Upload File

introduction to watchguard dimension™

Download Introduction to WatchGuard Dimension™

If you can't read please download the document

Upload: owen

Post on 05-Jan-2016

84 views

Category:

Documents


10 download

Report

Tags:

DESCRIPTION

Introduction to WatchGuard Dimension™. Introduction to WatchGuard Dimension. What is WatchGuard Dimension? Deploy WatchGuard Dimension Configure WatchGuard Dimension Use WatchGuard Dimension Support WatchGuard Dimension. What is WatchGuard Dimension?. What is WatchGuard Dimension?. - PowerPoint PPT Presentation

TRANSCRIPT

  • Introduction to WatchGuard DimensionWatchGuard Training

  • Introduction to WatchGuard DimensionWhat is WatchGuard Dimension?Deploy WatchGuard DimensionConfigure WatchGuard DimensionUse WatchGuard DimensionSupport WatchGuard DimensionWatchGuard Training*

  • What is WatchGuard Dimension?WatchGuard Training*

  • What is WatchGuard Dimension?Secure and centralized logging, visibility, and reporting for XTM devices and WatchGuard serversNew ways to visualize network dataDashboards with simple drill-down into detailed log and report informationCustomizable reports that can be emailed to different roles in the organizationComplements Web UI visibility tools in XTM OS v11.8Reports available after first summary report period (5 minutes)All reports are on demand all the time

    Cloud-ready zero-installation deploymentDelivered as a virtual appliance for ESXi (.ova)Running on 64-bit LinuxDriven by Postgres 9.2Web interface supports most desktop and mobile browsers

    WatchGuard Training*

  • What is Dimension? ArchitectureLog Collector Receives logs from devices, aggregates dataWeb Services Serves web application to users and administratorsLog Server Provides API for log data, provisioning, and automated maintenanceDatabase Persistent storage for log and report data

    WatchGuard Training*

  • Deploy WatchGuard DimensionWatchGuard Training*

  • Deployment Requirements WatchGuard Dimension is distributed as an .ova file for installation on VMware ESXi 5.x.Your ESXi host must support 64-bit guest operating systemsWatchGuard Dimension has been primarily tested on VMWare ESXi hypervisors. It can also be installed in VMware Workstation, Player, Fusion environments, which is a great option for training and demonstration. WatchGuard is not currently available on any non-VMware hypervisors.WatchGuard Dimension is available on the Software Downloads pages with the downloads for XTM devices.Log in to WatchGuard.comBrowse to Articles & SoftwareFilter by Software Downloads (excluding Articles and Known Issues)

    WatchGuard Training*

  • DeploymentAfter downloading the WatchGuard Dimension virtual appliance (.ova) connect to your ESXi host with vSphere.From the File menu, select Deploy OVF Template.

    WatchGuard Training*

  • DeploymentBrowse to the downloaded WatchGuard Dimension OVA and select that as your source.WatchGuard Training*

  • DeploymentConfirm the OVF Template Details and Accept the EULA.WatchGuard Training*

  • DeploymentChoose a name and disk format for this VM.WatchGuard Training*

  • DeploymentMap the virtual network adapter to the appropriate destination network.Note:WatchGuard Dimensions network adapter defaults to DHCP.You will need a DHCP server on the network for Dimension to receive an IP address and access the setup wizard web interface.WatchGuard Training*

  • DeploymentConfirm the deployment settings.Note the disk allocation defaults to 43GB.3GB for OS drive (disk 1)40GB for Data drive (disk 2)

    Power on after deployment if you want to keep the default settings.WatchGuard Training*

  • DeploymentChanging the provisioned size of Hard disk 2 before boot (or reboot) will result in more storage for logging and reports.Other defaults include:2GB of RAM2 CPUs (2 sockets, 1 core each)

    WatchGuard Training*

  • DeploymentNotes:The Dimension VM is deployed by default with a data disk size of 40GB. The data disk is fully reserved for the log database and the related overhead space required by Postgres. After the Dimension VM is deployed, the data disk size cannot be reduced. To limit the size to be less than 40GB and avoid data loss, you must remove and re-add Hard disk 2 before you power on the VM for the first time.

