SonicWALL SM 9400 Quick start guide

Category
Database software
Type
Quick start guide
SonicWall® GMS 8.7 Software
Getting Started Guide
SonicWall GMS 8.7 Getting Started Guide
Contents
1
2
Before You Begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
System Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Record Configuration Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Installing and Upgrading . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Installing Universal Management Suite . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Before Upgrading to GMS 8.7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Upgrading From an Earlier Version of GMS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Upgrading the SonicWall GMS Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
Registering and Licensing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Registering/Licensing After a Fresh Install . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Registering Associated Servers in a Distributed Deployment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
Registering Associated Servers in a Closed Network Deployment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
Configuring UMH Deployment Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
Deployment Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
Deployment Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Using the Role Configuration Tool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Manually Configuring the System Role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
Configuring the All In One Role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
Configuring the Database Only Role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
Configuring the Console Role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
Configuring the Agent Role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Configuring the Reports Summarizer Role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Configuring the Monitor Role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
Configuring the Event Role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Configuring the Syslog Collector Role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Configuring the Flow Server Role (Virtual Appliances Only) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
Configuring the All in One-Flow Server (Demo Mode Only) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
Configuring the Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
Configuring Database Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
Configuring Deployment Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
Controlling Deployment Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
Introduction to the Management Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
Overview of the Two Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
Switching Between Management Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
UMH System Interface Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
Management Interface Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
Login Screen . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
Dashboard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
Live Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
Multi-Firewall Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
Contents
SonicWall GMS 8.7 Getting Started Guide
Contents
3
Management Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
Using the GMS TreeControl Panel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
Provisioning and Adding Units . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
Before You Begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
Provisioning a SonicWall Firewall Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
Provisioning a SonicWall Firewall Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
Provisioning a SonicWall SMA SMB Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
Provisioning a SonicWall E-Class SMA Series Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50
Provisioning a SonicWall Email Security Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50
Adding SonicWall Appliances . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
Adding SonicWall Appliances Manually . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
Importing SonicWall Appliances . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54
Managing Multiple Appliances . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55
Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56
SonicWall Live Product Demos . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
SonicWall Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58
About This Document . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59
SonicWall GMS 8.7 Getting Started Guide
Before You Begin
1
4
Before You Begin
This Getting Started Guide contains installation procedures and configuration guidelines for deploying
SonicWall® GMS on a server on your network. SonicWall GMS is a Web-based application that can configure,
manage, and monitor the status of thousands of SonicWall firewalls, Internet security appliances and
non-SonicWall appliances from a central location. SonicWall GMS provides the following benefits:
Centralized security and network management
Sophisticated VPN deployment and configuration
Active device monitoring and alerts
Intelligent reporting, analytics, and activity visualization
Centralized logging and offline management
Topics:
System Requirements on page 4
Record Configuration Information on page 9
System Requirements
SonicWall GMS software comes with a base license to manage either 5, 10, or 25 nodes. You can purchase
additional licenses on MySonicWall. For more information on licensing additional nodes, read the “SonicWall
Upgrades” section of the GMS 8.7 Console Admin Guide.
Before installing SonicWall GMS, review the following requirements.
Topics:
Operating System Requirements on page 5
Unsupported Platforms on page 5
GMS Hardware Resource Requirements on page 5
Hard Drive HDD Specifications
Browser Requirements on page 6
Database Requirements on page 6
Java Requirements on page 6
Microsoft Azure Platform Requirements on page 7
SonicWall Appliance and Firmware Support on page 8
Non-SonicWall Appliance Support on page 9
SonicWall GMS Gateway Recommendations on page 9
SonicWall GMS 8.7 Getting Started Guide
Before You Begin
5
Operating System Requirements
SonicWall GMS Software release supports the following operating systems:
Windows Server 2016 Standard (English and Japanese language versions)
Windows Server 2012 Standard 64-bit
Windows Server 2012 R2 Standard 64-bit (English and Japanese language versions)
Windows Server 2012 R2 Datacenter
These Windows systems can either run in physical standalone hardware platforms, or as a virtual machine under
Microsoft Azure or Windows Server 2012 Hyper-V or VMware ESXi.
