WatchGuard®System Manager User Guide WatchGuard System Manager v8.
Notice to Users Information in this guide is subject to change without notice. Companies, names, and data used in examples herein are fictitious unless otherwise noted. No part of this guide may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without the express written permission of WatchGuard Technologies, Inc. Copyright, Trademark, and Patent Information Copyright© 1998 - 2005 WatchGuard Technologies, Inc. All rights reserved.
Contents CHAPTER 1 Getting Started ......................................................................1 About WatchGuard System Manager ......................................................1 About Hardware and Appliance Software ................................................2 Upgrading the appliance software ..........................................................2 Installing WatchGuard System Manager .................................................2 Installation requirements ....................
LiveSecurity Service Broadcasts ..........................................................16 Activating the LiveSecurity Service .......................................................17 LiveSecurity Service Self Help Tools ....................................................17 WatchGuard Users Forum ...................................................................19 WatchGuard Users Group ...................................................................19 Online Help ..................................
LogViewer Settings ............................................................................40 Changing LogViewer settings with Fireware appliance software ...................40 Changing LogViewer settings with WFS appliance software ........................41 Using LogViewer ................................................................................42 Creating a Search Rule ......................................................................42 Searching in LogViewer .............................
Netscape Communicator 4.79 .............................................................64 Netscape 6 ......................................................................................64 Managing the Firebox X Edge or SOHO Device ......................................65 Removing Certificates ........................................................................66 Microsoft Internet Explorer 5.5 and 6.0 .................................................67 Netscape Navigator 4.79 .......................
CHAPTER 1 Getting Started Historically, organizations used many tools, systems, and personnel to control the security of their networks. Different computer systems controlled access, authentication, virtual private networking, and network control. These expensive systems are not easy to use together or to keep up-to-date. WatchGuard® System Manager (WSM) supplies an integrated solution to manage your network and control security problems.
About Hardware and Appliance Software Firebox configuration. The HTTP proxy on the Firebox then works with the WebBlocker Server to find if a Web site is in a category that is not allowed. About Hardware and Appliance Software Appliance software is a software program or operating system that is permanently kept on your hardware. The Firebox® uses the appliance software with the configuration file to operate.
Installing WatchGuard System Manager WatchGuard System Manager includes firewall appliance software and management software to protect your network from attack. You put the Firebox® between the Internet and your trusted computers. You then use the software installed on the management station to configure and to monitor your Firebox.
Installing WatchGuard System Manager 1Network IP Addresses Without the Firebox Wide Area Network _____._____._____._____ / ____ Default Gateway _____._____._____._____ Local Area Network _____._____._____._____ / ____ Secondary Network (if applicable) _____._____._____._____ / ____ Public Server(s) (if applicable) _____._____._____._____ _____._____._____._____ _____._____._____._____ Use the second table for your network IP addresses after you put the Firebox into operation.
Installing WatchGuard System Manager Selecting where to install server software During installation, you can select to install the management station and three WatchGuard System Manager Server components on the same computer. Or you can use the same installation procedure to install the server components on other computers. To decide, you must examine the capacity of your management station and select the installation method that best matches your needs.
Setting Up Your Management Server Strong export limits apply to the strong encryption software. It is possible that it is not available for download. Backing up your previous configuration If you have an earlier version of WatchGuard System Manager, you must make a backup of your security policy configuration before you install a new version. For instructions on creating a backup of your configuration: • If you are upgrading to a newer version of the WFS appliance software, refer to the Upgrade Guide.
Setting Up Your Management Server • Set the CRL distribution point and publication period • Set the client and root certificate lifetime • Launch the CA Web GUI For information on how to set up the other WatchGuard System Manager servers—Log Server and WebBlocker server, see the “Working with Log Files” chapter in this guide, and the Configuration Guide, respectively.
After Your Installation Note the following: • When an interface whose IP address is bound to the Management Server goes down and then restarts, we recommend that you restart the Management Server. • If you change the computer’s IP address, you must remove the Management Server and install it again. After Your Installation You have satisfactorily installed, configured, and put your new WatchGuard® System Manager into operation on your network. Here is some more information to think about.