    WatchGuard Training*

  • DeploymentOnce your VM is powered on, you see the IP address assigned to Dimension through DHCP.Use this this IP address to make an HTTPS connection to Dimension and start the Dimension Setup Wizard.WatchGuard Training*

  • Configure WatchGuard DimensionWatchGuard Training*

  • Configuration RequirementsWatchGuard Dimension supports these web browsers:Firefox v22 and laterInternet Explorer 9 and laterSafari 5 and laterSafari on iOS 6 and laterChrome v29 and laterYou should be able to successfully use WatchGuard Dimension on most mobile phone and tablet devices.Connect to Dimension in a web browser at https://WatchGuard Training*

  • Configuration Setup WizardAccept the security warning to continue to connect to WatchGuard Dimension.WatchGuard Training*

  • Configuration Setup WizardLog in with these credentials:User Name: adminPassword: readwriteWatchGuard Training*

  • Configuration Setup WizardMake sure you have this information before you start the Setup Wizard:Host nameIPv4 address and settings for the eth0 interfaceAdministrator passphraseLog Server Encryption Key

    WatchGuard Training*

  • Configuration Setup WizardSpecify the host name for DimensionSelect the IP address method: StaticDHCPFor a static IPaddress, we recommend that you specify an IPv4 address.WatchGuard Training*

  • Configuration Setup WizardSet the Administrator Passphrase to use to connect to Dimension and manage the Dimension servers. The Administrator Passphrase must have a minimum of 8 characters.

    WatchGuard Training*

  • Configuration Setup WizardSet the Log Server Encryption Key.

    WatchGuard Training*

  • Configuration XTM DevicesWatchGuard Dimension can accept log messages and generate reports for any device that runs Fireware XTM OS. WatchGuard Dimension can also accept log messages from a WatchGuard Management Server or Quarantine Server.On an XTM device, use the IPaddress and Encryption Key from WatchGuard Dimension when you configure the WatchGuard Log Server settings. On WatchGuard servers, use the same IP address and Encryption Key in the Logging settings.In some environments you may be NATing the HTTPS and WatchGuard Logging connections through your XTM device. This changes the IP address you use to connect to WatchGuard Dimension or where you send WatchGuard Logging connections.WatchGuard Training*

  • Configuration After the WizardLog InMultiple Super administrator users can be logged in at the same timeConfiguration pages have modes:RO (Read-Only)RW (Read-Write)

    WatchGuard Training*

  • Configuration After the WizardManage ServicesThe Manage Services drop-down list includes the menu options to configure settings for Dimension:Schedule ReportsManage the Log ServerManage the Log DatabaseManage user accountsConfigure System Settings

    WatchGuard Training*

  • Configuration System SettingsConfigure System and Network settingsManage certificatesSystem MaintenanceRebootUpgradeRestoreFactory default!!!!Diagnostic ToolsView Connected UsersWatchGuard Training*

  • Configuration User ManagementManage Users and RolesAdd, edit, or remove usersApply roles:RO View-onlyRW Read-writeActive Directory SettingsEnable Active Directory AuthenticationSpecify an Active Directory ServerWatchGuard Training*

  • Configuration - UsersAdd/Edit User:Types:LocalActive DirectorySpecify passwordSelect RolesSelect DevicesWatchGuard Training*

  • Configuration UsersRole policy same as WSMUser + List of roles + List of DevicesUser authentication similar to WSM:Local user, AD user, AD GroupAD requires DNS to resolve DCs by internal domain nameBuilt-in roles only (no custom roles)Super AdministratorFull accessReport AdministratorView logsView reportsManage scheduled reports and groupsView LogsView ReportsApplied to a list of devicesWatchGuard Training*

  • Configuration Logging Server ManagementOn the Status page:View the status of the Log ServerStop and start the Log ServerWatchGuard Training*

  • Configuration Logging Server ManagementOn the Configuration > General page, you configure these settings for the Log Server:Change the Encryption KeySpecify the log data deletion settingsBack up and restore the Log Server databaseWatchGuard Training*

  • Configuration Logging Server ManagementOn the Configuration > Notifications page, configure the settings for email:Failure EventsDevice EventsMessage PurgeMust be configured to send scheduled reportsWatchGuard Training*

  • Configuration Logging Server ManagementOn the Configuration > Notifications page, configure the settings for reports:Report Customizations are templates to apply to report PDFs:HeaderFooterLogoConfigure settings for ConnectWise IntegrationWatchGuard Training*

  • Configuration Logging Server ManagementOn the Diagnostics page, you can use these diagnostic tools:Purge diagnostic logsBackup/Restore Log Server databaseView Process ListView Log Server log messagesView Log Collector log messagessWatchGuard Training*

  • Configuration Schedule ReportsReport SchedulesRO View onlyRW Add/Edit/Remove scheduled reportsBefore scheduled reports can be sent, an SMTP server must be configured in the Notifications settingsWatchGuard Training*

  • Configuration Schedule ReportsSchedule General settingsNameDescripton (optional)WatchGuard Training*

  • Configuration Schedule ReportsDevice SelectionDevices:All DevicesSpecify DevicesServers:All ServersSpecify ServersWatchGuard Training*

