Unified Threat Management

Similar documents
Unified Threat Management

Unified Threat Management

Unified Threat Management

Release Information. Revision History. Version: build 018 Release Date: 23 rd November 2011

Product Release Information

Customer Support: For more information or support, please visit or at Product Release Information...

SOFTWARE LICENSE LIMITED WARRANTY

QUICK START GUIDE. SMS 2500iX Appliance.

Cyberoam Virtual Security Appliance - Installation Guide for VMware Player. Version 10

SOFTWARE LICENSE LIMITED WARRANTY

Download Client...1. Introduction...3. Release 4.10 build Bugs Solved...3

Version: Release Date: 10 th December, 2007

Console Management Guide (Version 5.0.5)

Version: Beta build 21 Date: 14th August, 2007

Elitecore Technologies Ltd. 1

CX Recorder. User Guide. Version 1.0 February 8, Copyright 2010 SENSR LLC. All Rights Reserved. R V1.0

USB Server User Manual

SonicWALL CDP 2.1 Agent Tool User's Guide

SensView User Guide. Version 1.0 February 8, Copyright 2010 SENSR LLC. All Rights Reserved. R V1.0

PCMCIA Flash Card User Guide

Analytical Tool Guide. Version 9

Ludlum Lumic Data Logger Software Manual Version 1.1.xx

Made in U.S.A. 1

Installation Procedure Windows 2000 with Internet Explorer 5.x & 6.0

Installation Procedure Windows 95/98/ME with Internet Explorer 5.x & 6.0

1. Introduction... 1 Features... 1 Package Contents... 1 System Requirements... 1 LED Status... 2

Installation Procedure Windows NT with Netscape 4.x

D-Link DI-804V. Broadband VPN Router. Manual. Rev Building Networks for People

If WPA-PSK is selected, please set the PSK key in the pass phrase field. The pass phrase should be 8 characters at least.

TeraJet DOCSIS Modem Installation. Guide

Online Connection Kit. Installation Manual

ESI Voice Router Public-Installation Guide

SonicWall SonicOS 5.9

Installation and Configuration Guide

Dell SonicWALL SonicOS 5.9 Upgrade Guide

Installation Procedure Red Hat 7 with Netscape 6

Quick Install Guide. Quick Setup. Quick Setup. SnapGear Warranty Contact Details Product Registration. System Requirements

NetApp Cloud Volumes Service for AWS

Using Linksys RV042 for failover with BGAN and FleetBroadband

Cyberoam Wireless Protection Guide. Version 10

SonicWall Secure Mobile Access SMA 500v Virtual Appliance 8.6. Getting Started Guide

Barbara Ann Karmanos Cancer Institute. Instructions for Installing Cisco Systems VPN Client

ADN. System Installer. Instruction manual

Version: Introduction... 3

Trimble S6 and SPS700 Total Station Firmware

Release Notes. BlackBerry Enterprise Identity

Barracuda Link Balancer

High Availability Configuration Guide. Version 10

Deployment Guide: Routing Mode with No DMZ

The HPV Explorer is a serial communication program used to work with the HPV 600/900 s parameters via a computer s serial port

RTDM RUN-TIME VERSION REAL TIME DATA MONITOR INSTRUCTION MANUAL

AhnLab Software License Agreement

Moxa Remote Connect Server Software User s Manual

SD1306. Speed Dome IP Camera. Quick User Guide

Console Guide Version 9

Release Notes. BlackBerry UEM Client for Android Version

Daniel MeterLink Software v1.40

End User License Agreement

Nokia Intrusion Prevention with Sourcefire. Appliance Quick Setup Guide

IPNexus Server Secure Instant Messaging & Integrated Collaboration

Conceptronic C100BRS4H Quick Installation Guide. Congratulations on the purchase of your Conceptronic 4-ports Broadband Router.

BlackBerry Enterprise Server for Microsoft Office 365. Version: 1.0 Maintenance Release: 1. Release Notes

TERMS & CONDITIONS. Complied with GDPR rules and regulation CONDITIONS OF USE PROPRIETARY RIGHTS AND ACCEPTABLE USE OF CONTENT

User s Manual. JAI Control Tool. Operation Manual. Document Version: C Document P/N:10493

Entrust SSL Web Server Certificate Subscription Agreement

Manual ServiceGate. Remote Engineer B.V. De Parse 11, 8491 PJ, Akkrum The Netherlands

quick setup Plug the keyboard into your computer. For: Windows Linux Mac OS X 10.3 or earlier For: Mac OS X 10.4 or later

SonicWALL Security Appliances. SonicWALL SSL-VPN 200 Getting Started Guide

Entrust WAP Server Certificate Relying Party Agreement

DG-HR1160M Portable Power Bank 3G Router User Manual

Silver Peak EC-V and Microsoft Azure Deployment Guide

HDR-8X8-Plus. User Manual. HDMI 4K 8x8 Switch Matrix Connect up to eight different HDMI video sources to eight different outputs.

