CHAPTER 16 System Information. Watchguard Firebox Vclass
Add to my manuals
477 Pages
Watchguard Firebox Vclass is a network security appliance that provides comprehensive protection for your network against a wide range of threats. It offers a variety of features to help you keep your network safe, including firewall protection, intrusion prevention, and web filtering.
advertisement
CHAPTER 16
System Information
The System Information window provides accurate and up-to-date information on your system’s current status. This dialog box contains a number of tabs that provide information on a variety of system components.
General Information
For general information on Firebox Vclass appliance status, use the System Information window General tab.
1 From the main Vcontroller window, click System
Information .
The System Information dialog box appears.
2 Click the General tab.
Firebox Vclass User Guide 389
CHAPTER 16: System Information
You can use this tab allows you to view general information, such as the model number, current system software version, serial number, system mode (Router or Transparent), IP address for Interface 0 or the
System IP, contact person, and location of the appliance.
3 Click Close .
VPN Tunnel Information
You can view tunnels and traffic statistics, delete specific tunnels, or delete all tunnels and purge the appliance of all residual tunnel records. Remember that tunnels are not always closed when the connection is broken.
1 From the main Vcontroller window, click System
Information .
The System Information dialog box appears.
2 Click the Tunnels tab.
3 Click one of the following two display categories:
390 Vcontroller
VPN Tunnel Information
By IPSec Peers
Displays a list of currently active IPSec peers. The total count of tunnels may include some that are not in active use, but are still on record within the database.
By Policies
Displays a list of all policies you have created and the number of VPN tunnels established by each policy.
Firebox Vclass User Guide 391
CHAPTER 16: System Information
4 to view the traffic statistics and the associated tunnels for a particular IPSec peer or policy, select the entry from the IPSec Peer list.
The display refreshes and the statistics are displayed on the right. if there are any tunnels associated with this entry, the tunnel list displays them.
5 Click Delete Tunnels to remove all established tunnels associated with this IPSec peer or policy and force the creation of new tunnels. If there are no established tunnels this button is unavailable.
6 Click Refresh to remove the Statistics information from the IPSec Peer List field.
7 To delete a specific tunnel associated with an IPSec
Peer or Policy and force the creation of a new tunnel, select the entry from the tunnel list and click Delete .
8 To update the tunnel list with the most recent information, click Refresh .
9 Click Close .
Viewing tunnel details
To view a detailed report of a specific tunnel:
1 Select an entry from the tunnel list and then click
Details .
The Detail Tunnel Information dialog box appears.
2 Click Refresh to update the current SAs list with the most recent information. When you are finished, click
Close to return to the System Information dialog box,
Tunnels tab.
392 Vcontroller
Traffic Information
Traffic Information
To view traffic activity information:
1 From the main Vcontroller window, click System
Information .
The System Information dialog box appears.
2 Click the Traffic tab.
The following information is displayed on the Traffic tab:
Total Packets
Total number of packets processed since the last reboot of this appliance. This includes packets that pass through this appliance and those that are discarded by firewall policies.
Total Bytes
Data traffic in total bytes processed through this appliance since the last reboot.
IPSec Packets
IPSec activity in total number of packets that have been encrypted or decrypted, since the last system startup.
Firebox Vclass User Guide 393
CHAPTER 16: System Information
IPSec Bytes
IPSec encryption/decryption activity in bytes.
Total Tunnels
Number of VPN tunnels.
3 Click Refresh to update the display with the most recent information.
4 Click Reset Connections to disconnect all current connections. This will flush the Firebox Vclass appliance of all residual data connections that may be hampering performance.
5 Click Close .
Route Information
To view the routing table information:
1 Click the Routes tab.
394
2 Click Refresh to update the display with the most recent information.
Vcontroller
RAS User Information
3 When you are finished, click Close .
N OTE
Interfaces are not listed in this table in Transparent Mode.
RAS User Information
After you have set up Remote Access Service (RAS) and implemented VPN policies, you can monitor and manage the current remote user connections using the System
Information window.
1 Click the RAS User tab.
This currently active RAS users are displayed.