Installation Topics This table shows you the ports you must open on a desktop firewall. Server Type/Appliance Software Protocol/Port Management Server TCP 4109, TCP 4110, TCP 4112, TCP 4113 Log Server with Fireware appliance software with WFS appliance software TCP 4115 TCP 4107 WebBlocker Server TCP 5003, UDP 5003 WFS appliance software configuration modes There are two configuration modes available for users with WFS appliance software: a routed configuration or a drop-in configuration.
Installation Topics In a routed configuration, you install the Firebox with different logical networks and network addresses on each of its interfaces. The public servers behind the Firebox use private IP addresses. The Firebox uses network address translation (NAT) to route traffic from the external network to the public servers. The requirements for a routed configuration are: • All interfaces of the Firebox must be on different logical networks.
Installation Topics • You use one logical network for all three interfaces. • The Firebox uses proxy ARP. The trusted interface ARP address replaces the ARP address of the router. It then resolves the ARP data for those devices behind the Firebox that cannot receive the transmitted data. • During installation, it is not necessary to change the TCP/IP properties of computers on the trusted and optional interfaces.
Installation Topics If you select the Dynamic Host Configuration Protocol (DHCP), the Firebox tells a DHCP server controlled by your Internet Service Provider (ISP) to give the Firebox its IP address, gateway, and netmask. This server can also give WINS and DNS server information for your Firebox. If it does not give you that information, you must add it manually to your configuration. If necessary, you can change the WINS and DNS values that your ISP gives you.
Installation Topics 255.255.255.224 /27 255.255.255.240 /28 255.255.255.248 /29 255.255.255.252 /30 Installing the Firebox cables Connect the power cable to the Firebox power input and to a power source. The Quick Setup Wizard recommends that you use a straight ethernet cable (green) to connect your management station to a hub or switch. Use another straight ethernet cable (green) to connect your Firebox to the same hub or switch.
Installation Topics 14 WatchGuard System Manager
CHAPTER 2 Service and Support No Internet security solution is complete without regular updates and security information. New threats appear each day — from the newest hacker to the newest bug in an operating system — and each can cause damage to your network systems. The LiveSecurity® Service sends security solutions directly to you to keep your security system in the best condition.
LiveSecurity Service Broadcasts LiveSecurity Service Broadcasts The WatchGuard® Rapid Response Team regularly sends messages and software information directly to your computer desktop by e-mail. We divide the messages into categories to help you to identify and make use of incoming information immediately. Information Alert Information Alerts give you a fast view of the newest information and threats to Internet security.
LiveSecurity Service Self Help Tools New from WatchGuard When WatchGuard releases a new product, we first tell you — our customers. You can learn more about new features and services, product upgrades, hardware releases, and customer promotions. Activating the LiveSecurity Service You can activate the LiveSecurity® Service through the Quick Setup Wizard on the CD-ROM. Or, you can activate it through the activation section of the LiveSecurity Web pages.
LiveSecurity Service Self Help Tools Advanced FAQs The Advanced FAQs (frequently asked questions) give you important information about configuration options and operation of systems or products. They add to the information you can find in this User Guide and in the Online Help system. Known Issues We know that software products can have bugs. We keep a list of Known Issues to help you find and to configure around these problems in our products until a software update repairs them.
WatchGuard Users Forum WatchGuard Users Forum The WatchGuard® Users Forum is an online group. It lets the users of WatchGuard products interchange ideas, questions, and information about the product, for example: • Configuration • Connecting WatchGuard products and those of other companies • Network policies This forum has different categories that you can use to look for information. The WatchGuard Technical Support team controls the forum during regular work hours.
Product Documentation • Use Windows Explorer or the Run command to open the WatchGuard installation folder. Open the Help folder. Double-click WFSHelp.htm. Your browser opens and the Online Help home page appears. The default folder is: C:\Program Files\WatchGuard\Help Searching for information There are three methods to search for information in the WatchGuard Online Help system: Contents The Contents tab shows a list of categories in the help system. Double-click a book to expand a category.
Technical Support Note You must activate the LiveSecurity Service before you can get technical support. LiveSecurity Service Technical Support All new Firebox products include the WatchGuard LiveSecurity® Technical Support Service. You can speak with the WatchGuard Technical Support team when you have a problem with the installation, management, or configuration of your Firebox.
