Dell SonicWALL GMS Appliance Management and Reporting UMA EM5000 Universal Management Appliance Getting Started Guide For localized product information, see page 73. ᴹޣᵜൠॆӗ૱ؑˈ䈧৲➗ㅜ亥DŽ 䝻䞊䜹䝷䜲䝈䛥䜜䛯〇ရ䛾ሗ䛻䛴䛔䛶䛿䚸㻣㻟㻌䝨䞊䝆䜢ཧ↷䛧䛶䛟䛰䛥䛔䚹 Ь˲߭ࢿ૽ࢽؿЕࢇएձॳˈଜࡁۿ Para informação localizada do produto, veja página 74. Notes, Cautions, and Warnings NOTE: A NOTE indicates important information that helps you make better use of your system. CAUTION: A CAUTION indicates potential damage to hardware or loss of data if instructions are not followed. WARNING: A WARNING indicates a potential for property damage, personal injury, or death. © 2014 Dell Inc. Trademarks: Dell™, the DELL logo, SonicWALL™, SonicWALL GMS™, and all other SonicWALL product and service names and slogans are trademarks of Dell Inc. Microsoft Windows, Internet Explorer, and Active Directory are trademarks or registered trademarks of Microsoft Corporation. 2014 – 03 P/N 232-002290-51 Rev. A 1 In this Guide This Getting Started Guide contains installation procedures and configuration guidelines for deploying the Dell SonicWALL Universal Management Appliance EM5000 (Dell SonicWALL UMA EM5000) in your network. The Dell SonicWALL UMA EM5000 runs the Global Management System, which is a Web-based application that can configure, manage, and monitor the status of thousands of Dell SonicWALL Internet security appliances and non-Dell SonicWALL appliances from a central location. The Dell SonicWALL UMA EM5000 provides these benefits: • Centralized security and network management • Sophisticated VPN deployment and configuration • Active device monitoring and alerts • Intelligent reporting and activity visualization • Centralized logging and offline management Note: For complete documentation, refer to the latest “Dell SonicWALL GMS Administrator’s Guide”. This and other documentation are available at: http://www.sonicwall.com/us/Support.html. For the latest Dell SonicWALL UMA EM5000 firmware version downloads and documentation, login to the MySonicWALL website at http://www.mysonicwall.com. 2 | In this Guide Chapter 1 Sections Include Introduction to the GMS UMA EM5000 - page 7 • • • • • Chapter 2 Sections Include Connecting and Initializing the GMS UMA EM5000 page 17 • • • • • • • Chapter 3 Sections Include Registering Your Appliance - page 25 • Creating a MySonicWALL Account - page 26 • Registering Your Appliance - page 26 • Registering as an Associated Component - page 28 Checking Package Contents - page 8 The Front Panel - page 9 The Rear Panel - page 10 System Requirements - page 11 Recording Configuration Information - page 15 Powering On Your Appliance - page 18 Restarting Your Appliance - page 18 Powering Off Your Appliance - page 18 Logging into the Appliance Management Interface - page 18 Using the Host Configuration Tool - page 19 Connecting the UMA EM5000 to Your Network - page 22 Configuring a Static IP Address on Your Management Computer - page 24 3 Chapter 4 Sections Include Configuring the Role of Your Appliance - page 29 • • • • • Chapter 5 Sections Include Using the GMS Management Interface - page 47 • • • • • • • • • • • • 4 | In this Guide Overview of the UMA EM5000 Roles - page 30 Using the Role Configuration Tool - page 31 Manually Configuring the System Role - page 35 Configuring Deployment Settings - page 43 Starting and Stopping Host Services - page 45 Accessing the Correct Management Interface - page 48 GMS Management Interface Introduction - page 49 GMS Login Screen - page 49 GMS Navigation Tabs - page 49 Dashboard - page 50 Live Monitoring - page 51 Multi-Solution Management - page 51 Management Interface - page 51 Left Pane Overview - page 52 Center Pane Overview - page 52 Right Pane Overview - page 53 Description of Managed Appliance States - page 54 Chapter 6 Sections Include Provisioning and Adding Units - page 57 • • • • • Chapter 7 Sections Include Front Panel LCD Controls - page 65 • • • • • • Chapter 8 Sections Include Support and Training Options - page 69 • • • • • • • Provisioning a Dell SonicWALL Firewall Appliance - page 58 Provisioning a Dell SonicWALL SRA SMB Appliance - page 59 Provisioning a Dell SonicWALL E-Class SRA Series Appliance - page 60 Provisioning a Dell SonicWALL CDP Appliance - page 60 Adding Dell SonicWALL Appliances - page 61 Front Panel Control Features - page 66 Using the Main Menu - page 66 About the Status Menu - page 67 Using the Configure Menu - page 67 Using the Restart Option - page 68 Using the Shutdown Option - page 68 Customer Support - page 70 Knowledge Portal - page 70 Dell SonicWALL Live Product Demos - page 71 User Forums - page 71 Training - page 72 Related Technical Documentation - page 72 Additionally Supported Languages - page 73 5 Chapter 9 Sections Include Product Safety and Regulatory Information page 75 • Replacing a Single Hard Drive - page 76 • Safety and Regulatory Information - page 78 6 | In this Guide Introduction to the GMS UMA EM5000 1 In this Section: This section provides pre-configuration information for setting up your Dell SonicWALL UMA EM5000. • Checking Package Contents - page 8 • The Front Panel - page 9 • The Rear Panel - page 10 • System Requirements - page 11 • Recording Configuration Information - page 15 7 Checking Package Contents Before you begin the setup process, verify that your package contains the following items: 1. 