SonicWALL SM 9400 Quick start guide

Brand: SonicWALL

Model: SM 9400

Category: Database software

Type: Quick start guide

SonicWall® GMS 8.7 Software

Getting Started Guide

SonicWall GMS 8.7 Getting Started Guide

Contents

Before You Begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

System Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

Record Configuration Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

Installing and Upgrading . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10

Installing Universal Management Suite . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10

Before Upgrading to GMS 8.7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

Upgrading From an Earlier Version of GMS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

Upgrading the SonicWall GMS Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

Registering and Licensing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

Registering/Licensing After a Fresh Install . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

Registering Associated Servers in a Distributed Deployment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18

Registering Associated Servers in a Closed Network Deployment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

Configuring UMH Deployment Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20

Deployment Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20

Deployment Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21

Using the Role Configuration Tool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21

Manually Configuring the System Role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24

Configuring the All In One Role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25

Configuring the Database Only Role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25

Configuring the Console Role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26

Configuring the Agent Role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27

Configuring the Reports Summarizer Role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27

Configuring the Monitor Role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28

Configuring the Event Role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29

Configuring the Syslog Collector Role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29

Configuring the Flow Server Role (Virtual Appliances Only) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30

Configuring the All in One-Flow Server (Demo Mode Only) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

Configuring the Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

Configuring Database Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33

Configuring Deployment Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35

Controlling Deployment Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37

Introduction to the Management Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39

Overview of the Two Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39

Switching Between Management Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40

UMH System Interface Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40

Management Interface Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40

Login Screen . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41

Dashboard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41

Live Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42

Multi-Firewall Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43

Contents

SonicWall GMS 8.7 Getting Started Guide

Contents

Management Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43

Using the GMS TreeControl Panel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46

Provisioning and Adding Units . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48

Before You Begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48

Provisioning a SonicWall Firewall Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48

Provisioning a SonicWall Firewall Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48

Provisioning a SonicWall SMA SMB Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49

Provisioning a SonicWall E-Class SMA Series Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50

Provisioning a SonicWall Email Security Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50

Adding SonicWall Appliances . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51

Adding SonicWall Appliances Manually . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51

Importing SonicWall Appliances . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54

Managing Multiple Appliances . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55

Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56

SonicWall Live Product Demos . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57

SonicWall Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58

About This Document . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59

SonicWall GMS 8.7 Getting Started Guide

Before You Begin

This Getting Started Guide contains installation procedures and configuration guidelines for deploying

SonicWall® GMS on a server on your network. SonicWall GMS is a Web-based application that can configure,

manage, and monitor the status of thousands of SonicWall firewalls, Internet security appliances and

non-SonicWall appliances from a central location. SonicWall GMS provides the following benefits:

• Centralized security and network management

• Sophisticated VPN deployment and configuration

• Active device monitoring and alerts

• Intelligent reporting, analytics, and activity visualization

• Centralized logging and offline management

Topics:

• System Requirements on page 4

• Record Configuration Information on page 9

System Requirements

SonicWall GMS software comes with a base license to manage either 5, 10, or 25 nodes. You can purchase

additional licenses on MySonicWall. For more information on licensing additional nodes, read the “SonicWall

Upgrades” section of the GMS 8.7 Console Admin Guide.

Before installing SonicWall GMS, review the following requirements.

Topics:

• Operating System Requirements on page 5

• Unsupported Platforms on page 5

• GMS Hardware Resource Requirements on page 5

• Hard Drive HDD Specifications

• Browser Requirements on page 6

• Database Requirements on page 6

• Java Requirements on page 6

• Microsoft Azure Platform Requirements on page 7

• SonicWall Appliance and Firmware Support on page 8

• Non-SonicWall Appliance Support on page 9

• SonicWall GMS Gateway Recommendations on page 9

SonicWall GMS 8.7 Getting Started Guide

Before You Begin

Operating System Requirements

SonicWall GMS Software release supports the following operating systems:

• Windows Server 2016 Standard (English and Japanese language versions)

• Windows Server 2012 Standard 64-bit

• Windows Server 2012 R2 Standard 64-bit (English and Japanese language versions)

• Windows Server 2012 R2 Datacenter

These Windows systems can either run in physical standalone hardware platforms, or as a virtual machine under

Microsoft Azure or Windows Server 2012 Hyper-V or VMware ESXi.