Unsupported Platforms
The following platforms have been dropped from support:
CDP management and reporting
UMA EM5000 as part of the GMS deployment
Windows 32-bit as part of the GMS deployment
Firewalls with firmware older than SonicOS 5.0
Gen4 or older Firewalls
GMS Hardware Resource Requirements
Use the Capacity Planning Tool to determine the hardware requirements for your deployment.
Hard Drive HDD Specifications
The following hard drive HDD specifications are required when using GMS Software on a Windows Server or a
GMS Virtual Appliance:
TIP: All listed operating systems are supported in both virtualized and non-virtualized environments. In a
Hyper-V virtualized environment, Windows Server is a guest operating system running on Hyper-V. GMS is
then installed on the Windows Server virtual machine that is layered over Hyper-V.
NOTE: GMS is not supported on Amazon Web Services EC2.
NOTE: A Windows 64-bit operating system with a RAM of 16GB is highly recommended for better
performance of reporting modules. Read the “Capacity Planning and Performance Tuning” appendix in the
GMS 8.7 Firewall - Manage Administration Guide.
Hardware Requirements
Requirement Details
Spindle Speed 10,000 RPM or higher
Cache 64 MB or higher
Transfer rate 600 MBs or higher
Average latency 4 microseconds or lower
SonicWall GMS 8.7 Getting Started Guide
Before You Begin
6
Browser Requirements
SonicWall GMS uses advanced browser technologies such as HTML5 that are supported in most recent
browsers. SonicWall recommends using the latest Chrome, Firefox, Internet Explorer, or Safari browsers for
administration of the SonicWall GMS.
This release supports the following Web browsers:
Chrome 42.0 and higher (recommended browser for dashboard real-time graphics display)
Mozilla Firefox 37.0 and higher
Microsoft Edge 41 or higher
Internet Explorer 11.0 and higher (do not use compatibility mode)
Mobile device browsers are not recommended for SonicWall GMS system administration.
Database Requirements
Separately installed instances of MySQL are not supported with GMS.
The following SQL Server versions are supported:
SQL Server 2014
SQL Server 2012
Java Requirements
Download and install the latest version of the Java 8 plug-in on any system that accesses the GMS management
interface. This can be downloaded from:
www.java.com
or
https://www.oracle.com/technetwork/java/javase/downloads/index.html
NOTE: Internet Explorer version 10.0 in Metro interfaces of Windows 8 is currently not supported.
Turn off Compatibility Mode when accessing the GMS management interface with Internet
Explorer. For more information, see the Knowledge Base article located at:
https://www.sonicwall.com/en-us/support/knowledge-base/170502904412584
NOTE: If using Chrome version 42 and newer to access GMS 7.2 and older, you will need to enable NPAPI
support in Chrome, which by default has been disabled starting with version 42.
NOTE: For SQL Server deployments in countries in which English is not the default language, set the
default language to English in the Login Properties of the GMS database user in the SQL Server
configuration.
NOTE: A database user with “DB Creator” privileges must be provided to GMS during the Role
Configuration process of any GMS Server.
NOTE: Java is required only when you are using Net Monitor.
SonicWall GMS 8.7 Getting Started Guide
Before You Begin
7
Network Requirements
To complete the SonicWall GMS Software deployment process documented in this Getting Started Guide, the
following network requirements must be met:
The SonicWall GMS server must have access to the Internet
The SonicWall GMS server must have a static IP address
Microsoft Azure Platform Requirements
SonicWall Global Management System (GMS) can now be deployed as software on a Microsoft Azure cloud
computing platform. This allows you to have more flexibility in the types of server you select to host GMS. Refer
to the following documentation to set up the Azure platform:
Tutorial: Create and Manage Windows VMs with Azure PowerShell
Quickstart: Create a Windows Virtual Machine in the Azure Portal.
NOTE: GMS 8.7 supports closed network deployments. A closed network deployment does not
require Internet access, see the GMS 8.5 Closed Network Deployment Guide for more information.
NOTE: Depending on the configuration of SonicWall log settings and the amount of traffic handled
by each device, the network traffic can vary dramatically. The 1 KB/s for each device is a general
recommendation. Your installation requirements can vary. Refer to the Capacity Planning Tool.
NOTE: You need to have the following ports open in Microsoft Azure to deploy GMS: 3389, 3306, 514,
8585, 2055, 443, and 21021.