SonicWall Web Application Firewall 2.0. AWS Deployment Guide

Quick Installation Guide TPL-302E

Avast Customer & Technical Support Policy

Quick Start Guide. Model 0260 Secondary Electronics

SonicWall Mobile Connect ios 5.0.0

WHG713. Secure WLAN Controller

Wireless Access Point Windows 95, 98, 2000, Me, NT, and XP Companion Reference Guide

Nokia Intrusion Prevention with Sourcefire Appliance Quick Setup Guide. Sourcefire Sensor on Nokia v4.8

SonicWALL TZ 150 Getting Started Guide

SOHO 6 Wireless Installation Procedure Windows XP with Internet Explorer 5.x & 6.0

Installation and Configuration Guide

TRENDnet User s Guide. Cover Page

Table Contents. Introduction Key Features...2. Getting Started Package Contents...3. Minimum System Requirements...3

Compatibility Matrix. Good Control and Good Proxy. June 4, 2018

July SonicWall SonicOS 6.2 Upgrade Guide

UTM Content Security Gateway CS-2001

Cyberoam IDP Implementation Guide. Version 9

Easy Installation Guide

ABOUT THIS GUIDE... 4

CHAPTER 7 ADVANCED ADMINISTRATION PC

Trimble R/5000 Series GPS Receivers Release Notes

UltraAV DisplayPort to HDMI Display MST Hub

SonicWALL Network Anti-Virus

English version. Introduction. Contents of the box. LW050/LW050UK Sweex Wireless Broadband Router 54 Mbps

TD 600 Thermo-Fastprinter

DI-704P. Express Ethernetwork TM Broadband Router. Manual. Rev Building Networks for People

MySonicWall Secure Upgrade Plus

UNIBOX. Hotspot Management Application. Quick Start Guide

Transcription:

Unified Threat Management QUICK START GUIDE CR 15i Appliance Document Version: PL QSG 15i/95811-1.0-30/01/2009

DEFAULTS Default IP addresses Ethernet Port IP Address Zone A 172.16.16.16/255.255.255.0 LAN B 192.168.2.1/255.255.240.0 WAN Default Username & Password Web Admin Console * Username cyberoam * Password cyber Package Contents Checking the package contents - Check that the package contents are complete. One CyberoamAppliance One Serial Cable One Straight-through Ethernet Cable OneACAdapter Cable Documentation CD One Cyberoam Quick Start Guide CLI Console (SSH/Serial Connection) Serial Cable Blue Straight-through Ethernet Cable AC Adapter Cable * Password admin * Username and Password are case sensitive Documentation CD Quick Start Guide If any items from the package are missing. please contact Cyberoam Support at support@cyberoam.com 2 UNDERSTANDING THE APPLIANCE FRONT PANEL Link Status LEDs Data Transfer Indicator LEDs HDD LED Power LED BACK PANEL Console Ports Use Serial cable to connect to the Management Computer External Power Feed Ports USB Port Provided for future use As Cyberoam does not pre-configure any ports for LAN, WAN, DMZ networks, it is not necessary to use any particular port for them. Usage of ports depends on how the physical connection is required or planned.

3 PLANNING THE CONFIGURATION Before configuring, you need to plan the deployment mode of Cyberoam. Cyberoam can be placed in Bridge or Gateway/Route mode according to your requirement. To control the Internet access through Cyberoam the entire Internet bound traffic from the LAN network should pass through Cyberoam. Gateway Mode Configure as Gateway if you want to use Cyberoam as 1. A firewall or replace an existing Firewall 2. A gateway for routing traffic 3. Link load balancer and implement gateway failover functionality Apart from configuring Gateway IP address (IP address through which all the traffic will be routed), you must also configure LAN and WAN IP addresses. Internet WAN 61.10.15.17 61.10.15.18 10.10.10.1 Cyberoam in Gateway mode Gateway mode policies controlling traffic between LAN and WAN networks. 192.168.1.254 DMZ Network Mail Server Web Server 10.10.10.2 10.10.10.3 Gateway mode policies controlling traffic between LAN & DMZ networks. LAN Network 192.168.1.9 192.168.1.5 Bridge Mode Configure as Bridge if 1. You have a private network behind an existing firewall or behind a router and you do not want to replace the firewall. 2. You are already masquerading outgoing traffic. Internet Cyberoam in Bridge mode LAN LAN Network 192.168.1.254 192.168.1.1 Management IP 192.168.1.5 Bridge mode policies controlling traffic between LAN and WAN networks You will be able to manage and monitor the entire Internet traffic passing through Cyberoam, control web access and apply bandwidth and application restrictions, apply antivirus and antispam policy and IPS policy in either of the modes.

