SonicWALL GMS Guia rápido

SonicWall® GMS 8.6 Virtual

Appliance

Getting Started Guide

SonicWall GMS 8.6 Getting Started Guide

Contents

1

2

Before You Begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

System Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

Supported Platforms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

Unsupported Platforms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

GMS Hardware Resource Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

Hard Drive HDD Specifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6

GMS Virtual Appliance Supported Platforms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6

Virtual Appliance Deployment Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6

Browser Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

Database Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

Java Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

Network Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

SonicWall Appliance and Firmware Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

Non-SonicWall Appliance Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10

Record Configuration Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10

Introduction to the Management Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

Overview of the Two Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

Switching Between Management Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

UMA System Interface Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

Management Interface Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

Login Screen . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

Dashboard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

Management Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

Using the GMS TreeControl Panel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

Installing and Upgrading . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20

Upgrading from an Earlier Version of GMS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20

Installing with VMware vSphere . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27

Performing Basic Tasks and Host Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28

Power the Virtual Appliance On . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28

Configure Host Settings on the Console . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28

Configure Host Settings on the Appliance Management Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30

Viewing the Settings Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32

Editing The Virtual Machine Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33

Changing the Default IP Address of GMS Virtual Machine Installations . . . . . . . . . . . . . . . . . . . . . . . . . 35

Registering and Licensing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37

Registering/Licensing After a Fresh Install . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37

Registering Associated Servers in a Distributed Deployment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40

Configuring UMA Deployment Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44

Contents

SonicWall GMS 8.6 Getting Started Guide

Contents

3

Deployment Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44

Using the Role Configuration Tool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45

Manually Configuring the System Role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48

Configuring the All In One Role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49

Configuring the Database Only Role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50

Configuring the Console Role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50

Configuring the Agent Role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51

Configuring the Reports Summarizer Role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51

Configuring the Monitor Role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52

Configuring the Event Role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52

Configuring the Syslog Collector Role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53

Configuring the Flow Server Role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54

Configuring the All in One-Flow Server (Demo Mode Only) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54

Configuring the Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55

Configuring Database Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57

Configuring Deployment Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58

Controlling Deployment Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61

Provisioning and Adding Units . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62

Preparing SonicWall Appliances for GMS Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62

Preparing a SonicWall Firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62

Preparing an SMA Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63

Provisioning a SonicWall E-Class SMA Series Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63

Adding SonicWall Appliances to GMS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63

Adding SonicWall Appliances Manually . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64

Importing SonicWall Appliances . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67

Managing Multiple Appliances . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68

Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69

Related Technical Documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69

SonicWall Live Product Demos . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70

SonicWall Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71

About This Document . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72

SonicWall GMS 8.6 Getting Started Guide

Before You Begin

1

4

Before You Begin

This Getting Started Guide contains installation procedures and configuration guidelines for deploying

SonicWall® GMS as a Virtual Machine in a VMware environment. SonicWall GMS can configure, manage, and

monitor the status of thousands of SonicWall Internet security appliances and non-SonicWall appliances from a

central location. SonicWall GMS provides the following benefits:

• Centralized security and network management

• Sophisticated VPN deployment and configuration

• Active device monitoring and alerts

• Intelligent reporting and activity visualization

• Centralized logging and offline management

Topics:

• System Requirements on page 4

• Record Configuration Information on page 9

System Requirements

SonicWall GMS comes with a base license to manage either 5, 10, or 25 nodes. You can purchase additional

licenses on MySonicWall. For more information on licensing additional nodes, read the “SonicWall Upgrades”

section of the GMS 8.5 Console Admin Guide.

Before installing, review the requirements in the following sections:

• GMS Hardware Resource Requirements on page 5

• Hard Drive HDD Specifications on page 5

• GMS Virtual Appliance Supported Platforms on page 5

• Unsupported Platforms on page 6

• Browser Requirements on page 6

• Database Requirements on page 7

• Java Requirements on page 7

• Network Requirements on page 7

• SonicWall Appliance and Firmware Support on page 8

• Non-SonicWall Appliance Support on page 9

SonicWall GMS 8.6 Getting Started Guide

Before You Begin

5

GMS Hardware Resource Requirements

Use the Capacity Calculator 2 to determine the hardware requirements for your deployment.

The performance of GMS Virtual Appliance depends on the underlying hardware. It is highly recommended to

dedicate all the resources that are allocated to the Virtual Appliance, especially the hard-disk (datastore). In

environments with high volumes of syslogs or AppFlow (IPFIX), you will need to dedicate local datastores to the

GMS Virtual Appliance.