Unsupported Platforms

The following platforms have been dropped from support:

• CDP management and reporting

• UMA EM5000 as part of the GMS deployment

• Windows 32-bit as part of the GMS deployment

• Firewalls with firmware older than SonicOS 5.0

• Gen4 or older Firewalls

GMS Hardware Resource Requirements

Use the Capacity Planning Tool to determine the hardware requirements for your deployment.

Hard Drive HDD Specifications

The following hard drive HDD specifications are required when using GMS Software on a Windows Server or a

GMS Virtual Appliance:

TIP: All listed operating systems are supported in both virtualized and non-virtualized environments. In a

Hyper-V virtualized environment, Windows Server is a guest operating system running on Hyper-V. GMS is

then installed on the Windows Server virtual machine that is layered over Hyper-V.

NOTE: GMS is not supported on Amazon Web Services EC2.

NOTE: A Windows 64-bit operating system with a RAM of 16GB is highly recommended for better

performance of reporting modules. Read the “Capacity Planning and Performance Tuning” appendix in the

GMS 8.7 Firewall - Manage Administration Guide.

Hardware Requirements

Requirement Details

Spindle Speed 10,000 RPM or higher

Cache 64 MB or higher

Transfer rate 600 MBs or higher

Average latency 4 microseconds or lower

SonicWall GMS 8.7 Getting Started Guide

Before You Begin

Browser Requirements

SonicWall GMS uses advanced browser technologies such as HTML5 that are supported in most recent

browsers. SonicWall recommends using the latest Chrome, Firefox, Internet Explorer, or Safari browsers for

administration of the SonicWall GMS.

This release supports the following Web browsers:

• Chrome 42.0 and higher (recommended browser for dashboard real-time graphics display)

• Mozilla Firefox 37.0 and higher

• Microsoft Edge 41 or higher

• Internet Explorer 11.0 and higher (do not use compatibility mode)

Mobile device browsers are not recommended for SonicWall GMS system administration.

Database Requirements

Separately installed instances of MySQL are not supported with GMS.

The following SQL Server versions are supported:

• SQL Server 2014

• SQL Server 2012

Java Requirements

Download and install the latest version of the Java 8 plug-in on any system that accesses the GMS management

interface. This can be downloaded from:

www.java.com

https://www.oracle.com/technetwork/java/javase/downloads/index.html

NOTE: Internet Explorer version 10.0 in Metro interfaces of Windows 8 is currently not supported.

Turn off Compatibility Mode when accessing the GMS management interface with Internet

Explorer. For more information, see the Knowledge Base article located at:

https://www.sonicwall.com/en-us/support/knowledge-base/170502904412584

NOTE: If using Chrome version 42 and newer to access GMS 7.2 and older, you will need to enable NPAPI

support in Chrome, which by default has been disabled starting with version 42.

NOTE: For SQL Server deployments in countries in which English is not the default language, set the

default language to English in the Login Properties of the GMS database user in the SQL Server

configuration.

NOTE: A database user with “DB Creator” privileges must be provided to GMS during the Role

Configuration process of any GMS Server.

NOTE: Java is required only when you are using Net Monitor.

SonicWall GMS 8.7 Getting Started Guide

Before You Begin

Network Requirements

To complete the SonicWall GMS Software deployment process documented in this Getting Started Guide, the

following network requirements must be met:

• The SonicWall GMS server must have access to the Internet

• The SonicWall GMS server must have a static IP address

Microsoft Azure Platform Requirements

SonicWall Global Management System (GMS) can now be deployed as software on a Microsoft Azure cloud

computing platform. This allows you to have more flexibility in the types of server you select to host GMS. Refer

to the following documentation to set up the Azure platform:

• Tutorial: Create and Manage Windows VMs with Azure PowerShell

• Quickstart: Create a Windows Virtual Machine in the Azure Portal.

NOTE: GMS 8.7 supports closed network deployments. A closed network deployment does not

require Internet access, see the GMS 8.5 Closed Network Deployment Guide for more information.