2. 3. 4. 5. 6. One Dell SonicWALL UMA EM5000 appliance One Dell SonicWALL UMA EM5000 Getting Started Guide One Rack Mounting Kit One Ethernet cable One standard power cord* One set of Front Bezel Keys *The included power cord(s) are approved for use only in specific countries or regions. Before using a power cord, verify that it is rated and approved for use in your location. The power cords are for AC mains installation only. See Safety and Regulatory Information for more information. 1 3 2 Dell SonicWALL GMS Appliance Universal Management Appliance UMA EM5000 Management and Reporting UMA EM5000 Universal Management Appliance Getting Started Guide 4 5 6 Missing Items? If any items are missing from your package, contact Dell SonicWALL Support: Web: http://www.sonicwall.com/us/Support.html Email: customer_service@sonicwall.com 8 | Checking Package Contents The Front Panel D-Pad Controls Power Switch Provides up, left, right, and down buttons to navigate the LCD menu: Up/Down: Navigate lists Left: Cancel changes / return to previous Right: Accept changes Allows the SonicWALL appliance to be powered on or off Reset Button Reboots the SonicWALL appliance Universal Management Appliance Front Bezel Release Allows access to drive bays under the front bezel for addition/replacement of hard disks (requires use of included key) LCD Display Provides access to basic system information, settings, and features using the D-Pad controls UMA EM5000 LED Indicators Provides the following system status indications: ALARM: Thermal or other alert condition* ETH0/ETH1: Ethernet link (solid), activity (blinking) HDD: Hard disk activity (blinking) PWR: The appliance is powered (off/on) *For a full list of alerts, refer to the SonicWALL LED Alerts technote document. • Pressing the reset button for several seconds will result in a reboot of the Dell SonicWALL UMA EM5000. • Do not plug devices into any ports (other than those indicated) unless explicitly instructed to do so by a Dell SonicWALL technical support representative; doing so may void your warranty. 9 The Rear Panel Ethernet Port 1 Not authorized for use Power Supply Provides power connection using the supplied power cables USB Ports (2) For future use eSATA Port (1) VGA Port Not authorized for use unless explicitly instructed by a SonicWALL technical support representative For future use Ethernet Port 0 (Management/LAN) Provides configurable Gigabit-capable Ethernet connection to your local network 10 | The Rear Panel Serial Port Provides access to a command line interface (CLI) for SonicWALL technical support use System Requirements The Dell SonicWALL UMA EM5000 comes with a default license to manage 10 nodes. You can purchase additional licenses on MySonicWALL. For more information on licensing additional nodes, visit: http://www.sonicwall.com/us/Products_Solutions.html Database Requirements The Dell SonicWALL UMA EM5000 comes installed with a bundled MySQL 5.0 database and supports the following databases on external systems: • Bundled MySQL 5.0 running on another GMS/UMA server in a distributed deployment • Microsoft SQL Server 2005 SP2 64-bit • Microsoft SQL Server 2008 R2 64-bit Regarding MS SQL Server 2005, GMS supports: • SQL Server 2005 Workgroup • SQL Server 2005 Standard • SQL Server 2005 Enterprise Note: Dell SonicWALL GMS does not support MS SQL Server 2005 or 2008 Express. MySQL Requirements Dell SonicWALL GMS automatically installs MySQL as part of the base installation package. Separately installed instances of MySQL are not supported with GMS. Java Requirements Download and install the latest version of the Java 7 plug-in on any system that accesses the GMS management interface. This can be downloaded from: • www.java.com or • http://www.oracle.com/technetwork/java/javase/downloads/ index.html Browser Requirements • Microsoft Internet Explorer 8.0 or higher (do NOT use Compatibility mode) Note: Internet Explorer version 10.0 in Metro interfaces of Windows 8 is currently not supported. • Mozilla Firefox 16.0 or higher • Google Chrome 18.0 or higher (recommended browser for dashboard real-time graphics display) System Requirements | 11 Dell SonicWALL Platform and Firmware Support Dell SonicWALL Platforms Del SonicWALL Firmware Version Firewall / VPN SuperMassive 10000 Series SonicOS 6.0 or newer Only partial policy management and