advertisement
Firebox III
Hardware Guide
Firebox 500, Firebox 700, Firebox 1000, Firebox 2500,
Firebox 4500
Copyright and Patent Information
Copyright© 1998 - 2003 WatchGuard Technologies, Inc. All rights reserved.
AppLock, AppLock/Web, Designing peace of mind, Firebox, Firebox 1000,
Firebox 2500, Firebox 4500, Firebox II, Firebox II Plus, Firebox II
FastVPN, Firebox III, Firebox SOHO, Firebox SOHO 6, Firebox SOHO 6tc,
Firebox SOHO|tc, Firebox V100, Firebox V80, Firebox V60, Firebox V10,
LiveSecurity, LockSolid, RapidStream, RapidCore, ServerLock,
WatchGuard, WatchGuard Technologies, Inc., DVCP technology, Enforcer/
MUVPN, FireChip, HackAdmin, HostWatch, Make Security Your Strength,
RapidCare, SchoolMate, ServiceWatch, Smart Security. Simply Done.,
Vcontroller, VPNforce, The W-G logo are either registered trademarks or trademarks of WatchGuard Technologies, Inc. in the United States and/or other courtries.
Printed in the United States of America.
Part No: 1200188
Notice to Users
Information in this guide is subject to change without notice. Companies, names, and data used in examples herein are fictitious unless otherwise noted. No part of this guide may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without the express written permission of WatchGuard Technologies, Inc.
ii
Limited Hardware Warranty
This Limited Hardware Warranty (the “Warranty”) applies to the enclosed
WatchGuard hardware product (the “Product”). BY USING THE
PRODUCT, YOU AGREE TO THE TERMS HEREOF. If you do not agree to these terms, please return this package, along with proof of purchase, to the authorized dealer from which you purchased it for a full refund. WatchGuard
Technologies, Inc. (”WatchGuard”) and you agree as follows:
1. Limited Warranty. WatchGuard warrants that upon delivery and for one
(1) year thereafter (the “Warranty Period”): (a) the Product will be free from material defects in materials and workmanship, and (b) the Product, when properly installed and used for its intended purpose and in its intended operating environment, will perform substantially in accordance with
WatchGuard applicable specifications.
This warranty does not apply to any Product that has been: (i) altered, repaired or modified by any party other than WatchGuard; or (ii) damaged
Hardware Guide
Limited Hardware Warranty or destroyed by accidents, power spikes or similar events or by any intentional, reckless or negligent acts or omissions of any party. You may have additional warranties with respect to the Product from the manufacturers of Product components. However, you agree not to look to
WatchGuard for, and hereby release WatchGuard from any liability for, performance of, enforcement of, or damages or other relief on account of, any such warranties or any breach thereof.
2. Remedies. If any Product does not comply with the WatchGuard warranties set forth in Section 1 above, WatchGuard will, at its option, either (a) repair the Product, or (b) replace the Product; provided, that you will be responsible for returning the Product to the place of purchase and for all costs of shipping and handling. Repair or replacement of the Product shall not extend the Warranty Period. Any Product, component, part or other item replaced by WatchGuard becomes the property of WatchGuard .
WatchGuard shall not be responsible for return of or damage to any software, firmware, information or data contained in, stored on, or integrated with any returned Products.
3. Disclaimer and Release. THE WARRANTIES, OBLIGATIONS AND
LIABILITIES OF WATCHGUARD, AND YOUR REMEDIES, SET FORTH
IN PARAGRAPHS 1 AND 2 ABOVE ARE EXCLUSIVE AND IN
SUBSTITUTION FOR, AND YOU HEREBY WAIVE, DISCLAIM AND
RELEASE ANY AND ALL OTHER WARRANTIES, OBLIGATIONS AND
LIABILITIES OF WATCHGUARD AND ALL OTHER RIGHTS, CLAIMS
AND REMEDIES YOU MAY HAVE AGAINST WATCHGUARD,
EXPRESS OR IMPLIED, ARISING BY LAW OR OTHERWISE, WITH
RESPECT TO ANY NONCONFORMANCE OR DEFECT IN THE PRODUCT
(INCLUDING, BUT NOT LIMITED TO, ANY IMPLIED WARRANTY OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE,
ANY IMPLIED WARRANTY ARISING FROM COURSE OF
PERFORMANCE, COURSE OF DEALING, OR USAGE OF TRADE, ANY
WARRANTY OF NONINFRINGEMENT, ANY WARRANTY OF
UNINTERRUPTED OR ERROR-FREE OPERATION, ANY OBLIGATION,
LIABILITY, RIGHT, CLAIM OR REMEDY IN TORT, WHETHER OR NOT
ARISING FROM THE NEGLIGENCE (WHETHER ACTIVE, PASSIVE OR
IMPUTED) OR FAULT OF WATCHGUARD OR FROM PRODUCT
LIABILITY, STRICT LIABILITY OR OTHER THEORY, AND ANY
OBLIGATION, LIABILITY, RIGHT, CLAIM OR REMEDY FOR LOSS OR
DAMAGE TO, OR CAUSED BY OR CONTRIBUTED TO BY,THE
PRODUCT).