SonicWall GMS 8.7 Getting Started Guide
Before You Begin
8
SonicWall Appliance and Firmware Support
SonicWall GMS supports SonicWall firewall App Control policy management and reporting. Refer to the SonicOS
documentation for information on which SonicOS firmware versions support these features.
SonicWall GMS 8.7 supports the following SonicWall appliances and firmware versions:
Notes:
Appliances running firmware newer than this GMS release can still be managed and reports can still be
generated. However, the new features in the firmware will be supported in an upcoming release of GMS.
GMS 8.7 does not support SonicOS 5.8 or earlier using RC4.
NOTE: GMS 8.7 does not support legacy SonicWall appliances, including:
Firewall appliances running firmware earlier than SonicOS 5.0
CSM Series
CDP Series
Component Requirements
SonicWall Platforms SonicWall Firmware Version
Network Security Appliance
NSsp 12000 6.5.1.8-1n or newer
SuperMassive 10000 series SonicOS 6.0 or newer
NOTE: Only partial policy management and reporting support is
currently available. The following SuperMassive specific features
are not supported for centralized policy management in GMS:
Multi-blade Comprehensive Anti-Spam Service (CASS)
High Availability/Clustering
Support for Management Interface
Flow Reporting Configurations
Multi-blade VPN
Advanced Switching
Restart: SonicOS versus Chassis
Contact your SonicWall Sales representative through
https://www.sonicwall.com/en-us/customers/contact-sales for
more information.
SuperMassive 9000 series SonicOS 6.1 or newer
NSA/NSa series SonicOS 5.5 or newer
NSv series SonicOS 6.5.2 or newer
TZ series and TZ Wireless SonicOS 5.5 or newer
SonicWall SOHO SonicOS 5.9.1.3 or newer 5.9 versions
SOHO Wireless SonicOS 6.2.6 or newer 6.x versions
Secure Mobile Access
SRA/SSL-VPN Series SSL-VPN 2.0 or newer (management)
SSL-VPN 2.1 or newer (management and reporting)
E-Class SRA Series E-Class SRA 9.0 or newer
SMA 6200/7200 SMA 10.7.2 or newer
Email Security/Anti-Spam
Email Security Series Email Security 7.2 or newer (management only)
SonicWall GMS 8.7 Getting Started Guide
Before You Begin
9
Non-SonicWall Appliance Support
SonicWall GMS provides monitoring support for non-SonicWall TCP/IP and SNMP-enabled devices and
applications.
SonicWall GMS Gateway Recommendations
A GMS gateway is a SonicWall firewall appliance that allows for secure communication between the
SonicWall GMS server and the managed appliance(s), using VPN tunnels.
A GMS gateway is not required in all deployment scenarios, but when deployed, the GMS gateway must be a
SonicWall VPN-based network security appliance running SonicOS Enhanced firmware or another VPN device
that is interoperable with SonicWall VPN. The GMS gateway provides a VPN management tunnel for each
managed appliance. The number of management tunnels depends on the number of VPNs supported by the
GMS gateway appliance and could be a limiting factor.
For complete information about SonicWall GMS management methods and requirements for a GMS Gateway,
see the “GMS Gateway Requirements” section in the GMS 8.7 INTRODUCTION - DASHBOARD Administration
Guide.
Record Configuration Information
Before continuing, record the following configuration information for your reference:
SMTP Server Address: The IP address or host name of your Simple Mail Transfer Protocol (SMTP)
server. For example, mail.emailprovider.com.
HTTPS Web Server Port: The number of your secure (SSL) Web server port if customized. The default
port is 443.
GMS Administrator Email 1: The email address of a SonicWall GMS administrator who receives email
notifications from SonicWall GMS.
GMS Administrator Email 2: The email address of an additional SonicWall GMS administrator who
receives email notifications from SonicWall GMS. This field is optional.
Sender Email Address: The email address from which the email notifications are sent by SonicWall
GMS.
GMS Gateway IP: The IP address of the SonicWall GMS gateway between the GMS agent and
the network. This optional field is only applicable if you have a GMS gateway.
GMS Gateway Password: The password for the SonicWall GMS gateway. This optional field is only
applicable if you have gateway between the GMS and the network.