NOTE: Depending on the configuration of SonicWall log settings and the amount of traffic handled

by each device, the network traffic can vary dramatically. The 1 KB/s for each device is a general

recommendation. Your installation requirements can vary. Refer to the Capacity Planning Tool.

NOTE: You need to have the following ports open in Microsoft Azure to deploy GMS: 3389, 3306, 514,

8585, 2055, 443, and 21021.

SonicWall GMS 8.7 Getting Started Guide

Before You Begin

SonicWall Appliance and Firmware Support

SonicWall GMS supports SonicWall firewall App Control policy management and reporting. Refer to the SonicOS

documentation for information on which SonicOS firmware versions support these features.

SonicWall GMS 8.7 supports the following SonicWall appliances and firmware versions:

Notes:

• Appliances running firmware newer than this GMS release can still be managed and reports can still be

generated. However, the new features in the firmware will be supported in an upcoming release of GMS.

• GMS 8.7 does not support SonicOS 5.8 or earlier using RC4.

NOTE: GMS 8.7 does not support legacy SonicWall appliances, including:

• Firewall appliances running firmware earlier than SonicOS 5.0

• CSM Series

• CDP Series

Component Requirements

SonicWall Platforms SonicWall Firmware Version

Network Security Appliance

NSsp 12000 6.5.1.8-1n or newer

SuperMassive 10000 series SonicOS 6.0 or newer

NOTE: Only partial policy management and reporting support is

currently available. The following SuperMassive specific features

are not supported for centralized policy management in GMS:

• Multi-blade Comprehensive Anti-Spam Service (CASS)

• High Availability/Clustering

• Support for Management Interface

• Flow Reporting Configurations

• Multi-blade VPN

• Advanced Switching

• Restart: SonicOS versus Chassis

Contact your SonicWall Sales representative through

https://www.sonicwall.com/en-us/customers/contact-sales for

more information.

SuperMassive 9000 series SonicOS 6.1 or newer

NSA/NSa series SonicOS 5.5 or newer

NSv series SonicOS 6.5.2 or newer

TZ series and TZ Wireless SonicOS 5.5 or newer

SonicWall SOHO SonicOS 5.9.1.3 or newer 5.9 versions

SOHO Wireless SonicOS 6.2.6 or newer 6.x versions

Secure Mobile Access

SRA/SSL-VPN Series SSL-VPN 2.0 or newer (management)

SSL-VPN 2.1 or newer (management and reporting)

E-Class SRA Series E-Class SRA 9.0 or newer

SMA 6200/7200 SMA 10.7.2 or newer

Email Security/Anti-Spam

Email Security Series Email Security 7.2 or newer (management only)

SonicWall GMS 8.7 Getting Started Guide

Before You Begin

Non-SonicWall Appliance Support

SonicWall GMS provides monitoring support for non-SonicWall TCP/IP and SNMP-enabled devices and

applications.

SonicWall GMS Gateway Recommendations

A GMS gateway is a SonicWall firewall appliance that allows for secure communication between the

SonicWall GMS server and the managed appliance(s), using VPN tunnels.

A GMS gateway is not required in all deployment scenarios, but when deployed, the GMS gateway must be a

SonicWall VPN-based network security appliance running SonicOS Enhanced firmware or another VPN device

that is interoperable with SonicWall VPN. The GMS gateway provides a VPN management tunnel for each

managed appliance. The number of management tunnels depends on the number of VPNs supported by the

GMS gateway appliance and could be a limiting factor.

For complete information about SonicWall GMS management methods and requirements for a GMS Gateway,

see the “GMS Gateway Requirements” section in the GMS 8.7 INTRODUCTION - DASHBOARD Administration

Guide.

Record Configuration Information

Before continuing, record the following configuration information for your reference:

SMTP Server Address: The IP address or host name of your Simple Mail Transfer Protocol (SMTP)

server. For example, mail.emailprovider.com.

HTTPS Web Server Port: The number of your secure (SSL) Web server port if customized. The default

port is 443.

GMS Administrator Email 1: The email address of a SonicWall GMS administrator who receives email

notifications from SonicWall GMS.