Training and Certification VPN Installation Service WatchGuard Remote VPN Installation Service helps you through a full VPN installation. You can schedule a two-hour time with one of the WatchGuard Technical Support team. During this time, the technician helps you to: • Do an analysis of your VPN policy • Configure your VPN tunnels • Do a test of your VPN configuration You can use this service after you correctly install and configure your Fireboxes.
CHAPTER 3 Monitoring Your Network To monitor a network, you must have real-time information on all the components of the network. The current status of all VPN devices and tunnels appears in the WatchGuard® System Manager window. You can use these tools to quickly find and troubleshoot problems with your network. This chapter describes the procedures you can do directly from the WatchGuard System Manager window.
Connecting to a Firebox Device A status page for all the devices in System Manager. The information that appears includes the log host, MAC address, and IP address for the interfaces for each device. It also includes the status of all VPN tunnels that are configured in System Manager. VPN Shows status information, endpoints, and security parameters for any VPN tunnels created and managed with the WatchGuard Management Server. Log Shows the log status for devices managed by System Manager.
Connecting to a Server Connecting to a Server The WatchGuard® Management Server (previously the WatchGuard DVCP server) runs on a Windows computer. This computer can be the same one where the WatchGuard management software is installed or a different computer. 1 Select File > Connect to > Server. or Click the Connect to Server icon on the WatchGuard System Manager toolbar. The icon is shown at left. 2 From the Management drop-down list, select a server by its host name or IP address.
Seeing Information about Devices To expand a part of the display, click the plus sign (+) adjacent to the entry, or double-click the name of the entry. To close a part, click the minus sign (–) adjacent to the entry. When no plus or minus sign appears, no more information is available. Firebox Status Below Firebox® Status, you can see the IP address and subnet mask of each Firebox interface.
Seeing Information on Log Servers • The tunnel name, the IP address of the destination IPSec device (a different Firebox, Edge, SOHO, or SOHO|tc), and the tunnel type. If the tunnel is managed by the Management Server, the IP address refers to the full remote network address. • The volume of data sent and received on the tunnel in bytes and packets. • The time before the key expires and when the tunnel is created again. This appears as a time limit or as the volume of bytes.
Monitoring VPNs devices for which logging is not configured. Logging for devices is configured in Policy Manager, as described in the Configuration Guide for your appliance software. Monitoring VPNs The VPN tab shows all Fireboxes that the Management Server is managing. The configured VPN informaiton for each Firebox is also shown here. Fireboxes that you connect to manually using WatchGuard System Manager do not appear here.
About the WatchGuard Toolbar About the WatchGuard Toolbar There are three servers that do Firebox® management functions: • Management Server • Log Server • WebBlocker Server You start, stop, and configure these Management Servers using the WatchGuard® toolbar. The WatchGuard toolbar is one of the toolbars at the bottom of your computer screen.
Starting Security Applications through the firewall. For information on using Firebox System Manager, see the Configuration Guide for your appliance software. HostWatch HostWatch shows the connections through a Firebox from the trusted network to the external network. It shows the current connections, or it can show the connections from a list in a log file. For information on using HostWatch, see the Configuration Guide for your appliance software.
CHAPTER 4 Setting Up Logging and Notification An event is any single activity that occurs at the Firebox®, such as denying a packet from passing through the Firebox. Logging is the recording of these events to a log host. A notification is a message sent to the administrator by the Firebox when an event occurs that indicates a security threat. Notification can be in the form of e-mail or a pop-up window.
Setting Up the Log Server Note Firebox devices with WatchGuard Firebox System version 7.4 or earlier can send log messages to a WatchGuard System Manager 8.0 Log Server or to a WatchGuard Security Event Processor 7.3 or earlier. But, Fireboxes with Fireware appliance software cannot send log messages to a WatchGuard Security Event Processor 7.3 or earlier. 1 On the desktop of the computer that has the Log Server, select the Log Server icon from the WatchGuard toolbar.
Setting Global Logging and Notification Preferences Changing the Log Server encryption key To change the encryption key on the Log Server: 1 Right-click the Log Server icon on the WatchGuard toolbar and select Status/Configuration. 2 Select File > Set Log Encryption Key. 3 Type the new log encryption key two times. 4 Click OK.