reporting support is currently available. The following SuperMassive specific features are not supported for centralized policy management in GMS: • Multi-blade CASS • High Availability/Clustering • Support for Management Interface • Flow Reporting Configurations • Multi-blade VPN • Advanced Switching • Restart: SonicOS versus Chassis Contact your Dell SonicWALL Sales representative for more information. SuperMassive 9000 Series SonicOS 6.1 or newer NSA Series SonicOS 5.0 or newer 12 | System Requirements TZ Series SonicOS Enhanced 3.2 or newer SonicOS Standard 3.2 or newer PRO Series SonicOS Enhanced 3.2 or newer CSM Series SonicOS CF 2.0 or newer Secure Remote Access SSL VPN SRA Series SonicOS SSL-VPN 2.0 or newer (management) SonicOS SSL-VPN 2.1 or newer (reporting) E-Class SRA Series SRA 9.0 or newer Backup and Recovery CDP Series CDP 2.3 or newer (management) CDP 5.1 or newer (reporting) Email Security / Anti-Spam Email Security Series Email Security 7.2 or newer (management only) Non-Dell SonicWALL Appliance Support Note: GMS supports Dell SonicWALL firewall App Control policy management and App Control reporting. Please refer to the latest SonicOS documentation for information on the supported SonicOS firmware versions. Dell SonicWALL firewalls running SonicOS firmware that is newer than the current GMS firmware can still be managed and reports can still be generated. However, the new features in the SonicOS firmware release will be supported in an upcoming release of GMS. Legacy SonicWALL XPRS/XPRS2, SonicWALL SOHO2, SonicWALL Tele2, and SonicWALL Pro/ProVX models are not supported for SonicWALL GMS management. Appliances running SonicWALL legacy firmware including SonicOS Standard 1.x and SonicWALL legacy firmware 6.x.x.x are not supported for SonicWALL GMS management. The Dell SonicWALL UMA EM5000 provides monitoring support for non-Dell SonicWALL TCP/IP and SNMP-enabled devices and applications. Network Requirements To complete the Dell SonicWALL UMA EM5000 deployment process, the following network requirements must be met: • Access to the Internet • A static IP address • Network connection must be able to accommodate 1 Kilobit for each device under management. For example, if the UMA EM5000 is monitoring 100 Dell SonicWALL appliances, the connection must support at least 100 Kilobits. Depending on the configuration of log settings and the amount of traffic handled by each device, the network traffic can vary dramatically. The 1 kilobit for each device is a general recommendation. Your installation requirements may vary. For the most recent platform support and firmware version information, refer to the latest Dell SonicWALL GMS Release Notes available at: http://www.sonicwall.com/us/Support.html System Requirements | 13 GMS Gateway Recommendations A GMS gateway is a Dell SonicWALL firewall appliance that allows for secure communication between the GMS server and the managed appliance(s), using VPN tunnels. A GMS gateway is not required in all deployment scenarios, but when deployed, the GMS gateway must be a Dell SonicWALL VPN-based network security appliance running SonicOS Enhanced firmware or another VPN device that is interoperable with Dell SonicWALL VPN. The GMS gateway provides a VPN management tunnel for each managed appliance. The number of management tunnels depends on the number of VPNs supported by the GMS gateway appliance and may be a limiting factor. For complete information about GMS management methods and requirements for a GMS Gateway, see the GMS Gateway Requirements section in the Dell SonicWALL GMS Administrator’s Guide, available on: http://www.sonicwall.com/us/Support.html 14 | System Requirements Recording Configuration Information Before deploying the Dell SonicWALL UMA EM5000, record the following configuration information for your reference. SMTP Server Address: The IP address or host name of your Simple Mail Transfer Protocol (SMTP) server. For example, mail.emailprovider.com. The number of your Web server port if customized. The default port is 80. HTTP Web Server Port: HTTPS Web Server Port: The number of your secure (SSL) Web server port if customized. The default port is 443. UMA EM5000 Administrator Email: The email address of a UMA EM5000 administrator who will receive email notifications from the UMA EM5000. The email address from which the email notifications will be sent by the UMA EM5000. Sender Email Address: GMS Gateway IP: The IP address of the GMS gateway between the UMA EM5000 agent and the network. This optional field is only applicable if you have a GMS gateway. GMS Gateway Password: The password for the GMS gateway. This optional field is only applicable if you have a GMS gateway between the UMA EM5000 and the network. Your database vendor if you are using a SQL Server database.