2 Click Disconnect to break the selected user connection, including any established tunnels. If an internal IP address was assigned to this user, it will be returned to the system for future use.
3 Click Refresh to update the Active RAS Users display with the most recent information.
4 When you are finished, click Close .
Firebox Vclass User Guide 395
CHAPTER 16: System Information
Viewing RAS user information and tunnel details
You can view a real-time snapshot of a user connection, including information about the properties of a user, properties of tunnels being used by this user, and detailed traffic statistics.
1 Select a user entry from the Active RAS Users list and then click Detail .
The RAS User Information dialog box appears.
396
The User Information and Statistics areas provide extensive information about this user and the current connection. The Tunnel List catalogs the tunnels currently in use.
2 Click Refresh to update the Statistics display with the most recent information.
Vcontroller
Interface 1 (Public) Information
3 Click Disconnect to break the selected user connection, including any established tunnels. If an internal IP address was assigned to this user, it will be returned to the system for future use.
4 To delete a specific tunnel associated with a RAS user and force the creation of a new tunnel, select the entry from the tunnel list and click Delete .
5 To update the tunnel list with the most recent information, click Refresh .
6 To view a detailed report of a specific tunnel, select an entry from the tunnel list and then click Details . Most of the time, a RAS User connection will have only a single tunnel.
The Detail Tunnel Information dialog box appears.
- Click Refresh to update the Current SAs list with the most recent information. When you are finished, click Close to return to the System
Information, Tunnels tab.
- When you are finished, click Close to return to the RAS User Information window.
Interface 1 (Public) Information
This tab displays the status of interface 1 (Public) and the
IP addressing mode in use–Static, DHCP, or PPPoE. This tab is not available in Transparent Mode.
1 From the main Vcontroller window, click System
Information .
The System Information dialog box appears.
2 Click the Interface 1 (Public) tab.
The Interface 1 (Public) information is displayed.
Firebox Vclass User Guide 397
CHAPTER 16: System Information
3 Click Refresh to update the display with the most recent information.
4 If the Backup WAN feature is enabled, you can switch between the Primary and Backup configurations by clicking the Switch to button.
This button always lists the name of the currently inactive WAN.
If Primary is the current configuration, the Switch To option is
Backup. If the Backup connection is active, the Switch To option is Primary.
5 When you are finished, click Close .
DHCP Server Information
If you have configured the Firebox Vclass appliance to act as a DHCP server, you can use this tab to view the DHCP lease information.
This tab is not available in Transparent Mode.
1 From the main Vcontroller window, click System
Information .
The System Information dialog box appears.
398 Vcontroller
Runtime Blocked IP List
2 Click the DHCP Server tab.
THe DHCP server lease information is displayed.
3 Click Refresh to update the display with the most recent information.
4 When you are finished, click Close .
Runtime Blocked IP List
The Blocked IP List in the System Information window allows you to temporarily block sites by IP address. Sites that are automatically blocked by a proxy action are also added to this list. This is a “runtime” list, and the list is discarded upon a system reboot. To permanently block IP addresses, use the Blocked Sites list in the System Configuration window.
1 From the main Vcontroller window, click System
Information .
The System Information dialog box appears.
Firebox Vclass User Guide 399
CHAPTER 16: System Information
2 Click the Blocked IP List tab.
The Runtime Blocked Site List dialog appears.
3 Click Add to add a blocked site.
The Add Blocked Site dialog appears.
400
4 In the IP Address field, type the IP address that you want to block.
5 In the Expiration Time field, type an expiration time for this site in minutes.
The maximum time you can block a runtime site for is 100,000 minutes, or approximately 70 days.
6 Click Apply to add the site to the list, or Cancel to return to the window without adding a site.
Vcontroller
Runtime Blocked IP List
To change expiration time for a runtime blocked site:
1 Select the Blocked site on the list.
2 Click Change Expiration .
The Change Expiration Time dialog appears.
3 In the IP Address field, type a new expiration period for the IP address, and then click Apply , or click
Cancel to return to the Runtime Blocked Site List.
