Watchguard Enterprise Security Manager User guide

Brand: Watchguard

Model: Enterprise Security Manager

Type: User guide

UserGuide,Release0.9

ESM Support Team ([email protected])

Release 0.9

This document is for informational purposes only. WatchGuard makes no

warranties, expressed or implied, as to the information in this document. The name

of any companies and products referenced may represent trademarks that are

herein property of their respective owners.

RevisionHistory

Date Version Description

7/6/2016 0.9 (rev-1) User guide created for release 0.9

TableofContents

1 EnterpriseSecurityManager 8

1.1 WhatisEnterpriseSecurity Manager? 8

1.1.1 Features 8

1.1.2 OperationalPrinciples 8

2 InstallationProcedure 9

2.1 ImportOVAFile 9

2.2 ConfiguringNetworkInterface 12

3 ESMUserInterface 13

3.1 Introduction 13

3.2 ESMWebInterface 13

3.2.1 NavigationPane 14

3.2.2

 UserPane 15

3.2.3 ViewPane 15

3.3 EnterpriseSecurityManagerGeneralControls 15

3.3.1 Login 15

3.3.2 Logout 16

3.3.3 ChangeUserSettings 16

3.3.4 ForgottenPassword 18

3.3.5 SystemBusy 21

3.3.6 DisplayFeatures 21

3.3.6.1



FilteringbyColumnFilters 21



3.3.6.2



ListPagination 22



3.3.6.3



Search 23



3.3.6.4



ExpandforDetails 25



3.3.7 Edit/ChangeConfirmation 26

4 UserRoles 27

4.1 AdministratorRole 27

4.1.1 HostSensorRegistrations 28

4.1.2 Settings 28

4.1.2.1



Authentication 28



4.1.2.2



Email 30



4.1.2.3



General 31



4.1.2.4



ManagerConfiguration 32



4.1.3 Users 32

4.1.3.1



AddaUser 33



4.1.3.2



DeleteaUser 34



4.1.3.3



ModifyaUser 34



4.1.4 System 35

4.1.4.1



AuditLog 35



4.1.4.2



ExportAuditLogData 36



4.1.4.3



PurgeAuditLogData 37



4.2 Operator 38

4.2.1 System 38

4.2.1.1



AuditLog 38



5 ManagerConfiguration 39

5.1 Overview 39

5.2 HostSensorPollingforManagerConfiguration 41

5.3 AddingaManager 42

5.4 ModifyingaManager 43

5.5 DeletingaManager 44

5.6 AddingIPRangestoaManager 45

5.7 EditingIPRangesforaManager 47

5.8 DeletingIPRanges

foraManager 48

5.9 FindingWhichManagerCoversanIPAddress 49

6 HostSensorRegistrations 50

6.1 Overview 50

6.2 HostSensorRegistrationDetails 51

6.3 InstallingHostSensorstoRegistertoESM 52

7 SupportedOperatingSystems 53

8 Glossary 54

9 AppendixA–OpenSource 55



TableofFigures

Figure 1: Enterprise Security Manager Web Interface ................................................................ 13

Figure 2: Enterprise Security Manager default page with pane collapsed .................................. 14

Figure 3: Settings Menu expanded ............................................................................................. 15

Figure 4: Settings and System Menus Expanded ....................................................................... 15

Figure 5: User Login page .......................................................................................................... 16

Figure 6: User Settings page ...................................................................................................... 17

Figure 7: Unsaved Changes prompt ........................................................................................... 17

Figure 8: Login Screen ................................................................................................................ 18

Figure 9: Forgot Password Email Confirmation Screen .............................................................. 18

Figure 10: Forgot Password Reset page .................................................................................... 19

Figure 11: Password Reset Confirmation Email Example .......................................................... 19

Figure 12: New Password Screen .............................................................................................. 20

Figure 13: Login page with password reset confirmation message ............................................ 20

Figure 14: System Busy Icon ...................................................................................................... 21

Figure 15: Display Filter Selection Example ............................................................................... 21

Figure 16: Pagination Example ................................................................................................... 22

Figure 17: Drop-down list of pages ............................................................................................. 22

Figure 18: Number of Items per page selections ........................................................................ 23

Figure 19: Search example with help text ................................................................................... 23

Figure 20: Search example with IP address filled in ................................................................... 24

Figure 21: List of Manager Configurations .................................................................................. 25

Figure 22: Details of the IP ranges covered by the East Region Manager ................................. 25

Figure 23: Edit/Change Confirmation display ............................................................................. 26

Figure 24: Administrator Default Screen ..................................................................................... 27

Figure 25: Microsoft Active Directory Authentication window ..................................................... 28

Figure 26: Add Authentication Service Dialog ............................................................................ 29

Figure 27: Authentication Settings after two servers added ....................................................... 29

