firewall basics with fireware xtm 11 n.
Skip this Video
Loading SlideShow in 5 Seconds..
Firewall Basics with Fireware XTM 11 PowerPoint Presentation
Download Presentation
Firewall Basics with Fireware XTM 11

Firewall Basics with Fireware XTM 11

416 Views Download Presentation
Download Presentation

Firewall Basics with Fireware XTM 11

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Firewall Basics with Fireware XTM 11 Firewall Basics with Fireware XTM 11

  2. Course Introduction Firewall Basics with Fireware XTM

  3. Objectives • Use the basic management and monitoring components of WatchGuard System Manager • Configure a WatchGuard Firebox X Edge, Core, or Peak e-Series, or WatchGuard XTM 8 Series or XTM 1050 device for your network • Create basic security policies for your Firebox to enforce • Use security services to expand Firebox functionality WatchGuard Training

  4. Requirements • Prerequisites: • Basic knowledge of TCP/IP network functions and structure • It is helpful, but not necessary, to have: • WatchGuard System Manager installed on your computer • Access to a Firebox X Edge, Core, or Peak e-Series, or a WatchGuard XTM 8 Series or XTM 1050 device • A printed copy of the instructor’s notes of this presentation,or a copy of the Firewall Basics Student Guide WatchGuard Training

  5. Outline • Get Started with Your Firebox • Work with Firebox Configuration Files • Configure Firebox Interfaces • Set up Logging and Notification • Use FSM to Monitor Firebox Activity • Create Reports on Network Activity • Use NAT (Network Address Translation) • Use QoS to Manage and Prioritize Network Traffic • Verify User Identities • Define Basic Network Security Policies • Work with Proxy Policies • Filter Web Traffic with WebBlocker WatchGuard Training

  6. Outline • Block Unwanted Email with spamBlocker • Defend Your Network From Intruders • Use Gateway AntiVirus and Intrusion Prevention Service • Connect Remote Users with VPN Tunnels • Manually Create Branch Office Tunnels • Use Managed VPN Tunnels • Use the Management Server and Centralized Management WatchGuard Training

  7. Training Scenario • Fictional organization called the Successful Company • Training partners may use different examples for exercises • Try out the exercises to implement your security policy WatchGuard Training

  8. Certification Exam • WatchGuard Certified System Professional exam • Available to WatchGuard partners and end users • Exam based on the contents of this course • WatchGuard Training

  9. Getting Started Setting Up the Management Computer and Firebox

  10. Learning Objectives • Use the Quick Setup Wizard to make a configuration file • Start WatchGuard System Manager • Connect to devices and servers • Start Policy Manager and open a Firebox configuration file • Launch other WSM applications • Log in to Fireware XTM Web UI WatchGuard Training

  11. Management Station • Select a personal computer with Windows Vista (32-bit), Windows XP SP2, or Windows Server 2003 • Install WatchGuard System Manager to configure, manage, and monitor your Firebox • Install Fireware XTMappliance software, thenuse WSM to install updatesand make configurationchanges on the Firebox WatchGuard Training

  12. Server Software • When you install WSM, you have the option to install any or all of these WatchGuard servers: • Management Server • Log Server • Report Server • WebBlocker Server • Quarantine Server • Servers can be installed on separate computers • Each server must use a supported version of Windows. • There are access requirements between the management computer, the WatchGuard device, and some servers. WatchGuard Training

  13. Register your Firebox • You must have or create a LiveSecurity account • You must register the Firebox with LiveSecurity before you can configure the device • Have your device serial number ready WatchGuard Training

  14. Quick Setup Wizard • Use for Firebox X Edge, Core, or Peak e-Series devices, or WatchGuard XTM 8 Series or XTM 1050 devices • Installs the Fireware XTM operating system on the Firebox • Creates and uploads a basic configuration file • Assigns passphrases to control access to the Firebox WatchGuard Training

  15. Prepare to use the Quick Setup Wizard • Before you start, you must have: • WSM and Fireware XTM installed on the management computer • Network information • It is a good idea to have your Firebox feature key before you use the wizard. You can copy it from the LiveSecurity site during registration. WatchGuard Training

