Configuring the Bomgar Appliance

Appliance Administration Guide

Base 4.2.x

© 2015 Bomgar Corporation. All rights reserved worldwide. BOMGAR and the BOMGAR logo are trademarks of Bomgar Corporation; other trademarks shown are the property of their respective owners.

TC:11/5/2015

APPLIANCE ADMINISTRATION GUIDE BASE 4.2.X

Table of Contents

Bomgar Appliance Overview

Bomgar Appliance Web Interface

Login to the Appliance Administrative Interface

Status

Basics: View Appliance Details

Storage: Disk space and Hard Drive Status

Users: Change Password and Username, Add User

Networking

IP Configuration: Configure IP Address and Network Settings

Static Routes: Set Up Static Routes for Network Communication

SNMP: Enable Simple Network Management Protocol

Security

Certificates: Create and Manage SSL Certificates

Appliance Administration: Restrict Accounts, Networks, and Ports, Set Up Syslog,

Enable Login Agreement, Reset Admin Account

SSL/TLS Configuration: Choose SSL Ciphers and Versions

Email Configuration: Configure Appliance to Send Email Alerts

Updates: Check for Update Availability and Install Software

Support

Utilities: Debug Network Problems

Advanced Support: Contact Bomgar Technical Support

Bomgar Appliance Comparison

27

27

28

29

20

22

23

25

8

9

6

7

5

6

3

4

9

12

13

14

14

CONTACT BOMGAR [email protected] | 866.205.3650 (US) | +44 (0) 1628 480 210 (UK/EMEA) BOMGAR.COM


2

TC: 11/5/2015


Bomgar Appliance Overview

Bomgar was the first to introduce an appliance-based approach to remote support. Our patented deployment model – the Bomgar

Appliance – is a highly secure option for deploying remote support.

The Bomgar Appliance, whether physical or virtual, resides at your facility or data center, under your security measures. This deployment model offers more control over security, giving you a safe way to integrate remote support with identity management and making it easy to export reporting data and videos for a complete audit trail.

Anatomy of the Bomgar Appliance

The Bomgar Appliance uses two administrative web interfaces to isolate hardware administration from user management,

/appliance

and

/login

.

Pictured: The Bomgar B300 Appliance

Appliance Administration

Web Interface

/appliance

Used for: l l

Installing and configuring hardware

Upgrading Bomgar software

Resource

The Bomgar Appliance Administration Guide

User Administration

Web Interface

/login

Used for: l l l

Managing users and workflows

Reporting on support activity

Creating and using integrations

Resource

The Bomgar Administrative Guide

Using this Guide

For security reasons, Bomgar has separated administration of the appliance from user administration.

Accordingly, this guide focuses exclusively on administration of the Bomgar Appliance. Information on user administration (the

/login web interface) can be found in the Bomgar Administrative Guide .



3

TC: 11/5/2015


Bomgar Appliance Web Interface

This guide is designed to help you administer the Bomgar Appliance through its /appliance web interface. The appliance serves as the central point of administration and management for your Bomgar sites.

Use this guide only after an administrator has performed the initial setup and configuration of the Bomgar Appliance as detailed in the Bomgar Appliance Hardware Installation Guide . Once Bomgar is properly installed, you can begin supporting customers immediately. Should you need any assistance, please contact Bomgar Technical Support at help.bomgar.com

.



4

TC: 11/5/2015


Login to the Appliance Administrative Interface

After installation of the appliance, log into the Bomgar

Appliance administrative interface by going to your appliance’s public URL followed by /appliance (e.g., http://support.example.com/appliance).

Default Username: admin

Default Password: password

You will be prompted to change the administrative password the first time you log in.

1

You may restrict access to the login screen by enabling a prerequisite login agreement that must be confirmed before the login screen is displayed. If you wish to enable the prerequisite login agreement, see

"Appliance Administration:

Restrict Accounts, Networks, and Ports, Set Up Syslog, Enable

Login Agreement, Reset Admin Account" on page 20

Note: For security purposes, the administrative username and password for the /appliance interface are distinct from those used for the /login interface and should be managed separately.

1

Passwords must be at least 8 characters in length and include each of the following: an uppercase letter, a lowercase letter, a number and a special symbol.



5

TC: 11/5/2015


Status

Basics: View Appliance Details

The Basics page gives you information about your Bomgar

Appliance and allows you to monitor your system.You can also set your local time to any valid global time zone. The system time will always be displayed in UTC.