4. Limitation of Liability. WATCHGUARD TECHNOLOGIES’ LIABILITY
(WHETHER ARISING IN CONTRACT (INCLUDING WARRANTY), TORT
(INCLUDING ACTIVE, PASSIVE OR IMPUTED NEGLIGENCE AND
STRICT LIABILITY AND FAULT) OR OTHER THEORY) WITH REGARD
TO ANY PRODUCT WILL IN NO EVENT EXCEED THE PURCHASE
PRICE PAID BY YOU FOR SUCH PRODUCT. THIS SHALL BE TRUE
EVEN IN THE EVENT OF THE FAILURE OF ANY AGREED REMEDY. iii
iv
IN NO EVENT WILL WATCHGUARD TECHNOLOGIES BE LIABLE TO
YOU OR ANY THIRD PARTY (WHETHER ARISING IN CONTRACT
(INCLUDING WARRANTY), TORT (INCLUDING ACTIVE, PASSIVE OR
IMPUTED NEGLIGENCE AND STRICT LIABILITY AND FAULT) OR
OTHER THEORY) FOR COST OF COVER OR FOR ANY INDIRECT,
SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES
(INCLUDING WITHOUT LIMITATION LOSS OF PROFITS, BUSINESS,
OR DATA) ARISING OUT OF OR IN CONNECTION WITH THIS
WARRANTY OR THE USE OF OR INABILITY TO USE THE PRODUCT,
EVEN IF WATCHGUARD TECHNOLOGIES HAS BEEN ADVISED OF
THE POSSIBILITY OF SUCH DAMAGES. THIS SHALL BE TRUE EVEN
IN THE EVENT OF THE FAILURE OF ANY AGREED REMEDY.
5. Miscellaneous Provisions. This Warranty will be governed by the laws of the state of Washington, U.S.A., without reference to its choice of law rules.
The provisions of the 1980 United Nations Convention on Contracts for the
International Sales of Goods, as amended, shall not apply. You agree not to directly or indirectly transfer the Product or associated documentation to any country to which such transfer would be prohibited by the U.S. Export laws and regulations. If any provision of this Warranty is found to be invalid or unenforceable, then the remainder shall have full force and effect and the invalid provision shall be modified or partially enforced to the maximum extent permitted by law to effectuate the purpose of this Warranty. This is the entire agreement between WatchGuard and you relating to the Product, and supersedes any prior purchase order, communications, advertising or representations concerning the Product AND BY USING THE PRODUCT
YOU AGREE TO THESE TERMS. No change or modification of this
Agreement will be valid unless it is in writing, and is signed by WatchGuard.
FCC Certification
FCC Certification
This device has been tested and found to comply with limits for a Class A digital device, pursuant to Part 15 of the FCC Rules. Operation is subject to the following two conditions:
Hardware Guide v
• This device may not cause harmful interference.
• This device must accept any interference received, including interference that may cause undesired operation.
CE Notice
The CE symbol on your WatchGuard Technologies equipment indicates that it is in compliance with the
Electromagnetic Compatibility (EMC) directive and the Low Voltage Directive (LVD) of the European
Union (EU).
Industry Canada
This Class A digital apparatus meets all requirements of the Canadian Interference-Causing Equipment
Regulations.
Cet appareil numerique de la classe A respecte toutes les exigences du Reglement sur le materiel broulleur du Canada.
vi
Taiwanese Notice
Taiwanese Notice
VCCI Notice Class A ITE
Hardware Guide vii
viii
Contents
Limited Hardware Warranty
FCC Certification
............................................... ii
............................................................. v
CE Notice
....................................................................... vi
Industry Canada
.............................................................. vi
Taiwanese Notice
........................................................... vii
VCCI Notice Class A ITE
................................................. vii
Hardware Requirements
...................................................1
Hardware Description
.......................................................2
Firebox III front view (all models except Model 500 and 700) .3
Firebox III front view (Model 500 and 700) ..........................5
Firebox III rear view (all models except Model 500 and 700) ...6
Firebox III rear view (Model 500 and 700) ...........................8
Physical specifications (All models except
Model 500 and 700) ...............................................9
Physical specifications (Model 500 and 700)
.......................................................10
Hardware Guide ix
x
Hardware Guide
The WatchGuard Firebox III is a specially designed and optimized security appliance. Solid-state architecture removes the risk of hard-drive failure and disk crashes. Three independent network interfaces allow you to separate your protected office network from the Internet while providing you an optional public interface for hosting Web, email, or FTP servers. Each network interface is independently monitored and visually displayed on the front of the Firebox.