To delete an entry from the Runtime Blocked Site list:
1 Select the entry and click Delete .
A warning dialog appears.
2 Click OK to delete the entry, or Cancel to return to the
Runtime Blocked IP List.
N OTE
You can Shift-click to select multiple contiguous sites from the list, or Control-click to select multiple non-contiguous sites.
Firebox Vclass User Guide 401
CHAPTER 16: System Information
To refresh the Runtime Blocked IP List:
• Click Refresh . The List of Runtime Blocked IP addresses is refreshed. New sites that have been blocked by Proxy Actions since the last refresh of the window now appear. Sites that have expired since the last refresh of the window are no longer listed.
402 Vcontroller
advertisement
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Key Features
- Blocks unauthorized access to your network
- Prevents malware and other threats from entering your network
- Filters web content to protect users from inappropriate or harmful content
- Provides real-time monitoring and reporting of network activity
- Offers a wide range of configuration options to meet your specific needs
- Easy to install and manage
Related manuals
Frequently Answers and Questions
What are the benefits of using Watchguard Firebox Vclass?
What types of threats does Watchguard Firebox Vclass protect against?
Is Watchguard Firebox Vclass easy to use?
advertisement
Table of contents
- 23 Contents
- 33 CHAPTER 1 Introduction
- 33 Welcome to WatchGuard®
- 34 WatchGuard Firebox Vclass Components
- 35 Minimum Requirements for the WatchGuard Vcontroller
- 37 Software License Keys
- 37 WatchGuard Firebox Vclass Appliance Options
- 38 High Availability
- 38 Mobile User VPN
- 38 About This Guide
- 41 CHAPTER 2 Service and Support
- 41 Benefits of LiveSecurity® Service
- 42 LiveSecurity® Broadcasts
- 44 Activating the LiveSecurity® Service
- 46 LiveSecurity® Self Help Tools
- 47 Interactive Support Forum
- 48 Product Documentation
- 48 Assisted Support
- 48 LiveSecurity® Program
- 49 LiveSecurity® Gold Program
- 50 Firebox Vclass Installation Services
- 50 VPN Installation Services
- 50 Training and Certification
- 51 Using the Online Help
- 53 CHAPTER 3 Getting Started
- 54 Gathering Network Information
- 55 Setting up the Management Station
- 55 Installing Vcontroller on a Windows workstation
- 56 Installing Vcontroller on a Solaris workstation
- 57 Installing Vcontroller on a Linux workstation
- 59 Cabling the Appliance
- 59 Start a Firebox Vclass Security Appliance
- 60 If problems occur
- 61 Using Appliance Discovery
- 62 If no appliance is discovered
- 63 If an appliance is discovered
- 64 Setting the IP address of Interface 0 or the System IP
- 66 Running the Vcontroller Installation Wizard
- 66 Before You Begin
- 67 Starting the Installation Wizard
- 68 Edit the General information
- 71 Configure the Interfaces in Router Mode
- 76 Configure Interface 2 and 3 (DMZ)
- 77 Configure the Interfaces in Transparent Mode
- 79 Configure Routing
- 80 Define the DNS servers
- 82 Define a Default Firewall Policy
- 86 Using Dynamic Network Address Translation (DNAT)
- 86 Change the Password
- 89 Deploying the Firebox Vclass into your Network
- 91 CHAPTER 4 Firebox Vclass Basics
- 91 What is a Firebox Vclass Appliance?