In nearly all scenarios, this setting can be left unchanged.

Bomgar discourages multiple sites on one appliance.

However, if your setup requires more than one site responding to one IP address, select a default site to respond should someone enter the IP address directly rather than the domain name. If more than one DNS entry directs to this IP address and you select No Default, an error message will appear if someone tries to access your site by entering the IP address.

From this page, you can also reboot or shut down your Bomgar

Appliance. Although rebooting your appliance is not required, you may want to make a monthly reboot part of your regular maintenance. You do not need physical access to the appliance in order to perform this reboot.

Please do not do the following unless instructed to do so by

Bomgar Technical Support: Clicking the Reset Appliance to

Factory Defaults button will revert your Bomgar Appliance to

its factory state. This will completely remove all data, configuration settings, support sites, and certificates from your appliance. Once the appliance is reset, it will also power itself off.



6

TC: 11/5/2015


Storage: Disk space and Hard Drive Status

The Storage page displays the percentage of your Bomgar

Appliance’s hard drive space that is in use.

If you enable all recording features on your support sites

(session, presentation, and remote shell recordings) or if your overall session count is high, it is common to see a higher amount of disk usage. Note that disk usage of 85-95% is NOT a cause for alarm. If the hard drive should become low on disk space, the appliance is configured to automatically purge the oldest session data and recycle that disk space for new session data.

Specific to the Bomgar B300 Appliance

The B300 uses a Redundant Array of Independent Disks to back up your data. RAID 6 is used to allow the appliance to lose up to 2 of its 4 drives without any data loss. In the event of a failure, remove the corrupted drive and contact Bomgar for a return maintenance authorization and repair or replacement drive. When you replace the damaged drive, the appliance will automatically rebuild the RAID using the new drive. You do not need to power off the appliance when replacing drives.

Specific to the Bomgar B400 Appliance

The B400 has two sets of logical Redundant Array of

Independent Disks (RAID) disks. This RAID configuration includes eight physical disk drives configured into two logical

RAID drives: A RAID 1 configuration that is logical disk 0, and a RAID 6 configuration that is logical disk 1.

If one of the RAID 1 or RAID 6 physical drives fails, no performance impact or data loss will occur. However, second drive failure in the RAID 6 configuration will degrade performance, although it will not cause data loss.

Hardware Failure Notification (B300 and B400 Only)

The LEDs on your appliance also indicate your hard drives’ status. Normally, the LEDs will blink to indicate disk activity.

Should a hard drive fail, the LED will turn red, and an audible alarm will warn you of the failure. To turn off the alarm before the system is restored, click the Silence Alarm button on this web interface.



7

TC: 11/5/2015


Users: Change Password and Username, Add User

Here, you can add, edit or delete administrative users for the

/appliance interface. You can also change an administrator's username, display name,or password. Bomgar recommends changing your password regularly to insure protection against unauthorized access.

See

"Appliance Administration: Restrict Accounts, Networks, and Ports, Set Up Syslog, Enable Login Agreement, Reset

Admin Account" on page 20

to set account restriction rules including password expiry and history.

Note: You must have at least one user account defined.

The Bomgar Appliance comes with one account predefined, the admin account. You can keep just the admin account, create additional accounts, or replace the admin account.



8

TC: 11/5/2015


Networking

IP Configuration: Configure IP Address and Network Settings

Companies with advanced network configurations can configure multiple IP addresses on the appliance’s Ethernet ports. Using multiple ports can enhance security or enable connections over non-standard networks. For example, if employees are restricted from accessing the Internet but need to provide off-network support, using one port for your internal private network and another for the public internet would allow world-wide users to request support without breaching your network security policies. The MTU can also be configured per

Ethernet port.

To provide an additional layer of fault tolerance for your Bomgar Appliance, you can check Enable NIC Teaming. NIC teaming combines your system's physical network interface controllers (NICs) into a single logical interface. NIC teaming operates in

"Active-Backup" mode. One of the NICs is used to carry all network traffic. If the link on that NIC is lost for any reason, the other NIC becomes active. Before activating NIC teaming, please ensure that both NICs are connected to the same network segment (subnet) and that you have IP addresses configured on only one of the existing NICs.

Click Show Details to view and verify transmission and reception statistics for each Ethernet port on the appliance.



