WatchGuard Technologies 1000 manual

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30

Go to page of

A good user manual

The rules should oblige the seller to give the purchaser an operating instrucion of WatchGuard Technologies 1000, along with an item. The lack of an instruction or false information given to customer shall constitute grounds to apply for a complaint because of nonconformity of goods with the contract. In accordance with the law, a customer can receive an instruction in non-paper form; lately graphic and electronic forms of the manuals, as well as instructional videos have been majorly used. A necessary precondition for this is the unmistakable, legible character of an instruction.

What is an instruction?

The term originates from the Latin word „instructio”, which means organizing. Therefore, in an instruction of WatchGuard Technologies 1000 one could find a process description. An instruction's purpose is to teach, to ease the start-up and an item's use or performance of certain activities. An instruction is a compilation of information about an item/a service, it is a clue.

Unfortunately, only a few customers devote their time to read an instruction of WatchGuard Technologies 1000. A good user manual introduces us to a number of additional functionalities of the purchased item, and also helps us to avoid the formation of most of the defects.

What should a perfect user manual contain?

First and foremost, an user manual of WatchGuard Technologies 1000 should contain:
- informations concerning technical data of WatchGuard Technologies 1000
- name of the manufacturer and a year of construction of the WatchGuard Technologies 1000 item
- rules of operation, control and maintenance of the WatchGuard Technologies 1000 item
- safety signs and mark certificates which confirm compatibility with appropriate standards

Why don't we read the manuals?

Usually it results from the lack of time and certainty about functionalities of purchased items. Unfortunately, networking and start-up of WatchGuard Technologies 1000 alone are not enough. An instruction contains a number of clues concerning respective functionalities, safety rules, maintenance methods (what means should be used), eventual defects of WatchGuard Technologies 1000, and methods of problem resolution. Eventually, when one still can't find the answer to his problems, he will be directed to the WatchGuard Technologies service. Lately animated manuals and instructional videos are quite popular among customers. These kinds of user manuals are effective; they assure that a customer will familiarize himself with the whole material, and won't skip complicated, technical information of WatchGuard Technologies 1000.

Why one should read the manuals?

It is mostly in the manuals where we will find the details concerning construction and possibility of the WatchGuard Technologies 1000 item, and its use of respective accessory, as well as information concerning all the functions and facilities.

After a successful purchase of an item one should find a moment and get to know with every part of an instruction. Currently the manuals are carefully prearranged and translated, so they could be fully understood by its users. The manuals will serve as an informational aid.

Table of contents for the manual

  • Page 1

    Fir ebox III H a rd w a re G u i d e Firebox 500, Fir ebox 700, Firebo x 1000, Firebox 2500, Fir ebox 4500[...]

  • Page 2

    ii Hardwar e Guide Copyright and Patent Information Copyright© 1998 - 2003 WatchGuard T echnologies, Inc. All rights reser ved. AppLock, AppLock/Web, Designing peace of mind, Firebox, Firebox 1000, F irebox 2500, Firebox 4500, Firebox II, Firebox II Plus, Firebox II F a stVPN, Firebox III, Firebox SOHO , Firebox SOHO 6, Firebox SOHO 6tc, Firebox S[...]

  • Page 3

    Hardwar e Guide iii Contents Limited Har dwar e W arranty ................. ................ .............. ............ 1 FCC Certification ............. ................................ ................. .............. 4 CE Notice .............. ................. ................ ............................ ............ 5 Industry Canada .......[...]

  • Page 4

    iv Hardwar e Guide Firebox System Ar ea ......... ................. ................ .............. ............ 20 Read-only system area ................. ................ ................. .............. 21 Enhanced System Mode ............... ................ ................. .............. 21 Managing flash disk memory ............... ........[...]

  • Page 5

    Hardwar e Guide 1 H a rdw a re G u i d e The W atchGuard Firebox III is a sp ecially designed and optimized security appliance. Solid-state archit ecture removes th e risk of hard-drive failure and disk cr ashes. T hree independent network interfaces allow you to separate your protected office network from the Internet while providing you an option[...]

