Download
Share
Print this page
  1. Manuals
  2. Brands
  3. Authonet Manuals
  4. Firewall
  5. Firewall F-10
  6. Product overview & operation manual

Authonet F-10 Product Overview & Operation Manual

Hide thumbs Also See for F-10:

Advertisement

Quick Links

Download this manual
A
F
UTHONET
IREWALL
O
O
VERVIEW AND
PERATION
M
ANUAL
Cyber-Security for the Enterprise
Revision 4, February 2019
Copyright (c) Fire4 Systems Inc, 2019. All rights reserved
1

Advertisement

loading
Need help?

Need help?

Do you have a question about the F-10 and is the answer not in the manual?

Questions and answers

Related Manuals for Authonet F-10

Summary of Contents for Authonet F-10

  • Page 1 UTHONET IREWALL VERVIEW AND PERATION ANUAL Cyber-Security for the Enterprise Revision 4, February 2019 Copyright (c) Fire4 Systems Inc, 2019. All rights reserved...
  • Page 2 Hackers pose two major threats to computer networks  Using The Authonet Firewall  Applications for the Authonet Firewall PART 2: INSTALLING AND CONFIGURING THE AUTHONET FIREWALL  Network Installation of the Authonet firewall  Login as the Administrator ...
  • Page 3 Admin controls: Logout  Admin controls: Reboot  Admin controls: Factory Reset  Admin controls: Upgrade Firmware, Backup Settings  Tutorials  Differences between the Authonet F1 and F10 firewalls  Online Support Copyright (c) Fire4 Systems Inc, 2019. All rights reserved...
  • Page 4 2. The firewall blocks all inbound and outbound traffic until specifically enabled to ensure that the network is protected from hackers. Authonet customers who are familiar with configuring other firewalls may be surprised at the approach taken by Authonet to develop the firewall user interface. Authonet customers who are setting up their first firewall will find the intuitive design approach easy to use.
  • Page 5 DSL router. The Authonet Firewall is installed in the network between the DSL router and all other network components. This is easily done and entails swapping two Ethernet cables. The connection of the firewall is shown in the figure below.
  • Page 6 Most business and government departments will have difficulty with a one-rule-fits-all regarding the websites that computers are allowed to access. For this reason the Authonet firewall permits the creation of multiple groups where each group can have access to named websites. Groups can be created for business departments, like management, production, financial and sales.
  • Page 7 Authonet firewall is completely different to other firewalls. They will be surprised a second time when they realize how easy it is to configure and install the Authonet firewall. Some will ask the question: why don't other manufacturers make installation and configuration this easy! Copyright (c) Fire4 Systems Inc, 2019.
  • Page 8 PART 2: INSTALLING AND CONFIGURING THE AUTHONET FIREWALL The Authonet firewall is a router and will therefore issue IP addresses to computer and devices that request an IP address (DHCP). Network Installation of the Authonet firewall Case 1: All network computers are connected to a switch, and the switch is connected to one of the DSL/cable router LAN ports.

  • Page 9: Login As The Administrator

    Login as the Administrator Connect the Authonet firewall to the Internet router, and connect a computer to the Authonet firewall as shown below: Product Configuration Product Configuration LAN port LAN port WAN port WAN port Internet Internet Internet Internet Configuration...
  • Page 10 The administrator username is admin, and the default password is password. If desired the firewall can be configured in Spanish by clicking on the flag shown. When the login process has been completed the dashboard display is shown, see the figure below: First change the admin password, click 'admin' at the top of the left side menu.
  • Page 11 Adding Administrators Several administrators can manage the Authonet firewall if required. This is a useful feature for any business that out-sources IT work to a managed service provider. The provider can connect remotely and make any changes that the business requires. Go to the Settings Page, Admin Users.
  • Page 12 When a firewall is installed in a business network the configuration process takes time because users each have different configurations, with specific requirements for accessing the Internet. The Authonet firewall simplifies the configuration process with the concept of groups, where users (devices) and rules are assigned to each group. Many groups can be created.
  • Page 13 When the Authonet firewall is installed it has two default groups, the unknown devices and the known devices. The devices (computers and peripherals) connected to the network as listed as unknown devices.
  • Page 14 What is a rule? it can be open access to the Internet or access to specific websites The Authonet firewall has three default Access Rules:  Blocked: Blocks access to a set of IPs and DNS...
  • Page 15 The importance of allowing access only to specific websites, not to the whole Internet The Public rule will add access to the whole Internet for any group to which it is assigned. The Blocked rule can be added to the group to prevent access to specific domains (websites) on the Internet.

