Stonesoft Stonegate 5.2 Manuale utente

STONEGATE 5.2

INSTALLATION GUIDE

INTRUSION PREVENTION SYSTEM

Legal Information

End-User License Agreement

The use of the products described in these materials is subject to the then current end-user license agreement, which can be found at

the Stonesoft website:

www.stonesoft.com/en/support/eula.html

Third Party Licenses

The StoneGate software includes several open source or third-party software packages. The appropriate software licensing information for

those products at the Stonesoft website:

www.stonesoft.com/en/support/third_party_licenses.html

U.S. Government Acquisitions

If Licensee is acquiring the Software, including accompanying documentation on behalf of the U.S. Government, the following provisions

apply. If the Software is supplied to the Department of Defense (“DoD”), the Software is subject to “Restricted Rights”, as that term is

defined in the DOD Supplement to the Federal Acquisition Regulations (“DFAR”) in paragraph 252.227-7013(c) (1). If the Software is

supplied to any unit or agency of the United States Government other than DOD, the Government’s rights in the Software will be as

defined in paragraph 52.227-19(c) (2) of the Federal Acquisition Regulations (“FAR”). Use, duplication, reproduction or disclosure by the

Government is subject to such restrictions or successor provisions.

Product Export Restrictions

The products described in this document are subject to export control under the laws of Finland and the European Council Regulation (EC)

N:o 1334/2000 of 22 June 2000 setting up a Community regime for the control of exports of dual-use items and technology (as

amended). Thus, the export of this Stonesoft software in any manner is restricted and requires a license by the relevant authorities.

General Terms and Conditions of Support and Maintenance Services

The support and maintenance services for the products described in these materials are provided pursuant to the general terms for

support and maintenance services and the related service description, which can be found at the Stonesoft website:

www.stonesoft.com/en/support/view_support_offering/terms/

Replacement Service

The instructions for replacement service can be found at the Stonesoft website:

www.stonesoft.com/en/support/view_support_offering/return_material_authorization/

Hardware Warranty

The appliances described in these materials have a limited hardware warranty. The terms of the hardware warranty can be found at the

Stonesoft website:

www.stonesoft.com/en/support/view_support_offering/warranty_service/

Trademarks and Patents

The products described in these materials are protected by one or more of the following European and US patents: European Patent Nos.

1065844, 1189410, 1231538, 1259028, 1271283, 1289183, 1289202, 1304849, 1313290, 1326393, 1379046, 1330095,

131711, 1317937 and 1443729 and US Patent Nos. 6,650,621; 6 856 621; 6,885,633; 6,912,200; 6,996,573; 7,099,284;

7,127,739; 7,130,266; 7,130,305; 7,146,421; 7,162,737; 7,234,166; 7,260,843; 7,280,540; 7,302,480; 7,386,525; 7,406,534;

7,461,401; 7,721,084; and 7,739,727 and may be protected by other EU, US, or other patents, or pending applications. Stonesoft, the

Stonesoft logo and StoneGate, are all trademarks or registered trademarks of Stonesoft Corporation. All other trademarks or registered

trademarks are property of their respective owners.

Disclaimer

Although every precaution has been taken to prepare these materials, THESE MATERIALS ARE PROVIDED "AS-IS" and Stonesoft makes

no warranty to the correctness of information and assumes no responsibility for errors, omissions, or resulting damages from the use of

the information contained herein. All IP addresses in these materials were chosen at random and are used for illustrative purposes only.