  • Page 6

    2 Hardwar e Guide and used for its intended pu rpose and in its intended operating environment, will per for m substantially in accordance with WatchGuard applicable specifications. This war ranty does not apply to any Product that has been: (i) altered, repaired or modified by any party other than WatchGuard; or (ii) damaged or destroyed by accide[...]

  • Page 7

    Limited Har dware W arranty Hardwar e Guide 3 4. Limitation of Liabi lity . WA TCHGUARD TECHNOLOGIES’ LIABILITY (WHETHER ARISING IN CONTRACT (INCL UDING WARRANTY), TOR T (INCL UDING ACTIVE, P ASSIVE OR IMPUTED NEGLIGENCE AND STRICT LIABILITY AND F AUL T) OR OTHER THEORY) WITH REGARD TO ANY PRODUCT WILL IN NO EVENT EXCEED THE PURCHASE PRICE P AID [...]

  • Page 8

    4 Hardwar e Guide FCC Certification This device has been tested and found to comply with limits for a Class A digital device, pursuant to P art 15 of the FCC Rules. Operation is subject to the following two conditions: • This device may not cause harmful interfer ence.[...]

  • Page 9

    CE Notice Hardwar e Guide 5 • This device must accept any interference receive d, including interference that may cause undesired oper ation. CE Notice The CE symbol on your W atchGuar d T echnologies equipment indicates that it is in compliance with the Electr omagnetic Compatibility (EMC) directive and the Low V oltage Directive (L VD) of the E[...]

  • Page 10

    6 Hardwar e Guide Ta i w a n e s e N o t i c e VCCI Notice Class A ITE[...]

  • Page 11

    Installing the Fir ebox III Hardwar e Guide 7 Installing the Fir ebox III Easily installed into your network, th e r ack-mountable Firebo x plugs in at the Internet connection of your office s to implement security policies and protection. Ha rd wa re re q u i re m e nt s W atchGuard recommends physically installing a F irebox III under the followi[...]

  • Page 12

    8 Hardwar e Guide Locating a Fir ebox within a network One of the first steps in installing a F irebox is determining where to place it within the network. Nearly always, a Fir ebox is placed directly behind the Internet router , as pictured below . This is the most effective location for the Firebox to oper ate correctly and protect your network. [...]

  • Page 13

    Installing the Fir ebox III Hardwar e Guide 9 Y ou can connect to and initialize a new Firebox in sever al ways: • Using TCP/IP . This is the quickest way to configure a Fir ebox in most situations. • Using a serial cable. Use this method if you want to isolate the Firebox during configuration. • Using a modem. Use this method if the Fir ebox[...]

  • Page 14

    10 Hardwar e Guide 3 Install the power cord from the Fi rebox A C recep tacle to a power source. 4 When prompted t o do so durin g the Quick Setup wizard (des cribed in “Running the QuickS etup W izard” on page 11), select Use Serial Cable to Assign IP Address as the configur ation access method. Initializing a Firebox using a modem The followi[...]

  • Page 15

    Installing the Fir ebox III Hardwar e Guide 11 • The Management Station is running F irebox System 4.6 or later , which has IP connectivity to the network on which the F irebox is connected. • The network address and the netmask of the net behind the router ar e known. • One or more unused IP connections ar e behind the ro uter . During remot[...]

  • Page 16

    12 Hardwar e Guide file and saves it to the primary area of the Firebox flash disk. The F irebox loads the primary configuration file when it boots. The QuickSetup wizard also writes a basic configuration file called wizard.cfg to the Management Station hard disk. By default, the QuickSetup wizard st arts automatically after you finish installing t[...]

  • Page 17

    Hardwar e Description Hardwar e Guide 13 Firebox III fr ont vi ew (all models except Model 500 and 700) Indicators for the F irebox III Model 10 00, Model 2500, and Model 4500 are on a central back-lit indicator panel. The following photogr aph shows the entire fr ont view . The photograph below shows a close-up of the indicator pa nel. F rom the l[...]

  • Page 18

    14 Hardwar e Guide Sys A Indicates that the Fire box is running from its primary user- defined configuration. Sys B Indicates that the Fire box is ru nning from the read-on ly factory default system area. Po w e r Indicates that the Firebox is curr ently powered up. Security T riangle Display Indicates traffic between Firebox interfaces. Green arr [...]