- 92 Firebox Vclass Features
- 93 Where the Information is Stored
- 94 Launching the WatchGuard Vcontroller
- 96 The Vcontroller Main Page
- 96 Activities column buttons
- 97 Policy column buttons
- 98 Administration column buttons
- 100 Page-top buttons
- 100 The status viewer
- 101 Logging out of Vcontroller
- 102 Shutting Down and Rebooting
- 104 Restarting the appliance
- 104 Upgrading and Downgrading the Software Version
- 107 The Upgrade History
- 108 Transferring from Vcontroller to WatchGuard Central Policy Manager (CPM)
- 111 CHAPTER 5 Router and Transparent Mode
- 111 Router Mode
- 113 Transparent Mode
- 114 Unsupported features in Transparent Mode
- 114 Setting a Vclass Appliance to Transparent Mode
- 115 Setting an Appliance to Transparent Mode using Device Discovery
- 119 Setting an Appliance to Transparent Mode using the Installation Wizard
- 121 CHAPTER 6 System Configuration
- 122 General Configuration
- 125 Interface Configuration
- 128 Configuring Interface 0
- 131 Configuring Interface 1
- 136 Configuring Interface 2 or 3
- 138 Configuring the HA Interfaces
- 139 Routing Configuration
- 139 Configuring static routing
- 141 Configuring dynamic routing
- 144 DNS Configuration
- 146 SNMP Configuration
- 148 Log Configuration
- 148 Certificate Configuration
- 155 Importing a certificate or CRL file
- 157 LDAP Server Configuration
- 159 NTP Server Configuration
- 161 Advanced Configuration
- 164 Hacker Prevention Configuration
- 168 CPM Management Configuration
- 169 License Configuration
- 169 Add a single license
- 172 Install licenses from a license package
- 174 VLAN Forwarding Option
- 177 Blocked Sites Configuration
- 180 High Availability Configuration
- 181 CHAPTER 7 Using Account Manager
- 181 Configuring Accounts
- 184 End-user accounts for authentication
- 186 Managing accounts
- 187 External Access for Remote Management
- 188 Account Access Conflicts
- 188 Resolving login conflicts
- 191 CHAPTER 8 About Security Policies
- 191 About Security Policies
- 192 Security policy components
- 193 Types of policies
- 196 Using Policy Manager
- 205 How policy order governs policy application
- 206 Applying system-wide QoS port shaping
- 207 Using tunnel switching
- 207 Using Policy Checker
- 210 Default policies
- 210 Defining a Security Policy
- 211 Defining source and destination
- 212 Defining an address group
- 214 Defining a service
- 217 Defining the incoming interface
- 218 Using Tenants
- 219 About VLANs and tenants
- 220 User domain tenant authentication
- 221 Defining tenants
- 224 Using the Firewall Options
- 225 Defining the firewall action
- 226 Using Quality of Service (QoS)
- 228 Defining a QoS action
- 229 Activating TOS marking
- 230 About NAT
- 230 Static NAT
- 231 Dynamic NAT
- 232 About Load Balancing
- 232 Defining a NAT Action
- 235 Defining a Load-Balancing Action
- 237 Using Policy Schedules
- 237 Defining a Schedule
- 239 Using the Advanced Settings
- 243 CHAPTER 9 Security Policy Examples
- 243 Firewall Policy Examples
- 243 Example 1: Allowing Internet access
- 244 Example 2: Restricting Internet access
- 246 Example 3: Allowing unlimited access for authorized users
- 248 Example 4: Allowing communication between branch offices
- 250 Example 5: Defining policies for an ISP
- 251 Example 6: Controlling access at corporate headquarters
- 254 VLAN Policy Examples
- 256 Using a Firebox Vclass appliance in a VLAN setting
- 256 Creating policies for user-domain tenants
- 257 An example of a user-domain policy in use
- 258 QoS Policy Examples
- 258 Example 1:
- 258 Example 2:
- 259 Static NAT Policy Examples
- 259 Example 1: Translating IP addresses into aliases
- 260 Example 2: Preventing conflicts between IP addresses
- 263 Load Balancing Policy Examples
- 263 Configuring Load Balancing for a Web Server
- 264 Configuring Load Balancing for an E- commerce Site
- 269 CHAPTER 10 Using Proxies
- 270 In This Chapter
- 270 Proxy Description