Database Vendor: Your database vendor if you are using a SQL Server database.*
Database Host/IP: The IP address of the database host. This is not required when using the
bundled database on this server.*
Database User: The MySQL user name for the database administrator. This is not required
when using the bundled database on this server
1
1. This information is needed if Microsoft SQL Server is used, or in the case of a distributed deployment.
Database Password: The MySQL password for the database administrator. This is not required
when using the bundled database on this server. 1
SonicWall GMS 8.7 Getting Started Guide
Installing and Upgrading
2
10
Installing and Upgrading
SonicWall GMS Software can be configured for a single server or in a distributed environment on multiple
servers.
SonicWall GMS can be installed as a fresh install or as an upgrade from a previous version.
Topics:
Installing Universal Management Suite on page 10
Before Upgrading to GMS 8.7 on page 14
Upgrading From an Earlier Version of GMS on page 14
Installing Universal Management Suite
In SonicWall GMS, all software components related to GMS, including the MySQL database, executable binary
files for all GMS services, and other necessary files, are installed using the Universal Management Suite (UMS)
single-binary installer. The initial installation phase takes just a few minutes for any type of installation, such as
GMS server, database server, or any other role.
To do a fresh install of the Universal Management Suite from the single binary installer, complete
the following steps:
1 Log in to your GMS management computer as the administrator (Windows).
2 Launch the Universal Management Suite installer, by right-clicking the file:
sw_gmsvp_win_eng_8.7.xxxx.xxxx.exe (where xxxx represent the exact version numbers)
3 Select Run as administrator. It could take several seconds for the InstallAnywhere self-extractor to
initialize.
NOTE: You must disable the User Account Control (UAC) feature on Windows before running the SonicWall
GMS installer. In addition, disable Windows Firewall or your personal firewall before running this installer.
SonicWall GMS 8.7 Getting Started Guide
Installing and Upgrading
11
4 In the Introduction screen, click Next.
5 In the License Agreement screen, check the box for I accept the terms of the License Agreement.
SonicWall GMS 8.7 Getting Started Guide
Installing and Upgrading
12
6 Select the path to the folder where you would like to install the files.
You can:
Accept the default path C:\GMSVP.
Enter a new path.
Click Choose to navigate to the selected folder.
7 When you are finished, click Next.
8 In the Universal Management Suite Settings screen, select or enter the IP address to which the GMS
services should bind to listen for inbound TCP, UDP, SNMP, syslog, or other packets. The installer detects
and offers radio buttons for any IP addresses associated with the system. The default is your
management computer IP address. To use a different IP address, select Other and enter the IP address
into the field.
9 Click Next.
10 To use a custom port for HTTPS traffic to the system’s Web Server, enter the port number into the HTTPS
Port field.
11 Click Install.
NOTE: Do not include spaces in the installation path.
NOTE: On a Windows system that has IPv4 and IPv6 addresses, the installer detects both IP
addresses. You must select both IPv4 and IPv6 addresses.
TIP: If you specify a custom port, you need to modify the URLs you use to access GMS by using the
following format:
https://localhost:<port>/ (to login from the local host)
or
https://<ipaddress>:<port>/ (to login from a remote location)
For example, if you specified https port 8080, the URLs would look like this:
https://localhost:8080/ (for a local host login)
or
https://10.0.93.20:8080/ (for a remote login)
NOTE: If you receive the message “Cannot bind to the port number specified, please specify a
different one” the port you specified is in use by another program, for example, Internet
Information Services (IIS). Specify a different, unused port, such as 8080.
SonicWall GMS 8.7 Getting Started Guide
Installing and Upgrading
13
12 If you see a Windows Security Alert for Java, click Unblock.
13 The installer displays a progress bar as the files are installed. Wait a few minutes for the installer to finish.
14 After the files are installed, whether or not the system has a Personal Firewall such as Windows Firewall
enabled, a dialog is displayed notifying you to either disable the firewall or manually open the syslog and
SNMP ports, and to ensure that these ports are open on your network gateway or firewall if you plan to
use HTTPS Management mode for managing remote appliances (instead of GMS Management Tunnel or
Existing Tunnel modes). It also mentions that it you have AntiVirus software running on your system, you
need to exclude the folders associated with this product from being scanned by the AntiVirus Software.
Be sure to adjust the settings as recommended.
15 Click OK. The Universal Management Installer closes and the Universal Management Suite icon appears
on the desktop.