Revision: SGIIG_20110816

Table of Contents

TABLE OF CONTENTS

INTRODUCTION

CHAPTER 1

Using StoneGate Documentation . . . . . . . . . . . 7

How to Use This Guide . . . . . . . . . . . . . . . . . . 8

Documentation Available . . . . . . . . . . . . . . . . . 9

Product Documentation. . . . . . . . . . . . . . . . . 9

Support Documentation . . . . . . . . . . . . . . . . 9

System Requirements. . . . . . . . . . . . . . . . . . 10

Supported Features . . . . . . . . . . . . . . . . . . . 10

Contact Information . . . . . . . . . . . . . . . . . . . . 10

Licensing Issues . . . . . . . . . . . . . . . . . . . . . 10

Technical Support. . . . . . . . . . . . . . . . . . . . . 10

Your Comments . . . . . . . . . . . . . . . . . . . . . . 10

Other Queries. . . . . . . . . . . . . . . . . . . . . . . . 10

PREPARING FOR INSTALLATION

CHAPTER 2

Planning the IPS Installation . . . . . . . . . . . . . . 13

Introduction to StoneGate IPS . . . . . . . . . . . . . 14

Example Network Scenario . . . . . . . . . . . . . . . 14

Overview to the Installation Procedure . . . . . . . 15

Important to Know Before Installation . . . . . . . 15

Supported Platforms. . . . . . . . . . . . . . . . . . . 15

Date and Time Settings . . . . . . . . . . . . . . . . 15

Capture Interfaces . . . . . . . . . . . . . . . . . . . . 16

Switch SPAN Ports . . . . . . . . . . . . . . . . . . . 16

Network TAPs. . . . . . . . . . . . . . . . . . . . . . . 16

Cabling Guidelines . . . . . . . . . . . . . . . . . . . . 16

Speed And Duplex . . . . . . . . . . . . . . . . . . . . 17

Installing IPS Licenses. . . . . . . . . . . . . . . . . . . 19

CHAPTER 3

Getting Started with IPS Licenses . . . . . . . . . . 20

Configuration Overview . . . . . . . . . . . . . . . . . 20

Generating New Licenses . . . . . . . . . . . . . . . . 20

Installing Licenses . . . . . . . . . . . . . . . . . . . . . 21

CHAPTER 4

Configuring NAT Addresses . . . . . . . . . . . . . . . 23

Getting Started with NAT Addresses . . . . . . . . . 24

Configuration Overview . . . . . . . . . . . . . . . . . 25

Defining Locations . . . . . . . . . . . . . . . . . . . . . 25

Adding SMC Server Contact Addresses . . . . . . 26

CONFIGURING SENSORS AND ANALYZERS

CHAPTER 5

Defining Sensors and Analyzers . . . . . . . . . . . . 31

Getting Started with Defining Sensors and

Analyzers. . . . . . . . . . . . . . . . . . . . . . . . . . . . 32

Creating Engine Elements. . . . . . . . . . . . . . . . 32

Defining System Communication Interfaces for IPS

Engines. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33

Defining Physical Interfaces . . . . . . . . . . . . . 34

Defining VLAN Interfaces . . . . . . . . . . . . . . . 35

Defining IP Addresses . . . . . . . . . . . . . . . . . 36

Setting Interface Options for IPS Engines. . . . . 37

Defining Traffic Inspection Interfaces for Sensors 38

Defining Logical Interfaces . . . . . . . . . . . . . . 39

Defining Reset Interfaces . . . . . . . . . . . . . . . 40

Defining Capture Interfaces . . . . . . . . . . . . . 41

Defining Inline Interfaces . . . . . . . . . . . . . . . 42

Bypassing Traffic on Overload . . . . . . . . . . . . . 43

Finishing the Engine Configuration. . . . . . . . . . 44

CHAPTER 6

Saving the Initial Configuration . . . . . . . . . . . . 45

Configuration Overview . . . . . . . . . . . . . . . . . . 46

Saving the Initial Configuration for Sensors and

Analyzers. . . . . . . . . . . . . . . . . . . . . . . . . . . . 46

Transferring the Initial Configuration to Sensors

and Analyzers . . . . . . . . . . . . . . . . . . . . . . . . 49

CHAPTER 7

Configuring Routing and Installing Policies . . . 51

Configuring Routing . . . . . . . . . . . . . . . . . . . . 52

Adding Next-hop Routers . . . . . . . . . . . . . . . 53

Adding the Default Route . . . . . . . . . . . . . . . 54

Adding Other Routes . . . . . . . . . . . . . . . . . . 54

Installing the Initial Policy . . . . . . . . . . . . . . . . 55

Commanding IPS Engines. . . . . . . . . . . . . . . 57

INSTALLING SENSORS AND ANALYZERS

CHAPTER 8

Installing the Engine on Intel-Compatible

Platforms . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61

Installing the Sensor or Analyzer Engine. . . . . . 62

Configuration Overview . . . . . . . . . . . . . . . . . 62

Obtaining Installation Files . . . . . . . . . . . . . . . 62

4Table of Contents

Downloading the Installation Files . . . . . . . . . 62

Checking File Integrity . . . . . . . . . . . . . . . . . . 62

Creating the Installation CD-ROM . . . . . . . . . . 63

Starting the Installation. . . . . . . . . . . . . . . . . . 63

Configuring the Engine . . . . . . . . . . . . . . . . . . 64

Configuring the Engine Automatically with a

USB Stick . . . . . . . . . . . . . . . . . . . . . . . . . . 64

Configuring the Engine in the Engine

