1 / 58

Introduction to WatchGuard Dimension™

Introduction to WatchGuard Dimension™. Introduction to WatchGuard Dimension. What is WatchGuard Dimension? Deploy WatchGuard Dimension Configure WatchGuard Dimension Use WatchGuard Dimension Support WatchGuard Dimension. What is WatchGuard Dimension?. What is WatchGuard Dimension?.

nadine
Download Presentation

Introduction to WatchGuard Dimension™

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Introduction to WatchGuard Dimension™

  2. Introduction to WatchGuard Dimension • What is WatchGuard Dimension? • Deploy WatchGuard Dimension • Configure WatchGuard Dimension • Use WatchGuard Dimension • Support WatchGuard Dimension

  3. What is WatchGuard Dimension?

  4. What is WatchGuard Dimension? • Secure and centralized logging, visibility, and reporting for XTM devices and WatchGuard servers • New ways to visualize network data • Dashboards with simple drill-down into detailed log and report information • Customizable reports that can be emailed to different roles in the organization • Complements Web UI visibility tools in XTM OS v11.8 • Reports available after first summary report period (5 minutes) • All reports are ‘on demand’ all the time • Cloud-ready zero-installation deployment • Delivered as a virtual appliance for ESXi (.ova) • Running on 64-bit Linux • Driven by Postgres 9.2 • Web interface supports most desktop and mobile browsers

  5. What is Dimension? — Architecture • Log Collector — Receives logs from devices, aggregates data • Web Services — Serves web application to users and administrators • Log Server — Provides API for log data, provisioning, and automated maintenance • Database — Persistent storage for log and report data

  6. Deploy WatchGuard Dimension

  7. Deployment — Requirements • WatchGuard Dimension is distributed as an .ova file for installation on VMware ESXi 5.x. • Your ESXi host must support 64-bit guest operating systems • WatchGuard Dimension has been primarily tested on VMWareESXi hypervisors. It can also be installed in VMware Workstation, Player, Fusion environments, which is a great option for training and demonstration. • WatchGuard is not currently available on any non-VMware hypervisors. • WatchGuard Dimension is available on the Software Downloads pages with the downloads for XTM devices. • Log in to WatchGuard.com • Browse to Articles & Software • Filter by Software Downloads (excluding Articles and Known Issues)

  8. Deployment • After downloading the WatchGuard Dimension virtual appliance (.ova) connect to your ESXi host with vSphere. • From the File menu, select Deploy OVF Template.

  9. Deployment • Browse to the downloaded WatchGuard Dimension OVA and select that as your source.

  10. Deployment • Confirm the OVF Template Details and Accept the EULA.

  11. Deployment • Choose a name and disk format for this VM.

  12. Deployment • Map the virtual network adapter to the appropriate destination network. • Note: • WatchGuard Dimension’s network adapter defaults to DHCP. • You will need a DHCP server on the network for Dimension to receive an IP address and access the setup wizard web interface.

  13. Deployment • Confirm the deployment settings. • Note the disk allocation defaults to 43GB. • 3GB for OS drive (disk 1) • 40GB for Data drive (disk 2) • Power on after deployment if youwant to keep the default settings.

  14. Deployment • Changing the provisioned size of Hard disk 2 before boot (or reboot) will result in more storage for logging and reports. • Other defaults include: • 2GB of RAM • 2 CPUs (2 sockets, 1 core each)

  15. Deployment • Notes: • The Dimension VM is deployed by default with a data disk size of 40GB. • The data disk is fully reserved for the log database and the related overhead space required by Postgres. • After the Dimension VM is deployed, the data disk size cannot be reduced. • To limit the size to be less than 40GB and avoid data loss, you must remove and re-add Hard disk 2 before you power on the VM for the first time.

  16. Deployment • Once your VM is powered on, you see the IP address assigned to Dimension through DHCP. • Use this this IP address tomake an HTTPS connectionto Dimension and start theDimension Setup Wizard.

  17. Configure WatchGuard Dimension

  18. Configuration — Requirements • WatchGuard Dimension supports these web browsers: • Firefox v22 and later • Internet Explorer 9 and later • Safari 5 and later • Safari on iOS 6 and later • Chrome v29 and later • You should be able to successfully use WatchGuard Dimension on most mobile phone and tablet devices. • Connect to Dimension in a web browser at https://<dimension-IP-address>

  19. Configuration — Setup Wizard • Accept the securitywarning to continue to connect to WatchGuard Dimension.

  20. Configuration — Setup Wizard • Log in with these credentials: • User Name: admin • Password: readwrite

  21. Configuration — Setup Wizard • Make sure you have this information before you start the Setup Wizard: • Host name • IPv4 address and settings for the eth0 interface • Administrator passphrase • Log Server Encryption Key

  22. Configuration — Setup Wizard • Specify the host namefor Dimension • Select the IP address method: • Static • DHCP • For a static IP address, we recommend that you specify an IPv4 address.

  23. Configuration — Setup Wizard • Set the Administrator Passphrase to use to connect to Dimension and manage the Dimension servers. • The Administrator Passphrase must have a minimum of 8 characters.