GMS Administrator Email 2: The email address of an additional SonicWall GMS administrator who

receives email notifications from SonicWall GMS. This field is optional.

Sender Email Address: The email address from which the email notifications are sent by SonicWall

GMS.

GMS Gateway IP: The IP address of the SonicWall GMS gateway between the GMS agent and

the network. This optional field is only applicable if you have a GMS gateway.

GMS Gateway Password: The password for the SonicWall GMS gateway. This optional field is only

applicable if you have gateway between the GMS and the network.

Database Vendor: Your database vendor if you are using a SQL Server database.*

Database Host/IP: The IP address of the database host. This is not required when using the

bundled database on this server.*

Database User: The MySQL user name for the database administrator. This is not required

when using the bundled database on this server

1. This information is needed if Microsoft SQL Server is used, or in the case of a distributed deployment.

Database Password: The MySQL password for the database administrator. This is not required

when using the bundled database on this server. 1

SonicWall GMS 8.7 Getting Started Guide

Installing and Upgrading

SonicWall GMS Software can be configured for a single server or in a distributed environment on multiple

servers.

SonicWall GMS can be installed as a fresh install or as an upgrade from a previous version.

Topics:

• Installing Universal Management Suite on page 10

• Before Upgrading to GMS 8.7 on page 14

• Upgrading From an Earlier Version of GMS on page 14

Installing Universal Management Suite

In SonicWall GMS, all software components related to GMS, including the MySQL database, executable binary

files for all GMS services, and other necessary files, are installed using the Universal Management Suite (UMS)

single-binary installer. The initial installation phase takes just a few minutes for any type of installation, such as

GMS server, database server, or any other role.

To do a fresh install of the Universal Management Suite from the single binary installer, complete

the following steps:

1 Log in to your GMS management computer as the administrator (Windows).

2 Launch the Universal Management Suite installer, by right-clicking the file:

sw_gmsvp_win_eng_8.7.xxxx.xxxx.exe (where xxxx represent the exact version numbers)

3 Select Run as administrator. It could take several seconds for the InstallAnywhere self-extractor to

initialize.

NOTE: You must disable the User Account Control (UAC) feature on Windows before running the SonicWall

GMS installer. In addition, disable Windows Firewall or your personal firewall before running this installer.

SonicWall GMS 8.7 Getting Started Guide

Installing and Upgrading

4 In the Introduction screen, click Next.

5 In the License Agreement screen, check the box for I accept the terms of the License Agreement.

SonicWall GMS 8.7 Getting Started Guide

Installing and Upgrading

6 Select the path to the folder where you would like to install the files.

You can:

• Accept the default path C:\GMSVP.

• Enter a new path.

• Click Choose to navigate to the selected folder.

7 When you are finished, click Next.

8 In the Universal Management Suite Settings screen, select or enter the IP address to which the GMS

services should bind to listen for inbound TCP, UDP, SNMP, syslog, or other packets. The installer detects

and offers radio buttons for any IP addresses associated with the system. The default is your

management computer IP address. To use a different IP address, select Other and enter the IP address

into the field.

9 Click Next.

10 To use a custom port for HTTPS traffic to the system’s Web Server, enter the port number into the HTTPS

Port field.

11 Click Install.

NOTE: Do not include spaces in the installation path.

NOTE: On a Windows system that has IPv4 and IPv6 addresses, the installer detects both IP

addresses. You must select both IPv4 and IPv6 addresses.

TIP: If you specify a custom port, you need to modify the URLs you use to access GMS by using the

following format:

https://localhost:<port>/ (to login from the local host)

https://<ipaddress>:<port>/ (to login from a remote location)

For example, if you specified https port 8080, the URLs would look like this:

https://localhost:8080/ (for a local host login)

https://10.0.93.20:8080/ (for a remote login)

NOTE: If you receive the message “Cannot bind to the port number specified, please specify a

different one” the port you specified is in use by another program, for example, Internet

Information Services (IIS). Specify a different, unused port, such as 8080.