  16. Start the Quick Setup Wizard • For the Quick Setup Wizard to operate correctly, you must: • Make the device ready to be discovered by the Quick Setup Wizard (QSW). The QSW shows you how to prepare each device. • Assign a static IP address to your management computer from the same subnet that you plan to assign to the Trusted interface of the Firebox. Alternatively, you can get a DHCP address from the device when it is in Safe Mode. • Connect the Ethernet interface of your computer to interface #1 of the Firebox (for Core, Peak, 8 Series and 1050 devices) or to the LAN0, LAN1, or LAN2 interface (for Edge devices). • Launch WatchGuard System Manager (WSM) and launch the Quick Setup Wizard from the WSM > Tools menu. WatchGuard Training

  17. Start the Quick Setup Wizard • Choose which model of Firebox to configure. WatchGuard Training

  18. Start the Quick Setup Wizard • Verify that the model and serial number are correct. WatchGuard Training

  19. Name Your Firebox The name you assign to the Firebox in the wizard is used to: • Identify the Firebox in WSM • Identify the Firebox in log files • Identify the Firebox when you use Report Manager WatchGuard Training

  20. Add a Feature Key When you purchase additional options for your Firebox, you must get a new feature key to activate the new options. You can add feature keys in the Quick Setup Wizard, or later in Policy Manager. WatchGuard Training

  21. Configure the External Interface The IP address you give to the external interface can be: • A static IP address • An IP address assigned with DHCP • An IP address assigned with PPPoE You must also add an IP addressfor the Firebox default gateway.This is the IP address of your gateway router. WatchGuard Training

  22. Configure Trusted and Optional Interfaces • To configure the trusted and optional interfaces, select one of these configuration options: • Mixed Routing Mode(“Use these IP addresses”)Each interface is configured with an IP address on a different subnet. • Drop-in Mode(“Use the same IP address asthe external interface”)All Firebox interfaces have thesame IP address. Use drop-inmode when devices from thesame publicly addressednetwork are located on morethan one Firebox interface. WatchGuard Training

  23. Understand Drop-in Configurations In drop-in mode: • Assign the same primary IP address to all interfaces on your Firebox • Assign secondary networks on any interface • You can keep the same IP addresses and default gateways for devices on your trusted and optional networks,and add a secondary network addressto the Firebox interface so the Fireboxcan correctly send traffic to those devices. WatchGuard Training

  24. Set Passphrases • You define two passphrases for connections to the Firebox • Status passphrase = Read-only connections • Configuration passphrase = Read-write connections • Both passphrases must be at least 8 characters long and different from each other WatchGuard Training

  25. Complete the Quick Setup Wizard • Save a basic configuration to the Firebox. • You are now ready to put your Firebox in place on your network. • Remember to reset yourmanagement stationIP address. WatchGuard Training

  26. WatchGuard System Manager • Start WSM • Connect to a Firebox or the Management Server • Display Firebox status WatchGuard Training

  27. Policy Manager Select how policies are displayed in the View menu Detailed View Icon View WatchGuard Training

  28. Components of WSM • WSM includes a set of management and monitoring utilities: • Policy Manager • Firebox System Manager • LogViewer • HostWatch • Report Manager • Quarantine Server Client WatchGuard Training

  29. Log in to the Web UI • Fireware XTM provides a Web UI • You need only a browser with support for Adobe Flash • Real-time configuration tool, no option to store configuration changes locally and save to device later • https://<firebox.ip.address>:8080 • Uses a self-signed certificate so you must accept certificate warnings or replace the certificate with a trusted certificate • You can change the port for the Web UI • Log in with one of two accounts • status – for read-only permissionUses the status passphrase • admin – for read-write permissionUses the configuration passphrase WatchGuard Training

  30. Log in to the Web UI • Multiple concurrent logins are allowed with the status account • Only one admin at a time • The last user to log in with the admin account is the only user that can make changes • Includes changes fromPolicy Manager, WSM WatchGuard Training

  31. Log in to the Web UI • Your account name is shown at the top of the screen • Navigation links are on the left side WatchGuard Training

  32. Lesson Wrap-Up You should be able to: • Use the Quick Setup Wizard to make a configuration file • Start WatchGuard System Manager • Connect to devices and servers • Start Policy Manager and open a Firebox configuration file • Launch other WSM applications • Log in to the Web UI WatchGuard Training

