Table of Contents
Advertisement
Quick Links
Download this manual
See also:
User Manual
Advertisement
Table of Contents
Related Manuals for M86 Security SWG
Summary of Contents for M86 Security SWG
- Page 1 Setup Guide Secure Web Gateway OVF Release 10.2...
- Page 2 M86 Security shall not be liable for any error or for incidental or consequential damages in connection with the furnishing, performance, or use of this manual or the examples herein.
-
Page 3: Table Of Contents
Chapter 2: Installing the Appliance ..... . 6 Installing a Physical SWG Appliance ......6 Requirements Before Installing a Physical Appliance .... - Page 4 ABLE OF ONTENTS uptime..................28 vmstat..................28 w....................28 wget ................... 28 M86 S SWG S . 10.2 ECURITY ETUP UIDE...
-
Page 5: Chapter 1: Before You Begin
NOTE: Physical SWG appliances come with the required image already loaded. Should you need to reload or replace the image, you can find instructions in the SWG Installation Utility Guide. You should perform the following tasks in the order listed: 1. -
Page 6: Chapter 2: Installing The Appliance
Installation consists of connecting to the appliance. You can connect in any of the following ways: Using an Ethernet Cable Using a Serial Cable (SWG 3000 and SWG 5000 only) Using a keyboard and monitor Instructions for connecting are provided on the following pages. -
Page 7: Connecting An Appliance Using An Ethernet Cable
Continue with Initial Setup of your SWG Appliance using Limited Shell. For an SWG 7000 appliance The SWG 7000 model is a chassis containing blade servers, each of which operates as an appliance. This provides for overall higher end performance. - Page 8 Continue with Initial Setup of this SWG Appliance blade using the Limited Shell, and when done repeat Step for each blade.. NOTE: For more information on setting up the SWG 7000, contact your M86 Security representative. M86 S SWG S .
-
Page 9: Connecting An Appliance Using A Serial Cable
HAPTER NSTALLING THE PPLIANCE Connecting an Appliance Using a Serial Cable NOTE: Connection using a serial cable is applicable only to SWG 3000 and SWG 5000 appliances. Connect the PC to the appliance’s Serial Console, using the serial cable. Using the Hyper Terminal application, enter the appropriate Port... -
Page 10: Deploying A Virtual Swg From An Ovf File
IRTUAL ROM AN Deploying a Virtual SWG From an OVF File This section explains how to deploy a virtual SWG from an OVF file. Virtual SWG appliances are certified to work with a VMWare ESXI version 4.1 server. NOTE: Before deploying the virtual appliance, ensure that you have access to a VMWare vSphere client and that the OVF files are accessible in your local machine. -
Page 11: Chapter 3: Setting Up The Appliance
P THE PPLIANCE Chapter 3: Setting Up the Appliance The setup procedure is the same for both physical and virtual SWG appliances. You perform setup using a setup script that is run in the Limited Shell. NOTE: Before setting up the installed appliance, you should prepare for setup by assembling the detailed information and values that you will need to supply as part of setup. - Page 12 Allows communication at a speed of up to 1GB with Auto- Auto-negotiation Negotiation enabled. GE2 (eth2): 1GB - (Available for SWG 5000, and the Policy Server in SWG 7000, Auto-negotiation only.) Allows communication at a speed of up to 1GB with Auto- Negotiation enabled.
-
Page 13: Setting Up The Appliance
Enter the setup command. The current configuration is displayed. Figure 2: Configuration Status Using the data you prepared, page through the setup script entering the needed values. This displayed configuration is updated as you enter values. M86 S SWG S . 10.2 ECURITY ETUP UIDE V... -
Page 14: Chapter 4: Performing Additional Configuration (Optional)
NOTE: The C/M column indicates if the command is a Configuration command (C) or Monitoring command (M) Command Description access_list Enables/disables access list Displays arp table change_password Change password M86 S SWG S . 10.2 ECURITY ETUP UIDE V... - Page 15 Interactive IP LAN monitor last Displays last login name2ip Resolve hostname to IP netstat Displays Network statistics ping Sends ICMP ECHO_REQUES to network hosts poweroff Power off the system reboot Reboots the system M86 S SWG S . 10.2 ECURITY ETUP UIDE V...
- Page 16 For more information on configuring the system, refer to Limited . For further in-depth analysis and Shell Configuration Commands diagnostics of the system, refer to Limited Shell Monitoring Commands M86 S SWG S . 10.2 ECURITY ETUP UIDE V...
-
Page 17: Limited Shell Configuration Commands
(internal ports). Any IP address not defined in the IP range will then be blocked from accessing these applications on the ports defined by M86 Security. The access_list command is used to enable or disable the Access List and is useful for situations when due to a mistaken configuration, or other circumstances, you cannot access the Management Console, and want to disable the Access List feature. -
Page 18: Config
Gateway: Allows system administrators to set the default gateway of the appliance. The IP address of the default gateway must be a local IP address. It is mandatory to configure a default gateway to the appliance. M86 S SWG S . 10.2 ECURITY ETUP UIDE V... - Page 19 (according to the configured value) in case the host name is not completed. For example, if the search is on http:// mize and the search domain is M86 Security.com, the appliance will try to resolve to http://mize.M86Security.com. It is mandatory to configure the DNS...
-
Page 20: Disable
Enables or disables the access log. disable_ ... Disables the service. The disable command includes the commands. disable_service_snmpd disable_service_ssh disable_service_snmpd Disables the snmpd network service. Enter the disable_service_snmpd command. M86 S SWG S . 10.2 ECURITY ETUP UIDE V... -
Page 21: Ethconf
A fixed speed of 1000Mbps is not supported. For more information, please refer to the 1000BASE-X Auto- Negotiation standard as defined in Clause 37 of the IEEE 802.3 standard. M86 S SWG S . 10.2 ECURITY ETUP UIDE V... -
Page 22: Flush_Dnscache
Rebuilds the appliance configuration in extreme situations where the appliance, for whatever reason, was disconnected for a period of time. This action restarts the appliances and may take several minutes. M86 S SWG S . 10.2 ECURITY ETUP UIDE V... -
Page 23: Limited Shell Monitoring Commands
TCP/ UDP traffic breakdowns, and LAN station packet and byte counts. Enter the iptraf command to display the IP traf options: IP traffic monitor General Interface Statistics M86 S SWG S . 10.2 ECURITY ETUP UIDE V... -
Page 24: Last
Enables you to remotely shut down the appliance. IMPORTANT: Physical access to the appliance is needed to bring the system back online for all models except the 7000-SWG. reboot Enables you to remotely reboot the appliance. restart_role Restarts all role services. -
Page 25: Setup
DNS configuration, DNS cache and current hostname. show_service Allows system administrators to view the service configuration status. The following options are available: show_service_all: Displays the service configuration status for all the available services. M86 S SWG S . 10.2 ECURITY ETUP UIDE V... -
Page 26: Supersh
Enables root access to the appliance. This command is reserved for M86 Security Support only. tcpdump Alows the user to intercept and display TCP/IP and other packets being transmitted or received over a network to which the computer is attached. -
Page 27: Top
Shows who is currently logged on and the current command they are running. wget Allows you to download web files using HTTP, HTTPS and FTP protocols. M86 S SWG S . 10.2 ECURITY ETUP UIDE V...