Swg setup guide secure web gateway ovf release 10.2.
M86 s ecurity swg s etup g uide v . 10.2 2 m86 s ecurity : swg s etup g uide © 2012 m86 security all rights reserved. 8845 irvine center drive, irvine, ca 92618, usa version 10.2 published march 2012 for swg software release 10.2 this document may not, in whole or in part, be copied, photo- copied, ...
T able of c ontents m86 s ecurity swg s etup g uide ovf v . 10.2 3 table of contents chapter 1: before you begin . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 chapter 2: installing the appliance . . . . . . . . . . . . . . . . . . . . . . 6 installing a physical swg appliance . . . . . . ....
T able of c ontents m86 s ecurity swg s etup g uide ovf v . 10.2 4 uptime........................................................................................ 28 vmstat ........................................................................................ 28 w .....................................
C hapter 1: b efore y ou b egin m86 s ecurity swg s etup g uide v . 10.2 5 chapter 1: before you begin this guide provides the instructions you need to install and setup your m86 security swg appliance. You should perform the following tasks in the order listed: 1. Install the appliance (see chapter...
I nstalling a p hysical swg a ppliance m86 s ecurity swg s etup g uide v . 10.2 6 chapter 2: installing the appliance this chapter contains the following instructions: y installing a physical swg appliance y deploying a virtual swg from an ovf file installing a physical swg appliance installation co...
C hapter 2: i nstalling the a ppliance m86 s ecurity swg s etup g uide v . 10.2 7 y dns name y default gateway connecting an appliance using an ethernet cable for swg 3000 and swg 5000 models 1. Plug in the power cable and switch the appliance on. 2. Connect a pc directly to the appliance’s ge0 port...
I nstalling a p hysical swg a ppliance m86 s ecurity swg s etup g uide v . 10.2 8 3. Connect your pc to one of the ports on the gigabit ethernet switch in i/o switch module bay 1 on the appliance using a ethernet cable. 4. Power up the blades as follows: figure 1: physical control panel for a blade ...
C hapter 2: i nstalling the a ppliance m86 s ecurity swg s etup g uide v . 10.2 9 connecting an appliance using a serial cable 1. Connect the pc to the appliance’s serial console, using the serial cable. 2. Using the hyper terminal application, enter the appropriate port settings: y bits per second ...
D eploying a v irtual swg f rom an ovf f ile m86 s ecurity swg s etup g uide v . 10.2 10 deploying a virtual swg from an ovf file this section explains how to deploy a virtual swg from an ovf file. Virtual swg appliances are certified to work with a vmware esxi version 4.1 server. 1. In the vsphere ...
C hapter 3: s etting u p the a ppliance m86 s ecurity swg s etup g uide v . 10.2 11 chapter 3: setting up the appliance the setup procedure is the same for both physical and virtual swg appliances. You perform setup using a setup script that is run in the limited shell. This chapter contains the fol...
P reparing v alues for the a ppliance s etup m86 s ecurity swg s etup g uide v . 10.2 12 2 decide what network interface should be used for the appliance. Network interfaces description ge0 (eth0): 1gb - auto- negotiation enabled - recommended! Allows communication at a speed of up to 1gb with auto-...
C hapter 3: s etting u p the a ppliance m86 s ecurity swg s etup g uide v . 10.2 13 setting up the appliance perform the setup using the values you prepared. 1. Log in to the limited shell. The default user name and password for the shell (command line) is admin and finjan respectively: y for a phys...
L imited s hell c ommands — s ummary l ist m86 s ecurity swg s etup g uide v . 10.2 14 chapter 4: performing additional configuration (optional) you can optionally use the commands of the limited shell to manage the functionality of the appliance, and to monitor the appliance closely. Each appliance...
C hapter 4: p erforming a dditional c onfiguration (o ptional ) m86 s ecurity swg s etup g uide v . 10.2 15 check_connectivity m checks connectivity to the remote devices (for policy server or all-in-one appliances) config_ ... C network or service configuration. Double tab to view the config_networ...
L imited s hell c ommands — s ummary l ist m86 s ecurity swg s etup g uide v . 10.2 16 for more information on configuring the system, refer to limited shell configuration commands . For further in-depth analysis and diagnostics of the system, refer to limited shell monitoring commands . Reset_confi...
C hapter 4: p erforming a dditional c onfiguration (o ptional ) m86 s ecurity swg s etup g uide v . 10.2 17 limited shell configuration commands limited shell configuration commands enable you to define the role the appliance takes, the security, access and time settings, and also carry out routine ...
L imited s hell c onfiguration c ommands m86 s ecurity swg s etup g uide v . 10.2 18 config_ ... Enables network, service and policy server configuration. Press the tab button twice to display the config_network , config_time , config_hardware , config_upgrade , config_support , config_psweb , confi...
C hapter 4: p erforming a dditional c onfiguration (o ptional ) m86 s ecurity swg s etup g uide v . 10.2 19 to change the current gateway configuration, enter the ip address. Y dns: allows configuring the dns servers, which the appliance uses in order to resolve the hostnames to ip addresses. It is ...
L imited s hell c onfiguration c ommands m86 s ecurity swg s etup g uide v . 10.2 20 config_upgrade after upgrading the policy server to a new version, running this command will upgrade the scanners. Config_support allows you to install support packages. Config_psweb allows you to change the policy ...
C hapter 4: p erforming a dditional c onfiguration (o ptional ) m86 s ecurity swg s etup g uide v . 10.2 21 disable_service_ssh disables the ssh network service. Enter the disable_service_ssh command. Enable_ ... Enables the network service. The enable command includes the enable_service_snmpd and e...
L imited s hell c onfiguration c ommands m86 s ecurity swg s etup g uide v . 10.2 22 flush_dnscache flushes the dns cache . Reset_config rebuilds the appliance configuration in extreme situations where the appliance, for whatever reason, was disconnected for a period of time. This action restarts th...
C hapter 4: p erforming a dditional c onfiguration (o ptional ) m86 s ecurity swg s etup g uide v . 10.2 23 limited shell monitoring commands arp address resolution protocol command — the standard method for finding a host's hardware address when only its network layer address is known. Enter the ar...
L imited s hell m onitoring c ommands m86 s ecurity swg s etup g uide v . 10.2 24 detailed interface statistics statistical breakdowns y lan station monitor for example, select ip traffic monitor to display the ip traffic monitor details. Last displays a list of the previous administrators who logge...
C hapter 4: p erforming a dditional c onfiguration (o ptional ) m86 s ecurity swg s etup g uide v . 10.2 25 save_exclude_logs saves exclude logs in the exclude directory. Save_support_logs saves support logs in the support directory. Setup assists you in setting up the appliance for the first time. ...
L imited s hell m onitoring c ommands m86 s ecurity swg s etup g uide v . 10.2 26 y show_service_snmpd: displays the service configuration status for snmpd. Y show_service_ssh: displays the service configuration status for ssh. Show_dbsize shows the file size of the data- bases connected with your a...
C hapter 4: p erforming a dditional c onfiguration (o ptional ) m86 s ecurity swg s etup g uide v . 10.2 27 (i.E.Cyclic progression). Sftp, such as winscp, is required in order to download the files. Top displays all the running processes, and updates the display every few seconds, so that you can i...