When using Thick or Flat provisioning as the storage type option, the entire amount of disk space is allocated

when you import and deploy the GMS file. When using Thin provisioning, the initial size is very small and grows

dynamically as more disk space is needed by the GMS application, until the maximum size is reached. After

being allocated, the size does not shrink if the application space requirements are subsequently reduced.

Additional disk space provided to GMS in the virtual environment, beyond the respective limits of 250GB or

950GB, is not utilized.

A minimum of 4GB RAM is required. However, 16GB of RAM is highly recommended for better performance of

reporting modules.

Hard Drive HDD Specifications

The following hard drive HDD specifications are required when using GMS Software on a Windows Server or a

GMS Virtual Appliance:

GMS Virtual Appliance Supported Platforms

The elements of basic VMware structure must be implemented prior to deploying SonicWall GMS. GMS runs on

the following VMware platforms:

• VMware ESXi 6.5, 6.0, and 5.5

This means that new deployments of GMS 8.6 can only be deployed on servers running VMware ESXi 6.5 or

higher. However, upgrades from GMS 8.4 to GMS 8.5 are supported on servers running earlier versions of ESXi.

NOTE: When GMS is booting for the first time, it takes longer for the server to become available. Do NOT

Power Off/On the appliance during this time as doing so will cause the boot to fail and an “Available disk

space...” error message to appear. Redo the role configuration, be patient, and the configuration should be

successful.

NOTE: A Windows 64-bit operating system with at least 16GB of RAM is highly recommended for better

performance of reporting modules. For more information, read the “Capacity Planning and Performance

Tuning” appendix in the GMS 8.5 Firewall - Manage Administration Guide.

Hardware Requirements

Requirement Details

Spindle Speed 10,000 RPM or higher

Cache 64 MB or higher

Transfer rate 600 MBs or higher

Average latency 4 microseconds or lower

NOTE: For fresh installations of GMS 8.6, VMware ESXi 6.5 is required.

NOTE: GMS is not supported on MS-Windows Server virtual machines running in cloud services, such as

Microsoft Azure and Amazon Web Services EC2.

SonicWall GMS 8.6 Getting Started Guide

Before You Begin

6

Unsupported Platforms

The following platforms have been dropped from support:

• CDP management and reporting

• UMA EM5000 as part of the GMS deployment

• Windows 32-bit as part of the GMS deployment

• Firewalls with firmware older than SonicOS 5.0

• Gen4 or older Firewalls

Virtual Appliance Deployment Requirements

Consider the following before deploying the GMS Virtual Appliance:

• GMS management is not supported on Apple MacOS.

• All modules are 64-bit.

• Using the Flow Server Agent role requires a minimum of:

• Quad Core

• 16GB of memory

• 300GB available disk space

To determine the hardware requirements for your deployment, use the Capacity Planning Tool at:

https://www.sonicwall.com/en-us/products/management-and-reporting/global-management-system

The performance of GMS Virtual Appliance depends on the underlying hardware. It is highly recommended to

dedicate all the resources that are allocated to the Virtual Appliance, especially the hard-disk (datastore). In

environments with high volumes of syslogs or AppFlow (IPFIX), you will need to dedicate local datastores to the

GMS Virtual Appliance.

Read the “Capacity Planning and Performance Tuning” appendix in the GMS 8.5 Firewall - Manage

Administration Guide.

Browser Requirements

SonicWall GMS uses advanced browser technologies such as HTML5 that are supported in most recent

browsers. SonicWall recommends using the latest Chrome, Firefox, Internet Explorer, or Safari browsers for

administration of the SonicWall GMS.

This release supports the following Web browsers:

• Google Chrome 42.0 and higher (recommended browser for dashboard real-time graphics display)

• Mozilla Firefox 37.0 and higher

• Microsoft Edge 41 or higher

• Microsoft Internet Explorer 11.0 and higher (do not use compatibility mode)

NOTE: Internet Explorer version 10.0 in Metro interfaces of Windows 8 is currently not supported.

Turn off Compatibility Mode when accessing the GMS management interface with Internet

Explorer. For more information, see the Knowledge Base article located at:

https://support.sonicwall.com/sonicwall-gms/kb/sw14003

SonicWall GMS 8.6 Getting Started Guide

Before You Begin

7

Mobile device browsers are not recommended for SonicWall GMS system administration.