* Database Vendor: Database Host IP: The IP address of the database host. This is not required when using the bundled MySQL database on this appliance.* Database User: The MySQL user name for the database administrator. This is not required when using the bundled MySQL database on this appliance.* Database Password: The MySQL password for the database administrator. This is not required when using the bundled MySQL database on this appliance.* * This information is needed if Microsoft SQL Server is used, or in the case of a distributed deployment. 15 16 | Recording Configuration Information Connecting and Initializing the GMS UMA EM5000 2 In this Section: This section provides instructions for powering on your Dell SonicWALL UMA EM5000, logging into the appliance management interface, running the Host Configuration Tool, and then connecting the appliance to your local network. • Powering On Your Appliance - page 18 • Restarting Your Appliance - page 18 • Powering Off Your Appliance - page 18 • Logging into the Appliance Management Interface - page 18 • Using the Host Configuration Tool - page 19 • Connecting the UMA EM5000 to Your Network - page 22 • Configuring a Static IP Address on Your Management Computer - page 24 17 Powering On Your Appliance Powering Off Your Appliance Perform the following steps to turn on your Dell SonicWALL UMA EM5000 appliance: To power off your Dell SonicWALL UMA EM5000 appliance, press and then quickly release the power button on the upperright corner of the appliance front bezel. 1. 2. Plug the supplied power cable into the back of the Dell SonicWALL UMA EM5000. Plug the other end of the power cable into an AC socket. The Dell SonicWALL UMA EM5000 automatically powers on and begins the initial boot process. The boot process may take several minutes to complete when powering on the Dell SonicWALL UMA EM5000 for the first time. Restarting Your Appliance Perform the following steps to restart your Dell SonicWALL UMA EM5000 appliance from the appliance management interface: 1. 2. 3. Navigate to the System > Restart page. Click the Restart button. In the confirmation dialog box, click OK. The system will take approximately 3 minutes to restart. To restart your appliance by using the D-Pad controls on the front panel, see Using the Restart Option - page 68. 18 | Powering On Your Appliance Tip: Do not hold down the power button to shutdown. To power off your appliance by using the D-Pad controls on the front panel, see Using the Shutdown Option - page 68. Logging into the Appliance Management Interface To connect a management computer to your Dell SonicWALL UMA EM5000 and log in to the appliance management interface for the first time, perform the following steps: 1. Using an Ethernet cable and the computer you are using to administer the Dell SonicWALL UMA EM5000, connect the LAN port of the computer to the Ethernet port (eth0) on the back of your Dell SonicWALL UMA EM5000. 2. 3. 4. Set your management computer to have a static IP address on the 192.168.168.0/24 subnet, for example: 192.168.168.50. For help with setting up a static IP address on your computer, refer to Configuring a Static IP Address on Your Management Computer - page 24. Open a Web browser on your management computer. Enter http://192.168.168.169/appliance/ (the default IP address of the Dell SonicWALL UMA EM5000) in the Location or Address bar. The Dell SonicWALL UMA EM5000 appliance management login screen displays. Note: One or more security warnings may display while connecting to the appliance management interface. Choose to accept the certificates in order to log in to the Dell SonicWALL UMA EM5000. 5. Log in to the appliance management interface using the default credentials: • User name – admin • Password – password The login page loads by default in English, type admin in the User field, and password in the Password field and then click Submit. GMS includes language support for English, Japanese, Simplified Chinese, Traditional Chinese. Click the language of your choice at the bottom of this page. The first time you log in to the appliance, you must change the password. The login page re-displays with the default login credentials prepopulated. Enter a new password for the administrator account in the New Password field, and enter it again in the Confirm New Password field. Note: The new password must be at least 7 characters. The Host Configuration Tool wizard starts automatically. See Using the Host Configuration Tool - page 19. Using the Host Configuration Tool The Host Configuration Tool is a wizard that takes you through several basic steps to get your Dell SonicWALL UMA EM5000 configured for your network. The wizard starts automatically after you log in for the first time and change the admin password. You can cancel the wizard at this time, which leaves the default configuration on the appliance and prevents the wizard from automatically starting again. Note: If you log out of the appliance management interface without actually cancelling the wizard, it will start automatically on your next login. Using the Host Configuration Tool | 19 You can manually start the wizard at any time by clicking the Wizards button at the top-right corner of the page. To use the Host Configuration Tool, perform the following steps: 1. 