- 270 HTTP Client Proxy
- 271 SMTP Proxy
- 271 Rules and Rulesets
- 273 General Proxy Configuration
- 273 Using a Proxy Action in the Policy Manager
- 273 Creating a Proxy Action
- 275 Editing an existing Proxy Action
- 277 Configuring proxy rules
- 281 Ordering listed Rules in a Proxy Action
- 283 Proxy Parameters Reference
- 283 HTTP Client Proxy
- 304 SMTP Incoming Proxy
- 318 SMTP Outgoing Proxy
- 329 Reference Sources
- 331 CHAPTER 11 Using Virtual Private Networks (VPN)
- 332 Tunneling Protocols
- 333 IPSec
- 333 Authentication
- 334 Internet Key Exchange (IKE)
- 335 NAT Traversal (UDP Encapsulation)
- 336 Firebox Vclass appliance VPN Solutions
- 336 Mobile User VPN
- 337 VPN to other IPSec compliant devices
- 337 About VPN Policies
- 337 VPN policies and IPSec actions
- 338 Using Authentication and Encryption
- 339 Defining an IKE Policy
- 342 Defining an IKE action
- 346 Defining a VPN Security Policy
- 347 Defining an IPSec action
- 355 Using Tunnel Switching
- 358 Enabling tunnel switching
- 359 CHAPTER 12 Creating a Remote User VPN Policy
- 360 About Remote User VPN
- 360 Configuring the Remote Users Authentication Policy
- 365 Using an internal authentication database
- 367 Using a RADIUS authentication database
- 369 Editing and deleting a user group profile
- 370 Removing the backup server
- 371 Defining an IKE Policy and IKE Action
- 371 Defining an IKE action for RUVPN
- 373 Defining an IKE policy
- 375 Defining an RUVPN Security Policy and an IPSec Action
- 375 Defining an IPSec action for RUVPN
- 377 Defining a security policy for RUVPN
- 380 Controlling a remote user’s access privileges
- 380 Monitoring Remote User Activity
- 383 CHAPTER 13 Using Alarm Manager
- 384 Alarm Definitions
- 386 Defining a single-condition alarm
- 388 Defining a multiple-condition alarm
- 391 Managing alarm definitions
- 392 Responding to an Alarm Notification
- 395 CHAPTER 14 Monitoring the Firebox Vclass
- 395 Using the Real-Time Monitor
- 397 Defining probes
- 398 Monitoring configured probes
- 400 A Catalog of Real-time Monitor Probe Counters
- 400 System Counters
- 406 Aggregate counters for all VPN end-point pairs
- 406 IPSec counters per VPN end-point pair
- 407 Policy counters for all policies
- 408 Policy counters per policy
- 411 CHAPTER 15 Using Log Manager
- 412 Viewing the Logs
- 414 Filtering a current log
- 415 Log Settings
- 417 Activating the remote logging feature
- 419 Log Archiving
- 421 CHAPTER 16 System Information
- 421 General Information
- 422 VPN Tunnel Information
- 424 Viewing tunnel details
- 425 Traffic Information
- 426 Route Information
- 427 RAS User Information
- 428 Viewing RAS user information and tunnel details
- 429 Interface 1 (Public) Information
- 430 DHCP Server Information
- 431 Runtime Blocked IP List
- 435 CHAPTER 17 Backing Up and Restoring Configurations
- 436 Create a Backup File
- 437 Restoring an Archived Configuration
- 439 Restoring to Factory Default
- 440 Resetting an Appliance Completely
- 440 What you need
- 440 Restoring the appliance
- 442 Exporting and Importing Configuration Files
- 443 Importing a configuration file using Appliance Discovery
- 444 Editing an exported configuration file
- 447 CHAPTER 18 Using the Diagnostics/CLI Feature
- 447 Using Connectivity to Test Network Connections
- 449 Using the Support Features
- 450 Configuring debugging support
- 451 Saving a Policy to a text file
- 453 Executing a CLI Script
- 454 Saving Diagnostic Information
- 457 CHAPTER 19 Setting Up a High Availability System
- 457 High Availability Modes
- 458 Active/Standby
- 458 Active/Active
- 458 In this chapter
- 459 How High Availability works
- 459 Prerequisites for a High Availability System
- 460 Connecting the Appliances
- 460 Configuring a Standby Appliance
- 464 Customizing HA System Parameters
- 467 Checking your HA System Status
- 467 Detailed system status
- 468 Additional Preparation for Failover
- 469 Index