  • Configuration Schedule ReportsRecipient SelectionMust add at least one recipient

    WatchGuard Training*

  • Configuration Schedule ReportsReport SelectionReport TypesTimezoneFor report display purposes only. Web-based reports appear in the browser/OS time zone.CustomizationAggregationSingle (per device)Combined (grouped devices)FrequencyWatchGuard Training*

  • Configuration New Summary ReportsSchedule two new Reports:Executive SummaryWeb Traffic SummaryBoth new reports are available as scheduled reports that you can send to specific email addresses.Both reports can use any Report Customization (report template) that you create. WatchGuard Training*

  • Configuration Executive Summary ReportExecutive Summary reportSent as a PDF fileSpecify a logo, header, and footer to customize the reportWatchGuard Training*

  • Configuration Web Traffic Summary ReportWeb Traffic Summary reportSent as a PDF fileSpecify a logo, header, and footer to customize the reportReport includes the Top Domains chart with the Web Categories (in a pie chart), and removes any byte counts or tabular informationWatchGuard Training*

  • Use WatchGuard DimensionWatchGuard Training*

  • Use WatchGuard DimensionTo get the most out of Dimension, make sure to:Select Enable logging for reports in proxy actions on your XTM devices and WatchGuard Servers.Enable logging of Allowed Packets in all policies.Configure your XTM devices and WatchGuard servers to send all log messages to your Dimension Log Server.

    WatchGuard Training*

  • Use WatchGuard DimensionWatchGuard Training*

    Log MessagesReportsDashboardsPacket Filter Allowed LogsWeb, Packet Filter, Top Client, Application ControlExecutive, Threat Map, FireWatchPacket Filter Denied LogsWeb, Packet Filter, Denied Packet, Top Client, Application ControlSecurity, Threat MapIntrusion Prevention LogsIPS, Denied PacketSecurity, Threat MapLog when configuration has changedAuthentication, AuditAll Proxies: Enable logging for reportsGAV, IPS, SPAM, Application ControlExecutive, Security, Threat Map, FireWatchHTTP Proxies: Enable logging for reportsWeb, Firebox Statistics, REDExecutive, Security, Threat Map, FireWatchFTP Proxies: Enable logging for reportsFirebox StatisticsExecutive, Security, Threat Map, FireWatchSMTP Proxies: Enable logging for reportsSMTP, Firebox StatisticsExecutive, Security, Threat Map, FireWatchPOP3 Proxies: Enable logging for reportsPOP3, Firebox StatisticsExecutive, Security, Threat Map, FireWatchAny alarmsGAV, Alarms

  • Executive DashboardTop 10ClientsDomainsURL CategoriesDestinationsApplicationsApplication CategoriesProtocolsClick a summary to expand it and see more detail.WatchGuard Training*

  • Security DashboardTop 10 BlockedClientsDestinationsURL CategoriesApplicationsApplication CategoriesProtocolsIPS SignaturesGateway Anti-VirusClick a summary to expand it and see more detail.

    WatchGuard Training*

  • Threat MapDenied Packets (Blocked)Intrusion Prevention ServiceWeb TrafficApplication ControlAll TrafficWatchGuard Training*

  • FireWatchSort by:SourceDestinationDomainsApplicationWebBlockerProtocolPivot on:Bytes (Not available for packet filter traffic prior to XTM OS v11.8)ConnectionsHover for more detail:Filter furtherShow connectionsWatchGuard Training*

  • Log ManagerLog messages stored in UTC timeAppears in your web browsers local timeWatchGuard Training*

  • Log SearchRun simple or complex search queries to refine the log messages that appear for the selected XTM device.Filter the search results by log message type:TrafficAlarmEventDiagnosticStatisticAllWatchGuard Training*

  • Other Available ReportsThe same reports are available that were previously available on your WatchGuard Report ServerSelect options to pivot on from the pivot drop-down listExport the report to a PDF fileWatchGuard Training*

  • Support WatchGuard DimensionWatchGuard Training*

  • Dimension Support Console AccessvSphere console shows command line accessLogin with wgsupport/readwrite (must change the password on initial login)Account restricted to only change the IP addressTo set a static IP address, use the command wg_ip_addr.sh, located in /opt/watchguard/dimension/bin. For example, to set a static IP address of 192.168.24.101 on network 192.168.24.0/24 with gateway 192.168.24.1, type: /opt/watchguard/dimension/bin/wg_ip_addr.sh-i192.168.24.101-m24-g192.168.24.1 When given without any options, or with the option --help, the command displays help text.Support Access for Diagnostics is available with a connection restricted by a client-side certificate.WatchGuard Training*