Database Requirements

Previously, GMS automatically installed MySQL as part of the base installation package. The GMS 8.6 upgrade

replaces the Infobright with MySQL database formerly used in earlier versions with Infobright with Postgres

(IB-PG). The installer will ask if you want to perform the data migration to the new database. Separately

installed instances of MySQL are not supported with GMS.

The following SQL Server versions are supported:

• SQL Server 2014

• SQL Server 2012

Java Requirements

Download and install the latest version of the Java 8 plug-in on any system that accesses the GMS management

interface. This can be downloaded from:

www.java.com

or

https://www.oracle.com/technetwork/java/javase/downloads/index.html

Network Requirements

To complete the SonicWall GMS deployment process documented in this Getting Started Guide, the following

network requirements must be met:

• The SonicWall GMS virtual appliance must have access to the Internet

• The SonicWall GMS virtual appliance must have a static IP address

NOTE: If using Chrome version 42 and newer to access GMS 7.2 and older, you will need to enable NPAPI

support in Chrome, which by default has been disabled starting with version 42.

NOTE: For SQL Server deployments in countries in which English is not the default language, set the

default language to English in the Login Properties of the GMS database user in the SQL Server

configuration.

NOTE: A database user with “DB Creator” privileges must be provided to GMS during the Role

Configuration process of any GMS Server.

NOTE: Java is required only when you are using Net Monitor.

NOTE: Depending on the configuration of SonicWall log settings and the amount of traffic handled by each

device, the network traffic can vary dramatically. The 1KB/s for each device is a general recommendation.

Your installation requirements might vary. Refer to the Capacity Calculator 2.

SonicWall GMS 8.6 Getting Started Guide

Before You Begin

8

SonicWall Appliance and Firmware Support

SonicWall GMS supports SonicWall firewall App Control policy management and reporting. Refer to the SonicOS

documentation for information on which SonicOS firmware versions support these features.

SonicWall GMS 8.6 supports the following SonicWall appliances and firmware versions:

Notes:

• Appliances running firmware newer than this GMS release can still be managed and reports can still be

generated. However, the new features in the firmware will be supported in an upcoming release of GMS.

NOTE: GMS 8.6 does not support legacy SonicWall appliances, including:

• Firewall appliances running firmware earlier than SonicOS 5.5

• CSM Series

• CDP Series

Component Requirements

SonicWall Platforms SonicWall Firmware Version

Network Security Appliance

NSsp 12000 6.5.1.8-1n or newer

SuperMassive 10000 series SonicOS 6.0 or newer

NOTE: Only partial policy management and reporting support is

currently available. The following SuperMassive specific features

are not supported for centralized policy management in GMS:

• Multi-blade Comprehensive Anti-Spam Service (CASS)

• High Availability/Clustering

• Support for Management Interface

• Flow Reporting Configurations

• Multi-blade VPN

• Advanced Switching

• Restart: SonicOS versus Chassis

Contact your SonicWall Sales representative through

https://www.sonicwall.com/en-us/customers/contact-sales for

more information.

SuperMassive 9000 series SonicOS 6.1 or newer

NSA/NSa series SonicOS 5.5 or newer

NSv series SonicOS 6.5.2 or newer

TZ and TZ Wireless series SonicOS 5.5 or newer

SonicWall SOHO SonicOS 5.9.1.3 or newer 5.9 versions

SonicWall SOHO Wireless SonicOS 6.2.6 or newer 6.x versions

Secure Mobile Access

SRA/SSL-VPN Series SSL-VPN 2.0 or newer (management)

SSL-VPN 2.1 or newer (management and reporting)

E-Class SRA Series E-Class SRA 9.0 or newer

SMA 6200/7200 SMA 10.7.2 or newer

Email Security/Anti-Spam

Email Security Series Email Security 7.2 or newer (management only)

SonicWall GMS 8.6 Getting Started Guide

Before You Begin

9

Non-SonicWall Appliance Support

SonicWall GMS provides monitoring support for non-SonicWall TCP/IP and SNMP-enabled devices and

applications.

Record Configuration Information

Before continuing, record the following configuration information for your reference.

SMTP Server Address: The IP address or host name of your Simple Mail Transfer Protocol (SMTP)

server. For example, mail.emailprovider.com.

HTTPS Web Server Port: The number of your secure (SSL) Web server port if customized. The default

port is 443.