SonicWall GMS 8.7 Getting Started Guide

Installing and Upgrading

12 If you see a Windows Security Alert for Java, click Unblock.

13 The installer displays a progress bar as the files are installed. Wait a few minutes for the installer to finish.

14 After the files are installed, whether or not the system has a Personal Firewall such as Windows Firewall

enabled, a dialog is displayed notifying you to either disable the firewall or manually open the syslog and

SNMP ports, and to ensure that these ports are open on your network gateway or firewall if you plan to

use HTTPS Management mode for managing remote appliances (instead of GMS Management Tunnel or

Existing Tunnel modes). It also mentions that it you have AntiVirus software running on your system, you

need to exclude the folders associated with this product from being scanned by the AntiVirus Software.

Be sure to adjust the settings as recommended.

15 Click OK. The Universal Management Installer closes and the Universal Management Suite icon appears

on the desktop.

16 Access the SonicWall GMS Software UMH system interface by either:

• Clicking on the new desktop shortcut for Universal Management Suite (your default Web browser

launches: https://localhost/appliance/login).

• Pointing your browser to: https://localhost/.

17 Log in using the these credentials:

• Username — admin

• Password — password

You are prompted to change your password.

To register and license SonicWall GMS, see Registering and Licensing on page 16.

NOTE: You must change your password the first time you log in.

SonicWall GMS 8.7 Getting Started Guide

Installing and Upgrading

Before Upgrading to GMS 8.7

Consider the following before upgrading to GMS 8.7:

• GMS 8.7 does not support 32-bit Windows, and the installer cannot upgrade such a system.

• You must disable the User Account Control (UAC) feature on Windows before running the GMS installer.

In addition, disable Windows Firewall or your personal firewall before running this installer.

• For appliances under management using a GMS Management Tunnel or Existing Tunnel, make sure that

HTTPS management is allowed from the GMS servers. This is because GMS 8.7 logs in to the appliances

using HTTPS only.

• When performing a fresh installation of GMS on Windows, the installer prompts for an IPv6 address of

the server if it detects an IPv6 network.

In a distributed environment, you must upgrade all GMS servers in your deployment to the same version of

GMS. You cannot have some servers running version 8.7 and others running earlier versions.

Upgrading From an Earlier Version of GMS

GMS can be upgraded from previous versions. To upgrade GMS from a version earlier than 8.6, see the

knowledge base article located at:

https://www.sonicwall.com/support/knowledge-base/gms-8-7-upgrade/190412145920365/.

For SonicWall GMS deployments, upgrading from GMS 8.6 to 8.7 can be performed by logging in to the windows

system, downloading the GMS 8.7 file, and running the installation wizard. After successfully completing the

installation wizard, you can first log into the GMS appliance interface and then log in to the sgms interface.

SonicWall recommends rebooting after upgrading the appliance.

Shut down all GMS servers except the one that is running the database. Then upgrade the Console/AIOP first

and then the other servers. You must upgrade all GMS servers in your deployment to the same version of

SonicWall GMS 8.7. You cannot have some servers running version 8.7 and others running an earlier version.

To register and license SonicWall GMS, see Registering and Licensing on page 16.

Upgrading the SonicWall GMS Software

This section provides procedures for upgrading an existing SonicWall GMS 8.1 or newer installation to GMS 8.7.

GMS can be configured for a single server or in a distributed environment on multiple servers. GMS 8.7 can only

be installed as a fresh install or as an upgrade from GMS 8.6. To upgrade GMS from a version earlier than 8.6,

you need to upgrade to major versions of GMS until you reach 8.6, then you can upgrade GMS 8.6 to GMS 8.7.

To upgrade, complete the following:

1 Open a web browser and navigate to www.mysonicwall.com.

CAUTION: If you have an UMA EM5000 appliance or a Windows 32-bit GMS Server currently in your

deployment, you must migrate them first to a Windows 64-bit GMS server or decommission these

systems, before upgrading to 8.7. A pop-up message displays and installation stops if the deployment

has an active UMA or a Windows 32-bit GMS Server.

CAUTION: If you are upgrading to GMS 8.7 and still have CDP appliances under management, those

appliances are automatically removed from GMS after the upgrade.