Setting Global Logging and Notification Preferences Setting the interval for log rollover You can control when the log files rollover in the Log Files tab in the Log Server configuration interface. You can also manually start a rollover of the current log file by selecting File > Roll current log file from the Status/Configuration window. 1 Click the Log Files tab. 2 To roll the log file on a time interval, select the Roll Log Files By Time Interval check box. Set the time interval.
Setting Global Logging and Notification Preferences 2 Use the radio buttons to set the time interval for reports: daily, weekly, first day of the month, or at a custom time. 3 From the Next Scheduled Report drop-down list, select a date and time for the subsequent scheduled report. 4 Click Save Changes. The Log Server restarts automatically. Controlling notification You can configure the Firebox to send an e-mail message when a specified event occurs.
Setting Global Logging and Notification Preferences 36 WatchGuard System Manager
CHAPTER 5 Reviewing and Working with Log Files WatchGuard® System Manager includes strong and flexible log message tools. An important feature of a good network security policy is to log messages from your security systems, to examine those records frequently, and to keep them in an archive. You can use logs to monitor your network security, identify any security risks, and address them.
Log File Names and Locations Alarm log messages Alarm log messages are sent when an event occurs that triggers the Firebox to do a command. When the alarm condition is matched, the Firebox sends an Alarm log message to the Traffic Monitor and log server and then it does the specified action. You can set some alarm log messages. For example, you can use Policy Manager to configure an alarm to occur when a specified value matches or is more than a threshold.
Starting LogViewer software versions for LogViewer settings and search functions. There is more information about these differences below. 1 From WatchGuard System Manager, select Resources > LogViewer. or Click the LogViewer icon on the WatchGuard System Manager toolbar. The icon is shown at the left. 2 From LogViewer, select File > Open. or Click the Open File icon on the LogViewer toolbar. The icon is show at the left. The default location of the logs is the path: My Documents\My WatchGuard\Shared W
LogViewer Settings LogViewer Settings You can adjust the content and the format of the LogViewer window. Changing LogViewer settings with Fireware appliance software 1 From LogViewer, select View > Settings. The Settings dialog box appears. The Settings dialog box has five tabs, each with the same fields. You use these tabs to set properties for the four types of messages that appear in log files: Alarms, Traffic, Event, and Diagnostic.
LogViewer Settings Changing LogViewer settings with WFS appliance software 1 From LogViewer, select View > Settings. The Settings dialog box appears. 2 From here, you can set the properties for the display of the log messages. Select the tab to configure the display properties for allowed traffic, denied traffic, or other log messages that do not apply to Firebox traffic. Show Logs in Color You can set the messages to appear in different colors.
Using LogViewer Using LogViewer Creating a Search Rule You can create rules to search through the data shown in LogViewer. 1 Select Edit > Find. The Find dialog box appears. 2 Use the Log Type drop-down list to select the type of log message to apply the search rule to. You can select: Alarm, Traffic, Event, Diagnostic (debug), or All. If you using the LogViewer to show log messages from a Firebox with WFS appliance software, you cannot select the type of log message.
Using LogViewer Searching in LogViewer After you make a search rule, you can use it to search the data shown in LogViewer. 1 If it is necessary to search through log messages from a Firebox using Fireware Pro, use the Log Type drop-down list to select which type of log messages appears in the window. 2 Use the Display Results in drop-down list to select the method to show the results of the search.
Using LogViewer Consolidating log files You can put together two or more log files into one file. You can then use this file in Historical Reports, LogViewer, or some other tool to examine log data for an extended time interval. To merge more than one log file into one file: • The log files must be from the same Firebox • The log messages in the files must be in date and time order • The log files must be have been created with the same appliance software.
Using LogViewer To convert a log file from .wgl to .xml: 1 Right-click the Log Server icon on your Windows desktop tray and select Merge Log Files. The Merge Logfiles dialog box appears. This dialog box controls merges, and also updates, of log files. 2 Click Browse to find the location of the logfile.wgl to convert to XML. If you select more than one log file at one time, the utility converts all of the files you select and puts them together into one file. The new file has an .xml format.
Using LogViewer 46 WatchGuard System Manager
CHAPTER 6 Generating Reports of Network Activity Historical Reports is a tool that makes summaries and reports of the Firebox® log file. You can use these reports to learn about Internet use. You can also measure bandwidth and see which users and software applications use the most bandwidth. Historical Reports creates reports from the log files that are recorded on the WatchGuard® Log Server. With the advanced features of Historical Reports, you can: • Set a specified time period for a report.