9

TC: 11/5/2015


Under the Global Network Configuration section, configure the hostname for your Bomgar Appliance.

Note: The hostname field does not need to meet any technical requirements. It does not affect what hostname client software or remote users connect to. (To make these changes , see /login > Status > Information > Client Software Is Built to Attempt and

/login > Public Portals > Public Sites. If the hostname attempted by the client software needs to change, notify Bomgar

Technical Support of the needed changes so that Support can build a software update.) The hostname field exists primarily to help you distinguish between multiple Bomgar Appliances. It is also used as the local server identifier when making SMTP connections to send email alerts. This is useful if the SMTP Relay Server specified at /appliance > Security > Email

Configuration is locked down. In this case, the configured hostname might have to match the reverse-DNS lookup of the appliance's IP address.

Assign a default gateway, selecting which Ethernet port to use. Enter an IP address for one or more DNS servers. In the event that these local DNS servers are unavailable, the Fallback to OpenDNS Servers option enables the Bomgar Appliance to use publicly available DNS servers from OpenDNS. For more information about OpenDNS, visit www.opendns.com

.

Allow your appliance to respond to pings if you wish to be able to test if the host is functioning. Set the hostname or IP address for a

Network Time Protocol (NTP) server with which you wish your Bomgar Appliance to synchronize. The default NTP server is

clock.bomgar.com.

By default, Bomgar uses ports 80 and 443. You can configure your appliance to dynamically listen on multiple ports in order to access the web interface through any port your desire. Note, however, that the customer and representative clients are prebuilt to run on the default ports and cannot be modified through this interface.

When adding or editing an IP address, choose whether that IP should be enabled or disabled. Select the network port on which you would like this IP to function. The IP Address field sets an address to which your appliance can respond, while

Subnet Mask enables Bomgar to communicate with other

devices.

When editing an IP address that is on the same subnet as another IP address for this appliance, choose if this IP address should be Primary. When this box is checked, the appliance will designate this IP address to be the primary or originating



10

TC: 11/5/2015


IP address for the subnet. This helps, for example, to ensure that any network traffic originating from the appliance on that subnet will match and comply with defined firewall rules.

From Access Type, you can restrict access over this IP to the public site or customer client. Use Allow Both to allow access for both the public site and customer client.

Note: To restrict access to the /login interface, set network restrictions under /login > Management > Security. To restrict access to the /appliance interface, set network restrictions under /appliance > Security > Appliance Administration.

When viewing the management IP address

1

, the Telnet

Server dropdown provides three settings: Full, Simplified and

Disabled, as detailed below. These settings change the menu

options of the telnet server that is available only on this private

IP and that can be used in emergency recovery situations.

Since the telnet feature is specifically tied to the built-in private

IP, it does not appear under any other configured IP addresses.

Setting

Full

Simplified

Disabled

Function

Enables the telnet server with full functionality

Allows four options: View FIPS Error, Reset to Factory Defaults, Shutdown, and Reboot

Completely disables the telnet server

1

Do not delete or modify the management IP address.



11

TC: 11/5/2015


Static Routes: Set Up Static Routes for Network Communication

Should a situation exist in which two networks are unable to talk to each other, you can establish a static route so that an administrator with a computer on one network can connect through the Bomgar Appliance to a computer on the other network, provided that the appliance is in a place where both networks can communicate with it individually.

Only advanced administrators should attempt to set up static routes.



12

TC: 11/5/2015


SNMP: Enable Simple Network Management Protocol

The Bomgar Appliance supports Simple Network Management Protocol (SNMP)

1 monitoring for network, hard drive(s), memory, and CPU statistics. This allows tools that collect availability and other statistics via the SNMP protocol to query the Bomgar

Appliance for monitoring purposes.

To enable SNMP for this appliance, check Enable SNMPv2. This enables a SNMPv2 server to respond to SNMP queries. Enter a value for the System Location, the Read-Only Community Name, and the IP Restrictions, or IP addresses that are allowed to query this appliance using SNMP. Note that if no IP addresses are entered, all hosts are granted access.

1

Simple Network Management Protocol (SNMP) is an Internet-standard protocol used for monitoring and managing networked devices (see Simple Network Management Protocol ).



13

TC: 11/5/2015


Security

Certificates: Create and Manage SSL Certificates

Manage SSL certificates, creating self-signed certificates and certificate requests, importing certificates signed by a certificate authority, and determining which IP addresses should be secured by which certificates.

