WatchGuard Firebox System 7.0 User Guide
WatchGuard Firebox System 7.0 User Guide WatchGuard Firebox System 7.0 User Guide
Chapter 4: Firebox BasicsNOTEThere are no user-serviceable parts within the Firebox. If auser opens a Firebox case, it voids the limited hardwarewarranty.The most common and effective location for a Firebox isdirectly behind the Internet router, as pictured below:Other parts of the network are as follows:Management stationThe computer on which you install and run theWatchGuard Firebox System Manager software.WatchGuard Security Event ProcessorThe computer that receives and stores logmessages and sends alerts and notifications. Youcan configure the management station to also serveas the event processor.48 WatchGuard Firebox System
Opening a Configuration FileTrusted networkThe network behind the firewall that must beprotected from the security challenge.External networkThe network presenting the security challenge,typically the Internet.Optional networkA network protected by the firewall but stillaccessible from the trusted and the externalnetworks. Typically, the optional network is usedfor public servers such as an FTP or Web server.Opening a Configuration FilePolicy Manager is a comprehensive software tool for creating,modifying, and saving configuration files. A configurationfile, with the extension .cfg, contains all the settings,options, addresses, and other information that constituteyour Firebox security policy. When you view the settingsin Policy Manager, you are seeing a “user friendly” versionof your configuration file.This section describes how to open a configuration fileafter one has been created. This assumes you have alreadyrun the QuickSetup Wizard and have a basic configurationfile saved either on the Firebox or on your local hard drive.If you have not run the QuickSetup Wizard, see Chapter 5,“Using Policy Manager to Configure Your Network” forinformation on how to create a basic configuration fromscratch.1 Select Start => Programs => WatchGuard => FireboxSystem Manager.2 If you are prompted to run the QuickSetup Wizard,click Continue.3 If you are prompted to connect to the Firebox, clickCancel.User Guide 49
- Page 19 and 20: Detecting Man-in-the-Middle Attacks
- Page 21 and 22: Deleting a report .................
- Page 23 and 24: CHAPTER 1IntroductionWelcome to Wat
- Page 25 and 26: Minimum RequirementsHistorical Repo
- Page 27 and 28: .WatchGuard OptionsHardwarefeatureC
- Page 29 and 30: About this Guideallowed to enter yo
- Page 31 and 32: CHAPTER 2Service and SupportNo Inte
- Page 33 and 34: LiveSecurity® Broadcastsdivided in
- Page 35 and 36: LiveSecurity® Self Help Tools3 Com
- Page 37 and 38: WatchGuard Users GroupGuard Technic
- Page 39 and 40: Online Helpto display a list of top
- Page 41 and 42: Assisted Supportto assist you in ma
- Page 43 and 44: Training and Certificationto speed
- Page 45 and 46: CHAPTER 3Getting StartedThe WatchGu
- Page 47 and 48: Gathering Network InformationNetwor
- Page 49 and 50: .Gathering Network InformationThe f
- Page 51 and 52: Selecting a Firewall Configuration
- Page 53 and 54: Selecting a Firewall Configuration
- Page 55 and 56: Selecting a Firewall Configuration
- Page 57 and 58: Selecting a Firewall Configuration
- Page 59 and 60: Setting Up the Management Station4
- Page 61 and 62: Cabling the FireboxUser Guide 39
- Page 63 and 64: Running the QuickSetup WizardProvid
- Page 65 and 66: Entering IP addressesRunning the Qu
- Page 67 and 68: What’s Nextservices, in addition
- Page 69: CHAPTER 4Firebox BasicsThis chapter
- Page 73 and 74: Saving a Configuration File3 From t
- Page 75 and 76: Resetting Firebox Passphrasesenter
- Page 77 and 78: Setting the Time Zone2 Select the m
- Page 79 and 80: CHAPTER 5Using PolicyManager toConf
- Page 81 and 82: Setting IP Addresses of Firebox Int
- Page 83 and 84: Setting DHCP or PPPoE Support on th
- Page 85 and 86: Defining External IP Aliases2 Confi
- Page 87 and 88: Entering WINS and DNS Server Addres
- Page 89 and 90: Defining a Firebox as a DHCP Server
- Page 91 and 92: Adding Basic Services to Policy Man
- Page 93 and 94: Configuring Routes3 Click the Net o
- Page 95 and 96: CHAPTER 6Managing andMonitoring the
- Page 97 and 98: Viewing Basic Firebox StatusThe top
- Page 99 and 100: Viewing Basic Firebox Statusbut the
- Page 101 and 102: Viewing Basic Firebox Status• The
- Page 103 and 104: Monitoring Firebox TrafficSetting t
- Page 105 and 106: Performing Basic Tasks with System
- Page 107 and 108: Performing Basic Tasks with System
- Page 109 and 110: Viewing Bandwidth Usage(shown above
- Page 111 and 112: Viewing Details on Firebox Activity
- Page 113 and 114: Viewing Details on Firebox Activity
- Page 115 and 116: Viewing Details on Firebox Activity
- Page 117 and 118: Viewing Details on Firebox Activity
- Page 119 and 120: HostWatchHostWatchHostWatch is a re
Opening a Configuration FileTrusted networkThe network behind the firewall that must beprotected from the security challenge.External networkThe network presenting the security challenge,typically the Internet.Optional networkA network protected by the firewall but stillaccessible from the trusted and the externalnetworks. Typically, the optional network is usedfor public servers such as an FTP or Web server.Opening a Configuration FilePolicy Manager is a comprehensive software tool for creating,modifying, and saving configuration files. A configurationfile, with the extension .cfg, contains all the settings,options, addresses, and other information that constituteyour <strong>Firebox</strong> security policy. When you view the settingsin Policy Manager, you are seeing a “user friendly” versionof your configuration file.This section describes how to open a configuration fileafter one has been created. This assumes you have alreadyrun the QuickSetup Wizard and have a basic configurationfile saved either on the <strong>Firebox</strong> or on your local hard drive.If you have not run the QuickSetup Wizard, see Chapter 5,“Using Policy Manager to Configure Your Network” forinformation on how to create a basic configuration fromscratch.1 Select Start => Programs => <strong>WatchGuard</strong> => <strong>Firebox</strong><strong>System</strong> Manager.2 If you are prompted to run the QuickSetup Wizard,click Continue.3 If you are prompted to connect to the <strong>Firebox</strong>, clickCancel.<strong>User</strong> <strong>Guide</strong> 49