Creating and Editing Reports Starting a new report 1 From Historical Reports, click Add. The Report Properties dialog box appears. 2 Type the report name. The report name appears in Historical Reports and in the name of the output file. 3 Use the text box in the Log Directory to give the location of the log files. The default location for the log files is the path: My Documents\My WatchGuard\Shared WatchGuard\logs. 4 Use the text box in the Output Directory to give the location of the output files.
Specifying a Report Time Interval 9 Type the Firebox® IP address or host name. Click Add. When you type the IP addresses, type all the numbers and the periods. Do not use the TAB or the arrow key. When you create a report with consolidated sections, you must use only WFS Fireboxes or Fireboxes using Fireware Pro. If you use the two Firebox versions in a report the results are not correct. 10 Use the other tabs to specify the report preferences.
Specifying Report Sections 5 Click OK. Specifying Report Sections You can select the information to show in the report using the Sections tab on the Report Properties dialog box. 1 2 From Historical Reports, click the Sections tab. Select the check boxes for the sections to include in the report. To see the contents of each section, refer to the “Report Sections and Consolidated Sections” on page 54. 3 (Optional) Select the Authentication Resolution on IP addresses check box.
Setting Report Properties To consolidate report sections: 1 In the Report Properties dialog box, select the Consolidated Sections tab. The tab has a list of report sections that you can put together. For short notes of the contents of these sections, refer to “Report Sections and Consolidated Sections” at the end of this chapter. 2 Select the check boxes adjacent to the sections to include in the report. Clear the check boxes for the sections to not include. 3 Click OK.
Exporting Reports 7 Click OK. Exporting Reports You can export a report to two formats: HTML and NetIQ. You can find all reports in the path c:documents and settings\watchGuard\reports\WebTrends\. In the Reports directory are the subdirectories with the name and the time of each report. Exporting reports to HTML format If you select HTML Report from the Setup tab on the Report Properties dialog box, the report output is in HTML. You can go to each report section through a JavaScript menu.
Using Report Filters torical Reports. To calculate Internet use report data, Historical Reports counts the number of HTTP protocol transactions. NetIQ calculates the number of URL requests. Note The WatchGuard HTTP proxy logging must be set to ON to supply NetIQ with the information that is necessary. You can find the report in: My Documents\My WatchGuard\Shared WatchGuard\reports Using Report Filters A report includes data from the full log file unless you create and use report filters.
Running Reports 5 When finished, click OK. The name of the filter appears in the list of the Filters. The Filter Name.ftr file is in the report-defs directory. Editing a report filter You can always change the properties of a filter. From the Filters dialog box in Historical Reports: 1 Select the filter to change. Click Edit. The Report Filter dialog box appears. 2 Change the filter properties. To see the function of each property, right-click it, and then click What’s This?.
Report Sections and Consolidated Sections Report sections There are two basic types of Report sections: • Summary — The sections that rank data by bandwidth or connections. • Detailed — The sections that show all traffic and events with no summary graph or rank. A list of the different types of the report sections and the consolidated sections is shown below: Firebox Statistics A summary of the statistics on one or more log files for one Firebox.
Report Sections and Consolidated Sections Session Summary — Proxied Traffic A table, and an optional graph, of the top incoming sessions and outgoing sessions. The sessions show in the sequence of the volume of bytes or the number of connections. The format of the session is: client -> server: service. The service shows in all uppercase letters. HTTP Summary Tables, and an optional graph, of the top external domains and hosts that users connect to through the HTTP proxy.
Report Sections and Consolidated Sections Alarms Available for Fireware Pro users only, this report lists all device alarms and the problem found with each alarm. AV Summary A summary of Gateway AntiVirus for E-mail actions available for Fireware Pro users who subscribe to the antivirus service. The fields include sender, virus detail, if the virus was cleaned, and attachment size of the e-mail. AV Detail A list of the source, sender, and virus detail for Gateway AntiVirus for E-mail actions.
Report Sections and Consolidated Sections Host Summary — Proxied Traffic A table, and an optional graph, of the internal and external hosts that send traffic with a proxy through the Firebox. The hosts show in the sequence of the volume of bytes or the number of connections. Proxy Summary The proxies in the sequence of bandwidth or connections. Session Summary — Proxied Traffic A table, and an optional graph, of the top incoming sessions and outgoing sessions.