4 GETTING CONFIGURATION INFORMATION Use the table given below to gather ISP (Internet Service Provider) information If Internet connection is via You are probably using Get information Cyberoam configuration from Network Configuration wizard Cable modem, DSL with a Router DHCP ----------- Select Obtain an IP from DHCP Home DSL/ADSL PPPoE Username Password Select Obtain an IP from PPPoE T1/E1, Static broadband, Cable or DSL with a static IP Static IP address Subnet mask Gateway IP address Primary DNS Secondary DNS Select Use Static IP How to get the information: From the PC connected to the Internet: open a command prompt window, type the command ipconfig. Use the tables given below to gather the information you need before proceeding to deploy the Appliance. Gateway Mode For all the required Ports Bridge Mode Port A IP address Subnet Mask Zone Type LAN/WAN/DMZ Bridge IP address IP address Subnet Mask Port B IP address Subnet Mask Zone Type LAN/WAN/DMZ Port C IP address Subnet Mask Zone Type LAN/WAN/DMZ The LAN IP address and Subnet Mask must be valid for the respective networks.

GENERAL SETTINGS IP address of the Default Gateway A default gateway is required for Cyberoam to route connections to the Internet. DNS IP Address System Time Zone System Date and Time Email ID of the administrator where Cyberoam will send System Alerts 5 CONNECTING CYBEROAM Ethernet connection 1. Connect one end of the straight-through cable into Port A on the Back panel of the Appliance and other end into the Ethernet Adapter port of Management computer. Change the IP address of the management computer to 172.16.16.2 and the subnet mask to 255.255.255.0. 2. Connect one end of an Ethernet cable into Port B on the Back panel of the Appliance and other end to your Internet connection e.g. DSL modem or cable modem. It is possible that cable might already be connected between your computer and your modem. If so, disconnect it from your computer and connect into Port B. Internet Switch (Optional) Management Computer 3. Connect the AC Power connector into the Back panel of the Appliance and the other end into a standardac receptacle & turn on the power. 4. Start your management computer. FollowingAppliance LEDs light up: Power - Green indicating thatappliance is ON HDD - Red indicating that hard disk isactive PortA, Port B (Front panel) - Green indicating an active connection Note: If you change the LAN IP address (Gateway mode) or Bridge IP address (Bridge mode), you must use this address to reconnect to the WebAdmin Console. You might also have to change the IPaddress of the management computer to be on the same subnet as the new IP address.

From the management computer: 1. Browse to https://172.16.16.16 2. Log on to the Cyberoam Web Admin Console using default username cyberoam and password cyber. 3. Click Wizard icon to launch the Network Configuration wizard. Prerequisite 1. Ethernet connection between management computer and Cyberoam. 2. Internet Explorer 5.5+ or Mozilla Firefox 1.5+ is required to access Cyberoam WebAdmin Console. Appliance LED Behavior LED Power HDD Ports - A,B,C (Front Panel) State Green Off Flashing Red Off Flashing Amber (Left) Amber (Left) Green (Right) Off Description Cyberoam appliance in ON Cyberoam appliance in OFF Activity going on No activity Network Activity at the Port Correct cable is used and power is on port Port is connected at the 100Mbps No link Refer to the documentation CD-ROM for information on how to control traffic, and how to configure antivirus protection, content filtering, spam filtering, instrusion prevention system (IPS), and virtual private networking (VPN).