NOTE: You must have a valid support license to upgrade your GMS.

SonicWall GMS 8.7 Getting Started Guide

Installing and Upgrading

2 Use your credentials to log in to your account.

3 Navigate to Resources & Support > My Downloads.

4 Download the GMS 8.7 software.

5 After the file has downloaded, double-click the file and follow the onscreen instructions. The Installer

detects any previous installations of GMS. Click Install to proceed with the installation.

6 If you see a Windows Security Alert for Java, click Unblock. The installer displays a progress bar as the

files are installed. Wait a few minutes for the installer to finish installing.

7 After the files are installed, whether or not the system has a Personal Firewall such as Windows Firewall

enabled, a dialog is displayed notifying you to either disable the firewall or manually open the syslog and

SNMP ports, and to ensure that these ports are open on your network gateway or firewall if you plan to

use HTTPS Management mode for managing remote appliances (instead of GMS Management Tunnel or

Existing Tunnel modes). Click OK. Be sure to adjust the settings as recommended.

8 After the installer has completed, reboot the system to complete the installation.

SonicWall GMS 8.7 Getting Started Guide

Registering and Licensing

All instances of SonicWall GMS Software must be registered and licensed before use. This requirement applies

to both single server deployments or distributed deployments on multiple servers, to fresh or upgraded

installations, and to software installations on Windows servers or to SonicWall UMH appliances.

Topics:

• Registering/Licensing After a Fresh Install on page 16

• Registering Associated Servers in a Distributed Deployment on page 18

• Registering Associated Servers in a Closed Network Deployment on page 19

Registering/Licensing After a Fresh Install

SonicWall GMS registration is done using the Universal Management Host (UMH) system interface. When

installing Universal Management Suite (UMS) on a server, or host, a Web server is installed to provide the UMH

system interface. The system interface is available by default after restarting the system at:

https://localhost/.

To complete registration, the system must have access to the Internet and you must have a MySonicWall

account. The SonicWall License Manager, available on the System > Licenses page of the UMH system interface,

allows you to log in and enter your registration information on MySonicWall.

NOTE: MySonicWall registration information is not sold or shared with any other company.

SonicWall GMS 8.7 Getting Started Guide

Registering and Licensing

To register and license SonicWall GMS on this server, complete the following steps:

1 Launch the Universal Management Suite by double clicking on the UMS desktop icon, or by opening a

Web browser and entering https://localhost/ to launch the UMH system interface.

2 Type admin in the User field, and password in the Password field and then click LOGIN.

3 The Login page reloads to force a password change. Enter a new password into both the New Password

and Confirm New Password fields.

4 Click Submit.

5 On the System > Status page, the Registration Pending notification across the top of the screen indicates

that the system is not registered, the Serial Number status is UNKNOWN, and the License status displays

Not Licensed. To begin registration, click Register at the top of the screen.

6 On the License Management page, enter your MySonicWall user name and password into the

appropriate fields and then click Submit.

7 On the second License Management page, Enter your 12-character software serial number into the

Serial Number field and your authentication code into the Authentication Code field. Optionally, you can

click the click here link to enter your 8-character serial number.

NOTE: If you specified a custom port (a port other than the default port 80), in Installing

Universal Management Suite on page 17, modify the URL as follows:

https://localhost:<port>/

For example, if you specified port 8080, the URL would be: https://localhost:8080/

NOTE: If you do not have a MySonicWall account, you must create one before continuing. Click the

link to create a MySonicWall account.

NOTE: If this is the first SonicWall GMS Software that you are registering in a multi-server

deployment, the Serial Number and Authentication Code you received from your SonicWall sales

representative is entered here. As you add more instances of SonicWall GMS Software on Windows

Server systems to the distributed deployment, use the same serial number used for the installation

of the first GMS Windows Software or SonicWall appliance. You can use the GMS Windows serial

number to register associated servers if it is a full-retail GMS serial number, but not a Demo or Free

Trial GMS serial number. See Registering and Licensing on page 16.

SonicWall GMS 8.7 Getting Started Guide

Registering and Licensing

8 Enter a friendly into the Friendly Name field. The friendly name is displayed on MySonicWall to more

easily identify the installation on this system.