CHAPTER 7 Managing Certificates and the Certificate Authority When you create a VPN tunnel, you can select from two types of tunnel authentication: shared secrets or certificates. A certificate is an electronic document that contains a public key. The public key verifies that the certificate is legitimate. A Certificate Authority (CA) is a trusted third-party that gives certificates to clients.
Managing the Certificate Authority authenticates to the Management Server. The CA makes sure that the managed Firebox clients are authenticated and then gives a certificate to each client. The two managed Firebox clients use the certificates to authenticate the VPN tunnel being created between them. MUVPN and certificates Because MUVPN clients are not clients of the Management Server, they authenticate to the Firebox.
Managing the Certificate Authority Management Server CA Certificate Print a copy of the Management Server CA certificate to the screen. You can then manually save it to the client. You can use this for client access to the authentication Web page. Generate a New Certificate Type a subject common name, organizational unit, password, and certificate lifetime to make a new certificate. - For MUVPN users, the common name must agree with the user name of the remote user.
Managing the Certificate Authority Revoke Cancels a certificate. Managed Firebox clients will not see that the CRL was revoked until the CRL is published. Reinstate Puts back a certificate that was revoked before. Destroy Removes a certificate.
CHAPTER 8 Managing the Firebox X Edge and Firebox SOHO 6 WatchGuard® System Manager lets you control and configure WatchGuard firewalls from a distance. This makes for easy configuration and management of a VPN tunnel to a Firebox® X Edge, Firebox S6, Firebox SOHO 6, or Firebox SOHO 5 device. These WatchGuard hardware models are good for small, remote offices. You configure the WatchGuard small office hardware devices with a Web browser.
Importing Certificates 2 Click the Content tab. Click Certificates. The Certificates window appears. 3 Click the Personal tab. You can see the certificate on this tab. If you do not see the certificate in the list, use these troubleshooting ideas to examine the problem: • Make sure that you have the strong encryption (128-bit) version of Internet Explorer • Internet Explorer does not always enable strong encryption during the installation. Open the Windows registry and find this key: HKEY_LOCAL_MACHINE\
Managing the Firebox X Edge or SOHO Device Troubleshooting ideas Use these steps to troubleshoot Netscape certificates: • Make sure that you have the strong encryption (128-bit) version of Netscape. • Make sure that you have the correct password for the .p12 (or .pfx) file. This must be the configuration passphrase of the Firebox DVCP server. • Make sure that the certificate is not zero (0) length. If it is, erase the file and disconnect from System Manager.
Removing Certificates • Enable System Manager access • Update the device from an operating system other than Windows • Upgrade the device features • Look at the configuration file as text System security and remote management Use this to enable system security, give an administrator name to the device, and set the passphrases. You can enable the device for remote management. This lets you connect to the unit from a distance with the WatchGuard® Remote Management VPN client.
Removing Certificates Microsoft Internet Explorer 5.5 and 6.0 From the Windows desktop of the management station: 1 Start Internet Explorer. Click Tools > Internet Options. The Internet Options window appears. 2 Click the Content tab. Click Certificates. The Certificates window appears. 3 4 Select the certificate or certificates to erase. Click Remove. A warning window appears. 5 Click Yes. The selected certificates are erased from the browser.
Removing Certificates 68 WatchGuard System Manager
APPENDIX A Copyright and Licensing WatchGuard Firebox Software End-User License Agreement IMPORTANT - READ CAREFULLY BEFORE ACCESSING WATCHGUARD SOFTWARE: This Firebox Software End-User License Agreement ("AGREEMENT") is a legal agreement between you (either an individual or a single entity) and WatchGuard Technologies, Inc.
(B) To use the SOFTWARE PRODUCT on more than one WATCHGUARD hardware product at once, you must purchase an additional copy of the SOFTWARE PRODUCT for each additional WATCHGUARD hardware product on which you want to use it.
Limitation of Liability. WATCHGUARD'S LIABILITY (WHETHER IN CONTRACT, TORT, OR OTHERWISE; AND NOTWITHSTANDING ANY FAULT, NEGLIGENCE, STRICT LIABILITY OR PRODUCT LIABILITY) WITH REGARD TO THE SOFTWARE PRODUCT WILL IN NO EVENT EXCEED THE PURCHASE PRICE PAID BY YOU FOR SUCH PRODUCT. THIS SHALL BE TRUE EVEN IN THE EVENT OF THE FAILURE OF AN AGREED REMEDY.