Easily installed into your network, the rack-mountable
Firebox plugs in at the Internet connection of your offices to implement security policies and protection.
For information on installing the Firebox, see the Firebox QuickStart Poster or the “Getting Started” chapter in the WatchGuard Firebox System User Guide .
Hardware Requirements
WatchGuard recommends physically installing a Firebox III under the following conditions:
Hardware Guide 1
• Securely rack-mounted
• Placed in a dry, temperature-controlled environment from —10 to +70 degrees Celsius (14 to +158 degrees
Fahrenheit).
• Placed in a secured environment, such as a locked LAN room, or similar space, to prevent physical compromise by unprivileged personnel
• Connected to conditioned power to prevent damage caused by power spikes and other power fluctuations
The following minimum hardware requirements pertain to the management station–the computer that administers the Firebox. This computer runs the Firebox System Manager software, which provides access to WatchGuard Firebox System applications.
Hardware feature Minimum requirements (management station)
CPU
Memory
Hard disk space
CD-ROM drive
Pentium II
Same as for operating system.
Recommended:
64 MB for Windows NT 4.0
64 MB for Windows 2000 Professional
256 MB for Windows 2000 Server
25 MB to install all WatchGuard modules
15 MB minimum for log file
Additional space as required for log files
Additional space as required for multiple configuration files
One CD-ROM drive to install WatchGuard from its
CD-ROM distribution disk
Hardware Description
The Firebox III has indicator lights on the front and connections on the back.
2
Hardware Description
Firebox III front view (all models except
Model 500 and 700)
Indicators for the Firebox III Model 1000, Model 2500, and
Model 4500 are on a central back-lit indicator panel. The following photograph shows the entire front view.
The photograph below shows a close-up of the indicator panel. From the left, the indicators are as described on the next page.
Hardware Guide
Disarm
Red light indicates the Firebox detected an error, shut down its interfaces, and will not forward any packets. Reboot the Firebox.
3
4
Armed
Green light indicates the Firebox has been booted and is running.
Sys A
Indicates that the Firebox is running from its primary user-defined configuration.
Sys B
Indicates that the Firebox is running from the readonly factory default system area.
Power
Indicates that the Firebox is currently powered up.
Security Triangle Display
Indicates traffic between Firebox interfaces. Green arrows briefly light to indicate allowed traffic between two interfaces in the direction of the arrows. A red light at a triangle corner indicates that the Firebox is denying packets at that interface.
Traffic
A stack of lights that functions as a meter to indicate levels of traffic volume through the
Firebox. Low volume indicators are green, while high volume indicators are yellow. The display updates three times per second. The scale is exponential: the first light represents 64 packets/ second, the second light represents 128 packets/ second, increasing to the eighth light which represents 8,192 packets/second.
Load
A stack of lights that functions as a meter to indicate the system load average. The system load average is the average number of processes running (not including those in wait states) during the last minute. Low average indicators are green, while high average indicators are yellow. The display updates three times per second. The scale is exponential with each successive light representing a doubling of the load average. The first light
Hardware Description represents a load average of 0.15. The most significant load factor on a Firebox is the number of proxies running.
Firebox III front view (Model 500 and 700)
Firebox III Model 500 and 700 indicators are on a central back-lit indicator panel. The following photograph shows the entire front view.
The following photograph shows a close-up of the indicator panel. From the left, the indicators are as described below.
Hardware Guide 5
6
Disarm
Red light indicates the Firebox detected an error, shut down its interfaces, and will not forward any packets.
Armed
Green light indicates the Firebox has been booted and is running.
Sys A
Indicates that the Firebox is running from its primary user-defined configuration.
Sys B
Indicates that the Firebox is running from the readonly factory default system area.
Power
Indicates that the Firebox is currently powered up.
Security Triangle Display
Indicates traffic between Firebox interfaces. Green arrows briefly light to indicate allowed traffic between two interfaces in the direction of the arrows. A red light at a triangle corner indicates that the Firebox is denying packets at that interface.