  • Page 19

    Hardwar e Description Hardwar e Guide 15 The following photo graph shows a close-u p of the indicator panel. Fr om the left, the indicators are as described below . Disarm Red light indicates the F irebox detected an err or , shut down its interfaces, and will not forward any pack ets. Armed Green light indicates the F irebox has been booted and is[...]

  • Page 20

    16 Hardwar e Guide Sys B Indicates that the Fire box is ru nning from the read-on ly factory default system area. Po w e r Indicates that the Firebox is curr ently powered up. Security T riangle Display Indicates traffic between Firebox interfaces. Green arr ows briefly light to indicate allowed tr affi c between two interfaces in the direction of [...]

  • Page 21

    Hardwar e Description Hardwar e Guide 17 PCI Expansion Slot Reserved for future use. F actor y Default This button is active only during the boot process. T o boot the Firebox to SYS B, press this bu tton and hold it down for 20-6 0 seconds (or until you see the Sys B light come on). Console P ort Connects to the Management Station or modem thr oug[...]

  • Page 22

    18 Hardwar e Guide A C Receptacle Accepts the detachable A C power cord supplied with the Fir ebox. Po w e r S w i t c h T ur ns the Firebo x on or off. F actor y Default This button is active only during the boot process. T o boot the Firebox to SYS B, press this bu tton and hold it down for 20-60 seconds (or until you see the Sys B light come on)[...]

  • Page 23

    Hardwar e Description Hardwar e Guide 19 (NICs) are auto-sens ing and adapt to wire speed automatically. The speed indicator lights when there is a good physical connection to the Firebox. When the card runs at 10 Mbit, the speed indicator is yellow . When the card runs at 100 Mbit, the speed indicator is gr een. The amber traffic indicator blinks [...]

  • Page 24

    20 Hardwar e Guide Cross-over cabling T o connect a Firebox to a hub or switch, use a standard, str aight-through cable. However , if you plan to connect a F irebox directly to a router , either purchase or build a cross-over cable for RJ-45 (Cat5) wire. The tables below provide pin-out desc riptions for both a str aight-through and a RJ-45 (Cat5) [...]

  • Page 25

    Firebox System Area Hardwar e Guide 21 • Reset Fireb ox passphrases when you do not know or have forgotten them Fireboxes shipped before LiveS ecuri ty System 4.1 shipped with the original, standard functionality called the read-only system area. Fireboxes shipped with LiveSecurity Sy stem 4.1 or later contain both the older functions and a new s[...]

  • Page 26

    22 Hardwar e Guide • Primary (SysA)– Contains the Firebox software image used in normal operation and the enhanced read-only system area. • Backup– Contains the Fir ebox software image. Making a backup of the Firebox softwar e T o ensure that you always have a ba ckup version of the current F irebox software, copy the image stored in th e p[...]

  • Page 27

    Firebox System Area Hardwar e Guide 23 Note that this procedur e is possible only when a backup image is on the backup area of the Firebox’s flash di sk. Ther e is no backup image on the Firebox until you copy one there. 1 Click the Control Center Main Me nu button (shown at right), which is located on the upper-left corner of Control Center . 2 [...]

  • Page 28

    24 Hardwar e Guide[...]

  • Page 29

    Hardwar e Guide 25 Index A AC receptacle 16 Armed light 13, 15 B backup area 22 backup image 22 C cabling cross-over 20 using serial cable 9 using TCP/IP 9 certification, FCC 4 configuration file and QuickSetup Wizard 12 Connect T o Firebox dialog box 22 console port 17, 18 Control Cent er button 22, 23 cross-over cabling 20 D Disar m light 13, 15 [...]

  • Page 30

    26 Hardwar e Guide traffic 14 installation 7 L lights Armed 13, 15 Disarm 13, 15 Po w e r 14, 16 Sys A 14, 15 Sys B 14, 16 limited hardware war ranty 1 load indicator 14 M Management Station described 7 N network, Firebox located i n 8 P PCI expansion slot 17, 18 physical specifications 19 ports 16, 17 P ower light 14, 16 power switch 16, 18 primar[...]