Configuration Wizard. . . . . . . . . . . . . . . . . . . 65

Configuring the Operating System Settings . . . 65

Configuring the Network Interfaces . . . . . . . . 67

Contacting the Management Server . . . . . . . . 68

Activating the Initial Configuration . . . . . . . . 68

Filling in the Management Server

Information . . . . . . . . . . . . . . . . . . . . . . . . 69

Selecting the Engine Type . . . . . . . . . . . . . . 69

After Successful Management Server Contact 70

Installing the Engine in Expert Mode . . . . . . . . 70

Partitioning the Hard Disk Manually . . . . . . . . 70

Allocating Partitions . . . . . . . . . . . . . . . . . . . 71

UPGRADING

CHAPTER 9

Upgrading . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75

Getting Started with Upgrading . . . . . . . . . . . . 76

Configuration Overview . . . . . . . . . . . . . . . . . 77

Obtaining Installation Files . . . . . . . . . . . . . . 77

Upgrading or Generating Licenses . . . . . . . . . . 78

Upgrading Licenses Under One Proof Code. . . 78

Upgrading Licenses Under Multiple Proof

Codes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79

Installing Licenses . . . . . . . . . . . . . . . . . . . . 80

Checking the Licenses . . . . . . . . . . . . . . . . . 81

Upgrading Engines Remotely . . . . . . . . . . . . . . 82

Upgrading Engines Locally . . . . . . . . . . . . . . . . 84

Upgrading from an Engine Installation CD-ROM 84

Upgrading from a ZIP Archive File. . . . . . . . . . 85

APPENDICES

APPENDIX A

Command Line Tools . . . . . . . . . . . . . . . . . . . . 89

StoneGate-Specific Commands . . . . . . . . . . . . 90

General Tools . . . . . . . . . . . . . . . . . . . . . . . . . 93

APPENDIX B

Default Communication Ports . . . . . . . . . . . . . 95

Management Center Ports . . . . . . . . . . . . . . . 96

IPS Engine Ports . . . . . . . . . . . . . . . . . . . . . . 98

APPENDIX C

Example Network Scenario . . . . . . . . . . . . . . . 101

Overview of the Example Network . . . . . . . . . . 102

Example Headquarters Intranet Network . . . . . 103

HQ Sensor Cluster . . . . . . . . . . . . . . . . . . . . 103

Example Headquarters Management Network . 104

HQ Analyzer. . . . . . . . . . . . . . . . . . . . . . . . . 104

HQ Firewall . . . . . . . . . . . . . . . . . . . . . . . . . 104

Management Center Servers . . . . . . . . . . . . 104

Example Headquarters DMZ Network . . . . . . . 105

DMZ Sensor . . . . . . . . . . . . . . . . . . . . . . . . 105

Example Branch Office Network. . . . . . . . . . . . 106

Branch Office Sensor-Analyzer. . . . . . . . . . . . 106

Branch Office Firewall. . . . . . . . . . . . . . . . . . 106

Branch Office Log Server . . . . . . . . . . . . . . . 106

Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107

INTRODUCTION

In this section:

Using StoneGate Documentation - 7

CHAPTER 1

USING STONEGATE DOCUMENTATION

Welcome to Stonesoft’s StoneGate™ IPS. This chapter describes how to use the StoneGate

IPS Installation Guide and lists other available documentation. It also provides directions for

obtaining technical support and giving feedback.

The following sections are included:

How to Use This Guide (page 8)

Documentation Available (page 9)

Contact Information (page 10)

8Chapter 1 Using StoneGate Documentation

How to Use This Guide

This IPS Installation Guide is intended for administrators who install the StoneGate IPS system.

It describes the IPS Sensor and Analyzer engine installation step by step. The chapters in this

guide are organized in the general order you should follow when installing the system.

Most tasks are explained using illustrations that include explanations on the steps you need to

complete in each corresponding view in your own environment. The explanations that

accompany the illustrations are numbered when the illustration contains more than one step for

you to perform.

Typographical Conventions

The following conventions are used throughout the documentation:

We use the following ways to indicate important or additional information:

Tip – Tips provide additional helpful information, such as alternative ways to complete steps.

Example Examples present a concrete scenario that clarifies the points made in the adjacent text.

Table 1.1 Typographical Conventions

Formatting Informative Uses

User Interface text Text you see in the User Interface (buttons, menus, etc.) and any

other interaction with the user interface are in bold-face.

References, terms Cross-references and first use of acronyms and terms are in

italics.

Command line File names, directories, and text displayed on the screen are

monospaced.

User input User input on screen is in monospaced bold-face.

Command parameters Command parameter names are in monospaced italics.

Note – Notes prevent commonly-made mistakes by pointing out important points.