Licenses RealNetworks, RealAudio, and RealVideo are either a registered trademark or trademark of RealNetworks, Inc. in the United States and/or other countries. Java and all Java-based marks are trademarks or registered trademarks of Sun Microsystems, Inc. in the United States and other countries. All rights reserved. Jcchart copyright® 1999 by KL Group Inc. All rights reserved.
Licenses BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. Original SSLeay License This product includes cryptographic sofware written by Eric Young (eay@cryptsoft.com).
Licenses 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgment: This product includes software developed by Ralf S.
Licenses works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof. "Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner.
Licenses 6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file. 7. Disclaimer of Warranty.
Licenses NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. GNU Lesser General Public License Some components of the WatchGuard System Manager software distribute with source code covered under the GNU Lesser General Public License (LGPL). Version 2.1, February 1999 Copyright (C) 1991, 1999 Free Software Foundation, Inc.
Licenses We call this license the “Lesser” General Public License because it does Less to protect the user's freedom than the ordinary General Public License. It also provides other free software developers Less of an advantage over competing non-free programs. These disadvantages are the reason we use the ordinary General Public License for many libraries. However, the Lesser license provides advantages in certain special circumstances.
Licenses c) You must cause the whole of the work to be licensed at no charge to all third parties under the terms of this License.
Licenses Otherwise, if the work is a derivative of the Library, you may distribute the object code for the work under the terms of Section 6. Any executables containing that work also fall under Section 6, whether or not they are linked directly with the Library itself. 6.
Licenses you do not accept this License. Therefore, by modifying or distributing the Library (or any work based on the Library), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Library or works based on it. 10.
Licenses Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This General Public License applies to most of the Free Software Foundation's software and to any other program whose authors commit to using it.
Licenses b) You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License.
Licenses 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License. 7.
Licenses GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
Licenses NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. Copyright (c) 1995, 1996 The President and Fellows of Harvard University. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2.
APPENDIX B WatchGuard File Locations This appendix lists the default location of many of the -s used by WatchGuard System Manager. General File Locations This table describes the location where data files are stored by the WatchGuard System Manager software. Since it is possible to configure the Windows operating system (OS) to put these directories on different disk drives, you must determine the exact location of these files based on the configuration of Windows on your computer.
Default File Locations File Type Location Certificates C:\Documents and Settings\All Users\Shared WatchGuard\certs (Except for certificates used by the Log Server, the Management Server, and the Certificate Authority) WatchGuard Applications C:\Program Files\WatchGuard\wsm8\ Shared Application Libraries C:\Program Files\Common Files\WatchGuard\wsm8\ Management Server Data C:\Documents and Settings\WatchGuard\dvcp\ Certificate Authority Data C:\Documents and Settings\WatchGuard\wmserver\wgca\ We
Default File Locations Quick Setup Wizard Write License File C:\Documents and Settings\\My Documents\My WatchGuard\configs\.tgz Read License File C:\Documents and Settings\\My Documents\My WatchGuard\ Firebox System Manager for Fireware Appliance Software Operation File Type Default Location Read Application Config File C:\Documents and Settings\All Users\Application Data\WatchGuard\fsm.conf Read/ Write Preferences File C:\Documents and Settings\\