Certificate Installation

The Bomgar Appliance comes with a self-signed certificate pre-installed. However, to effectively use your Bomgar

Appliance, you also will need to create a self-signed certificate at minimum, preferably requesting and uploading a certificate signed by a certificate authority.

To create a self-signed certificate or a certificate request, click

Create. In Certificate Friendly Name, enter a name you will

use to identify this certificate. From the Key dropdown, choose to create a new key or select an existing key. Enter the remaining information pertaining to your organization.

Note: If the certificate being requested is a replacement, you should select the existing key of the certificate being replaced.

If the certificate being requested is a re-key, you should select New Key for the certificate.

For a re-key, all information on the Security :: Certificates :: New Certificate section should be the same as the certificate for which re-key is being requested. A new certificate friendly name should be used so that it will be easy to identify the certificate in the Security :: Certificates section.

Required information for the re-key can be obtained by clicking on the earlier certificate from the list displayed in the Security ::

Certificates section.

For a new key or re-key certificate, the steps to import and apply the IP addresses are the same.

In the Name (Common Name) field, enter a descriptive title for your Bomgar site.

In the Subject Alternative Names section, enter your Bomgar site hostname and click Add. Add a SAN for each DNS name or IP address to be protected by this SSL certificate.



14

TC: 11/5/2015


Note: DNS addresses can be entered as fully qualified domain names, such as support.example.com, or as wildcard domain names, such as *.example.com. A wildcard domain name covers multiple subdomains, such as support.example.com, remote.example.com, and so forth.

If you intend to obtain a signed certificate from a certificate authority, click Create Certificate Request. Otherwise, click Create

Self-Signed Certificate.

To upload certificates and/or private keys, click Import. For example, after your certificate authority has signed your certificate, they will send it and the intermediate certificates file back to you. Import both the certificate and the intermediate certificate chain to make that certificate available to secure your Bomgar site hostname.

IMPORTANT!

You MUST assign one or more IP addresses to a certificate before that certificate can secure any hostnames. Click a certificate name to assign IP addresses.

If the intermediate and/or root certificates are different from those currently in-use (or if a self-signed certificate was in-use), please request an update from Bomgar Technical Support before assigning an IP to the new certificate. Bomgar Technical Support will need a copy of the new certificate and its intermediate and root certificates.

Note: If multiple IP addresses point to your appliance, make sure that the IP addresses assigned to a certificate correspond to that certificate's common name and subject alternative names. If you are uncertain of a hostname's corresponding IP address, you can ping the hostname to see the IP address to which it resolves. If someone attempts to reach your site using a hostname secured by a certificate, and if that hostname’s corresponding IP address is not assigned to that certificate, then the person trying to reach the site will receive a security error, warning that the connection is not trusted.

Certificates

View a table of SSL certificates available on your appliance.



15

TC: 11/5/2015

Click a certificate name to view details, manage its certificate chain, and assign the IP addresses that this certificate should secure.

IMPORTANT!

Any time you add a new IP address to your appliance, that address is assigned to the factory default certificate.

You must update the IP Addresses configuration of the appropriate certificate to secure the new IP address. This address should have a DNS hostname registered for it on the network; thus, the appropriate certificate is the one which has a subject alternative name (SAN) entry for the

DNS address, not the IP address. Although certificates can include IP address SAN entries, this is not a recommended configuration in most cases.

To export one or more certificates, check the box for each desired certificate, select

Export from the dropdown at the top of the table, and then click Apply.


If you are exporting only one certificate, you immediately can choose to include the certificate, the private key (optionally secured by a passphrase), and/or the certificate chain, depending upon each item’s availability. Click Export to start the download.



16

TC: 11/5/2015

If you are exporting multiple certificates, you will have the option to export each certificate individually or in a single

PKCS#7 file.

When selecting to export multiple certificates as one file, click

Continue to start the download. With this option, only the

actual certificate files will be exported, without any private keys or certificate chains.

To include private keys and/or certificate chains in the export, select individual export and click Continue to view all selected certificates. For each listing, choose to include the certificate, the private key (optionally secured by a passphrase), and/or the certificate chain, depending upon each item’s availability.

Click Export to start the download.