GMS Administrator Email 1: The email address of a SonicWall GMS administrator who receives email

notifications from SonicWall GMS.

GMS Administrator Email 2: The email address of an additional SonicWall GMS administrator who

receives email notifications from SonicWall GMS. This field is optional.

Sender Email Address: The email address from which the email notifications are sent by SonicWall

GMS.

GMS Gateway IP: The IP address of the SonicWall GMS gateway between the GMS agent and

the network. This optional field is only applicable if you have a GMS gateway.

GMS Gateway Password: The password for the SonicWall GMS gateway. This optional field is only

applicable if you have gateway between the GMS and the network.

Database Vendor: Your database vendor if you are using a SQL Server database.*

Database Host/IP: The IP address of the database host. This is not required when using the

bundled database on this server.*

Database User: The MySQL user name for the database administrator. This is not required

when using the bundled database on this server

1

1. This information is needed if Microsoft SQL Server is used, or in the case of a distributed deployment.

Database Password: The MySQL password for the database administrator. This is not required

when using the bundled database on this server. 1

SonicWall GMS 8.6 Getting Started Guide

Introduction to the Management Interfaces

2

10

Introduction to the Management

Interfaces

This section describes the two SonicWall GMS management interfaces. An almost identical URL is used when

accessing either the GMS management interface or the Universal Management Host system interface, but the

URL is modified to specify either “sgms” or “appliance.”

Topics:

• Overview of the Two Interfaces on page 10

• Switching Between Management Interfaces on page 11

• UMA System Interface Introduction on page 11

• Management Interface Introduction on page 11

Overview of the Two Interfaces

The GMS Universal Management Suite (UMS) installs two separate management interfaces:

• SonicWall Universal Management Appliance (UMA) System Management Interface – Used for system

management of the host server, including registration and licensing, setting the admin password,

selecting the deployment role, and configuring other system settings.

To access the UMA system management interface on the default HTTPS port using a browser on the host

server, use the URL:

http://localhost/appliance/

From another system, access the UMA system management interface with the URL:

http://<IP address>:<port>/appliance/

• SonicWall GMS Management Interface – Used to access the GMS application that runs on the Windows

server. This interface is used to configure GMS management of SonicWall appliances, including creating

policies, viewing reports, and monitoring networks, and for configuring GMS administrative settings.

Access the GMS management interface with one of the following URLs:

http://localhost/sgms/

or

http://<IP address>:<port>/sgms/

SonicWall GMS 8.6 Getting Started Guide

Introduction to the Management Interfaces

11

Switching Between Management Interfaces

On systems deployed in the All In One role, the “SuperAdmin” user can easily switch between the UMA system

management interface and the GMS management interface. The SuperAdmin is the master administrator for

the entire GMS installation.

When logged in to either interface, the SuperAdmin can switch to the login page of the other interface by

clicking Switch in the top right corner of the page. Switch is only visible for SuperAdmin users.

UMA System Interface Introduction

The SonicWall Universal Management Appliance (UMA) system interface is used for system management of the

SonicWall GMS instance, including registration and licensing, setting the admin password, configuring database

settings, selecting the deployment role, and configuring other system settings.

When installing SonicWall Universal Management Suite on a host, a Web server is installed to provide the

system management interface. The system interface is available by default at

http://localhost/appliance/ after restarting the system.

The login screen allows you to securely log in to the SonicWall UMA system interface using your system user ID

and password.

Management Interface Introduction

GMS is a Web-based application for configuring and gathering reports from thousands of SonicWall Internet

security appliances and non-SonicWall appliances, all from a central location. This section provides an

introduction to the main elements of the Web-based management interface.

Topics:

• Login Screen on page 12

• Dashboard on page 12

• Management Interface on page 13

NOTE: The admin account on the system interface can have a different password than the admin account

for GMS.

SonicWall GMS 8.6 Getting Started Guide

Introduction to the Management Interfaces

12

Login Screen

The login screen allows you to securely log in to GMS using your GMS application user ID and password. The

GMS management interface is available by default at https://localhost/sgms/ after completing registration.

Dashboard

The DASHBOARD control bar provides top-of-the page menu items for customizing the settings of this page. The

control bar is a customizable dashboard of your SonicWall GMS deployment. The Dashboard view provides:

• Powerful network visualization reporting, monitoring, and search filtering tools consolidated into one

area of the management user interface.