16 Access the SonicWall GMS Software UMH system interface by either:
Clicking on the new desktop shortcut for Universal Management Suite (your default Web browser
launches: https://localhost/appliance/login).
Pointing your browser to: https://localhost/.
17 Log in using the these credentials:
Usernameadmin
Passwordpassword
You are prompted to change your password.
To register and license SonicWall GMS, see Registering and Licensing on page 16.
NOTE: You must change your password the first time you log in.
SonicWall GMS 8.7 Getting Started Guide
Installing and Upgrading
14
Before Upgrading to GMS 8.7
Consider the following before upgrading to GMS 8.7:
GMS 8.7 does not support 32-bit Windows, and the installer cannot upgrade such a system.
You must disable the User Account Control (UAC) feature on Windows before running the GMS installer.
In addition, disable Windows Firewall or your personal firewall before running this installer.
For appliances under management using a GMS Management Tunnel or Existing Tunnel, make sure that
HTTPS management is allowed from the GMS servers. This is because GMS 8.7 logs in to the appliances
using HTTPS only.
When performing a fresh installation of GMS on Windows, the installer prompts for an IPv6 address of
the server if it detects an IPv6 network.
In a distributed environment, you must upgrade all GMS servers in your deployment to the same version of
GMS. You cannot have some servers running version 8.7 and others running earlier versions.
Upgrading From an Earlier Version of GMS
GMS can be upgraded from previous versions. To upgrade GMS from a version earlier than 8.6, see the
knowledge base article located at:
https://www.sonicwall.com/support/knowledge-base/gms-8-7-upgrade/190412145920365/.
For SonicWall GMS deployments, upgrading from GMS 8.6 to 8.7 can be performed by logging in to the windows
system, downloading the GMS 8.7 file, and running the installation wizard. After successfully completing the
installation wizard, you can first log into the GMS appliance interface and then log in to the sgms interface.
SonicWall recommends rebooting after upgrading the appliance.
Shut down all GMS servers except the one that is running the database. Then upgrade the Console/AIOP first
and then the other servers. You must upgrade all GMS servers in your deployment to the same version of
SonicWall GMS 8.7. You cannot have some servers running version 8.7 and others running an earlier version.
To register and license SonicWall GMS, see Registering and Licensing on page 16.
Upgrading the SonicWall GMS Software
This section provides procedures for upgrading an existing SonicWall GMS 8.1 or newer installation to GMS 8.7.
GMS can be configured for a single server or in a distributed environment on multiple servers. GMS 8.7 can only
be installed as a fresh install or as an upgrade from GMS 8.6. To upgrade GMS from a version earlier than 8.6,
you need to upgrade to major versions of GMS until you reach 8.6, then you can upgrade GMS 8.6 to GMS 8.7.
To upgrade, complete the following:
1 Open a web browser and navigate to www.mysonicwall.com.
CAUTION: If you have an UMA EM5000 appliance or a Windows 32-bit GMS Server currently in your
deployment, you must migrate them first to a Windows 64-bit GMS server or decommission these
systems, before upgrading to 8.7. A pop-up message displays and installation stops if the deployment
has an active UMA or a Windows 32-bit GMS Server.
CAUTION: If you are upgrading to GMS 8.7 and still have CDP appliances under management, those
appliances are automatically removed from GMS after the upgrade.
NOTE: You must have a valid support license to upgrade your GMS.
SonicWall GMS 8.7 Getting Started Guide
Installing and Upgrading
15
2 Use your credentials to log in to your account.
3 Navigate to Resources & Support > My Downloads.
4 Download the GMS 8.7 software.
5 After the file has downloaded, double-click the file and follow the onscreen instructions. The Installer
detects any previous installations of GMS. Click Install to proceed with the installation.
6 If you see a Windows Security Alert for Java, click Unblock. The installer displays a progress bar as the
files are installed. Wait a few minutes for the installer to finish installing.
7 After the files are installed, whether or not the system has a Personal Firewall such as Windows Firewall
enabled, a dialog is displayed notifying you to either disable the firewall or manually open the syslog and
SNMP ports, and to ensure that these ports are open on your network gateway or firewall if you plan to
use HTTPS Management mode for managing remote appliances (instead of GMS Management Tunnel or
Existing Tunnel modes). Click OK. Be sure to adjust the settings as recommended.
