Escolar Documentos
Profissional Documentos
Cultura Documentos
WatchGuard Training
WatchGuard Training
WatchGuard Training
New ways to visualize network data Dashboards with simple drill-down into detailed log and report information Customizable reports that can be emailed to different roles in the organization Complements Web UI visibility tools in XTM OS v11.8 Reports available after first summary report period (5 minutes) All reports are on demand all the time
Delivered as a virtual appliance for ESXi (.ova) Running on 64-bit Linux Driven by Postgres 9.2 Web interface supports most desktop and mobile browsers
WatchGuard Training
WatchGuard Training
WatchGuard Training
Deployment Requirements
WatchGuard Dimension is distributed as an .ova file for installation on VMware ESXi 5.x.
Your ESXi host must support 64-bit guest operating systems WatchGuard Dimension has been primarily tested on VMWare ESXi hypervisors. It can also be installed in VMware Workstation, Player, Fusion environments, which is a great option for training and demonstration. WatchGuard is not currently available on any non-VMware hypervisors.
WatchGuard Dimension is available on the Software Downloads pages with the downloads for XTM devices.
1. Log in to WatchGuard.com 2. Browse to Articles & Software 3. Filter by Software Downloads (excluding Articles and Known Issues)
WatchGuard Training
Deployment
After downloading the WatchGuard Dimension virtual appliance (.ova) connect to your ESXi host with vSphere. From the File menu, select Deploy OVF Template.
WatchGuard Training
Deployment
Browse to the downloaded WatchGuard Dimension OVA and select that as your source.
WatchGuard Training
Deployment
Confirm the OVF Template Details and Accept the EULA.
WatchGuard Training
10
Deployment
Choose a name and disk format for this VM.
WatchGuard Training
11
Deployment
Map the virtual network adapter to the appropriate destination network. Note:
WatchGuard Dimensions network adapter defaults to DHCP. You will need a DHCP server on the network for Dimension to receive an IP address and access the setup wizard web interface.
WatchGuard Training
12
Deployment
Confirm the deployment settings. Note the disk allocation defaults to 43GB.
WatchGuard Training
13
Deployment
Changing the provisioned size of Hard disk 2 before boot (or reboot) will result in more storage for logging and reports. Other defaults include:
WatchGuard Training
14
Deployment
Notes:
The Dimension VM is deployed by default with a data disk size of 40GB. The data disk is fully reserved for the log database and the related overhead space required by Postgres. After the Dimension VM is deployed, the data disk size cannot be reduced. To limit the size to be less than 40GB and avoid data loss, you must remove and re-add Hard disk 2 before you power on the VM for the first time.
WatchGuard Training
15
Deployment
Once your VM is powered on, you see the IP address assigned to Dimension through DHCP. Use this this IP address to make an HTTPS connection to Dimension and start the Dimension Setup Wizard.
WatchGuard Training
16
WatchGuard Training
17
Configuration Requirements
WatchGuard Dimension supports these web browsers:
Firefox v22 and later Internet Explorer 9 and later Safari 5 and later Safari on iOS 6 and later Chrome v29 and later
You should be able to successfully use WatchGuard Dimension on most mobile phone and tablet devices. Connect to Dimension in a web browser at https://<dimension-IP-address>
WatchGuard Training
18
WatchGuard Training
19
WatchGuard Training
20
Host name IPv4 address and settings for the eth0 interface Administrator passphrase Log Server Encryption Key
WatchGuard Training
21
Static DHCP
WatchGuard Training
22
WatchGuard Training
23
WatchGuard Training
24
On an XTM device, use the IP address and Encryption Key from WatchGuard Dimension when you configure the WatchGuard Log Server settings. On WatchGuard servers, use the same IP address and Encryption Key in the Logging settings.
In some environments you may be NATing the HTTPS and WatchGuard Logging connections through your XTM device. This changes the IP address you use to connect to WatchGuard Dimension or where you send WatchGuard Logging connections.