  • Dimension Support Known LimitationsNo external databaseLocal Backup/RestoreNo host name resolutionCannot import log files to DimensionCertificates must use CSRNo external private keyWatchGuard Training*

  • Thank You!WatchGuard Training*


WatchGuard Total Security

Easy To Install. Easy To Manage. Always Up-To-Date. · PDF fileDATA SHEET WATCHGUARD ® FIREBOX ™ SYSTEM Easy To Install. Easy To Manage. Always Up-To-Date. Overview The WatchGuard

Introduction to the WatchGuard AP Device WatchGuard Training

WatchGuard System Manager, Fireware v12.7.2 Dimension v2

Introduction to WatchGuard Dimension™ v1.2 ©2013 WatchGuard Technologies, Inc. WatchGuard Training

What’s New in WatchGuard XCS 10.0 Update 3 WatchGuard Training

WatchGuard Total Security · WatchGuard Total Security. Complete network protection in a single, easy-to-deploy solution. WatchGuard® Technologies, Inc. WATCHGUARD TOTAL SECURITY

WatchGuard System Manager and Fireware™cdn.watchguard.com/SoftwareCenter/Files/WSM/10_2_11/EN_Release...RELEASE NOTES SEPTEMBER 21, 2009 PAGE 1 WatchGuard System Manager and Fireware™

Watchguard short introduction

Dell™ Dimension™ 2400 Series

WatchGuard AP Setup Guide - Neweggimages10.newegg.com/UploadFilesForNewegg/itemintelligence/WG/WG...About WatchGuard WatchGuard offers affordable, all-in-one network and content security

maxiFLoW™ Cross Cut High Performance Heat sinks with ... · Product Details DIMENSION A DIMENSION B DIMENSION C DIMENSION D INTERFACE MATERIAL FINISH Notes: Dimension C = heat sink

WatchGuard Firebox HOWTO

WatchGuard Total Security Brochure · WatchGuard Security Services WatchGuard offers the most comprehensive portfolio of network security services, from traditional IPS, GAV, application

Watchguard Networking

XCS - Watchguard

WatchGuard AP320 Hardware Guide · WatchGuard Firebox Gateway Wireless Controller Local management, configuration, security, and monitoring of AP devices directly from your WatchGuard

Copyright ©2015 WatchGuard Technologies, Inc. All Rights Reserved WatchGuard Training Introduction to WatchGuard Dimension™ v2.0.1

WatchGuard System Manager and Fireware™ …...WATCHGUARD SYSTEM MANAGER AND FIREWARE WSM/FIREWARE 10.2.12 RELEASE NOTES DECEMBER 14, 2009 PAGE 3 6. To upgrade your Firebox to Fireware

Dell™ Dimension™ E520 Owner’s Manual · Dell™ Dimension™ E520 Owner’s Manual Model DCSM FlexBay for optional floppy drive or Media Card Reader hard-drive activity light

WatchGuard Fireware Migration Guide - IT Security … · WatchGuard ® Fireware Migration Guide WatchGuard Fireware v8.0 WatchGuard System Manager v8.0. ... company’s Firebox X

WatchGuard XCS v9.1 Field Guide · Field Guide 1 1 WatchGuard XCS Overview WatchGuard XCS Overview The WatchGuard XCS is the industry’s first consolidated messaging security platform

What’s New in WatchGuard Dimension v1.3

Block UltraSurf WatchGuard

Why Buy WatchGuard Network Security Solutionsnetcomplex.home.pl/zdj/matrix-watchguard.pdf · Dimension™ threat visibility tool enables busy IT managers to instantly identify and

WatchGuard XTM 3 Series Hardware Guidewatchguard.com.ru/.../XTM_3_Series_HardwareGuide_XTM_330.pdf · WatchGuard XTM 3 Series Hardware Guide XTM 330 NC5AE7. ii WatchGuard XTM 3 Series

Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –

WatchGuard System Manager, Fireware v12.6.2 Dimension v2.1...For additional information, promotions and updates, follow WatchGuard on Twitter, @WatchGuard on Facebook, or on the LinkedIn

Fortigate vs Watchguard

What’s New in WatchGuard XCS 10.0 WatchGuard Training

Introducing WatchGuard Dimension - Hic Salta

What’s New in WatchGuard Dimension v1.2 WatchGuard Training

What’s New in WatchGuard Dimension v1.2

Watchguard - weblink.com.tw

Dell™ Dimension™ 2400 Series - andovercg.com · Dell™ Dimension™ 2400 Series CD or DVD drive activity light CD or DVD headphone connector CD or DVD eject button floppy-drive