you can see if you view​ the existing​ ​ c ertificate​ on the HTTP Settings menu screen. Do​ ​ n ot​ ​ l et​ ​ t he​ ​ c ertificate​ ​ e xpire,​ ​ o therwise​ ​ y ou​ ​ m ay​ ​ n ot​ ​ b e​ ​ a ble​ ​ t o​ ​ a ccess​ ​ t he​ ​ B andura Cyber TIG, and​...
  • Page 68 Submit signed certificate button to load your new authoritatively signed public key certificate into your Bandura Cyber TIG. If your CA is already trusted by your brand of web browser - as seen in the lists above - then first time connections will no longer generate a ​ S ecure​ ​ C onnection​...

  • Page 69: Import And Export Certificate

    Do​ ​ n ot​ ​ s elect​ ​ R equire​ ​ C lient​ ​ C ertificates​ ​ u ntil​ you​ ​ h ave​ ​ f ollowed all of the​ ​ i nstructions​ ​ i n​ ​ t his​ ​ s ection​ , otherwise you will not be able to connect to the Bandura Cyber TIG,...

  • Page 70: Upload Certificate Revocation List

    Download to your computer a copy of that CA's ​ R oot​ ​ C ertificate​ ​ , and then upload it to the Bandura Cyber TIG by clicking the ​ U pload​ ​ C A​ ​ C ertificate​ ​ button on the HTTP​ ​ S ettings​...

  • Page 71: Snmp

    The Bandura Cyber TIG Security Appliance supports the internet standard ​ S imple​ ​ N etwork Management​ ​ P rotocol​ (SNMP​ ) ​ . You can remotely monitor the Bandura Cyber TIG by a network management system, such as IBM Tivoli Network Manager, CiscoWorks LAN Management Solution, and HP Network Node Manager.

  • Page 72: General Settings

    ● TECHGUARD-Bandura Cyber TIG-MIB::Bandura Cyber TIGThrottleActivated ● TECHGUARD-Bandura Cyber TIG-MIB::bypassChange 3.7.9.1 General Settings This is where you add information that will identify the Bandura Cyber TIG and its administrator to your network manager. These values will be read and displayed by the network management software.

  • Page 73: Snmp Access

    (SHA), and the Privacy Type, either Data Encryption Standard (DES) or Advanced Encryption Standard (AES), along with Passphrases to match those used by the network management system. More than one SNMP username can be defined on the Bandura Cyber TIG to support multiple management systems.

  • Page 74: Ntp

    NTP network will ensure that the timestamps on its log files are accurate and coordinated with the computers in your organization. The Bandura Cyber TIG supports NTP version 3. Enter the IPv4 or IPv6 Internet address of your organization's NTP server, or if one isn't available, select a public server. Lists of time servers can be found at The NTP Public Services Project: ​...

  • Page 75: Smtp

    authentication server to determine whether access can be allowed to a given system. You can set the following parameters in TACACS+: ● Port ● Timeout (seconds) ● Pre Shared Key ● Primary Server ● Backup Server 1 ● Backup Server 2 3.7.12 SMTP SMTP messages are sent when an Alert gets triggered, a Throttle is automatically activated, or an Alarm is raised (e.g.

  • Page 76: Providers

    3.8 Providers 3.8.1 System Providers The ​ S ystem Providers ​ p age gives you the following information: ● Name ● Description ● URL ● Last Updated ● Current Key ● Current Certificate You can also generate and upload a new ​ K ey File ​ o r ​ S erver Certificate​ .

  • Page 77: Hippie Provider

    3.8.2 HIPPIE Provider Your Bandura Cyber TIG incorporates the unique ​ H igh-speed​ ​ I nternet​ ​ P rotocol​ ​ P acket​ ​ I nspection Engine​ ​ ​ ( HIPPIE™)​ ​ technology, which inspects and filters internet packets at line speeds.

  • Page 78: Update Software

    Click on ​ I nstall ​ t o install the new firmware package. The Bandura Cyber TIG will automatically reboot after successful software installation. The Bandura Cyber TIG will be in bypass mode while it is turned off and it will not filter packets.

  • Page 79: System

    3.10 System 3.10.1 Active Sessions Active Sessions ​ s how the administrators currently logged into the Bandura Cyber TIG, their internet address, time of login, and time of last activity. You can view an audit trail of administrative activities, or logout another administrator.