8 After the installer has completed, reboot the system to complete the installation.
SonicWall GMS 8.7 Getting Started Guide
Registering and Licensing
3
16
Registering and Licensing
All instances of SonicWall GMS Software must be registered and licensed before use. This requirement applies
to both single server deployments or distributed deployments on multiple servers, to fresh or upgraded
installations, and to software installations on Windows servers or to SonicWall UMH appliances.
Topics:
Registering/Licensing After a Fresh Install on page 16
Registering Associated Servers in a Distributed Deployment on page 18
Registering Associated Servers in a Closed Network Deployment on page 19
Registering/Licensing After a Fresh Install
SonicWall GMS registration is done using the Universal Management Host (UMH) system interface. When
installing Universal Management Suite (UMS) on a server, or host, a Web server is installed to provide the UMH
system interface. The system interface is available by default after restarting the system at:
https://localhost/.
To complete registration, the system must have access to the Internet and you must have a MySonicWall
account. The SonicWall License Manager, available on the System > Licenses page of the UMH system interface,
allows you to log in and enter your registration information on MySonicWall.
NOTE: MySonicWall registration information is not sold or shared with any other company.
SonicWall GMS 8.7 Getting Started Guide
Registering and Licensing
17
To register and license SonicWall GMS on this server, complete the following steps:
1 Launch the Universal Management Suite by double clicking on the UMS desktop icon, or by opening a
Web browser and entering https://localhost/ to launch the UMH system interface.
2 Type admin in the User field, and password in the Password field and then click LOGIN.
3 The Login page reloads to force a password change. Enter a new password into both the New Password
and Confirm New Password fields.
4 Click Submit.
5 On the System > Status page, the Registration Pending notification across the top of the screen indicates
that the system is not registered, the Serial Number status is UNKNOWN, and the License status displays
Not Licensed. To begin registration, click Register at the top of the screen.
6 On the License Management page, enter your MySonicWall user name and password into the
appropriate fields and then click Submit.
7 On the second License Management page, Enter your 12-character software serial number into the
Serial Number field and your authentication code into the Authentication Code field. Optionally, you can
click the click here link to enter your 8-character serial number.
NOTE: If you specified a custom port (a port other than the default port 80), in Installing
Universal Management Suite on page 17, modify the URL as follows:
https://localhost:<port>/
For example, if you specified port 8080, the URL would be: https://localhost:8080/
NOTE: If you do not have a MySonicWall account, you must create one before continuing. Click the
link to create a MySonicWall account.
NOTE: If this is the first SonicWall GMS Software that you are registering in a multi-server
deployment, the Serial Number and Authentication Code you received from your SonicWall sales
representative is entered here. As you add more instances of SonicWall GMS Software on Windows
Server systems to the distributed deployment, use the same serial number used for the installation
of the first GMS Windows Software or SonicWall appliance. You can use the GMS Windows serial
number to register associated servers if it is a full-retail GMS serial number, but not a Demo or Free
Trial GMS serial number. See Registering and Licensing on page 16.
SonicWall GMS 8.7 Getting Started Guide
Registering and Licensing
18
8 Enter a friendly into the Friendly Name field. The friendly name is displayed on MySonicWall to more
easily identify the installation on this system.
9 Click Submit; the License Management screen displays a completion screen.
10 Click Continue; the license summary information is populated.
11 When registration is complete, the Deployment > Roles page displays. For instructions on configuring
these settings, see Configuring UMH Deployment Options on page 20.
Registering Associated Servers in a Distributed
Deployment
When you have a distributed SonicWall GMS deployment involving more than one SonicWall appliance or
software instance of SonicWall GMS, you can associate these components during the registration process. A
MySonicWall account is required. In a distributed deployment, SonicWall GMS must be registered and licensed
on each server and associated with the initially registered instance of GMS. This is accomplished by entering the
serial number of the primary instance of SonicWall GMS when registering each subsequent server in the
distributed deployment.
When the primary instance of SonicWall GMS is an appliance, you can download the UMS installer from
MySonicWall, so that you can install the UMS on Windows systems to be used in the distributed deployment.
When registering the software instances of SonicWall GMS, use the serial number of the appliance.