6 CONFIGURING THE CYBEROAM APPLIANCE Network Configuration Wizard will guide you step-by-step through configuration of the network parameters like IP address, subnet mask, and default gateway for Cyberoam. Use the configuration settings you have noted in section 4. Click ' Start' to start the configuration. CONFIGURE MODE Gateway mode To configure Cyberoam in Gateway mode, select Gateway Mode option and click button. Follow the on screen steps to configure: 1. Configure DNS server address Click Obtain an IP from DHCP to override appliance DNS and use DNS received from the external DHCP server Bridge mode To configure Cyberoam in Bridge mode, select Bridge Mode option and click button. 1. Configure Bridge IP address and subnet mask. 2. Provide Gateway and DNS IP address. 2. Configure Interface To enable interface for PPPoE, provide PPPoE details: Username and Password (only for WAN zone) 3. Configure static IP address and subnet mask Click Next button to repeat the above procedure for each port

Port A Obtain an IP from DHCP Obtain an IP from PPPoE Use Static IP Gateway Details ISP Name IP Address DNS Configuration Obtain DNS from DHCP Primary DNS 192.168.1.25 IP Address Subnet Mask 192.168.13.3 255.255.240.0 PPPoE Details User Name Secondary DNS 203.88.135.194 Zone LAN Password CONFIGURE INTERNET ACCESS By default, Cyberoam applies 'General Internet Policy' as Internet access policy for LAN to WAN traffic. Do not change the default setting. Cyberoam provides 3 types of policies: 'Monitor Only' policy allows LAN to WAN traffic 1 2 'General Internet' policy enables IPS and Virus scanning and allows LAN to WAN traffic except Unhealthy Web and Internet traffic as defined by Cyberoam. This will include sites related to Adult contents, Drugs, Crime and Suicide, Gambling, Militancy and Extremist, Violence, Weapons, Phishing and Fraud and URL Translation sites. 1 2 'Strict Internet' policy enables IPS and Virus scanning and allows only authenticated LAN to WAN traffic. Click button to configure the mail settings Please select policy for LAN WAN traffic Monitor Only Allows access without Authentication Does not block any traffic General Internet Policy Blocks unhealthy web and Internet traffic Scan HTTP Traffic for Viruses Strict Internet Policy Does not allow access without authentication 1 Until Intrusion Detection and Prevention module is subscribed, IPS scanning will not be effective. 2 Until Gateway Anti Virus module is subscribed, virus scanning will not be effective.

CONFIGURE MAIL SETTINGS 1. Specify Administrator Email ID 2. Specify Mail server IP address 3. Specify email address that should be used to send the System Alerts 4. Click Authentication Required to enable SMTP authentication, if required and specify username and password. Click button for Date and Time zone configuration CONFIGURE DATE AND TIME ZONE Set time zone and current date Enable clock synchronization with NTP server to tune Cyberoam's clock using global time servers. Click button to view the configured details. Copy the configured details for future use. Click 'Finish'. It will take few minutes to save the configuration details.

Configuring Gateway Mode Please wait... On successful configuration following page will be displayed. https://172.16.16.16 - click to access Web Admin Console Cyberoam will take time to restart, please wait for some time before clicking the URL to access the Web Admin Console. Click Close button to close the Network Configuration Wizard window Configuring Gateway Mode Wait for Sometime

Congratulations!!! This finishes the basic configuration of Cyberoam. Your network is now protected from Internet-based threats and access to Adult contents, Drugs, Crime and Suicide, Gambling, Militancy and Extremist, Violence, Weapons, Phishing and Fraud and URLTranslation sites will be blocked. 7 WHAT NEXT? 1. Access Cyberoam Web Admin Console Browse to https://<ip address of cyberoam> and log on using the default username (cyberoam) and password (cyber). Note: Internet Explorer 5.5+ or Mozilla Firefox 1.5+ is required to access the Cyberoam Web Admin Console. 2. Create Customer Account and register Appliance Prerequisite: For customer account creation and appliance registration as well as module registration, Cyberoam server must be able to connect to the Internet as Cyberoam server will contact the Cyberoam's central registration site with the Appliance details. Click 'Register' icon on the topmost right Icon bar on the page to create customer account and register your appliance. As soon as you register, you can avail 8 x 5 Support. You can go to Help Licensing and subscribe for free 15-days trial subscription for Web and Application Filtering, IPS, Anti Virus and Anti Spam. 3. Configure the correct firewall rule for your Domain Name Server (DNS). You may not be able to access Internet if not configured properly. 4. Go to Firewall Manage Firewall rule and edit default firewall rules to enable virus scanning. 5. For the below given steps, refer to Getting Started Guide (From Documentation CD supplied along with Appliance) - Verify Configuration - Configure Mail & Web server access. 6. Set authentication parameters Go to User Authentication Settings to define the authentication parameters. 7. Access Help For accessing online help, click the Help button or F1 key on any of the screens to access the corresponding topic's help. Use the Contents and Index options to navigate through the entire online help. Additional Resources Visit following links for more information to configure Cyberoam Technical Documentation - http://docs.cyberoam.com Cyberoam Knowledge Base - http://kb.cyberoam.com Cyberoam Security Center - http://csc.cyberoam.com Cyberoam Upgrades - http://download.cyberoam.com Online Video Trainingusername: online.video@cyberoam.com https://connect.elitecore.com password: onlinevideo