• An executive summary through a Universal Dashboard geographic map. The Geographic View provides

a scalable map that displays your GMS-managed units and servers using graphical icons that provide

system state information with a mouse over.

• A centralized location to create Universal Scheduled Reports for Firewall, SMA, and Email Security

reporting solutions.

• Top-of-the page menu items for customizing the settings of this page.

SonicWall GMS 8.6 Getting Started Guide

Introduction to the Management Interfaces

13

When the Dashboard loads after GMS login, the control bar is displayed and then becomes hidden until you

place your mouse cursor at the top of the page as shown in the following figure. You can lock the control bar by

clicking on the “pin the control bar” icon.

For more information on configuring the Universal Dashboard and Universal Scheduled Reports, refer to the

“Using the Dashboard View” chapter in the SonicWall GMS 8.5 Introduction - Dashboard Administration Guide.

Management Interface

The GMS management interface is the main control panel. The management interface allows you to add and

modify appliances, complete monitoring and reporting tasks, set policies for managed appliances, and configure

GMS settings.

Topics:

• Navigation Views on page 14

• Left Pane on page 14

• Center Pane on page 14

• Right Pane on page 14

• Description of Managed Appliance States on page 15

SonicWall GMS 8.6 Getting Started Guide

Introduction to the Management Interfaces

14

Navigation Views

The management interface navigation views are located at the top of the management interface. The navigation

views are: DASHBOARD, FIREWALL, MONITOR, CONSOLE, SMA, and, ES. The MONITOR view provides real-time

monitoring at the global, group or appliance level. The ES, and SMA views are only visible when enabled from

the CONSOLE | Management > Settings screen. The CONSOLE view provides tools to customize options found

in the other GMS views and to manage GMS settings that affect the environment globally.

Left Pane

The left pane of the management interface provides a tree control that displays the current GMS view and a list

of managed appliances within the current view. The left pane is only displayed for the FIREWALL, SMA, ES,

MONITOR, CONSOLE, appliance views. The current category and view are indicated by a blue highlighting.

The left pane tree control provides the ability to switch between views and displays the current state of each

appliance under management. A single box in the tree control indicates a node at appliance or unit level. Two

boxes in the tree control indicates a node at a group level. A global node at the top of the tree control is

indicated by a three-box icon. The color and additional images superimposed on these icons provide useful

status information. For detailed information about appliance states, refer to Description of Managed Appliance

States on page 15.

Center Pane

The center pane displays additional configuration options in the appliance views: FIREWALL, MONITOR, ES,

SMA, and CONSOLE. A navigational tree control that provides access to the configuration options available

based on navigational view and left pane selections.

At the top of the Center pane there are three panels:

• Manage – Provides policy configuration options for managed appliances.

• Reports – Provides customizable reports and data visualization for usage, activity, attacks and more on

the global or appliance level. This panel is only available for the Firewall and SMA views.

• Flows – Provides IPFIX-based Flow Reporting on the global, group, or appliance level.

The current selection in the center pane is indicated by the highlighted item. The center pane options change

based on the navigational view and left pane selections, and selections in the center pane modify the display in

the right pane.

Right Pane

The right pane displays the available status or tasks based on the current selection of navigational view, left

pane and center pane options. Configurations completed in the right pane modify global, group, or appliance

settings. The center pane displays in the FIREWALL view. A navigational tree control that provides access to the

configuration options available based on navigational view and left pane selections. The Reports panel provides

reporting on the global or appliance level, and is only available for the FIREWALL and SMA views.

At the top of the Center pane there are three panels:

• Manage – Provides policy configuration options for managed appliances.

• Reports – Provides customizable reports and data visualization for usage, activity, attacks and more.

• Flows – Provides IPFIX-based Flow Reporting on the global, group, or appliance level.

NOTE: If there is only one appliance visible in the Left Pane, then the Left Pane automatically collapses to

present a larger screen for the rest of the UI.

SonicWall GMS 8.6 Getting Started Guide

Introduction to the Management Interfaces

15

The current selection in the center pane is indicated by the highlighted item. The center pane options change

based on the navigational view and left pane selections, and selections in the center pane modify the display in

the right pane.

Description of Managed Appliance States

This section describes the meaning of icons that appear next to managed appliances listed in the left pane of the

SonicWall GMS management interface.

Appliance

Status

Description

One blue box indicates that the appliance is operating normally. The appliance is

accessible from GMS, and no tasks are pending or scheduled.