WatchGuard Training
25
RO (Read-Only) RW (Read-Write)
WatchGuard Training
26
Schedule Reports Manage the Log Server Manage the Log Database Manage user accounts Configure System Settings
WatchGuard Training
27
Diagnostic Tools
WatchGuard Training
28
WatchGuard Training
29
Configuration - Users
Add/Edit User:
Types:
Local Active Directory
WatchGuard Training
30
Configuration Users
Role policy same as WSM
User + List of roles + List of Devices Local user, AD user, AD Group AD requires DNS to resolve DCs by internal domain name Super Administrator
Full access
Report Administrator
View logs View reports Manage scheduled reports and groups
View the status of the Log Server Stop and start the Log Server
WatchGuard Training
32
Change the Encryption Key Specify the log data deletion settings Back up and restore the Log Server database
WatchGuard Training
33
WatchGuard Training
34
WatchGuard Training
35
Purge diagnostic logs Backup/Restore Log Server database View Process List View Log Server log messages View Log Collector log messagess
WatchGuard Training
36
Before scheduled reports can be sent, an SMTP server must be configured in the Notifications settings
WatchGuard Training
37
WatchGuard Training
38
Devices:
All Devices Specify Devices
Servers:
All Servers Specify Servers
WatchGuard Training
39
WatchGuard Training
40
Customization Aggregation
Single (per device) Combined (grouped devices)
Frequency
WatchGuard Training
41
Both new reports are available as scheduled reports that you can send to specific email addresses. Both reports can use any Report Customization (report template) that you create.
WatchGuard Training
42
Sent as a PDF file Specify a logo, header, and footer to customize the report
WatchGuard Training
43
Sent as a PDF file Specify a logo, header, and footer to customize the report Report includes the Top Domains chart with the Web Categories (in a pie chart), and removes any byte counts or tabular information
WatchGuard Training
44
WatchGuard Training
45
Select Enable logging for reports in proxy actions on your XTM devices and WatchGuard Servers. Enable logging of Allowed Packets in all policies. Configure your XTM devices and WatchGuard servers to send all log messages to your Dimension Log Server.
WatchGuard Training
46
Reports Web, Packet Filter, Top Client, Application Control Web, Packet Filter, Denied Packet, Top Client, Application Control IPS, Denied Packet Authentication, Audit GAV, IPS, SPAM, Application Control Web, Firebox Statistics, RED Firebox Statistics SMTP, Firebox Statistics POP3, Firebox Statistics GAV, Alarms
Dashboards Executive, Threat Map, FireWatch Security, Threat Map Security, Threat Map
Packet Filter Denied Logs Intrusion Prevention Logs Log when configuration has changed
Executive, Security, Threat Map, FireWatch Executive, Security, Threat Map, FireWatch Executive, Security, Threat Map, FireWatch Executive, Security, Threat Map, FireWatch Executive, Security, Threat Map, FireWatch
47
Executive Dashboard
Top 10
WatchGuard Training
48
Security Dashboard
Top 10 Blocked
IPS Signatures Gateway Anti-Virus Click a summary to expand it and see more detail.
WatchGuard Training
49
Threat Map
Denied Packets (Blocked) Intrusion Prevention Service Web Traffic Application Control All Traffic
WatchGuard Training
50
FireWatch
Sort by:
Pivot on:
WatchGuard Training
Log Manager
Log messages stored in UTC time Appears in your web browsers local time
WatchGuard Training
52
Log Search
Run simple or complex search queries to refine the log messages that appear for the selected XTM device. Filter the search results by log message type:
WatchGuard Training
53
WatchGuard Training
54
WatchGuard Training
55
Account restricted to only change the IP address To set a static IP address, use the command wg_ip_addr.sh, located in /opt/watchguard/dimension/bin. For example, to set a static IP address of 192.168.24.101 on network 192.168.24.0/24 with gateway 192.168.24.1, type: /opt/watchguard/dimension/bin/wg_ip_addr.sh i 192.168.24.101 -m 24 -g 192.168.24.1 When given without any options, or with the option --help, the command displays help text.
Support Access for Diagnostics is available with a connection restricted by a client-side certificate.
WatchGuard Training
56
WatchGuard Training
57
Thank You!
WatchGuard Training
58