2. 3. If the Host Configuration Tool has started automatically, skip to step 2. If you are starting the Host Configuration Tool manually, click the Wizards button in the top right corner. In the Introduction screen, click Next. In the Network Settings screen, configure the network settings for the Dell SonicWALL UMA EM5000, and then click Next. Enter network settings values for the following fields: • Hostname – A descriptive name for this appliance • Domain – In the form of “sonicwall.com”; this domain is not used for authentication 20 | Using the Host Configuration Tool • IP Address – The static IP address for the eth0 interface of the appliance • Subnet Mask – In the form of “255.255.255.0” • Default Gateway – The IP address of the network gateway – this is the default gateway and is required for networking purposes. This is not the GMS Gateway explained earlier in this guide. • DNS Server 1 – The IP address of the primary DNS server • DNS Server 2 (Optional) – The IP address of the secondary DNS server. 4. In the Time Settings screen, select values for the following system settings on the appliance, and then click Next: • Time (hh:mm:ss) – Hours, minutes, and seconds of current time • Date – Month, day, and year of current date • TimeZone – Select from the drop-down list • Automatically adjust clock for daylight saving time – Select this checkbox for automatic adjustment between standard time and daylight savings time. 5. In the Summary screen, verify the settings. Click Back to make changes on a previous screen, or click Apply to accept the settings. Wait for the settings to be applied, possibly for a few minutes. The screen displays a progress bar until it finishes, and then displays the status. Using the Host Configuration Tool | 21 Note: If you modified the DNS settings, the services on the appliance will restart when the changes are applied, causing a momentary connectivity loss to the Web server. Your browser will be redirected to the appliance management interface login page. If you have modified the appliance IP address, you will lose contact with the appliance when the changes are applied. To connect the appliance to your network and access the appliance management interface from a computer on your LAN, see Connecting the UMA EM5000 to Your Network page 22. Connecting the UMA EM5000 to Your Network To connect the Dell SonicWALL UMA EM5000 to your network and access the appliance management interface from a management computer on your LAN, perform the following steps: 1. 2. 3. 4. 5. 6. 22 | Connecting the UMA EM5000 to Your Network If you are using the same management computer that you used for initial configuration, unplug the Ethernet cable from the management computer and from the Dell SonicWALL UMA EM5000. Plug one end of the Ethernet cable into the eth0 port on the back of your Dell SonicWALL UMA EM5000. Plug the other end of the Ethernet cable into an open port on your local network hub or switch. Return your management computer to its previous settings prior to assigning it a static IP address on the default appliance subnet. Connect your management computer to your local network. On the management computer, point a browser to the new appliance IP address in the form: http://<IP address>:<port>/appliance/ It is not necessary to provide the port in the URL if you kept the default port. The following network diagram illustrates how the Dell SonicWALL UMA EM5000 connects to an example network: X0 X1 X2 X3 X4 X5 X6 X0 X1 link/spd X2 X3 X4 X5 X6 X0 X1 link/spd activity lan wan Remote UTM X2 X3 X4 X5 X6 link/spd activity TZ 215 lan wan activity TZ 215 TZ 215 lan wan Remote UTM Remote UTM Internet Boston, USA Yokohama, Japan X6 X4 X7 X5 1GE X2 X0 Cabarete, Dom. Rep. M0 SDHC M0 Expansion Module ALARM TEST PWR SonicWALL NSA 2600 CONSOLE MGMT X3 X1 Gateway UTM Appliance Universal Management Appliance UMA EM5000 UMA Appliance / Database Management Console San Jose, USA 23 Configuring a Static IP Address on Your Management Computer This section is provided for your reference when preparing to log in for the first time to your Dell SonicWALL UMA EM5000. Complete the following steps to configure your management computer with a static IP address: Windows Vista 1. 2. 3. 4. 5. Windows 7 1. 2. 3. 4. On the Windows Start menu, select Control Panel. Select Network and Intranet. Select Network and Sharing Center. On the left panel of the Network and Sharing Center window, select Change Adapter Settings. 