WSM User Guide - WatchGuard Technologies
WSM User Guide - WatchGuard Technologies WSM User Guide - WatchGuard Technologies
Domain Name System. See DNSDon’t Fragment bit, ignoring heading of 75Download WebBlocker Database dialog box 290drop (proxy action) 162drop-in configurationcharacteristics of 13configuring related hosts 111described 11, 12multi-WAN not supported in 13, 102Drop-In Mode Properties dialog box 112duplex parameters, setting 111DVCP Server. See Management Serverdynamic DNScreating a DynDNS account 108described 108setting up Firebox for 109dynamic NAT. See NAT, dynamicdynamic routes, viewing 49dynamic routingdescribed 323, 326protocols for 323, 326routing daemon configuration files 326using Border Gateway Protocol (BGP) 337–341using OSPF 332–337using RIP (Routing Information Protocol) 326using RIP (Routing Information Protocol) V1 326–330using RIP (Routing Information Protocol) V2 330–332viewing components of 49Dynamic Routing Setup dialog box 328, 331, 335, 340dynamically blocked sites 141DynDNS account, creating 108EEdge Configuration Templatesadding with Add Policy wizard 269–271applying to devices 271–273cloning 271creating/applying 268–269described 268Edge Network Settings dialog box 274Edit Gateway dialog box 246Edit Policy Properties dialog box 79, 156, 208Edit Service Properties dialog box 210Edit Tunnel dialog box 249e-mail addresses, setting maximum length for 167e-mail attachments, limiting file names for 170e-mail messages 171actions for attachments 311and the SMTP proxy 166as notification 89, 153, 165creating rules for bulk or suspect 304–305hiding server data for 168restricting recipients 170restricting senders 170scanning compressed attachments in 312setting maximum line length for 168setting maximum recipients for 167setting maximum size for 167setting responses for viruses in 170spam. See spamBlockerunlocking attachments 312Enable TOS for IPSec option 76Encapsulated Security Payload 226encryptionAdvanced Encryption Standard (AES) 227and BOVPN with Manual IPSec 233and management software 14and RUVPN with PPTP 279and VPNs 226–227base, described 14described 226for VPNs, viewing 6levels of 227strong, activating 279strong, and BOVPN with Manual IPSec 14strong, described 14encryption keyfor creating backup image 73log. See log encryption keyEntrust policy 382ESMTPconfiguring authentication rules 169configuring parameters for 169described 168extended authenticationdefining groups for 281described 227external interfaceconfiguring 100–102configuring multiple. See multi-WAN supportdescribed 10dynamic addressing on 100dynamic IP support on 21using a static IP address for 100using DHCP for addressing 101using PPPoE on 100FFAQs 26fbxinstall utility 66feature keys 58features, activating 57file locations for 377File Transfer Protocol. See FTP proxyfinger policy 383Firebox Installation Services 29Firebox interfaceschanging address of 98configuring 98–110described 11monitoring traffic through 35see also individual listings for interfacesviewing IP addresses of 5, 36Firebox License Keys dialog box 59, 289Firebox passphrases. See passphrasesFirebox running Fireware, configuring as managedclient 208Firebox running WFS, configuring as managedclient 210Firebox System Managerand Intrusion Prevention Service 321Authentication List tab 49Bandwidth Meter tab 45Blocked Sites list 50described 2, 18, 31Firebox and VPN tunnel status 36front panel 36Front Panel tab 34menus and toolbars in 32monitoring spamBlocker activity with 305monitoring tunnels in 37404 WatchGuard System Manager