Firebox III rear view (all models except
Model 500 and 700)
The rear view of the Firebox III Model 1000, Model 2500, and Model 4500 contains ports and jacks for connectivity as well as a power switch. From the left, rear panel features are as described on the next page:
Hardware Description
Hardware Guide
AC Receptacle
Accepts the detachable AC power cord supplied with the Firebox.
Power Switch
Turns the Firebox on or off.
PCI Expansion Slot
Reserved for future use.
Factory Default
This button is active only during the boot process.
To boot the Firebox to SYS B, press this button and hold it down for 20-60 seconds (or until you see the
Sys B light come on).
Console Port
Connects to the management station or modem through a serial cable supplied with the Firebox using PPP.
.
Ethernet Ports
(Shown on the previous page) Indicators for each network interface display link status, card speed, and activity. The network interface cards (NICs) are auto-sensing and adapt to wire speed automatically. The speed indicator lights when
7
there is a good physical connection to the Firebox.
When the card runs at 10Mbit, the speed indicator is yellow. When the card runs at 100 Mbit, the speed indicator is green. The amber traffic indicator blinks when traffic is passing through the
Firebox.
Firebox III rear view (Model 500 and 700)
The rear view of the Firebox III Model 500 and 700 contains ports and jacks for connectivity as well as a power switch.
From the left, rear panel features are as described below:
8
AC Receptacle
Accepts the detachable AC power cord supplied with the Firebox.
Power Switch
Turns the Firebox on or off.
Factory Default
This button is active only during the boot process.
To boot the Firebox to SYS B, press this button and hold it down for 20-60 seconds (or until you see the
Sys B light come on).
Hardware Description
Console Port
Connects to the management station or modem through a serial cable supplied with the Firebox using PPP.
Ethernet Jacks
Indicators for each network interface display link status, card speed, and activity. The network interface connections (NICs) are auto-sensing and adapt to wire speed automatically. The speed indicator lights when there is a good physical connection to the Firebox. When the card runs at
10Mbit, the speed indicator is yellow. When the card runs at 100 Mbit, the speed indicator is green.
The amber traffic indicator blinks when traffic is passing through the Firebox.
Physical specifications (All models except
Model 500 and 700)
• Three RJ-45 10/100Tx Ethernet interfaces
• 1 DB-9 serial port
• PCI expansion option
• 500 MHz AMD K6-III processor
300 MHz AMD K6-II processor (model 1000 only)
• 64-MB SDRAM (model 1000)
128-MB SDRAM (model 2500)
264-MB SDRAM (model 4500)
• 8-MB flash disk
• 100-240 VAC Autosensing, 50/60 Hz
• Height: 2.85”; Width: 15.5 “; Depth: 10.5”
Physical specifications (Model 500 and 700)
• Three RJ-45 10/100Tx Ethernet interfaces
• 1 DB-9 serial port
Hardware Guide 9
10
• 233 MHz AMD K6-II processor
• 64-MB SDRAM
• 8-MB flash disk
• 100-240 VAC Autosensing, 50/60 Hz
• Height: 2.85”; Width: 15.5 “; Depth: 10.5”
Cross-over cabling
To connect a Firebox to a hub or switch, use a standard, straight-through cable. However, if you plan to connect a
Firebox directly to a router, either purchase or build a cross-over cable for RJ-45 (Cat5) wire.
The tables below provide pin-out descriptions for both a straight-through and a RJ-45 (Cat5) cross-over cable.
Pin Number Pin Number
1 (Transmit Plus) 1 (Transmit Plus)
2 (Transmit -) 2 (Transmit -)
3 (Receive Plus) 3 (Receive Plus)
6 (Receive -) 6 (Receive -)
4,5,7,8 Not Used
Pin Number Pin Number
1 (Transmit Plus) 3 (Receive Plus)
2 (Transmit -) 6 (Receive -)
3 (Receive Plus) 1 (Transmit Plus)
6 (Receive -) 2 (Transmit -)
4,5,7,8 Not Used
advertisement
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Related manuals
advertisement
Table of contents
- 2 Limited Hardware Warranty
- 5 FCC Certification
- 6 CE Notice
- 6 Industry Canada
- 7 Taiwanese Notice
- 7 VCCI Notice Class A ITE
- 9 Contents
- 11 Hardware Requirements
- 12 Hardware Description
- 13 Firebox III front view (all models except Model 500 and 700)
- 15 Firebox III front view (Model 500 and 700)
- 16 Firebox III rear view (all models except Model 500 and 700)
- 18 Firebox III rear view (Model 500 and 700)
- 19 Physical specifications (All models except Model 500 and 700)
- 19 Physical specifications (Model 500 and 700)
- 20 Cross-over cabling