5. Double-click Local Area Connection. 6. In the Local Area Connection status window, click the Properties button. 7. In the list, double-click the Internet Protocol Version 4 (TCP/IPv4). 8. Select Use the following IP address and type 192.168.168.50 in the IP address field. 9. Type 255.255.255.0 in the Subnet Mask field. 10. Click OK, and then click OK again for the settings to take effect. 24 | Configuring a Static IP Address on Your Management Computer 6. 7. On the Windows Start menu, right-click Network and select Properties. In the Tasks menu, click Manage network connections. The Network Connections window displays. Right-click on your Local Area Connection and select Properties. In the list, double-click Internet Protocol Version 4 (TCP/ IP). Select Use the following IP address and type 192.168.168.50 in the IP address field. Type 255.255.255.0 in the Subnet Mask field. Click OK, and then click OK again for the settings to take effect. Windows XP 1. 2. 3. 4. 5. 6. On the Windows Start menu, highlight Connect To and then select Show All Connections. Open the Local Area Connection Properties window. Highlight Internet Protocol (TCP/IP), and then click Properties. Select Use the following IP address and type 192.168.168.50 in the IP address field. Type 255.255.255.0 in the Subnet Mask field. Click OK for the settings to take effect. Registering Your Appliance 3 In this Section: This section provides instructions for registering your Dell SonicWALL UMA EM5000 appliance. • Creating a MySonicWALL Account - page 26 • Registering Your Appliance - page 26 • Registering as an Associated Component - page 28 25 Creating a MySonicWALL Account Registering Your Appliance A MySonicWALL account is required for product registration. If you already have an account, continue to Registering Your Appliance - page 26. Perform the following steps to create a MySonicWALL account: You must register your Dell SonicWALL UMA EM5000 appliance on MySonicWALL before you can run GMS on it. Registration is performed using the appliance management interface. When registration is completed, GMS will be licensed on your appliance. 1. 2. 3. 4. 5. In your browser, navigate to www.mysonicwall.com. In the login screen, click the Not a registered user? link. Complete the Registration form and then click Register. Verify that the information is correct and click Submit. In the screen confirming that your account was created, click Continue. MySonicWALL registration information is not sold or shared with any other company. 26 | Creating a MySonicWALL Account When you log in to the UMA EM5000 appliance after running the Host Configuration Tool, the Register button is displayed in the top right corner of the page. The registration process requires that the UMA EM5000 appliance have access to the Internet. To register your UMA EM5000 appliance, perform the following steps: 1. 2. 3. In a browser, log in to the appliance management interface and click the Register button. In the License Management page, type your MySonicWALL user name and password and click Submit. Specify the Serial Number, and type a descriptive name for the appliance into the Friendly Name field. Click Submit. Note: If this is the first UMA EM5000 appliance that you have registered, the Friendly Name for this appliance will also be used as the name for the distributed deployment. As you register more UMA EM5000 appliances or instances of GMS on Windows Server systems, you will have the option of adding them to this deployment. 4. Next, click on the link to download the Manual License to your system. You will then need to Upload Licenses and specify the downloaded license file. Click Upload. 5. A confirmation will display when you have finished registering your appliance successfully. Click Continue. Registering Your Appliance | 27 Registering as an Associated Component 4. The Serial Number field is automatically populated. The next registration page prompts you to associate this GMS component with an existing deployment, or create a new GMS deployment instance. Select the Select from existing Deployments radio button. When you have a distributed Dell SonicWALL GMS deployment involving more than one appliance or software instance of GMS, you can associate these components on MySonicWALL. Note: The default 10-node management license is not automatically increased when additional components are associated with an existing GMS deployment. Contact Dell SonicWALL Technical Support to add the node licenses to the deployment. To register a Dell SonicWALL UMA EM5000 as an associated component of an existing GMS deployment, perform the following steps: 1. 2. 