Three blue boxes indicate that all appliances in the global group of this type

(Firewall/SMA) are operating normally.

Three blue boxes indicate that all appliances in the global node of this type (Firewall/SMA)

are live and communicating with GMS. All appliances of this type are accessible from

SonicWall GMS and no tasks are pending or scheduled.

One blue box with a lightning flash indicates that one or more tasks are pending or

running on the appliance.

Two blue boxes with a lightning flash indicate that tasks are currently pending or running

on two or more appliances within the group.

Three blue boxes with a lightning flash indicate that tasks are currently pending or running

on three or more appliances within the group.

One blue box with a clock indicates that one or more tasks are scheduled on the

appliance.

Two blue boxes with a clock indicate that tasks are currently scheduled to execute at a

future time on two or more appliances within the group.

Three blue boxes with a clock indicate that tasks are currently scheduled to execute at a

future time on three or more appliances within the group.

One yellow box indicates that the appliance has been added to SonicWall GMS

management (provisioned), but not yet acquired.

Two yellow boxes indicate that one or more appliances in the group have been added to

SonicWall GMS management, but not acquired.

Three yellow boxes indicate that one or more of the appliances of this type

(Firewall/SMA) have been added to SonicWall GMS management, but not acquired.

One yellow box with a lightning flash indicates that one or more tasks are pending on the

provisioned appliance.

Two yellow boxes with a lightning flash indicates that tasks are pending on two or more

provisioned appliances within the group.

Three yellow boxes with a lightning flash indicates that tasks are pending on three or

more provisioned appliances within the group.

A green circle with the number 1 in the middle indicates that the unit is in an HA pair and

is currently the Primary unit.

A yellow circle with the number 2 in the middle indicates that the unit is in an HA pair and

is currently on backup.

One red box indicates that the appliance is no longer sending heartbeats to SonicWall

GMS.

SonicWall GMS 8.6 Getting Started Guide

Introduction to the Management Interfaces

16

Using the GMS TreeControl Panel

This section describes the content of the TreeControl Panel within the GMS management interface. You can

control the display of the TreeControl Panel by selecting one of the appliance views at the top. For example,

when you click the Firewall view, the TreeControl Panel displays all the managed firewall units. You can display

any of the following appliance types when GMS is managing them:

• Firewall

• SMA (Secure Mobile Access)

• ES (Email Security)

You can hide the entire TreeControl Panel by clicking the Hide TreeControl Panel tab, and re-display the panel by

clicking it again. This is helpful when viewing some reports or other extra-wide screens, especially on the

Monitor or Console views.

Two red boxes indicate that one or more appliances in the group are no longer sending

heartbeats to SonicWall GMS.

Three red boxes indicate that one or more of the global group of appliances of this type

(Firewall/SMA) are no longer sending heartbeats to SonicWall GMS.

One red box with a lightning flash indicates that the appliance is no longer sending

heartbeats to SonicWall GMS and has one or more tasks pending.

Two red boxes with a lightning flash indicate that one or more appliance in the group are

no longer sending heartbeats to SonicWall GMS and have two or more tasks pending.

Three red boxes with a lightning flash indicates that the appliance are no longer sending

heartbeats to SonicWall GMS and have three or more tasks pending.

A box with a dot in the top-left corner indicates that the appliance is being managed by

GMS using a static IP address.

This icon indicates a fail over to a secondary Ethernet port.

This icon indicates the a modem is connected using a dialup.

This icon indicates the wireless is connected using WWAN.

This icon indicates the unit’s Task Pending status is “Immediate.”

This icon indicates the unit’s Task Pending status is “Scheduled.”

Appliance

Status

Description

p

SonicWall GMS 8.6 Getting Started Guide

Introduction to the Management Interfaces

17

To open a TreeControl Panel menu, right-click the View All icon, a Group icon, or a Unit icon.

The following options are available in the right-click menu:

• Expand—Makes subbranches to the root visible.

• Expand All—Makes the entire branch visible.

• Collapse All—Compresses the entire view of all expanded hierarchies so that only the roots of the

branches are visible.

• Find—Opens a Find dialog box that allows you to search for groups or units.

• Refresh—Refreshes the GMS user interface display.

• Add Unit—Add a new unit to the GMS management view. Requires unit IP and login information.

• Rename Unit—(unit node only) Renames the selected SonicWall appliance.

• Delete—Delete the selected unit or all units in the selected Group or Global Node, with option to delete

interconnected SAs or to delete from NetMonitor.

• Import XML—Import an edited XML file to replace the current TreeControl navigation view.

• Modify Unit—(unit node only) Change basic settings for the selected unit, including unit name, IP and

Login information, serial number, management port and encryption/authentication keys.

• Login to Unit—(unit node only) Login to the selected unit using SSL protocols.

• Modify Properties—Displays the properties for the selected SonicWall appliance, or all managed

appliances in the selected group or global node.

• Manage Views—Opens a dialog box where you can create, delete, or modify a view.

• Change View—Select pre-set or user created views. Views are created in the Manage View window (see

above).

• Re-assign Agents—Opens a dialog box where you can change the IP address of the primary and standby

schedulers and the type of management mode used between GMS and the managed SonicWall

appliances.

SonicWall GMS 8.6 Getting Started Guide

Installing and Upgrading

3

18

Installing and Upgrading

SonicWall GMS is installed by deploying an OVA file to your VMware ESXi server. Each OVA file contains all

software components related to SonicWall GMS including the MySQL database, executable binary files for all

GMS services, and other necessary files.

You can deploy one or both OVA files multiple times as needed for your SonicWall GMS environment. SonicWall

GMS can be configured for a single server or in a distributed environment on multiple servers. In a distributed

deployment, for example, you might use the 250GB file in a Summarizer role, and the 950GB file in a Database

role. A distributed deployment can include one or more SonicWall GMSs, or SonicWall GMS instances running

on Windows Server machines.

You can deploy an OVA file by accessing vCenter or using the vSphere client that comes with VMware ESXi. To

get the vSphere client, point a browser to your VMware ESXi server and click on Download vSphere Client.

SonicWall GMS can be installed as a fresh install, or as an upgrade to the latest version of GMS.

This section contains the following subsections:

• Upgrading from an Earlier Version of GMS on page 18

• Installing with VMware vSphere on page 19

Upgrading from an Earlier Version of GMS

GMS can be upgraded from previous versions. To upgrade GMS from a version earlier than 8.5, you need to

upgrade to major versions of GMS until you reach 8.5, then you can upgrade GMS 8.5 to GMS 8.6. For SonicWall

GMS deployments, upgrading from the GMS 8.5 release to the GMS 8.6 release can be performed on the System

> Settings page.

In a distributed environment, shut down all GMS servers except the one that is running the database. Then

upgrade the Console/AIOP first and then the other servers. You must upgrade all GMS servers in your

deployment to the same version of SonicWall GMS 8.6. You cannot have some servers running version 8.6 and

others running an earlier version.

To upgrade, complete the following steps:

1 Download the GMS 8.6 file from www.MySonicWall.com to your workstation:

sw_gmsvp_vm_eng_8.6.xxxx.yyyy.gmsvp-updater.64bit.sh (where xxxx represents

the exact version numbers)

2 Log in to the /appliance (System) interface of the GMS server.

3 Navigate to the System > Settings page.

4 Click Browse, navigate to the location where you saved the previous file, and then select it.

5 Click Apply to begin the firmware upgrade installation.

The Virtual Appliance reboots at the end of the installation process.

SonicWall GMS 8.6 Getting Started Guide

Installing and Upgrading

19

Installing with VMware vSphere

To do a fresh install of SonicWall GMS using the vSphere client, complete the following steps:

1 Download the following OVA files from MySonicWall to a system that is accessible to your VMware ESXi

server.

• sw_gmsvp_vm_eng_8.6.xxxx.yyyy.250GB.64bit.ova

• sw_gmsvp_vm_eng_8.6.xxxx.yyyy.950GB.64bit.ova

1 Log into vCenter, or log in using the vSphere client.

2 In the Home screen, select VMs and Templates. The VMs and Templates page appears.

NOTE: Do not rename the OVA files. The “xxxx” represent the exact version numbers

SonicWall GMS 8.6 Getting Started Guide

Installing and Upgrading

20

3 Navigate to a view that shows the virtual machines running on your VMware ESXi server.

4 To begin the import process, click ACTIONS and select Deploy OVF Template... from the drop-down

menu.

The Deploy OVF Template wizard appears.

A página está carregando ...

SonicWALL GMS Guia rápido

SonicWALL GMS Guia rápido

em outros idiomas

Artigos relacionados

Outros documentos