Figure 28: Microsoft Active Directory Sync Results Confirmation ............................................... 30

Figure 29: Admin settings for email ............................................................................................ 31

Figure 30: Send Test Email window ........................................................................................... 31

Figure 31: General Settings ........................................................................................................ 31

Figure 32: Manager Configuration Example ............................................................................... 32

Figure 33: User Management ..................................................................................................... 32

Figure 34: Add User Example Screen ........................................................................................ 33

Figure 35: User drop-down menu for Remove User ................................................................... 34

Figure 36: User Deletion Confirmation Screen ........................................................................... 34

Figure 37: User Modification Screen ........................................................................................... 34

Figure 38: Change Password Screen ......................................................................................... 35

Figure 39: Audit Log view pane .................................................................................................. 36

Figure 40: Manager Setting Changed ......................................................................................... 36

Figure 41: Audit Log Setting Modified ......................................................................................... 36

Figure 42: Audit Log Purged view pane ...................................................................................... 37

Figure 43: Operator Dashboard Screen ...................................................................................... 38

Figure 44: Example Manager Configuration ............................................................................... 39

Figure 45: Manager Configuration Columns ............................................................................... 40

Figure 46: Add Manager Example Screen .................................................................................. 42

Figure 47: Edit or Remove Manager ........................................................................................... 43

Figure 48: Edit Manager Pane .................................................................................................... 43

Figure 49: Manager Deletion Confirmation ................................................................................. 44

Figure 50: Manager Deletion Second Confirmation .................................................................... 44

Figure 51: Manager Deletion Failure Message ........................................................................... 44

Figure 52: Initial IP Range pane for a Manager .......................................................................... 45

Figure 53: Add IP Range form .................................................................................................... 45

Figure 54: Manager Details with IP Range data ......................................................................... 47

Figure 55: IP Range edit form ..................................................................................................... 47

Figure 56: Remove Mapping ....................................................................................................... 48

Figure 57: Remove Mapping Confirmation ................................................................................. 48

Figure 58: Remove Mapping Second Confirmation .................................................................... 48

Figure 59: Search Managers by Covered Host IP address ........................................................ 49

Figure 60: Search Managers by Covered Host IP address for 192.168.49.100 ......................... 49

Figure 61: Host Sensor Registration Overview ........................................................................... 50

Figure 62: Host Sensor Communications Details ....................................................................... 51

Figure 63: Server Supported Operating Systems ....................................................................... 53

Figure 64: Workstation Support Operating Systems ................................................................... 53



1 EnterpriseSecurityManager

1.1 WhatisEnterpriseSecurityManager?

This guide provides operational instructions and guidelines to allow a user to interact with

Enterprise Security Manager (ESM).

The Enterprise Security Manager allows commercial entities to configure networks containing

numerous Host Sensors across multiple HawkEye G instances. The ESM provides centralized

host registration management and allows a large number of Host Sensors to be load balanced

against multiple Hawkeye G instances.

1.1.1 Features

Features include:

 Host Sensor configuration

 HawkEye G failsafe configuration

 Load balancing

1.1.2 OperationalPrinciples

Enterprise Security Manager simplifies an enterprise’s network security operations by enabling

customers with a large quantity of Host Sensors across multiple HawkEye G nodes to configure

the nature in which each Host Sensor connects to a node. By providing simple, broad-range

configurations and easy-to-map fail-safe backups, ESM ensures the customer’s network is

seamlessly configured and continuously connected.



2 InstallationProcedure

2.1 ImportOVAFile

1. Open VSphere Client

2. Click File -> “Deploy OVF Template”

3. Click Browse and Find the OVA file provided

4. Click “Next >”

5. Select the Name and Location of the new VM.

The screen shot below shows an ESX server not connected to vCenter. vCenter Installations

will require you to choose a folder location and other options

6. Click “Next >”

7. Select a Host/Cluster and storage.

8. Selection Provisioning Type

9. Click “Next >”

10. Change Network Mapping. The Source Network is “G Internal”, select a “Destination

Network” that corresponds to the information provided for the creation of the ESM OVA.

11. Click “Next >”

12. Click “Finish”

13. Power On virtual machine

2.2 ConfiguringNetworkInterface

Note: The steps below are not needed if the ESM OVA image was pre-configured.

1. In vSphere, Open a Console to the ESM Virtual Machine

2. Log In as root

3. Edit /etc/sysconfig/network-scripts/ifcfg-eth0, Set the IP_ADDR, NETMASK, DNS1 and

DNS2 appropriate to your network

4. Edit /etc/sysconfig/network, set GATEWAY to the gateway as the network that you have

assigned the Virtual Machine

5. Run Service Network Restart.



3 ESMUserInterface

3.1 Introduction

The Enterprise Security Manager User Interface, as shown in Figure 1, is accessed via a web

browser and is the mechanism by which a customer interacts with and manages ESM

components.