  • Page 80: Reboot

    THE Bandura Cyber TIG WILL BE IN BYPASS MODE WHILE TURNED OFF AND WILL NOT FILTER PACKETS Press the power switch on the front of the device to turn the Bandura Cyber TIG back on. If you do not have physical access to the Bandura Cyber TIG, please consider rebooting instead of shutting down the device.

  • Page 81: System Information

    Maintenance Mode uses the console interface, which is a monitor and keyboard attached to the Bandura Cyber TIG, or a text terminal program connected to the serial port. The Bandura Cyber TIG will also enter Maintenance Mode if it fails a ​ S elf-Test​ . 3.10.6 System Information This menu item identifies your particular Bandura Cyber TIG device.

  • Page 82: License Information

    3.10.7 License Information This menu option allows you to view all license information of the Bandura Cyber TIG. The information included is: ● Registration Code ● Serial Number ● License Start Time ● License Expiration Time ● Max Alerts ● Max DCEL Providers ●...

  • Page 83: Import/Export

    3.10.8 Import/Export 3.10.8.1 System Configuration You can ​ e xport ​ y our Bandura Cyber TIG’s current configuration to your local computer, or the Bandura Cyber TIG can ​ i mport ​ a saved configuration file residing on your computer.

  • Page 84: Logout

    After an import, the Bandura Cyber TIG will use the old network settings. 3.11 Logout Click the ​ L ogout ​ m enu item will immediately disconnect you from the Bandura Cyber TIG, without prompting you for verification​ . 4 Consoles 4.1 Maintenance Mode Console...
  • Page 85 The user will be informed if an incorrect username/password combination is entered. If the Bandura Cyber TIG is not already in Maintenance Mode, you will see the following menu: 1. Enter Maintenance Mode: ​ T his will bring the Bandura Cyber TIG into Maintenance Mode and enable the other functionality of the Maintenance Mode Console.
  • Page 86 Recovery Console. The user must answer "yes" to a confirmation prompt after selecting this option. 4. Alarms:​ This will display the list of Alarms on the Bandura Cyber TIG that have not been acknowledged or closed. This can be used to determine why the Bandura Cyber TIG has entered Maintenance Mode.

  • Page 87: Recovery Console

    5. Alarms:​ This will display the list of Alarms on the Bandura Cyber TIG that have not been acknowledged or closed. This can be used to determine why the Bandura Cyber TIG has entered Maintenance Mode. 6. Reboot:​ This will reboot the Bandura Cyber TIG.
  • Page 88 R. ​ R estart Bandura Cyber TIG:​ This will reboot the Bandura Cyber TIG. When the device is restarted, select Bandura Cyber TIG​ ​ f rom the menu​ ​ t o initialize the appliance. You can now remove the monitor and keyboard or serial cable.

  • Page 89: Network Configuration

    The License Management section of the Recovery Console is used to review and update the license file for the Bandura Cyber TIG. Only access this section as directed by Bandura Cyber TIG support staff. Use of this section of the Recovery Console can prohibit your Bandura Cyber TIG from functioning and may require return to the factory to restore operations.

  • Page 90: Log File Management

    A screen is displayed to provide the administrator with the details of the license file. Update License File After the user confirms the action, the Bandura Cyber TIG will connect to the support server to update the license file. This requires a connection to the internet be set up. This option does not remove the existing Bandura Cyber TIG configuration.

  • Page 91: Firmware Management

    This is a quick process that wipes the index into the log files. The existing data may still be on the hard disk, but will not be shown in the Bandura Cyber TIG GUI as the index into the data is gone.

  • Page 92: Appendices

    5 Appendices 5.1 References http://csrc.nist.gov/publications/PubsFIPS.html ​ F ederal​ ​ I nformation​ ​ P rocessing​ ​ S tandards regarding computer security. http://standards.ieee.org/getieee802 ​ I EEE​ ​ 8 02​ ​ standards documentation on local area and wide area networking, including Ethernet and WiFi. http://www.ietf.org ​...
  • Page 93 Missouri • Maryland 1-855-765-4925 www.banduracyber.com...

This manual is also suitable for:

Tig bt-1gTig bt-10g

Table of Contents