  33. Administration Work with FireboxConfiguration Files Firewall Basics with Fireware Version 8.3

  34. Learning Objectives • Open and save configuration files • Configure the Firebox for remote administration • Reset Firebox passphrases • Back up and restore the Firebox configuration • Add Firebox identification information WatchGuard Training

  35. What is Policy Manager? • A configuration tool that you can use to modify the settings of your Firebox • Changes made in Policy Manager do not take effect until you save them to the Firebox • Launch Policy Manager from WSM • Select a connected or managed Firebox • Click the Policy Manager icon on the toolbar WatchGuard Training

  36. Navigate Policy Manager • Use the menu bar to configure many Firebox features. WatchGuard Training

  37. Navigate Policy Manager • Security policies that control traffic through the Firebox are represented by policies. • To edit security policies, double-click on a policy name. WatchGuard Training

  38. Open and Save Configuration Files • Open a file from the local drive, or from a Firebox • Save configuration files to the local drive, or to the Firebox • Create new configuration files in Policy Manager • New configuration files include a basic set of policies. • You can always add more policies later. WatchGuard Training

  39. Configure for Remote Administration • Connect from home to monitor Firebox status • Change policies remotely to respond to new threats • Make the policy as restrictive as possible for security • Edit the WatchGuard policy to allow access from an external IP address • You can also configure a Firebox with the Web UI (TCP port 8080) WatchGuard Training

  40. Change Firebox Passphrases • Minimum of eight characters • Change frequently • Restrict their use WatchGuard Training

  41. Back Up the Firebox Images • Create and restore an encrypted backup image • Backup includes feature key and certificate information • Encryption key is required to restore an image WatchGuard Training

  42. Add Firebox Identification Information • Firebox name and model • Contact information • Time zone for log files and reports WatchGuard Training

  43. Upgrade your Firebox • To upgrade to a new version of Fireware: • Back up your existing Firebox image. • Download and install the new version of Fireware XTM on your management station. • From Policy Manager, select File > Upgrade.Browse to the location of the OS upgrade file: C:\Program Files\Common Files\WatchGuard\Resources\FirewareXTM • Select the correct .sysa-dl file for your device: • utm_core_peak_sysa_dl • utm_edge.sysa-dl • utm_xtm1050.sysa-dl • utm_xtm8.sysa-dl WatchGuard Training

  44. Lesson Wrap-Up You should be able to: • Open and save configuration files • Configure the Firebox for remote administration • Reset Firebox passphrases • Back up and restore the Firebox configuration • Add Firebox identification information WatchGuard Training

  45. Network Settings Configure Firebox Interfaces

  46. Learning Objectives • Configure external network interfaces with a static IP address, DHCP and PPPoE • Configure a trusted and optional network interface • Use the Firebox as a DHCP server • Add WINS/DNS server locations to the Firebox configuration • Add Dynamic DNS settings to the Firebox configuration • Set up a secondary network or address • Understand Drop-In Mode and Bridge Mode WatchGuard Training

  47. Add a Firewall to Your Network • Interfaces on separate networks • Most users have at least one external and one trusted Trusted Network10.0.1.1/24 External50.50.50.10/24 Optional Network10.0.2.1/24 WatchGuard Training

  48. Beyond the Quick Setup Wizard • The Quick Setup Wizard configures the Firebox with external, trusted, and optional networks by default: • eth0 = external(WAN1 for Edge) • eth1 = trusted(LAN0, LAN1, and LAN2for Edge) • eth2 = optional(OPT for Edge) • You can change theinterface assignments inPolicy Manager > Network > Configuration. WatchGuard Training

  49. Network Configuration Options • Modify the properties of an interface • Change the interface type (from trusted to optional, etc.) • Add secondary networks and addresses • Enable the DHCP server • Configure additional interfaces • Configure WINS/DNS settings for the Firebox • Add network or host routes • Configure NAT WatchGuard Training

  50. Interface Independence • You can change the interface type of any interface configured with the Quick Setup Wizard. • You can also choose the interface type of any additional interface you enable. WatchGuard Training