To register a SonicWall GMS instance as an associated server in an existing GMS deployment,
complete the following steps:
1 In a browser, log in to the system management interface.
2 Click Register.
3 Navigate to System > Licenses and click Manage Licenses.
4 On the License Management page, enter the same MySonicWall user name and password that you used
when registering the primary instance of GMS into the appropriate field.
5 Click Submit.
6 On the second License Management page, do one of the following:
Type the 12-character serial number of the primary GMS into the Serial Number field and type
the authentication code of the primary GMS into the Authentication Code field. The primary
GMS must already be registered.
If adding an appliance as a secondary member of a distributed deployment, the License Manager
automatically populates the Serial Number field. You do have the opportunity to add this unit to
the existing deployment in a later step.
If you have an eight-character serial number because you upgraded this distributed deployment
from a previous version of GMS, and have the eight-character Serial Number, click the Click here if
you have an 8-character serial number link and enter the serial number of the primary GMS.
NOTE: If this is the first SonicWall GMS Software that you have registered in a multi-server
deployment, the Friendly Name for this system is also used as the name for the distributed
deployment. See Registering and Licensing on page 16.
NOTE: The base 10-node or 25-node management license is not automatically increased when additional
servers are associated with an existing SonicWall GMS deployment. You can purchase additional node
licenses on MySonicWall.
SonicWall GMS 8.7 Getting Started Guide
Registering and Licensing
19
7 Type a descriptive name for the system into the Friendly Name field.
8 Click Submit.
9 In the License Management completion screen, click Continue.
10 After registration, the next step is to select the role for this GMS server. Continue with the procedure
described in Configuring UMH Deployment Options on page 28.
Registering Associated Servers in a Closed
Network Deployment
To complete registration in a closed network deployment, see the GMS 8.5 Closed Network Deployment Guide.
SonicWall GMS 8.7 Getting Started Guide
Configuring UMH Deployment Options
4
20
Configuring UMH Deployment Options
The role that you assign to your SonicWall GMS defines the Universal Management Suite services that it
provides. SonicWall GMS uses these services to do management, monitoring, and reporting tasks.
Your SonicWall GMS can be deployed in any of the following roles:
All in One
Database Only
Console
Agent
Report Summarizer
Monitor
Event
Syslog Collector
Flow Server
All in One - Flow Server (Demo Mode Only)
Topics:
Deployment Requirements on page 20
Deployment Considerations on page 21
Using the Role Configuration Tool on page 22
Manually Configuring the System Role on page 25
Controlling Deployment Services on page 38
Deployment Requirements
Consider the following before deploying the GMS:
SonicWall GMS management is not supported on Apple MacOS.
All modes of the application run in 64-bit mode.
Using the Flow Server Agent role requires a minimum of:
Quad Core
16GB of memory
300GB available disk space
  • Page 1 1
  • Page 2 2
  • Page 3 3
  • Page 4 4
  • Page 5 5
  • Page 6 6
  • Page 7 7
  • Page 8 8
  • Page 9 9
  • Page 10 10
  • Page 11 11
  • Page 12 12
  • Page 13 13
  • Page 14 14
  • Page 15 15
  • Page 16 16
  • Page 17 17
  • Page 18 18
  • Page 19 19
  • Page 20 20
  • Page 21 21
  • Page 22 22
  • Page 23 23
  • Page 24 24
  • Page 25 25
  • Page 26 26
  • Page 27 27
  • Page 28 28
  • Page 29 29
  • Page 30 30
  • Page 31 31
  • Page 32 32
  • Page 33 33
  • Page 34 34
  • Page 35 35
  • Page 36 36
  • Page 37 37
  • Page 38 38
  • Page 39 39
  • Page 40 40
  • Page 41 41
  • Page 42 42
  • Page 43 43
  • Page 44 44
  • Page 45 45
  • Page 46 46
  • Page 47 47
  • Page 48 48
  • Page 49 49
  • Page 50 50
  • Page 51 51
  • Page 52 52
  • Page 53 53
  • Page 54 54
  • Page 55 55
  • Page 56 56
  • Page 57 57
  • Page 58 58
  • Page 59 59

SonicWALL SM 9400 Quick start guide

Category
Database software
Type
Quick start guide

Ask a question and I''ll find the answer in the document

Finding information in a document is now easier with AI