Related Manuals for Symantec 460R - Gateway Security
Summary of Contents for Symantec 460R - Gateway Security
-
Page 1: Installation Guide
Symantec™ Gateway Security 400 Series Installation Guide Supported models: Models 420, 440, 460, and 460R... -
Page 2: Technical Support
Web-accessible Knowledge Base. The Technical Support group works collaboratively with the other functional areas within Symantec to answer your questions in a timely fashion. For example, the Technical Support group works with Product Engineering as well as Symantec Security Response to provide Alerting Services and Virus Definition Updates for virus outbreaks and security alerts. -
Page 3: Contacting Technical Support
Recent software configuration changes and/or network changes Customer Service To contact Enterprise Customer Service online, go to www.symantec.com/techsupp, select the appropriate Global Site for your country, then select the enterprise Continue link. Customer Service is available to assist with the following types of issues:... -
Page 5: Table Of Contents
Contents Chapter 1 Introducing the Symantec Gateway Security 400 Series Intended audience .............................8 Document structure ............................8 Where to get more information ........................8 Checking the components list ..........................9 Replacement CD-ROMs ...........................10 Chapter 2 Installing the Symantec Gateway Security 400 Series Planning for installation ..........................11 Installing the appliance ..........................12... - Page 6 Contents Allowed TCP/IP services .........................31 Web service information ........................32 Access lists ..............................33 Defining your network architecture .....................34 Appendix B Licensing Appendix C Specifications and safety Product specifications ............................43 Safeguard instructions ...........................44 Product certifications .............................45 Appendix D LEDs and DIP switches About LEDs ...............................47 Interpreting the LEDs ..........................48 LiveUpdate LED status ..........................48...
-
Page 7: Introducing The Symantec Gateway Security 400 Series
Symantec Gateway Security 400 Series models are wireless-capable. They have special wireless firmware and a CardBus slot that can accommodate an optional Symantec wireless network card consisting of an integrated 802.11b/g radio and separate antenna, to allow the highest possible integrated security for wireless LANs, when used with clients running the Symantec Client VPN software. -
Page 8: Intended Audience
Security Gateway Management Interface (SGMI). Symantec™ Gateway Security 400 Series Administrator’s Guide This guide describes the features and components of the standalone version of the Symantec Gateway Security 400 Series with the SGMI and provides step-by-step instructions for configuring and using the appliance. -
Page 9: Checking The Components List
Symantec™ Event Manager and Advanced Manager for Security Gateways (Group 2) v2.1 Administrator’s Guide This guide describes how to administer Symantec security gateways from the SESA environment using the Symantec Advanced Manager and Symantec Event Manager products. Checking the components list... -
Page 10: Replacement Cd-Roms
Introducing the Symantec Gateway Security 400 Series Replacement CD-ROMs Replacement CD-ROMs You may need to replace the media due to a defective or lost CD-ROM. If you need a replacement CD-ROM because it is defective, contact Customer Support. If you require a new CD-ROM because you have lost it, contact your Sales Representative to purchase a new... -
Page 11: Chapter 2 Installing The Symantec Gateway Security 400 Series
Remove the plastic cover sheet from the top of the appliance. Note: On the left side and bottom of the appliance is a seal with the Symantec logo, certification logos, country where the unit was manufactured, the MAC address of the LAN card, and a unique bar-coded serial... -
Page 12: Installing The Appliance
Installing the Symantec Gateway Security 400 Series Installing the appliance Installing the appliance This section describes the installation of the Symantec Gateway Security 400 Series models 420, 440, 460, and 460R, including: Back panel connectors and controls Connecting the appliance... -
Page 13: Connecting The Appliance To The Network
You install the appliance by connecting it to your network using the LAN and WAN ports on the back panel. Symantec Gateway Security 400 Series models 420, 440, 460, and 460R have different numbers of LAN and WAN ports; each is described in Table 2-2. -
Page 14: Configuring The Appliance
Installing the Symantec Gateway Security 400 Series Configuring the appliance To power your appliance Plug the power cord into the power socket on the back panel (6). Connect the power cord from the appliance into an electrical outlet. To turn on the appliance, press the power switch on the back panel (7). -