3.2 ESM WebInterface

The Enterprise Security Manager Web Interface is designed to be compatible with all common

web browsers and can be accessed by users who have been assigned the Administrator role

(NOTE: for ESM 0.9, the “operator” role exists, but it is non-functional. Please access ESM only

via the Administrator role).

The ESM Web Interface is comprised of three (3) panes, as shown in Figure 1:

 Navigation Pane

 User Pane

 View Pane

Figure 1: Enterprise Security Manager Web Interface

These panes are described in the sections that follow, with each referring to the figure above.

3.2.1 NavigationPane

The Navigation pane (outlined in red in Figure 1) is located on the left side of the diagram. The

pane collapses and expands (Figure 2 shows the Navigation pane collapsed) by clicking the

button located above the pane.

The items available in the Navigation pane are shown below. To expand or collapse a menu

item, hold the cursor over the menu item name, such as Settings, as shown in Figure 3. The

Navigation sub-menus remain open until the user closes them, even if the user selects a new

menu item. Figure 4 shows both the Settings and System sub-menus expanded.

Host Sensor Registrations

Settings

Users System

Figure 2: Enterprise Security Manager default page with pane collapsed

Figure 3: Settings Menu expanded

Figure 4: Settings and System Menus

Expanded

3.2.2 UserPane

The User pane (outlined in blue in Figure 1) displays horizontally across the top of the window.

This pane only contains the Navigation menu button (referenced in the Navigation pane

section), a user settings menu in the top right (accessed via the button), and a logout link.

3.2.3 ViewPane

The View pane (outlined in green in Figure 1) occupies the remaining part of the window and

displays details for the item selected in the Navigation pane. The Host Sensor Registration

Dashboard is the default section displayed when first logging in to the ESM.

The display in the View pane is not dynamic but a static view of the system at the date/time

indicated on the top right below the User pane. The date/time is updated when the screen is

loaded (selected from the Navigation buttons on the left) or when the Refresh Now button is

clicked.

3.3 EnterpriseSecurityManagerGeneral

Controls

These sections describe the general controls for the Enterprise Security Manager User

Interface.

3.3.1 Login

The Web Interface can only be accessed via an HTTP/SSL connection. The Web Interface URL

is https://localhost:8443/esm/login. Once a user connects, the login page is displayed, as shown

in Figure 5. The version number is shown at the bottom of the login page (and the bottom of all

pages in the application).

The default login credentials are as follows:

 User: admin

 Password: admin

Figure 5: User Login page

After entering your credentials, click the Login button. Once logged in, the home page for the

Enterprise Security Manager Web Interface is displayed. (NOTE: On the first login of any newly

created user, you will go to a screen requiring you to enter a new password. This is also true of

the default “admin” user.)

3.3.2 Logout

To terminate a session, click the Logout button in the User Pane. You will then be returned to

the ESM login page.

3.3.3 ChangeUserSettings

User settings can be changed by selecting User Settings after clicking on the Expand

button to the right of your username. This will open the User Settings view pane as shown in

Figure 6. The user can change their full name, user name, email address, password, idle time,

and session time out.

The user can select the desired setting changes, enter the Current Password, and then click

Save. The ESM system recognizes that if the user changes some parameters in an entry

screen and then tries to navigate to another view without first saving, a confirmation window will

appear as shown in Figure 7.

Figure 6: User Settings page

Figure 7: Unsaved Changes prompt



3.3.4 ForgottenPassword

If the user forgets their password, they have the option to reset it via the Forgot your

password? link on the login screen (shown in Figure 8).

Figure 8: Login Screen

The user will be prompted to enter the email address that was registered when the user account

was created (as shown in Figure 9).

Note: ESM will warn you if the email address is not in a proper format and, as a security

measure against account enumeration, will not provide feedback as to whether the email

address exists in the ESM user database.

Figure 9: Forgot Password Email Confirmation Screen

Once a valid email address has been entered, the user will be presented the Password Reset

notification shown in Error! Reference source not found..

Figure 10: Forgot Password Reset page

The user will receive an email (Figure 11) with a one-time link to access the Password Reset

page shown in Figure 12.

Figure 11: Password Reset Confirmation Email Example

Figure 12: New Password Screen

Enter the new password in both fields and then click Submit.

Upon validation of the new password, the user will be redirected to a login page, which will

display a password reset confirmation message, as shown in Figure 13.

Figure 13: Login page with password reset confirmation message

Page is loading ...

Watchguard Enterprise Security Manager User guide

Watchguard Enterprise Security Manager User guide

Watchguard Enterprise Security Manager User guide

Related papers

Other documents