9 Click Submit; the License Management screen displays a completion screen.

10 Click Continue; the license summary information is populated.

11 When registration is complete, the Deployment > Roles page displays. For instructions on configuring

these settings, see Configuring UMH Deployment Options on page 20.

Registering Associated Servers in a Distributed

Deployment

When you have a distributed SonicWall GMS deployment involving more than one SonicWall appliance or

software instance of SonicWall GMS, you can associate these components during the registration process. A

MySonicWall account is required. In a distributed deployment, SonicWall GMS must be registered and licensed

on each server and associated with the initially registered instance of GMS. This is accomplished by entering the

serial number of the primary instance of SonicWall GMS when registering each subsequent server in the

distributed deployment.

When the primary instance of SonicWall GMS is an appliance, you can download the UMS installer from

MySonicWall, so that you can install the UMS on Windows systems to be used in the distributed deployment.

When registering the software instances of SonicWall GMS, use the serial number of the appliance.

To register a SonicWall GMS instance as an associated server in an existing GMS deployment,

complete the following steps:

1 In a browser, log in to the system management interface.

2 Click Register.

3 Navigate to System > Licenses and click Manage Licenses.

4 On the License Management page, enter the same MySonicWall user name and password that you used

when registering the primary instance of GMS into the appropriate field.

5 Click Submit.

6 On the second License Management page, do one of the following:

• Type the 12-character serial number of the primary GMS into the Serial Number field and type

the authentication code of the primary GMS into the Authentication Code field. The primary

GMS must already be registered.

• If adding an appliance as a secondary member of a distributed deployment, the License Manager

automatically populates the Serial Number field. You do have the opportunity to add this unit to

the existing deployment in a later step.

• If you have an eight-character serial number because you upgraded this distributed deployment

from a previous version of GMS, and have the eight-character Serial Number, click the Click here if

you have an 8-character serial number link and enter the serial number of the primary GMS.

NOTE: If this is the first SonicWall GMS Software that you have registered in a multi-server

deployment, the Friendly Name for this system is also used as the name for the distributed

deployment. See Registering and Licensing on page 16.

NOTE: The base 10-node or 25-node management license is not automatically increased when additional

servers are associated with an existing SonicWall GMS deployment. You can purchase additional node

licenses on MySonicWall.

SonicWall GMS 8.7 Getting Started Guide

Registering and Licensing

7 Type a descriptive name for the system into the Friendly Name field.

8 Click Submit.

9 In the License Management completion screen, click Continue.

10 After registration, the next step is to select the role for this GMS server. Continue with the procedure

described in Configuring UMH Deployment Options on page 28.

Registering Associated Servers in a Closed

Network Deployment

To complete registration in a closed network deployment, see the GMS 8.5 Closed Network Deployment Guide.

SonicWall GMS 8.7 Getting Started Guide

Configuring UMH Deployment Options

The role that you assign to your SonicWall GMS defines the Universal Management Suite services that it

provides. SonicWall GMS uses these services to do management, monitoring, and reporting tasks.

Your SonicWall GMS can be deployed in any of the following roles:

• All in One

• Database Only

• Console

• Agent

• Report Summarizer

• Monitor

• Event

• Syslog Collector

• Flow Server

• All in One - Flow Server (Demo Mode Only)

Topics:

• Deployment Requirements on page 20

• Deployment Considerations on page 21

• Using the Role Configuration Tool on page 22

• Manually Configuring the System Role on page 25

• Controlling Deployment Services on page 38

Deployment Requirements

Consider the following before deploying the GMS:

• SonicWall GMS management is not supported on Apple MacOS.

• All modes of the application run in 64-bit mode.

• Using the Flow Server Agent role requires a minimum of:

• Quad Core

• 16GB of memory

• 300GB available disk space

Page is loading ...

SonicWALL SM 9400 Quick start guide

Brand: SonicWALL

Model: SM 9400

Category: Database software

Type: Quick start guide

Download PDF

report

SonicWALL SM 9400 Quick start guide

SonicWALL SM 9400 Quick start guide

Related papers

Other documents