Page 15: Chapter 3 Running The Setup Wizard
Joining SESA About the Setup Wizard The Setup Wizard guides you through the steps required to connect your Symantec Gateway Security 400 Series WAN port (WAN 1 on models 460 and 460R) to the Internet, a corporate network, or any other external private or public network. -
Page 16: Dhcp
Channel Service Unit/Digital Service Unit (CSU/DSU) Direct Ethernet connection Ethernet cable (usually an enclave network) PPTP PPTP DSL modem with Ethernet cable The following connection methods are supported by Symantec Gateway Security 400 Series: DHCP PPPoE PPTP Static IP address Dial-up/ISDN DHCP Dynamic Host Configuration Protocol (DHCP) automates the network configuration of computers. -
Page 17: Dsl
PPTP access client (PAC) when you connect to a PPTP Network Server (PNS), generally with your ISP. Some ADSL ISPs charge for connection time. The Symantec Gateway Security 400 Series reduces these costs by only connecting to your ISP when you use the Internet, and disconnecting when you are idle. -
Page 18: Static Ip Address
(using an RJ-11 connector). ISDN is a digital dial-up account type that uses a special telephone line. On the Symantec Gateway Security 400 Series appliance, you can use a dial-up account as your primary connection to the Internet, or as a backup to your dedicated account. In backup mode, the appliance automatically dials the ISP if the dedicated connection fails. -
Page 19: Running The Setup Wizard
460 and 460R appliances. Figure 3-1 Rear panel of Symantec Gateway Security model 420 and 440 appliances Serial port Figure 3-2 Rear panel of Symantec Gateway Security model 460 and 460R appliances... -
Page 20: Starting The Setup Wizard
Setting up Dialup/ISDN The following procedures walk you through configuring a primary dial-up connection. For information on setting up a back-up dial-up account, see the Symantec Gateway Security 400 Series Administrator’s Guide. Before performing these procedures, you must complete the tasks in “Starting the Setup Wizard”... -
Page 21: Configuring A Dhcp Connection
Running the Setup Wizard Running the Setup Wizard In the Dialup or ISDN Connection panel, under User account information and dialup numbers, do the following: User Name Type the account user name. Password Type the account password. Verify Password Retype the account password. Dial-up Telephone 1 Type the primary dial-up telephone number. -
Page 22: Configuring A Dsl Connection
Running the Setup Wizard Running the Setup Wizard Configuring a DSL connection Before performing these procedures, you must complete the tasks in “Starting the Setup Wizard” page 20. To configure a DSL connection Run the Setup Wizard. “Starting the Setup Wizard” on page 20. -
Page 23: Completing The Setup Wizard
Running the Setup Wizard Running the Setup Wizard IP Address Type the static IP address. Default Gateway Type the IP address of the default gateway. DNS 1 Type the IP address of the first Domain Name Service (DNS) server used to translate addresses. -
Page 24: Accessing The Security Gateway Management Interface (Sgmi)
For more information about configuring the appliance, see Symantec Gateway Security 400 Series Administrator’s Guide. Joining SESA To join the Symantec Enterprise Security Architecture (SESA) environment, refer to Appendix D of the Symantec Gateway Security 400 Series Administrator’s Guide. -
Page 25: Appendix A Developing A Pre-Installation Security Plan
This appendix provides basic guidelines for developing an overall security plan. Developing a security plan is the first step in your installation process and helps you to collect the information needed to install Symantec Gateway Security 400 Series. Developing a security plan consists of three basic steps:... -
Page 26: Before Writing Your Security Plan
Networking and applications software Information in files and databases Symantec Gateway Security 400 Series is the main tool for enforcing security, letting you define a security policy that allows or denies access to specific resources throughout your network. Before writing your security plan Before you write rules to implement your plan using the Symantec Gateway Security 400 Series Administrator’s Guide and Symantec Advanced Manager and Symantec Event Manager Administrator’s... -
Page 27: Educating Users
Developing a pre-installation security plan Educating users Educating users Your overall site policy involves a numbers of tasks. Of these, user education is critical. Publish your company’s security policy. Make sure that your users are informed of the determination of would-be invaders and the sophistication of available password guessing programs. - Page 28 _____ Yes _____ No 11 Do you plan to implement a wireless network? _____ Yes _____ No 12 Do you have other Symantec security gateways on your network now? _____ Yes _____ No 13 If Yes, what product and version? __________________________________________...