Caution – Cautions prevent breaches of security, information loss, or system downtime.

Cautions always contain critical information that you must observe.

Documentation Available

StoneGate documentation is divided into two main categories: Product Documentation and

Support Documentation. Each StoneGate product has a separate set of manuals.

Product Documentation

The table below lists the available product documentation. PDF guides are available on the

Management Center CD-ROM and at http://www.stonesoft.com/support/.

Support Documentation

The StoneGate support documentation provides additional and late-breaking technical

information. These technical documents support the StoneGate Guide books, for example, by

giving further examples on specific configuration scenarios.

The latest StoneGate technical documentation is available at the Stonesoft website at

http://www.stonesoft.com/support/.

Table 1.2 Product Documentation

Guide Description

Reference Guide

Explains the operation and features of StoneGate comprehensively.

Demonstrates the general workflow and provides example scenarios

for each feature area. Available for StoneGate Management Center,

Firewall/VPN, and StoneGate IPS.

Installation Guide

Instructions for planning, installing, and upgrading a StoneGate

system. Available for StoneGate Management Center, Firewall/VPN,

and IPS.

Online Help

Describes how to configure and manage the system step-by-step.

Accessible through the Help menu and by using the Help button or

the F1 key in any window or dialog. Available in the StoneGate

Management Client and the StoneGate Web Portal. An HTML-based

system is available in the StoneGate SSL VPN Administrator through

help links and icons.

Administrator’s Guide

Describes how to configure and manage the system step-by-step.

Available as a combined guide for both StoneGate Firewall/VPN and

StoneGate IPS, and as separate guides for StoneGate SSL VPN and

StoneGate IPsec VPN Client.

User’s Guide Instructions for end-users. Available for the StoneGate IPsec VPN

Client and the StoneGate Web Portal.

Appliance Installation Guide

Instructions for physically installing and maintaining StoneGate

appliances (rack mounting, cabling, etc.). Available for all StoneGate

hardware appliances.

10 Chapter 1 Using StoneGate Documentation

System Requirements

The certified platforms for running StoneGate engine software can be found at the product

pages at http://www.stonesoft.com/en/products/ips/Software_Solutions/.

The hardware and software requirements for the version of StoneGate you are running can also

be found in the Release Notes available at the StoneGate Support Documentation pages.

Supported Features

Not all StoneGate features are supported on all platforms. See the Appliance Software Support

Table at the Stonesoft Support Documentation pages for more information.

Contact Information

For street addresses, phone numbers, and general information about StoneGate and Stonesoft

Corporation, visit our website at http://www.stonesoft.com/.

Licensing Issues

You can view your current licenses at the License Center section of the Stonesoft website at

https://my.stonesoft.com/managelicense.do.

For license-related queries, e-mail [email protected].

Technical Support

Stonesoft offers global technical support services for Stonesoft’s product families. For more

information on technical support, visit the Support section at the Stonesoft website at

http://www.stonesoft.com/support/.

Your Comments

We want to make our products fulfill your needs as well as possible. We are always pleased to

receive any suggestions you may have for improvements.

•To comment on software and hardware products, e-mail [email protected].

•To comment on the documentation, e-mail [email protected].

Other Queries

For queries regarding other matters, e-mail [email protected].

Indice

Manuali Sistema di sicurezza popolari di altre marche

Inner Range

Inner Range Concept 2000 Manuale utente

Climax

Climax Mobile Lite R32 Istruzioni per il montaggio

CADDX

CADDX NX-6 Manuale utente

FBII

FBII XL-31 Series Manuale utente

Johnson Controls

Johnson Controls PENN Connected PC10 Manuale utente

Aeotec

Aeotec Siren Gen5 Manuale utente

Blaupunkt

Blaupunkt SA 2700 Manuale utente

IDEAL

IDEAL Accenta Manuale del proprietario

AJAX

AJAX DoubleButton Manuale utente

Swann

Swann SW-P-MC2 Manuale utente

Ecolink

Ecolink Siren+Chime Manuale utente

Digital Monitoring Products

Digital Monitoring Products XR150 Manuale utente

EDM

EDM Solution 6+6 Wireless-AE Manuale utente

Highway Safety Group

Highway Safety Group EA401 Manuale utente

Siren

Siren LED GSM Manuale utente

Detection Systems

Detection Systems 7090i Istruzioni per il montaggio

Se-Kure Controls

Se-Kure Controls MicroMini SK-4841 Manuale utente

Siemens

Siemens FDM273 Manuale utente

Stonesoft stonegate 5.2 Manuale utente

Manuali Sistema di sicurezza popolari di altre marche