opening 32pausing 34Performance Console 40–44Security Services tab 51, 306, 313, 321Service Watch tab 46setting refresh interval for 34star display 35starting 31Status Report tab 48–49Traffic Monitor tab 38–40triangle display 35viewing bandwidth usage 45viewing Firebox status 48viewing Firebox traffic 35viewing Gateway AntiVirus status 313Firebox X Edgeadding to Management Server 257–259adding VPN resource 263adding VPN tunnel 264configuring as managed client 211configuring management properties for 262creating tunnels for dynamic 240defining aliases on 277importing into Management Server 255managing 253–259managing network settings 273–275modifying configuration template for 265preparing installed device for management 255preparing new unit for management 254scheduling firmware updates for 259–260starting tools for 264updating device 263using aliases with 275viewing management page for 261Firebox X e-Seriesand Web Quick Setup Wizard 15High Availability and 344–346resetting 65Fireboxesas Certificate Authorities 228backup image of 72cables for 22configuring as DHCP server 99configuring for RUVPN with PPTP 279configuring management properties for 218configuring to accept SNMP polls 62connecting to 17, 31defining as managed clients 237designating Log Server for 83disconnecting from 18friendly names in log files, reports 62global settings 75hosting PPTP sessions 124interfaces. See Firebox interfacesmaking outbound PPTP connections frombehind 287managing from remote location 78monitoring status 31obtaining IP addresses dynamically 21opening configuration file 69package contents 9recovering 65resetting passphrases 64resetting to factory-default 65resetting using fbxinstall 66saving configuration file to 72setting time zone for 62synchronizing clock to NTP server 61timeout value 18, 208using as authentication servers 123viewing active connections on 53viewing ARP table for 49viewing bandwidth usage 45viewing kernel routing table for 49viewing load average of 48viewing memory use of 48viewing model of 48viewing network card information 49viewing processes of 49viewing status of 48viewing traffic and performance 48viewing traffic through 35Firewaredescribed 1differences between Fireware/Fireware Pro 2upgrading 20Fireware Prodescribed 1differences between Fireware/Fireware Pro 2firmware updates, viewing/deleting 261flood attacks 137Fragmentation Req (PMTU) setting (ICMP) 76Front Panel tab (Firebox System Manager) 34FSM. See Firebox System ManagerFTP policy 383FTP proxyand Intrusion Prevention Service 173, 314, 319configuring general settings 172configuring proxy alarms for 174defining commands rules for 173described 172, 399setting download rules for 173setting upload rules for 173FTP servers, and archie policy 380fully meshed topology 229GGateway AntiVirusactions (Allow, Drop, Block, Lock, Remove) 311activating 309and the HTTP proxy 308and the SMTP proxy 308applying settings to policies 309configuring 310–313configuring engine settings for 311configuring signature server for 312creating alarms/logs for 311described 307, 308enabling automatic virus signature updates 312installing 308unlocking an attachment 312updating antivirus software 314updating signatures manually 314using with multiple proxies 312viewing engine version 52viewing information on 51viewing recent activity 52viewing signature information 52viewing status of 313Gateway AntiVirus dialog box 310, 311gatewaysdefault. See default gatewaysdescribed 243for tunnels, adding 243for tunnels, configuring 243–246for tunnels, editing/deleting 246Reference Guide 405
- Page 372 and 373: conditions of use by WatchGuard of
- Page 374 and 375: LicensesDATA, OR PROFITS; OR BUSINE
- Page 376 and 377: Licenses"Derivative Works" shall me
- Page 378 and 379: LicensesANY DIRECT, INDIRECT, INCID
- Page 380 and 381: Licenses2. You may modify your copy
- Page 382 and 383: Licenses8. You may not copy, modify
- Page 384 and 385: LicensesYou may charge a fee for th
- Page 386 and 387: LicensesINCLUDING, BUT NOT LIMITED
- Page 388 and 389: Licenses1.2. "Compilation" means a
- Page 390 and 391: LicensesTHE VRT CERTIFIED RULES AND
- Page 392 and 393: LicensesNoteAll other trademarks or
- Page 394 and 395: Default File LocationsFile TypeHelp
- Page 396 and 397: Default File Locations378 WatchGuar
- Page 398 and 399: Packet Filter PoliciesAOLThe Americ
- Page 400 and 401: Packet Filter PoliciesCharacteristi
- Page 402 and 403: Packet Filter PoliciesCharacteristi
- Page 404 and 405: Packet Filter PoliciesIRCInternet R
- Page 406 and 407: Packet Filter PoliciesCharacteristi
- Page 408 and 409: Packet Filter PoliciesPPTPPPTP is a
- Page 410 and 411: Packet Filter PoliciesSecurIDRSA Se