Note: The private key should never,or rarely, be exported from an appliance. If it is stolen, an attacker could easily compromise the Bomgar site which generated the key. If it does need to be exported, be sure to assign a strong password to the private key.

To delete one or more certificates, check the box for each desired certificate, select

Delete from the dropdown at the top of the table, and then click Apply.

Note: Under normal circumstances, a certificate should never be deleted unless it has already been successfully replaced by a working substitute.

To confirm accuracy, review the certificates you wish to delete, and then click Delete.

Certificate Requests

View a table of pending requests for third-party-signed certificates. Click a certificate request name to view details.




17

TC: 11/5/2015

The detail view also provides the request data you will give your preferred certificate authority when requesting a signed certificate.

Note: If you are renewing a certificate, use the same certificate Request Data that was used for the original certificate.

To delete one or more certificate requests, check the box for each desired request, select Delete from the dropdown at the top of the table, and then click Apply.

To confirm accuracy, review the certificate requests you wish to delete, and then click Delete.

Keys

View a table of private keys associated with certificates and certificate requests on your appliance. Click a linked certificate name or request name to view details about that associated item.




18

TC: 11/5/2015

To delete one or more private keys, check the box for each desired key, select

Delete from the dropdown at the top of the table, and then click Apply.


To confirm accuracy, review the private keys you wish to delete, and then click Delete.

Note: Keys associated with certificates in use (those with assigned IP addresses) cannot be deleted.



19

TC: 11/5/2015


Appliance Administration: Restrict Accounts, Networks, and Ports, Set Up Syslog,

Enable Login Agreement, Reset Admin Account

Manage access to /appliance administrative interface accounts by setting how many failed logins are allowed. Set how long an account is locked out after passing the failed login limit.

Also, set the number of days a password may be used before expiration and restrict reuse of previously used passwords.

You can restrict access to your appliance’s administrative interface by setting network addresses that are or are not allowed and by selecting the ports through which this interface will be accessible.

In the Accepted Addresses field, define IP addresses or networks that will always be granted access to /appliance. In

Rejected Addresses, define IP addresses or networks that

will always be denied access to /appliance. Use the Default

Action dropdown to determine whether to accept or to reject IP

addresses and networks not listed in either of the above fields.

In the case of overlap, the most specific match takes precedence.

If, for example, you want to allow access to 10.10.0.0/16 but reject access to 10.10.16.0/24 and reject access from anywhere else, you would enter 10.10.0.0/16 in the Accepted

Addresses field, enter 10.10.16.0/24 in the Rejected

Addresses field, and set the Default Action to Reject.

You can configure your appliance to send log messages to up to ten syslog servers, separating entries by commas. Select the data format for the event notification messages. Choose from the standards specification RFC 5424, or one of the legacy

BSD formats. Bomgar Appliance logs are sent using the local0 facility.

For a detailed syslog message reference, see the Syslog Message Reference Guide at www.bomgar.com/docs .

You can enable a login agreement that users must accept before accessing the /appliance administrative interface. The configurable agreement allows you to specify restrictions and internal policy rules before users are allowed to log in.



20

TC: 11/5/2015

You can choose to select Reset Admin Account, which will restore a site’s administrative username and password to the default should the login be forgotten or need to be replaced.




21

TC: 11/5/2015


SSL/TLS Configuration: Choose SSL Ciphers and Versions

Choose if TLSv1.1, TLSv1, and/or SSLv3 should be enabled or disabled. For optimum security, the Bomgar web interface always defaults to TLSv1.2 before switching to TLSv1.1,

TLS1.0, or SSLv3.

However, some older browser may not support TLSv1.2. If you disable one or more of the older security protocols and attend to access your administrative interface from an older browser which does not support the security protocols you have enabled, Bomgar will not allow you to log in. Enabling

TLSv1.1, TLSv1.0, and SSLv3 allows you to connect to your web interface from any computer, regardless of browser version.

Note that this setting primarily affects connections to the web interface of your Bomgar Appliance. The support tunnel between your computer and your customer's computer defaults to using TLSv1.2 regardless of any other security protocols you have enabled.

Select which Ciphersuites should be enabled or disabled on your appliance. Drag and drop Ciphersuites to change the order of preference. Note that changes to Ciphersuites do not take effect until the Save button is clicked.



22

TC: 11/5/2015


Email Configuration: Configure Appliance to Send Email Alerts

Configure your SMTP relay server and set one or more administrative contacts so that your Bomgar Appliance can send you automatic email notifications.