  • Page 16: Adding Device Information

    The simplest firewall configuration is made by adding rules to the Unknown device group for a one-rule-fits-all configuration. When the Authonet firewall is first installed, all devices are part the Unknown device group. Devices are not listed in the Unknown device group, however they can be seen by clicking on the connected devices list, and are listed under unknown devices.
  • Page 17 Click on the unknown device entry then the device entry screen will open as shown in the figure below. A device ID number will be issued by the Authonet firewall. Enter the device name and the device description then save changes.
  • Page 18 Adding rules to the Known device group When all unknown devices have been documented and moved to the known device list, they are listed in the Known device group. This is shown in the figure below. Copyright (c) Fire4 Systems Inc, 2019. All rights reserved...
  • Page 19 Rules can now be added to the known device group. There is one rule which is ready to use, this is the Internet access rule. This is shown in the figure below. Even though the Public Internet Access rule gives full Internet access, access to specific websites can be blocked by creating a blocked IP rule.
  • Page 20 Creating New Device Groups When installing the Authonet firewall it is usually not possible to configure a one-rule-fits-all scenario as different groups of employees in the company will have different requirements in terms of what they need to access via the Internet. It is likely that a business manager will want to block access to social media website for those employees who have no necessity for this access.
  • Page 21 This box permits the new group to be created by entering the group name and description. In order to add devices and rules to the group, the group box must be clicked after creation. This is shown in the following figure. First add devices to the group as shown in the figures below: Copyright (c) Fire4 Systems Inc, 2019.
  • Page 22 Then add access rules to the group as shown in the figures below: The Blocked IP and Allowed IP rules can be edited. However it is desirable to prepare an access rule specifically for this group. The creation of a new access rule is described in the next section. Creating New Access Rules An access rule is created for each device group, to determine what each device can access on the Internet, and which parts of the Internet are blocked for the device group.
  • Page 23 First click on + Add a new access rule, as shown in the figure below. A new rule called Marketing has already been added to the figure. Next click on the new Marketing access rule to add the websites that the device group will be permitted to access, as shown in the figure below.
  • Page 24 Now a new group called Marketing is created and added to the device group page, as shown in the figure below. The devices used by marketing department staff must be added to this group. Finally the new rule called marketing is added to the new device group called marketing, as shown in the figure below.
  • Page 25 Settings: Adding inbound access from the Internet - Port Forwarding There may be situations where access from the Internet to a device in the local area network has to be provided. However any access port that is opened will be a potential risk as a hacker will always look for open access ports with a port scanner.
  • Page 26 Settings: Adding inbound access from the Internet - DMZ A DMZ (demilitarized zone or perimeter network) is a physical or logical subnetwork that contains and exposes an organization's external-facing services to an external untrusted network, usually the Internet. The purpose of a DMZ is to add an additional layer of security to an organization's local area network (LAN) so that an external WAN network device can access only what is exposed in the DMZ, while the rest of the organization's network remains firewalled.
  • Page 27 WARNING: an installer who is not familiar with IP calculations should not change these settings, otherwise the Authonet firewall may become inaccessible and will have to be reset to defaults using the reset button (see the later section).
  • Page 28 In some cases the ISP will provide a modem which requires the router or firewall that is connected to the modem to have a static IP. If the Authonet firewall is to be connected to a modem then click the WAN settings button as shown in the figure.
  • Page 29 Settings: Network, 1:1 NAT NAT is Network Address Translation, and is a method of mapping a range of network addresses onto a different range of network addresses. NAT or NAT'ing is a basic function of a network router. 1:1 NAT is a special case of NAT'ing where one IP address in the local area network is mapped to an IP address in the WAN network.
  • Page 30 Settings: Network, WAN DNS IP The network settings page allows for additional settings, the administrator connector port and the DNS IP that will be used by LAN user DNS requests The administrator access is always encrypted (https) and can be configured to have access only through the LAN port.
  • Page 31 Settings: DNS Management Add a DNS entry to permit a device on the LAN side of the firewall to access a server on the WAN side using a domain name. Select Settings, DNS management to display the screen shown in the figure below. Click add entry when finished...
  • Page 32 Virtual Private Network (VPN) tunnel can be configured between the two networks which communicates with encrypted data. The Authonet firewall VPN client can be configured to create an encrypted tunnel with a remote VPN server.
  • Page 33 Settings: Email The Email service is used by Authonet firewalls to send alerts and reports to the network administrator. It is important that the administrator is aware if an intrusion is being attempted. Before alerts and reports can be sent to the administrator, the Email client settings must be configured.
  • Page 34 Settings: Auto Blocked IP's The Intrusion Detection System (IDS) auto-blocking is disabled by default. Click on Settings, Auto Blocked IP's to see the status of IDS auto blocking. This is shown in the figure below. Click ‘enable’ which will open the firewall settings page to enable auto...
  • Page 35 Settings: Firewall Settings The Firewall Settings permit the administrator to make choices regarding data logging, and regarding the transmission of alerts and reports to the administrator if required. The first entry, IDS, also permits the configuration of auto blocking, as described in the previous section. There are seven entries on the Firewall settings page, as follows: ...
  • Page 36 Port forward (record of port forward accesses) Logging enabled by default Select send Auth history (history of device email log to admin, provide authorizations) Select send the admin email email log to admin, provide the admin email Email settings must be configured before log emailing can be selected Admin history (record of admin...
  • Page 37 2001, the FCC issued rules implementing CIPA and provided updates to those rules in 2011. Authonet firewalls can be used with category blocking services such as OpenDNS, who provide both free and paid accounts. Any other DNS based category website filtering service can be used, such as DansGuardian, by entering the DNS service IP's on the Network Settings screen.
  • Page 38 The logs record time and date of entry. In order to ensure that the time and date are correct it is necessary to choose the time zone where the Authonet firewall is located. Click Settings, Timezone to display the page shown in the figure below. Click the drop-down menu to select the timezone where the Authonet firewall is located.