- Page 412 and 413: Packet Filter PoliciesCharacteristi
- Page 414 and 415: Packet Filter Policies• Port Numb
- Page 416 and 417: Packet Filter PoliciesWG-SmallOffic
- Page 418 and 419: Proxied Policiesmessages to flow fr
- Page 420 and 421: about SYN flood setting 137address
- Page 424 and 425: selecting for tunnel 247Gateways di
- Page 426 and 427: icon on toolbar for 4installing on
- Page 428 and 429: Perfect Forward Secrecy 248Performa
- Page 430 and 431: Secondary Networks dialog box 107Se
- Page 432: Wand strong passwords 227and WatchG
opening 32pausing 34Performance Console 40–44Security Services tab 51, 306, 313, 321Service Watch tab 46setting refresh interval for 34star display 35starting 31Status Report tab 48–49Traffic Monitor tab 38–40triangle display 35viewing bandwidth usage 45viewing Firebox status 48viewing Firebox traffic 35viewing Gateway AntiVirus status 313Firebox X Edgeadding to Management Server 257–259adding VPN resource 263adding VPN tunnel 264configuring as managed client 211configuring management properties for 262creating tunnels for dynamic 240defining aliases on 277importing into Management Server 255managing 253–259managing network settings 273–275modifying configuration template for 265preparing installed device for management 255preparing new unit for management 254scheduling firmware updates for 259–260starting tools for 264updating device 263using aliases with 275viewing management page for 261Firebox X e-Seriesand Web Quick Setup Wizard 15High Availability and 344–346resetting 65Fireboxesas Certificate Authorities 228backup image of 72cables for 22configuring as DHCP server 99configuring for RUVPN with PPTP 279configuring management properties for 218configuring to accept SNMP polls 62connecting to 17, 31defining as managed clients 237designating Log Server for 83disconnecting from 18friendly names in log files, reports 62global settings 75hosting PPTP sessions 124interfaces. See Firebox interfacesmaking outbound PPTP connections frombehind 287managing from remote location 78monitoring status 31obtaining IP addresses dynamically 21opening configuration file 69package contents 9recovering 65resetting passphrases 64resetting to factory-default 65resetting using fbxinstall 66saving configuration file to 72setting time zone for 62synchronizing clock to NTP server 61timeout value 18, 208using as authentication servers 123viewing active connections on 53viewing ARP table for 49viewing bandwidth usage 45viewing kernel routing table for 49viewing load average of 48viewing memory use of 48viewing model of 48viewing network card information 49viewing processes of 49viewing status of 48viewing traffic and performance 48viewing traffic through 35Firewaredescribed 1differences between Fireware/Fireware Pro 2upgrading 20Fireware Prodescribed 1differences between Fireware/Fireware Pro 2firmware updates, viewing/deleting 261flood attacks 137Fragmentation Req (PMTU) setting (ICMP) 76Front Panel tab (Firebox System Manager) 34FSM. See Firebox System ManagerFTP policy 383FTP proxyand Intrusion Prevention Service 173, 314, 319configuring general settings 172configuring proxy alarms for 174defining commands rules for 173described 172, 399setting download rules for 173setting upload rules for 173FTP servers, and archie policy 380fully meshed topology 229GGateway AntiVirusactions (Allow, Drop, Block, Lock, Remove) 311activating 309and the HTTP proxy 308and the SMTP proxy 308applying settings to policies 309configuring 310–313configuring engine settings for 311configuring signature server for 312creating alarms/logs for 311described 307, 308enabling automatic virus signature updates 312installing 308unlocking an attachment 312updating antivirus software 314updating signatures manually 314using with multiple proxies 312viewing engine version 52viewing information on 51viewing recent activity 52viewing signature information 52viewing status of 313Gateway AntiVirus dialog box 310, 311gatewaysdefault. See default gatewaysdescribed 243for tunnels, adding 243for tunnels, configuring 243–246for tunnels, editing/deleting 246Reference <strong>Guide</strong> 405