Important Notice Elitecore has supplied this Information believing it to be accurate and reliable at the time of printing, but is presented without warranty of any kind, expressed or implied. Users must take full responsibility for their application of any products. Elitecore assumes no responsibility for any errors that may appear in this document. Elitecore reserves the right, without notice to make changes in product design or specifications. Information is subject to change without notice. User s License TheAppliance described in this document is furnished under the terms of Elitecore's End User license agreement. Please read these terms and conditions carefully before using theappliance. By using thisappliance, you agree to be bound by the terms and conditions of this license. If you do not agree with the terms of this license, promptly return the unused Appliance and manual (with proof of payment) to the place of purchase for a full refund. Limited Warranty Software: Elitecore warrants for a period of ninety (90) days from the date of shipment from Elitecore: (1) the media on which the Software is furnished will be free of defects in materials and workmanship under normal use; and (2) the Software substantially conforms to its published specifications except for the foregoing, the software is provided AS IS. This limited warranty extends only to the customer as the original licenses. Customers exclusive remedy and the entire liability of Elitecore and its suppliers under this warranty will be, at Elitecore or its service center's option, repair, replacement, or refund of the software if reported (or, upon, request, returned) to the party supplying the software to the customer. In no event does Elitecore warrant that the Software is error free, or that the customer will be able to operate the software without problems or interruptions. Elitecore hereby declares that the anti virus and anti spam modules are powered by Kaspersky Labs and Commtouch respectively and the performance thereof is under warranty provided by Kaspersky Labs and Commtouch respectively. It is specified that Kaspersky Lab does not warrant that the Software identifies all known viruses, nor that the Software will not occasionally erroneously report a virus in a title not infected by that virus. Hardware: Elitecore warrants that the Hardware portion of the Elitecore Products excluding power supplies, fans and electrical components will be free from material defects in workmanship and materials for a period of One (1) year. Elitecore's sole obligation shall be to repair or replace the defective Hardware at no charge to the original owner. The replacement Hardware need not be new or of an identical make, model or part; Elitecore may, in its discretion, replace the defective Hardware (or any part thereof) with any reconditioned product that Elitecore reasonably determines is substantially equivalent (or superior) in all material respects to the defective Hardware. Disclaimer Of Warranty Except as specified in this warranty, all expressed or implied conditions, representations, and warranties including, without limitation, any implied warranty or merchantability, fitness for a particular purpose, non-infringement or arising from a course of dealing, usage, or trade practice, and hereby excluded to the extent allowed by applicable law. In no event will Elitecore or its supplier be liable for any lost revenue, profit, or data, or for special, indirect, consequential, incidental, or punitive damages however caused and regardless of the theory of liability arising out of the use of or inability to use the product even if Elitecore or its suppliers have been advised of the possibility of such damages. In the event shall Elitecore's or its supplier's liability to the customer, whether in contract, tort (including negligence) or otherwise, exceed the price paid by the customer. The foregoing limitations shall apply even if the above stated warranty fails of its essential purpose. In no event shall Elitecore or its supplier be liable for any indirect, special, consequential, or incidental damages, including, without limitation, lost profits or loss or damage to data arising out of the use or inability to use this manual, even if Elitecore or its suppliers have been advised of the possibility of such damages. Restricted Rights Copyright 1999-2009 Elitecore Technologies Ltd.All rights reserved. Cyberoam, Cyberoam logo are trademark of Elitecore Technologies Ltd. Corporate Headquarters ElitecoreTechnologies Ltd. 904, Silicon Tower Off C.G. Road Ahmedabad 380015 Gujarat, India. Phone: +91-79-66065606 Fax: +91-79-26407640 Web site: www.elitecore.com Technical Support You may direct all questions, comments, or requests concerning the software you purchased, your registration status, or similar issues to Customer care/service department at the following address: Email: support@cyberoam.com Web site: www.cyberoam.com Visit www.cyberoam.com for the regional and latest contactinformation. Unified Threat Management Toll Free Numbers USA : +1-877-777-0368 India : 1-800-301-00013 APAC/MEA : +1-877-777-0368 Europe : +44-808-120-3958 Visit: www.cyberoam.com Contact: sales@cyberoam.com

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback