SonicWALL GMS Guia rápido

Categoria
Software de banco de dados
Tipo
Guia rápido
SonicWall® GMS 8.6 Virtual
Appliance
Getting Started Guide
SonicWall GMS 8.6 Getting Started Guide
Contents
1
2
Before You Begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
System Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Supported Platforms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Unsupported Platforms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
GMS Hardware Resource Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Hard Drive HDD Specifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
GMS Virtual Appliance Supported Platforms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Virtual Appliance Deployment Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Browser Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Database Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Java Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Network Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
SonicWall Appliance and Firmware Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Non-SonicWall Appliance Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Record Configuration Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Introduction to the Management Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Overview of the Two Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Switching Between Management Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
UMA System Interface Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Management Interface Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Login Screen . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Dashboard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Management Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Using the GMS TreeControl Panel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Installing and Upgrading . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
Upgrading from an Earlier Version of GMS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
Installing with VMware vSphere . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Performing Basic Tasks and Host Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
Power the Virtual Appliance On . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
Configure Host Settings on the Console . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
Configure Host Settings on the Appliance Management Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
Viewing the Settings Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
Editing The Virtual Machine Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
Changing the Default IP Address of GMS Virtual Machine Installations . . . . . . . . . . . . . . . . . . . . . . . . . 35
Registering and Licensing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
Registering/Licensing After a Fresh Install . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
Registering Associated Servers in a Distributed Deployment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
Configuring UMA Deployment Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
Contents
SonicWall GMS 8.6 Getting Started Guide
Contents
3
Deployment Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
Using the Role Configuration Tool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
Manually Configuring the System Role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
Configuring the All In One Role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
Configuring the Database Only Role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50
Configuring the Console Role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50
Configuring the Agent Role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
Configuring the Reports Summarizer Role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
Configuring the Monitor Role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
Configuring the Event Role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
Configuring the Syslog Collector Role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
Configuring the Flow Server Role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54
Configuring the All in One-Flow Server (Demo Mode Only) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54
Configuring the Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55
Configuring Database Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
Configuring Deployment Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58
Controlling Deployment Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
Provisioning and Adding Units . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
Preparing SonicWall Appliances for GMS Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
Preparing a SonicWall Firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
Preparing an SMA Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63
Provisioning a SonicWall E-Class SMA Series Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63
Adding SonicWall Appliances to GMS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63
Adding SonicWall Appliances Manually . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64
Importing SonicWall Appliances . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
Managing Multiple Appliances . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68
Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69
Related Technical Documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69
SonicWall Live Product Demos . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70
SonicWall Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71
About This Document . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72
SonicWall GMS 8.6 Getting Started Guide
Before You Begin
1
4
Before You Begin
This Getting Started Guide contains installation procedures and configuration guidelines for deploying
SonicWall® GMS as a Virtual Machine in a VMware environment. SonicWall GMS can configure, manage, and
monitor the status of thousands of SonicWall Internet security appliances and non-SonicWall appliances from a
central location. SonicWall GMS provides the following benefits:
Centralized security and network management
Sophisticated VPN deployment and configuration
Active device monitoring and alerts
Intelligent reporting and activity visualization
Centralized logging and offline management
Topics:
System Requirements on page 4
Record Configuration Information on page 9
System Requirements
SonicWall GMS comes with a base license to manage either 5, 10, or 25 nodes. You can purchase additional
licenses on MySonicWall. For more information on licensing additional nodes, read the “SonicWall Upgrades”
section of the GMS 8.5 Console Admin Guide.
Before installing, review the requirements in the following sections:
GMS Hardware Resource Requirements on page 5
Hard Drive HDD Specifications on page 5
GMS Virtual Appliance Supported Platforms on page 5
Unsupported Platforms on page 6
Unsupported Platforms on page 6
Browser Requirements on page 6
Database Requirements on page 7
Java Requirements on page 7
Network Requirements on page 7
SonicWall Appliance and Firmware Support on page 8
Non-SonicWall Appliance Support on page 9
SonicWall GMS 8.6 Getting Started Guide
Before You Begin
5
GMS Hardware Resource Requirements
Use the Capacity Calculator 2 to determine the hardware requirements for your deployment.
The performance of GMS Virtual Appliance depends on the underlying hardware. It is highly recommended to
dedicate all the resources that are allocated to the Virtual Appliance, especially the hard-disk (datastore). In
environments with high volumes of syslogs or AppFlow (IPFIX), you will need to dedicate local datastores to the
GMS Virtual Appliance.
When using Thick or Flat provisioning as the storage type option, the entire amount of disk space is allocated
when you import and deploy the GMS file. When using Thin provisioning, the initial size is very small and grows
dynamically as more disk space is needed by the GMS application, until the maximum size is reached. After
being allocated, the size does not shrink if the application space requirements are subsequently reduced.
Additional disk space provided to GMS in the virtual environment, beyond the respective limits of 250GB or
950GB, is not utilized.
A minimum of 4GB RAM is required. However, 16GB of RAM is highly recommended for better performance of
reporting modules.
Hard Drive HDD Specifications
The following hard drive HDD specifications are required when using GMS Software on a Windows Server or a
GMS Virtual Appliance:
GMS Virtual Appliance Supported Platforms
The elements of basic VMware structure must be implemented prior to deploying SonicWall GMS. GMS runs on
the following VMware platforms:
VMware ESXi 6.5, 6.0, and 5.5
This means that new deployments of GMS 8.6 can only be deployed on servers running VMware ESXi 6.5 or
higher. However, upgrades from GMS 8.4 to GMS 8.5 are supported on servers running earlier versions of ESXi.
NOTE: When GMS is booting for the first time, it takes longer for the server to become available. Do NOT
Power Off/On the appliance during this time as doing so will cause the boot to fail and an “Available disk
space...” error message to appear. Redo the role configuration, be patient, and the configuration should be
successful.
NOTE: A Windows 64-bit operating system with at least 16GB of RAM is highly recommended for better
performance of reporting modules. For more information, read the “Capacity Planning and Performance
Tuning” appendix in the GMS 8.5 Firewall - Manage Administration Guide.
Hardware Requirements
Requirement Details
Spindle Speed 10,000 RPM or higher
Cache 64 MB or higher
Transfer rate 600 MBs or higher
Average latency 4 microseconds or lower
NOTE: For fresh installations of GMS 8.6, VMware ESXi 6.5 is required.
NOTE: GMS is not supported on MS-Windows Server virtual machines running in cloud services, such as
Microsoft Azure and Amazon Web Services EC2.
SonicWall GMS 8.6 Getting Started Guide
Before You Begin
6
Unsupported Platforms
The following platforms have been dropped from support:
CDP management and reporting
UMA EM5000 as part of the GMS deployment
Windows 32-bit as part of the GMS deployment
Firewalls with firmware older than SonicOS 5.0
Gen4 or older Firewalls
Virtual Appliance Deployment Requirements
Consider the following before deploying the GMS Virtual Appliance:
GMS management is not supported on Apple MacOS.
All modules are 64-bit.
Using the Flow Server Agent role requires a minimum of:
Quad Core
16GB of memory
300GB available disk space
To determine the hardware requirements for your deployment, use the Capacity Planning Tool at:
https://www.sonicwall.com/en-us/products/management-and-reporting/global-management-system
The performance of GMS Virtual Appliance depends on the underlying hardware. It is highly recommended to
dedicate all the resources that are allocated to the Virtual Appliance, especially the hard-disk (datastore). In
environments with high volumes of syslogs or AppFlow (IPFIX), you will need to dedicate local datastores to the
GMS Virtual Appliance.
Read the “Capacity Planning and Performance Tuning” appendix in the GMS 8.5 Firewall - Manage
Administration Guide.
Browser Requirements
SonicWall GMS uses advanced browser technologies such as HTML5 that are supported in most recent
browsers. SonicWall recommends using the latest Chrome, Firefox, Internet Explorer, or Safari browsers for
administration of the SonicWall GMS.
This release supports the following Web browsers:
Google Chrome 42.0 and higher (recommended browser for dashboard real-time graphics display)
Mozilla Firefox 37.0 and higher
Microsoft Edge 41 or higher
Microsoft Internet Explorer 11.0 and higher (do not use compatibility mode)
NOTE: Internet Explorer version 10.0 in Metro interfaces of Windows 8 is currently not supported.
Turn off Compatibility Mode when accessing the GMS management interface with Internet
Explorer. For more information, see the Knowledge Base article located at:
https://support.sonicwall.com/sonicwall-gms/kb/sw14003
SonicWall GMS 8.6 Getting Started Guide
Before You Begin
7
Mobile device browsers are not recommended for SonicWall GMS system administration.
Database Requirements
Previously, GMS automatically installed MySQL as part of the base installation package. The GMS 8.6 upgrade
replaces the Infobright with MySQL database formerly used in earlier versions with Infobright with Postgres
(IB-PG). The installer will ask if you want to perform the data migration to the new database. Separately
installed instances of MySQL are not supported with GMS.
The following SQL Server versions are supported:
SQL Server 2014
SQL Server 2012
Java Requirements
Download and install the latest version of the Java 8 plug-in on any system that accesses the GMS management
interface. This can be downloaded from:
www.java.com
or
https://www.oracle.com/technetwork/java/javase/downloads/index.html
Network Requirements
To complete the SonicWall GMS deployment process documented in this Getting Started Guide, the following
network requirements must be met:
The SonicWall GMS virtual appliance must have access to the Internet
The SonicWall GMS virtual appliance must have a static IP address
NOTE: If using Chrome version 42 and newer to access GMS 7.2 and older, you will need to enable NPAPI
support in Chrome, which by default has been disabled starting with version 42.
NOTE: For SQL Server deployments in countries in which English is not the default language, set the
default language to English in the Login Properties of the GMS database user in the SQL Server
configuration.
NOTE: A database user with “DB Creator” privileges must be provided to GMS during the Role
Configuration process of any GMS Server.
NOTE: Java is required only when you are using Net Monitor.
NOTE: Depending on the configuration of SonicWall log settings and the amount of traffic handled by each
device, the network traffic can vary dramatically. The 1KB/s for each device is a general recommendation.
Your installation requirements might vary. Refer to the Capacity Calculator 2.
SonicWall GMS 8.6 Getting Started Guide
Before You Begin
8
SonicWall Appliance and Firmware Support
SonicWall GMS supports SonicWall firewall App Control policy management and reporting. Refer to the SonicOS
documentation for information on which SonicOS firmware versions support these features.
SonicWall GMS 8.6 supports the following SonicWall appliances and firmware versions:
Notes:
Appliances running firmware newer than this GMS release can still be managed and reports can still be
generated. However, the new features in the firmware will be supported in an upcoming release of GMS.
NOTE: GMS 8.6 does not support legacy SonicWall appliances, including:
Firewall appliances running firmware earlier than SonicOS 5.5
CSM Series
CDP Series
Component Requirements
SonicWall Platforms SonicWall Firmware Version
Network Security Appliance
NSsp 12000 6.5.1.8-1n or newer
SuperMassive 10000 series SonicOS 6.0 or newer
NOTE: Only partial policy management and reporting support is
currently available. The following SuperMassive specific features
are not supported for centralized policy management in GMS:
Multi-blade Comprehensive Anti-Spam Service (CASS)
High Availability/Clustering
Support for Management Interface
Flow Reporting Configurations
Multi-blade VPN
Advanced Switching
Restart: SonicOS versus Chassis
Contact your SonicWall Sales representative through
https://www.sonicwall.com/en-us/customers/contact-sales for
more information.
SuperMassive 9000 series SonicOS 6.1 or newer
NSA/NSa series SonicOS 5.5 or newer
NSv series SonicOS 6.5.2 or newer
TZ and TZ Wireless series SonicOS 5.5 or newer
SonicWall SOHO SonicOS 5.9.1.3 or newer 5.9 versions
SonicWall SOHO Wireless SonicOS 6.2.6 or newer 6.x versions
Secure Mobile Access
SRA/SSL-VPN Series SSL-VPN 2.0 or newer (management)
SSL-VPN 2.1 or newer (management and reporting)
E-Class SRA Series E-Class SRA 9.0 or newer
SMA 6200/7200 SMA 10.7.2 or newer
Email Security/Anti-Spam
Email Security Series Email Security 7.2 or newer (management only)
SonicWall GMS 8.6 Getting Started Guide
Before You Begin
9
Non-SonicWall Appliance Support
SonicWall GMS provides monitoring support for non-SonicWall TCP/IP and SNMP-enabled devices and
applications.
Record Configuration Information
Before continuing, record the following configuration information for your reference.
SMTP Server Address: The IP address or host name of your Simple Mail Transfer Protocol (SMTP)
server. For example, mail.emailprovider.com.
HTTPS Web Server Port: The number of your secure (SSL) Web server port if customized. The default
port is 443.
GMS Administrator Email 1: The email address of a SonicWall GMS administrator who receives email
notifications from SonicWall GMS.
GMS Administrator Email 2: The email address of an additional SonicWall GMS administrator who
receives email notifications from SonicWall GMS. This field is optional.
Sender Email Address: The email address from which the email notifications are sent by SonicWall
GMS.
GMS Gateway IP: The IP address of the SonicWall GMS gateway between the GMS agent and
the network. This optional field is only applicable if you have a GMS gateway.
GMS Gateway Password: The password for the SonicWall GMS gateway. This optional field is only
applicable if you have gateway between the GMS and the network.
Database Vendor: Your database vendor if you are using a SQL Server database.*
Database Host/IP: The IP address of the database host. This is not required when using the
bundled database on this server.*
Database User: The MySQL user name for the database administrator. This is not required
when using the bundled database on this server
1
1. This information is needed if Microsoft SQL Server is used, or in the case of a distributed deployment.
Database Password: The MySQL password for the database administrator. This is not required
when using the bundled database on this server. 1
SonicWall GMS 8.6 Getting Started Guide
Introduction to the Management Interfaces
2
10
Introduction to the Management
Interfaces
This section describes the two SonicWall GMS management interfaces. An almost identical URL is used when
accessing either the GMS management interface or the Universal Management Host system interface, but the
URL is modified to specify either “sgms” or “appliance.”
Topics:
Overview of the Two Interfaces on page 10
Switching Between Management Interfaces on page 11
UMA System Interface Introduction on page 11
Management Interface Introduction on page 11
Overview of the Two Interfaces
The GMS Universal Management Suite (UMS) installs two separate management interfaces:
SonicWall Universal Management Appliance (UMA) System Management Interface – Used for system
management of the host server, including registration and licensing, setting the admin password,
selecting the deployment role, and configuring other system settings.
To access the UMA system management interface on the default HTTPS port using a browser on the host
server, use the URL:
http://localhost/appliance/
From another system, access the UMA system management interface with the URL:
http://<IP address>:<port>/appliance/
SonicWall GMS Management Interface – Used to access the GMS application that runs on the Windows
server. This interface is used to configure GMS management of SonicWall appliances, including creating
policies, viewing reports, and monitoring networks, and for configuring GMS administrative settings.
Access the GMS management interface with one of the following URLs:
http://localhost/sgms/
or
http://<IP address>:<port>/sgms/
SonicWall GMS 8.6 Getting Started Guide
Introduction to the Management Interfaces
11
Switching Between Management Interfaces
On systems deployed in the All In One role, the “SuperAdmin” user can easily switch between the UMA system
management interface and the GMS management interface. The SuperAdmin is the master administrator for
the entire GMS installation.
When logged in to either interface, the SuperAdmin can switch to the login page of the other interface by
clicking Switch in the top right corner of the page. Switch is only visible for SuperAdmin users.
UMA System Interface Introduction
The SonicWall Universal Management Appliance (UMA) system interface is used for system management of the
SonicWall GMS instance, including registration and licensing, setting the admin password, configuring database
settings, selecting the deployment role, and configuring other system settings.
When installing SonicWall Universal Management Suite on a host, a Web server is installed to provide the
system management interface. The system interface is available by default at
http://localhost/appliance/ after restarting the system.
The login screen allows you to securely log in to the SonicWall UMA system interface using your system user ID
and password.
Management Interface Introduction
GMS is a Web-based application for configuring and gathering reports from thousands of SonicWall Internet
security appliances and non-SonicWall appliances, all from a central location. This section provides an
introduction to the main elements of the Web-based management interface.
Topics:
Login Screen on page 12
Dashboard on page 12
Management Interface on page 13
NOTE: The admin account on the system interface can have a different password than the admin account
for GMS.
SonicWall GMS 8.6 Getting Started Guide
Introduction to the Management Interfaces
12
Login Screen
The login screen allows you to securely log in to GMS using your GMS application user ID and password. The
GMS management interface is available by default at https://localhost/sgms/ after completing registration.
Dashboard
The DASHBOARD control bar provides top-of-the page menu items for customizing the settings of this page. The
control bar is a customizable dashboard of your SonicWall GMS deployment. The Dashboard view provides:
Powerful network visualization reporting, monitoring, and search filtering tools consolidated into one
area of the management user interface.
An executive summary through a Universal Dashboard geographic map. The Geographic View provides
a scalable map that displays your GMS-managed units and servers using graphical icons that provide
system state information with a mouse over.
A centralized location to create Universal Scheduled Reports for Firewall, SMA, and Email Security
reporting solutions.
Top-of-the page menu items for customizing the settings of this page.
SonicWall GMS 8.6 Getting Started Guide
Introduction to the Management Interfaces
13
When the Dashboard loads after GMS login, the control bar is displayed and then becomes hidden until you
place your mouse cursor at the top of the page as shown in the following figure. You can lock the control bar by
clicking on the “pin the control bar” icon.
For more information on configuring the Universal Dashboard and Universal Scheduled Reports, refer to the
“Using the Dashboard View” chapter in the SonicWall GMS 8.5 Introduction - Dashboard Administration Guide.
Management Interface
The GMS management interface is the main control panel. The management interface allows you to add and
modify appliances, complete monitoring and reporting tasks, set policies for managed appliances, and configure
GMS settings.
Topics:
Navigation Views on page 14
Left Pane on page 14
Center Pane on page 14
Right Pane on page 14
Description of Managed Appliance States on page 15
SonicWall GMS 8.6 Getting Started Guide
Introduction to the Management Interfaces
14
Navigation Views
The management interface navigation views are located at the top of the management interface. The navigation
views are: DASHBOARD, FIREWALL, MONITOR, CONSOLE, SMA, and, ES. The MONITOR view provides real-time
monitoring at the global, group or appliance level. The ES, and SMA views are only visible when enabled from
the CONSOLE | Management > Settings screen. The CONSOLE view provides tools to customize options found
in the other GMS views and to manage GMS settings that affect the environment globally.
Left Pane
The left pane of the management interface provides a tree control that displays the current GMS view and a list
of managed appliances within the current view. The left pane is only displayed for the FIREWALL, SMA, ES,
MONITOR, CONSOLE, appliance views. The current category and view are indicated by a blue highlighting.
The left pane tree control provides the ability to switch between views and displays the current state of each
appliance under management. A single box in the tree control indicates a node at appliance or unit level. Two
boxes in the tree control indicates a node at a group level. A global node at the top of the tree control is
indicated by a three-box icon. The color and additional images superimposed on these icons provide useful
status information. For detailed information about appliance states, refer to Description of Managed Appliance
States on page 15.
Center Pane
The center pane displays additional configuration options in the appliance views: FIREWALL, MONITOR, ES,
SMA, and CONSOLE. A navigational tree control that provides access to the configuration options available
based on navigational view and left pane selections.
At the top of the Center pane there are three panels:
Manage – Provides policy configuration options for managed appliances.
Reports Provides customizable reports and data visualization for usage, activity, attacks and more on
the global or appliance level. This panel is only available for the Firewall and SMA views.
Flows – Provides IPFIX-based Flow Reporting on the global, group, or appliance level.
The current selection in the center pane is indicated by the highlighted item. The center pane options change
based on the navigational view and left pane selections, and selections in the center pane modify the display in
the right pane.
Right Pane
The right pane displays the available status or tasks based on the current selection of navigational view, left
pane and center pane options. Configurations completed in the right pane modify global, group, or appliance
settings. The center pane displays in the FIREWALL view. A navigational tree control that provides access to the
configuration options available based on navigational view and left pane selections. The Reports panel provides
reporting on the global or appliance level, and is only available for the FIREWALL and SMA views.
At the top of the Center pane there are three panels:
Manage – Provides policy configuration options for managed appliances.
Reports Provides customizable reports and data visualization for usage, activity, attacks and more.
Flows – Provides IPFIX-based Flow Reporting on the global, group, or appliance level.
NOTE: If there is only one appliance visible in the Left Pane, then the Left Pane automatically collapses to
present a larger screen for the rest of the UI.
SonicWall GMS 8.6 Getting Started Guide
Introduction to the Management Interfaces
15
The current selection in the center pane is indicated by the highlighted item. The center pane options change
based on the navigational view and left pane selections, and selections in the center pane modify the display in
the right pane.
Description of Managed Appliance States
This section describes the meaning of icons that appear next to managed appliances listed in the left pane of the
SonicWall GMS management interface.
Appliance
Status
Description
One blue box indicates that the appliance is operating normally. The appliance is
accessible from GMS, and no tasks are pending or scheduled.
Three blue boxes indicate that all appliances in the global group of this type
(Firewall/SMA) are operating normally.
Three blue boxes indicate that all appliances in the global node of this type (Firewall/SMA)
are live and communicating with GMS. All appliances of this type are accessible from
SonicWall GMS and no tasks are pending or scheduled.
One blue box with a lightning flash indicates that one or more tasks are pending or
running on the appliance.
Two blue boxes with a lightning flash indicate that tasks are currently pending or running
on two or more appliances within the group.
Three blue boxes with a lightning flash indicate that tasks are currently pending or running
on three or more appliances within the group.
One blue box with a clock indicates that one or more tasks are scheduled on the
appliance.
Two blue boxes with a clock indicate that tasks are currently scheduled to execute at a
future time on two or more appliances within the group.
Three blue boxes with a clock indicate that tasks are currently scheduled to execute at a
future time on three or more appliances within the group.
One yellow box indicates that the appliance has been added to SonicWall GMS
management (provisioned), but not yet acquired.
Two yellow boxes indicate that one or more appliances in the group have been added to
SonicWall GMS management, but not acquired.
Three yellow boxes indicate that one or more of the appliances of this type
(Firewall/SMA) have been added to SonicWall GMS management, but not acquired.
One yellow box with a lightning flash indicates that one or more tasks are pending on the
provisioned appliance.
Two yellow boxes with a lightning flash indicates that tasks are pending on two or more
provisioned appliances within the group.
Three yellow boxes with a lightning flash indicates that tasks are pending on three or
more provisioned appliances within the group.
A green circle with the number 1 in the middle indicates that the unit is in an HA pair and
is currently the Primary unit.
A yellow circle with the number 2 in the middle indicates that the unit is in an HA pair and
is currently on backup.
One red box indicates that the appliance is no longer sending heartbeats to SonicWall
GMS.
SonicWall GMS 8.6 Getting Started Guide
Introduction to the Management Interfaces
16
Using the GMS TreeControl Panel
This section describes the content of the TreeControl Panel within the GMS management interface. You can
control the display of the TreeControl Panel by selecting one of the appliance views at the top. For example,
when you click the Firewall view, the TreeControl Panel displays all the managed firewall units. You can display
any of the following appliance types when GMS is managing them:
Firewall
SMA (Secure Mobile Access)
ES (Email Security)
You can hide the entire TreeControl Panel by clicking the Hide TreeControl Panel tab, and re-display the panel by
clicking it again. This is helpful when viewing some reports or other extra-wide screens, especially on the
Monitor or Console views.
Two red boxes indicate that one or more appliances in the group are no longer sending
heartbeats to SonicWall GMS.
Three red boxes indicate that one or more of the global group of appliances of this type
(Firewall/SMA) are no longer sending heartbeats to SonicWall GMS.
One red box with a lightning flash indicates that the appliance is no longer sending
heartbeats to SonicWall GMS and has one or more tasks pending.
Two red boxes with a lightning flash indicate that one or more appliance in the group are
no longer sending heartbeats to SonicWall GMS and have two or more tasks pending.
Three red boxes with a lightning flash indicates that the appliance are no longer sending
heartbeats to SonicWall GMS and have three or more tasks pending.
A box with a dot in the top-left corner indicates that the appliance is being managed by
GMS using a static IP address.
This icon indicates a fail over to a secondary Ethernet port.
This icon indicates the a modem is connected using a dialup.
This icon indicates the wireless is connected using WWAN.
This icon indicates the unit’s Task Pending status is “Immediate.”
This icon indicates the unit’s Task Pending status is “Scheduled.”
Appliance
Status
Description
p
SonicWall GMS 8.6 Getting Started Guide
Introduction to the Management Interfaces
17
To open a TreeControl Panel menu, right-click the View All icon, a Group icon, or a Unit icon.
The following options are available in the right-click menu:
Expand—Makes subbranches to the root visible.
Expand All—Makes the entire branch visible.
Collapse All—Compresses the entire view of all expanded hierarchies so that only the roots of the
branches are visible.
Find—Opens a Find dialog box that allows you to search for groups or units.
Refresh—Refreshes the GMS user interface display.
Add Unit—Add a new unit to the GMS management view. Requires unit IP and login information.
Rename Unit—(unit node only) Renames the selected SonicWall appliance.
Delete—Delete the selected unit or all units in the selected Group or Global Node, with option to delete
interconnected SAs or to delete from NetMonitor.
Import XML—Import an edited XML file to replace the current TreeControl navigation view.
Modify Unit—(unit node only) Change basic settings for the selected unit, including unit name, IP and
Login information, serial number, management port and encryption/authentication keys.
Login to Unit—(unit node only) Login to the selected unit using SSL protocols.
Modify Properties—Displays the properties for the selected SonicWall appliance, or all managed
appliances in the selected group or global node.
Manage Views—Opens a dialog box where you can create, delete, or modify a view.
Change View—Select pre-set or user created views. Views are created in the Manage View window (see
above).
Re-assign Agents—Opens a dialog box where you can change the IP address of the primary and standby
schedulers and the type of management mode used between GMS and the managed SonicWall
appliances.
SonicWall GMS 8.6 Getting Started Guide
Installing and Upgrading
3
18
Installing and Upgrading
SonicWall GMS is installed by deploying an OVA file to your VMware ESXi server. Each OVA file contains all
software components related to SonicWall GMS including the MySQL database, executable binary files for all
GMS services, and other necessary files.
You can deploy one or both OVA files multiple times as needed for your SonicWall GMS environment. SonicWall
GMS can be configured for a single server or in a distributed environment on multiple servers. In a distributed
deployment, for example, you might use the 250GB file in a Summarizer role, and the 950GB file in a Database
role. A distributed deployment can include one or more SonicWall GMSs, or SonicWall GMS instances running
on Windows Server machines.
You can deploy an OVA file by accessing vCenter or using the vSphere client that comes with VMware ESXi. To
get the vSphere client, point a browser to your VMware ESXi server and click on Download vSphere Client.
SonicWall GMS can be installed as a fresh install, or as an upgrade to the latest version of GMS.
This section contains the following subsections:
Upgrading from an Earlier Version of GMS on page 18
Installing with VMware vSphere on page 19
Upgrading from an Earlier Version of GMS
GMS can be upgraded from previous versions. To upgrade GMS from a version earlier than 8.5, you need to
upgrade to major versions of GMS until you reach 8.5, then you can upgrade GMS 8.5 to GMS 8.6. For SonicWall
GMS deployments, upgrading from the GMS 8.5 release to the GMS 8.6 release can be performed on the System
> Settings page.
In a distributed environment, shut down all GMS servers except the one that is running the database. Then
upgrade the Console/AIOP first and then the other servers. You must upgrade all GMS servers in your
deployment to the same version of SonicWall GMS 8.6. You cannot have some servers running version 8.6 and
others running an earlier version.
To upgrade, complete the following steps:
1 Download the GMS 8.6 file from www.MySonicWall.com to your workstation:
sw_gmsvp_vm_eng_8.6.xxxx.yyyy.gmsvp-updater.64bit.sh (where xxxx represents
the exact version numbers)
2 Log in to the /appliance (System) interface of the GMS server.
3 Navigate to the System > Settings page.
4 Click Browse, navigate to the location where you saved the previous file, and then select it.
5 Click Apply to begin the firmware upgrade installation.
The Virtual Appliance reboots at the end of the installation process.
SonicWall GMS 8.6 Getting Started Guide
Installing and Upgrading
19
Installing with VMware vSphere
To do a fresh install of SonicWall GMS using the vSphere client, complete the following steps:
1 Download the following OVA files from MySonicWall to a system that is accessible to your VMware ESXi
server.
sw_gmsvp_vm_eng_8.6.xxxx.yyyy.250GB.64bit.ova
sw_gmsvp_vm_eng_8.6.xxxx.yyyy.950GB.64bit.ova
1 Log into vCenter, or log in using the vSphere client.
2 In the Home screen, select VMs and Templates. The VMs and Templates page appears.
NOTE: Do not rename the OVA files. The “xxxx” represent the exact version numbers
SonicWall GMS 8.6 Getting Started Guide
Installing and Upgrading
20
3 Navigate to a view that shows the virtual machines running on your VMware ESXi server.
4 To begin the import process, click ACTIONS and select Deploy OVF Template... from the drop-down
menu.
The Deploy OVF Template wizard appears.
  • Page 1 1
  • Page 2 2
  • Page 3 3
  • Page 4 4
  • Page 5 5
  • Page 6 6
  • Page 7 7
  • Page 8 8
  • Page 9 9
  • Page 10 10
  • Page 11 11
  • Page 12 12
  • Page 13 13
  • Page 14 14
  • Page 15 15
  • Page 16 16
  • Page 17 17
  • Page 18 18
  • Page 19 19
  • Page 20 20
  • Page 21 21
  • Page 22 22
  • Page 23 23
  • Page 24 24
  • Page 25 25
  • Page 26 26
  • Page 27 27
  • Page 28 28
  • Page 29 29
  • Page 30 30
  • Page 31 31
  • Page 32 32
  • Page 33 33
  • Page 34 34
  • Page 35 35
  • Page 36 36
  • Page 37 37
  • Page 38 38
  • Page 39 39
  • Page 40 40
  • Page 41 41
  • Page 42 42
  • Page 43 43
  • Page 44 44
  • Page 45 45
  • Page 46 46
  • Page 47 47
  • Page 48 48
  • Page 49 49
  • Page 50 50
  • Page 51 51
  • Page 52 52
  • Page 53 53
  • Page 54 54
  • Page 55 55
  • Page 56 56
  • Page 57 57
  • Page 58 58
  • Page 59 59
  • Page 60 60
  • Page 61 61
  • Page 62 62
  • Page 63 63
  • Page 64 64
  • Page 65 65
  • Page 66 66
  • Page 67 67
  • Page 68 68

SonicWALL GMS Guia rápido

Categoria
Software de banco de dados
Tipo
Guia rápido

em outros idiomas