23

TC: 11/5/2015


After entering the email addresses for the administrator contacts, save your settings and send a test email to ensure everything works correctly.

Emails are sent for the following events: l l l

Syslog Server has been Changed – A user on /appliance has changed the syslog server parameter.

RAID Event – One or more RAID logical drives is not in Optimum state (Degraded or Partially Degraded).

SSL Certificate Expiration Notice – An in-use SSL certificate (include either end-entity certificates or any CA certificate in

the chain) will expire in 90 days or less.



24

TC: 11/5/2015


Updates: Check for Update Availability and Install Software

The appliance periodically checks for critical updates and emails the admin contact person when updates are available.

You can select if you want the updates to install automatically and use the dropdown menu to select a time for the installation.

Updates requiring an appliance reboot or the interruption of services are excluded from the automatic update process unless you check the box to include them.

Bomgar will continue to notify you of the latest builds as they become available. Whenever you receive notification that new update packages have been built for your appliance, clicking the Check for Updates button will locate the packages and make them available for you to install.

If multiple software packages have been built for your appliance, each one will be listed separately in the list of available updates. Your new software is automatically downloaded and installed when you click the appropriate

Install This Update button.

It is not mandatory to use this Check for Updates feature. If your appliance is not internet-facing or if your organization's security policy does not allow for automatic update functionality, you can manually check for updates. Click the

Appliance Download Key link to generate a unique appliance

key, and then, from a non-restricted system, submit that key to

Bomgar's update server at update.bomgar.com

. Download any available updates to a removable storage device and then transfer those updates to a system from which you can manage your appliance.

After downloading a software package, browse to the file from the Manual Installation section, and then click the Update

Software button to complete the installation.

Note: Please be prepared to install software updates directly after download. Once an update has been downloaded, it will no longer appear in your list of available updates. Should you need to redownload a software update, contact Bomgar Technical Support.

When the Bomgar End User License Agreement (EULA) screen appears, fill out the required contact information and click the Agree-Begin Download button to accept the EULA and continue the installation. If you have multiple appliances with the same site configuration (either for failover or for ATLAS) you will



25

TC: 11/5/2015


only need to accept the EULA once. If you acquire your updates via download.bomgar.com, the EULA acceptance process is identical.

Note that if you chose to decline the EULA, an error message displays and you will not be able to update your Bomgar software.

If you have any issues updating after accepting the EULA, please contact Bomgar Technical Support at help.bomgar.com

.

During the installation process, the Updates page will display a progress bar to notify you of the overall update progress. Updates made here will automatically update all sites and licenses on your Bomgar Appliance.

If you are installing a software update, logged-in representatives will temporarily lose connections to any support sessions and the representative console; therefore, schedule software updates for non-peak hours. However, if your update package contains only additional licenses, you can install the update without interrupting representative connections.

Find current information about the latest Bomgar updates at http://www.bomgar.com/support/changelog .



26

TC: 11/5/2015


Support

Utilities: Debug Network Problems

The Utilities section can be used for debugging network problems. If you are unable to establish a connection, these utilities may help to determine the reason. Test the appliance’s DNS server to check that the hostname or IP address is resolving correctly. Ping your Bomgar Appliance to test its network connectivity. Use the traceroute to view the path that packets take on their journey from the appliance to any external system. You can also use the TCP connection test to check connectivity of a specific port on a target

IP address or hostname.



27

TC: 11/5/2015


Advanced Support: Contact Bomgar Technical Support

The Advanced Support section gives you contact information for your Bomgar Technical Support team and also allows an appliance-initiated support tunnel back to Bomgar Technical Support, enabling quick resolution of complex issues.