-
Page 29: Site Hardware/Software Information
Does your site have, or plan to have, more than one Internet access point? _____ Yes _____ No Are there any other Internet connections besides the firewall (such as modems connected to workstations)? _____ Yes _____ No Will you be using Symantec Client VPN? _____ Yes _____ No... -
Page 30: Tcp/Ip Address
_____ Private IP address (RFC 1918) _____ Unregistered IP address Your connection to the Internet must have at least one public network address. Symantec is not responsible for acquiring or registering public IP addresses. The internal (behind the firewall) addresses do not have to be legal or registered. Symantec strongly recommends that you use private, RFC 1918-compliant addresses internally. -
Page 31: Allowed Tcp/Ip Services
Developing a pre-installation security plan Filling out worksheets 11 If yes, and you have your own internal NNTP server, type its IP address and the address of the server that will be supplying you with news feeds. ________________________________ _____ Internal server: ____________________________ _____ External news server: Allowed TCP/IP services... -
Page 32: Web Service Information
_____ Yes _____ No If yes, select the location of the Web server: _____ Internal to the Symantec Gateway Security 400 Series _____ External to the Symantec Gateway Security 400 Series Notate the Web server name and IP address: Name:_______________ Address:____________________ Will you be using an external caching/proxy server? If yes, notate the server name and IP address. -
Page 33: Access Lists
Developing a pre-installation security plan Filling out worksheets Access lists List those entities and users to which you plan to write rules to allow access through the Symantec Gateway Security 400 Series. Entities allowed through the Symantec Gateway Security 400 Series Table A-5 to list all allowed entity identifications. -
Page 34: Defining Your Network Architecture
Label each network component with its IP address and network mask. Table A-9 to create a list of all internal servers. Your external network consists of at least the Symantec Gateway Security 400 Series security gateway and a router. - Page 35 Developing a pre-installation security plan Filling out worksheets Table A-9 Internal network servers (Continued) DNS name services Mail server Web server Other server Subnet mask Table A-10 to list your host system addresses. Table A-10 Host internal and external IP addresses Host Internal/external IP addresses Table A-11...
- Page 36 Developing a pre-installation security plan Filling out worksheets...
-
Page 37: Appendix B Licensing
This license governs any releases, revisions, or enhancements to the Software that the Licensor may furnish to You. Except as may be modified by a Symantec license certificate, license coupon, or license key (each a “License Module”) which accompanies, precedes, or follows this license, and as may be further... - Page 38 Licensing SYMANTEC GATEWAY SECURITY APPLIANCE (300/400 SERIES) LICENSE AND WARRANTY AGREEMENT of the Software, Symantec consents to the transfer and the transferee agrees in writing to the terms and conditions of this agreement. You may not: A. ________________ sublicense, rent or lease any portion of the Software; reverse engineer, decompile, disassemble, modify, translate, make any attempt to discover the source code of the Software, or create derivative works from the Software;...
- Page 39 Appliance, Symantec will return such repaired or replacement Appliance to You, freight and insurance prepaid. In the event that Symantec, in its sole discretion, determines that it is unable to replace or repair the Hardware, Symantec will refund to You the F.O.B. price paid by You for the defective Appliance.