  • Page 39: Dashboard: Overview

    Dashboard: Overview When the administrator first logs in to the Authonet firewall the Dashboard Overview screen is displayed. This screen was shown previously at the beginning of Part 2. Click on the See Connected Device Details button to list the known and unknown devices.
  • Page 40 (e.g. Windows, MAC OS, Linux. etc.) will request a new IP lease for the same IP address. Click on Dashboard, IP leases to list all devices that are connected to the Authonet firewall. Each entry shows the following information ...
  • Page 41 Dashboard: Connected Devices All connected devices are listed in the connected devices table. Click on Dashboard, connected devices to see the device list. This is shown in the figure below for known and unknown devices. A device listed as unknown can become a known device by clicking on the device entry in the unknown device table.
  • Page 42 The ARP table can be displayed by clicking on Dashboard, ARP table. This is shown in the figure below. Devices on both the LAN side and WAN side of the Authonet firewall are listed. The MAC address is a permanent identification for the device, whereas the IP address is issued by the Authonet firewall for a limited period of time (lease time).
  • Page 43 Report Logs: Current Connections The Current Connections log provides information about devices connected to the Authonet firewall, with port and data transmission information. Click Logs, Current Connections to see the screen shown below. Report Logs: Auth History The authentication (Auth) history log lists the connection information for devices (and users).
  • Page 44 The Auth History can be filtered to show specific devices. This is illustrated in the figure below. Click to download logs Report Logs: DNS History The DNS History is a log of Domain Name Server (DNS) requests. Click Logs, DNS History to see the DNS report, this is shown in the figure below.
  • Page 45 Report Logs: Admin History The Admin History log shows a record of all administrator logins to the Authonet firewall. Each record shows the MAC address of the computer that was used to login. Click on Logs, Admin History to display the screen shown in the figure below.
  • Page 46 Report Logs: IDS Events Intrusion Detection (IDS) events provide important information for the network administrator. In the case where multiple events are listed it may be advisable to take additional precautions to protect the network from hackers. To see the IDS report, click on Logs, IDS events, the screen shown in the figure below will be displayed.
  • Page 47 Report Logs: Port Forward Events When port forwarding is configured, each access to a local device from the Internet will be logged. The events are logged in the Port Forward Events table. Click on Logs, Port Forward Events to see the events log shown in the figure below. Click to download logs...
  • Page 48 Reboot. The screen shown below will be displayed, click the Reboot button. Admin controls: Factory Reset The administrator can reset the Authonet firewall to factory defaults. This will be necessary when moving the firewall to a different network. Click on Admin Controls, Factory Reset to see the screen shown below.
  • Page 49 The Authonet firewall can also be reset to factory defaults using the reset button as shown in the figure below. Reset Button Power up the unit. Wait until the admin can login Hold the button for 15 seconds. Wait for the unit to...
  • Page 50 Creating an Access Rule  Creating a Device with Internet Access In addition to the tutorials, the customer can contact the Authonet support page to ask questions about configuring the unit. Copyright (c) Fire4 Systems Inc, 2019. All rights reserved...

  • Page 51: Online Support

    Differences between the Authonet F1 and F10 firewalls The Authonet F1 firewall is a basic low cost model with limited performance. This product is suitable for businesses with 10 or less employees. The Authonet F10 firewall is an economical model with medium range performance. This product is suitable for businesses with 25 or less employees.