Default File Locations Policy Manager for Fireware Appliance Software Operation File Type Default Location Read Blocked Sites C:\Documents and Settings\\My Documents\My WatchGuard\ Read Blocked Sites Exceptions C:\Documents and Settings\\My Documents\My WatchGuard\ Read/ Write Firebox Config Files C:\Documents and Settings\\My Documents\My WatchGuard\configs\ Read/ Write Firebox License Files C:\Documents and Settings\\My Documents\My WatchGuard\configs
Default File Locations Policy Manager for WFS Appliance Software Operation File Type Default Location Write Save Backup C:\Documents and Settings\All Users\Shared WatchGuard\backups\ Read/ Write Firebox Config Files C:\Documents and Settings\\My Documents\My WatchGuard\configs\ Write MUVPN SPDs C:\Documents and Settings\All Users\Shared WatchGuard\muvpn\ Read Blocked Sites Import Current Working Directory Read Help Files C:\Program Files\WatchGuard\wsm8\wfs\ Firebox System Manag
Default File Locations LogViewer Operation File Type Default Location Write Application Log File C:\Documents and Settings\\Application Data\WatchGuard\logviewer.log Read Firebox Log File C:\Documents and Settings\WatchGuard\logs\ Read Help File C:\Program Files\WatchGuard\wsm8\help\ Management Server Operation File Type Default Location Read/ Write All Files C:\Documents and Settings\WatchGuard\wmserver\dvcp\ WebBlocker Server Operation File Type Default Location Read/ Write
Default File Locations Log Server for Fireware Appliance Software Operation File Type Default Location Read Log Server Config (Fireware) C:\Program Files\WatchGuard\wsm8\wlserver\conf\httpd.conf Read Log Server Config (Fireware) C:\Program Files\WatchGuard\wsm8\wlserver\conf\logserver.conf Read Cert C:\Documents and Settings\WatchGuard\wlserver\certs\wglog.pen Write Log Server Log C:\Documents and Settings\WatchGuard\logs\wlserver.log Read/ Write Active Firebox Logs C:\Documents and Settin
Default File Locations Historical Reports Operation File Type Default Location Read/ Write Report Filters C:\Documents and Settings\WatchGuard\reportdefs\.flt Read Help Files C:\Program Files\WatchGuard\\wfs\help\ Log Merge Operation File Type Default Location Read Log Files C:\Documents and Settings\WatchGuard\logs\ Write Converted Log Files C:\Documents and Settings\WatchGuard\logs\... .wgl to .wgl.xml Write Merged Log File C:\Documents and Settings\Wat
Default File Locations WatchGuard Certificate Authority User Guide Operation File Type Default Location Write Publish CRL C:\Documents and Settings\WatchGuard\wmserver\htdocs\wgca.crl Read/ Write Manage Certs C:\Documents and Settings\WatchGuard\wmserver\wgca\index.txt C:\Documents and Settings\WatchGuard\wmserver\wgca\index.txt.attr C:\Documents and Settings\WatchGuard\wmserver\wgca\serial C:\Documents and Settings\WatchGuard\wmserver\wgca\serial_server C:\Documents and Settings\WatchGuard\wmser
Default File Locations 96 WatchGuard System Manager
Index Symbols authentication for VPNs, viewing 27 DHCP support on external interface 12 dialog boxes Report Properties 49, 51 Time Filters 49 digital certificates. See certificates DMZ (Demilitarized Zone) 4 drop-in configuration benefits and drawbacks of 11 characteristics 10 described 10 DVCP server as CA 59 C E CA.
deleting a filter 54 described 30 editing a filter 54 editing existing reports 49 starting 47 starting new reports 48 time spans for 49 HostWatch described 30 M I N installation QuickSetup Wizard 6 internal network 4 IP addresses and routed configuration 10 default gateways 26 netmask 26 IP alias 11 NAT 1-to-1 and PPPoE support 12 netmask, viewing address of 26 network configurations diagram 4 drop-in 10 routed 9 networks external 4 internal 4 networks, secondary.
R T Rapid Response Team 15, 16 red exclamation point in VPN Manager display 27 Report Properties dialog box 49, 51 reports applying a filter 54 authentication details 55 consolidated sections 57 consolidating sections 50, 54 creating filters 53 deleting 49 deleting a filter 54 denied incoming/outgoing packet detail 56 denied packet summary 56 denied service detail 56 detail sections 51 DNS resolution on IP addresses 50 editing 49, 50 editing filters 54 exporting to HTML 52 Firebox statistics 55 FTP detail
ADDRESS: 505 Fifth Avenue South Suite 500 Seattle, WA 98104 SUPPORT: www.watchguard.com/support support@watchguard.com U.S. and Canada +877.232.3531 All Other Countries +1.206.613.0456 SALES: U.S. and Canada +1.800.734.9905 All Other Countries +1.206.521.8340 100 ABOUT WATCHGUARD WatchGuard is a leading provider of network security solutions for small- to midsized enterprises worldwide, delivering integrated products and services that are robust as well as easy to buy, deploy and manage.