  24. Configuration — Setup Wizard • Set the Log ServerEncryption Key.

  25. Configuration — XTM Devices • WatchGuard Dimension can accept log messages and generate reports for any device that runs Fireware XTM OS. • WatchGuard Dimension can also accept log messages from a WatchGuard Management Server or Quarantine Server. • On an XTM device, use the IP address and Encryption Key from WatchGuard Dimension when you configure the WatchGuard Log Server settings. • On WatchGuard servers, use the same IP address and Encryption Key in the Logging settings. • In some environments you may be NATing the HTTPS and WatchGuard Logging connections through your XTM device. This changes the IP address you use to connect to WatchGuard Dimension or where you send WatchGuard Logging connections.

  26. Configuration — After the Wizard…Log In • Multiple “Super administrator users” can be logged in at the same time • Configuration pages have modes: • RO (Read-Only) • RW (Read-Write)

  27. Configuration — After the Wizard…Manage Services • The Manage Services drop-down list includes the menu options to configure settings for Dimension: • Schedule Reports • Manage the Log Server • Manage the Log Database • Manage user accounts • Configure System Settings

  28. Configuration — System Settings • Configure System and Network settings • Manage certificates • System Maintenance • Reboot • Upgrade • Restore • Factory default!!!! • Diagnostic Tools • View Connected Users

  29. Configuration — User Management • Manage Users and Roles • Add, edit, or remove users • Apply roles: • RO – View-only • RW – Read-write • Active Directory Settings • Enable Active Directory Authentication • Specify an Active Directory Server

  30. Configuration - Users • Add/Edit User: • Types: • Local • Active Directory • Specify password • Select Roles • Select Devices

  31. Configuration — Users • Role policy same as WSM • User + List of roles + List of Devices • User authentication similar to WSM: • Local user, AD user, AD Group • AD requires DNS to resolve DCs by internal domain name • Built-in roles only (no custom roles) • Super Administrator • Full access • Report Administrator • View logs • View reports • Manage scheduled reports and groups • View Logs • View Reports • Applied to a list of devices

  32. Configuration — Logging Server Management • On the Status page: • View the status of the Log Server • Stop and start theLog Server

  33. Configuration — Logging Server Management • On the Configuration > General page, you configure these settings for the Log Server: • Change the Encryption Key • Specify the log data deletion settings • Back up and restore the Log Server database

  34. Configuration — Logging Server Management • On the Configuration > Notifications page, configure the settings for email: • Failure Events • Device Events • Message Purge • Must be configured to sendscheduled reports

  35. Configuration — Logging Server Management • On the Configuration > Notifications page, configure the settings for reports: • Report Customizationsare templates to apply toreport PDFs: • Header • Footer • Logo • Configure settings forConnectWise Integration

  36. Configuration — Logging Server Management • On the Diagnostics page, you can use these diagnostic tools: • Purge diagnostic logs • Backup/Restore Log Serverdatabase • View Process List • View Log Server log messages • View Log Collector log messagess

  37. Configuration — Schedule Reports • Report Schedules • RO — View only • RW — Add/Edit/Removescheduled reports • Before scheduled reports can be sent, an SMTP server must be configured in the Notificationssettings

  38. Configuration — Schedule Reports • Schedule General settings • Name • Descripton (optional)

  39. Configuration — Schedule Reports • Device Selection • Devices: • All Devices • Specify Devices • Servers: • All Servers • Specify Servers

  40. Configuration — Schedule Reports • Recipient Selection • Must add at least one recipient

  41. Configuration — Schedule Reports • Report Selection • Report Types • Timezone • For report display purposes only.Web-based reports appear in the browser/OS time zone. • Customization • Aggregation • Single (per device) • Combined (grouped devices) • Frequency

  42. Configuration — New Summary Reports • Schedule two new Reports: • Executive Summary • Web Traffic Summary • Both new reports are available as scheduled reports that you can send to specific email addresses. • Both reports can use any Report Customization (report template) that you create.

  43. Configuration — Executive Summary Report • Executive Summary report • Sent as a PDF file • Specify a logo, header, and footer to customize the report

  44. Configuration — Web Traffic Summary Report • Web Traffic Summary report • Sent as a PDF file • Specify a logo, header, and footer to customize the report • Report includes the Top Domains chart with the Web Categories (in a pie chart), and removes any byte counts or tabular information

  45. Use WatchGuard Dimension

  46. Use WatchGuard Dimension • To get the most out of Dimension, make sure to: • Select Enable logging for reports in proxy actions on your XTM devices and WatchGuard Servers. • Enable logging of Allowed Packets in all policies. • Configure your XTM devices and WatchGuard servers to send all log messages to your Dimension Log Server.

  47. Use WatchGuard Dimension

  48. Executive Dashboard • Top 10 • Clients • Domains • URL Categories • Destinations • Applications • Application Categories • Protocols • Click a summary toexpand it and see more detail.

  49. Security Dashboard • Top 10 Blocked • Clients • Destinations • URL Categories • Applications • Application Categories • Protocols • IPS Signatures • Gateway Anti-Virus • Click a summary toexpand it and see moredetail.

  50. Threat Map • Denied Packets(Blocked) • Intrusion PreventionService • Web Traffic • Application Control • All Traffic

More Related