28

TC: 11/5/2015


Bomgar Appliance Comparison

Capacity

Virtual

Appliance

Defined by Virtual

Infrastructure

B400

(Details)

B300

(Details)

B200

(Details)

Up to 1200 concurrent technicians

Up to 300 concurrent technicians

Cloud

Up to 20 concurrent technicians running a maximum of three sessions each

3 concurrent licenses minimum

Authentication

LDAP, RADIUS, Kerberos

Redundancy

Defined by Virtual

Infrastructure

Dual processors

Failover capable

Dual power supplies

RAID 6 – Eight physical drives configured into two logical drives

Hard drive failure notification

Platform

Support

Jump

Technology

Deployment

Single processor

Dual power supplies

RAID 6 – Four hard drives

Hard drive failure notification

Failover capable

Single processor

Single power supply

Failover capable

Defined by VMWare vCloud Air

Failover capable

Windows 2000-Windows 8, Server 2000-2012; Windows POSReady 7

Mac OS X 10.6 - 10.10 10.11; Apple iOS 8.0+

Android Phone 2.3+ 4.0+; Android Tablet 3.0+ 4.0+; Android Samsung Phone and Tablet 2.3+ 4.0+; Android

Dell Venue 8, 10

BlackBerry OS 5.0 - 7.x

Linux: Fedora Core 8 - 20; RedHat Enterprise 4 - 7; CentOS 6.5 - 7; SLED 11; SLES 10 and 11; Ubuntu 8.04-

14.04.1

Depends on allocated resources. See the

Virtual Appliance

Sizing Guidelines at

.

www.bomgar.com/docs

Up to 25,000 Active

Jump Clients

Up to 10,000 Active

Jump Clients

Up to 1,000 Active

Jump Clients

Up to 4,000 Active

Jump Clients

Virtual Appliance

VMware:

• vCenter 5.0+

1U rack-mountable server

1.7 x 17.2 x 23.5

in., 43 lbs.


1.7 x 17.0 x 25.6 in.,

43 lbs.


1.7 x 16.7 x 14 in.,

17.5 lbs.

Bomgar Cloud

Appliance, VMWare vCloud Air

Compatible with Atlas

Deployments Compatible with

Atlas Deployments

Compatible with

Atlas Deployments



29

TC: 11/5/2015

Configuring the Bomgar Appliance

Appliance Administration Guide

Base 4.2.x

Table of Contents

Bomgar Appliance Overview

Bomgar Appliance Web Interface

Bomgar Appliance Comparison

29

3

4

Bomgar Appliance Overview

Anatomy of the Bomgar Appliance

Resource

Resource

Using this Guide

Bomgar Appliance Web Interface

Login to the Appliance Administrative Interface

Status

Basics: View Appliance Details

Please do not do the following unless instructed to do so by

Bomgar Technical Support: Clicking the Reset Appliance to

Factory Defaults button will revert your Bomgar Appliance to

Storage: Disk space and Hard Drive Status

Users: Change Password and Username, Add User

Networking

IP Configuration: Configure IP Address and Network Settings

clock.bomgar.com.

Subnet Mask enables Bomgar to communicate with other

Server dropdown provides three settings: Full, Simplified and

Disabled, as detailed below. These settings change the menu

Setting

Function

Static Routes: Set Up Static Routes for Network Communication

SNMP: Enable Simple Network Management Protocol

Security

Certificates: Create and Manage SSL Certificates

Create. In Certificate Friendly Name, enter a name you will

Self-Signed Certificate.

IMPORTANT!

IMPORTANT!

Export from the dropdown at the top of the table, and then click Apply.

Continue to start the download. With this option, only the

Delete from the dropdown at the top of the table, and then click Apply.

Delete from the dropdown at the top of the table, and then click Apply.

Appliance Administration: Restrict Accounts, Networks, and Ports, Set Up Syslog,

Enable Login Agreement, Reset Admin Account

Rejected Addresses, define IP addresses or networks that

Action dropdown to determine whether to accept or to reject IP

Addresses field, enter 10.10.16.0/24 in the Rejected

Addresses field, and set the Default Action to Reject.

SSL/TLS Configuration: Choose SSL Ciphers and Versions

Email Configuration: Configure Appliance to Send Email Alerts

Syslog Server has been Changed – A user on /appliance has changed the syslog server parameter.

RAID Event – One or more RAID logical drives is not in Optimum state (Degraded or Partially Degraded).

SSL Certificate Expiration Notice – An in-use SSL certificate (include either end-entity certificates or any CA certificate in

Updates: Check for Update Availability and Install Software

Install This Update button.

Appliance Download Key link to generate a unique appliance

Software button to complete the installation.

Support

Utilities: Debug Network Problems

Advanced Support: Contact Bomgar Technical Support

Bomgar Appliance Comparison

Capacity

Virtual

Appliance

B400

B300

B200

Cloud

Authentication

Redundancy

Platform

Support

Jump

Technology

Deployment

Related manuals

Bomgar

B300