- Page 40 Designated Narcotics Traffickers, or Specially Designated Terrorists. Furthermore, Licensee agrees not to export, or re-export, Symantec products to any military entity not approved under the EAR, or to any other entity for any military purpose, nor will it sell any Symantec product for use in connection with chemical, biological, or nuclear weapons or missiles capable of delivering such weapons.
- Page 41 Certificate. An auditor, selected by Symantec and reasonably acceptable to Licensee, may, upon reasonable notice and during normal business hours, but not more often than once each year, inspect Licensee's records in order to confirm the legal use of the Software. Symantec shall bear the costs of any such audit.
- Page 42 Licensing SYMANTEC GATEWAY SECURITY APPLIANCE (300/400 SERIES) CLIENT-TO-GATEWAY VPN ADDITIVE LICENSE AND 8.0 MEDIA KIT...
-
Page 43: Appendix C Specifications And Safety
Product specifications Safeguard instructions Product certifications This appendix lists the product specifications and safety certifications. Product specifications Each respective Symantec Gateway Security 400 Series model offers increased performance and these different specifications are listed in Table C-1. Table C-1 Product specifications... -
Page 44: Safeguard Instructions
Read and understand all of the safety and operating instructions before operating the appliance. Ventilation Vents at the front edge of the bottom panel and the back edge of the top panel of the Symantec Gateway Security 400 Series provide ventilation for reliable product operation and to protect it from overheating. -
Page 45: Product Certifications
Warning: Electrical current from power, telephone, and network cables is hazardous. Operating the unit in an equipment rack If you plan to install the Symantec Gateway Security 400 Series in an equipment rack, use these precautions: Ensure the ambient temperature around the appliance (which may be higher than the room temperature) are within the specified limits. - Page 46 Specifications and safety Product certifications Safety: UL 1950 CSA 22.2 No. 950-95 EN60950-1 (2002) TUV/Rh-CB...
-
Page 47: About Leds
DIP switches About LEDs The front panel on Symantec Gateway Security 400 Series has LED lights that indicate the status of the appliance. Each LED indicates the status of a different part of the appliance, such as the LAN and WAN ports. -
Page 48: Interpreting The Leds
LEDs and DIP switches About LEDs Table D-1 LEDs (Continued) Location Symbol Feature Description Wireless- Illuminates or flashes when the wireless card is transmitting or active receiving data. Interpreting the LEDs The LEDs on the front panel of the appliance have three states: solid on, flashing, and solid off. The combination of the Error and Transmit LED states indicate the status of the appliance. -
Page 49: Dip Switches
DIP switches DIP switches allow for manual intervention on the appliance to perform tasks like upgrading the firmware, backing up your configuration, and using the serial port for maintenance operations. See Symantec Gateway Security 400 Series Administrator’s Guide for more information. - Page 50 LEDs and DIP switches DIP switches...
-
Page 51: Appendix E About Troubleshooting
Appendix About troubleshooting You can find up-to-date troubleshooting information for Symantec Gateway Security 400 Series (and all Symantec products) on the Symantec Web site, www.symantec.com. Accessing troubleshooting information Use the following procedure to access troubleshooting information from the Symantec Knowledge Base. - Page 52 About troubleshooting Accessing troubleshooting information...
-
Page 53: Index
Index Numerics 3DES encryption 7 encryption 7 access lists, checklists 31 firewall 7 administrator password 23 front panel 47 aDSL 17 AES encryption 7 analog 15 installing, appliance 11 analog connections 16 intrusion detection 7 analog, dial-up accounts 18 IP addresses checklist 30 antivirus policy enforcement 7 IPSec 7 appliance... - Page 54 29 special phone line ISDN 15 specifications 43 specifications and safety 43 static IP 16 static IP address, configuring 22 Symantec Advanced Manager 7 Symantec Event Manager 7 Symantec Management Console 7 T1 16 TCP/IP checklist 30 TCP/IP-based network 17...
Need help?
Do you have a question about the 460R - Gateway Security and is the answer not in the manual?
Questions and answers