3. In a browser, log in to the appliance management interface and click the Register button. Enter your MySonicWALL user name and password in the appropriate fields and then click Submit. Type a descriptive name for the appliance into the Friendly Name field and then click Submit. 28 | Registering as an Associated Component 5. Select the desired deployment for the association from the drop-down list and then click Submit. Note: When adding an existing GMS deployment, you may need to type the 8-12 character serial number of the primary GMS into the Serial Number field, and then type the authentication code of the primary GMS into the Authentication Code field. The primary GMS must already be registered. 6. A confirmation will display when you have finished registering your appliance successfully. Click Continue. Configuring the Role of Your Appliance 4 In this Section: This section provides information about configuring the role for your Dell SonicWALL UMA EM5000, as well as information about deployment settings and services. • Overview of the UMA EM5000 Roles - page 30 • Using the Role Configuration Tool - page 31 • Manually Configuring the System Role - page 35 • Configuring Deployment Settings - page 43 • Starting and Stopping Host Services - page 45 29 Overview of the UMA EM5000 Roles The role that you assign to your Dell SonicWALL UMA EM5000 defines the Dell SonicWALL Universal Management Suite services that it will provide. Dell SonicWALL GMS uses these services to perform management, monitoring, and reporting tasks. Your Dell SonicWALL UMA EM5000 can be deployed in any of the following roles: • • • • • • • • All In One Database Only Console Agent Monitor Flow Server (Virtual Appliance only) All in one - Flow Server Role (Demo mode only) Syslog Collector In the appliance management interface, clicking Details in the same row as a role provides a list of the services that run on a system in that role, and information about using the role. 30 | Overview of the UMA EM5000 Roles As the number of managed appliances increases, a more distributed deployment provides better performance. To manage large numbers of Dell SonicWALL appliances, you can use several Dell SonicWALL UMA EM5000 appliances operating in different roles in a distributed deployment. You can also use Windows Server machines running Dell SonicWALL GMS in any of the roles. You can include the MySQL database installation with any role. The All In One or Database Only roles automatically include the MySQL database. Only one server in a GMS deployment should have the MySQL database included in its role. You can scale your deployment to handle more units and more reporting by adding more systems in the Agent role. Agents provide built-in redundancy capability, meaning that if an Agent goes down, other Agents can perform the configuration tasks and other tasks of the Agent that went down. Note: When configuring the role for the first appliance in a distributed deployment, you should either include the database or be prepared to provide the IP address of an existing database server. You can meet this database objective in one of the following ways: • By selecting a role that includes the database automatically, such as All In One or Database Only • By selecting the Include Database (MYSQL) checkbox if configuring the appliance with any other role • By setting up a compatible database on another machine and providing that IP address when prompted Using the Role Configuration Tool The Role Configuration Tool is a wizard that guides you through the process of defining the deployment role for your Dell SonicWALL UMA EM5000 appliance. Your system must be registered and licensed for GMS to run the Role Configuration Tool. There are two ways to access the Role Configuration Tool: • After the appliance is registered and licensed for GMS, the System > Status page of the appliance management interface provides a link to the wizard. • The Wizards button in the top right corner of the page provides access to the Role Configuration Tool. Using the Role Configuration Tool | 31 To use the Role Configuration Tool, perform the following steps: 1. 2. 3. Log in to the appliance management interface and navigate to the System > Status page. Click the Click here link at the top of the page. Or you can click the Wizards button in the top right hand corner. The Introduction page of the Role Configuration Tool displays. Click Next to continue. In the Setup Type page, select Yes if you are adding this system to an existing GMS deployment on one or more systems. Selecting Yes indicates to the wizard that there is an existing GMS database on another server. Select No if this appliance is part of a new GMS deployment or is the only system in your GMS deployment. Click Next. 6. The list of roles on this page will vary depending on your previous selections such as whether this system is part of an existing GMS deployment and if it is a single-server or part of a multi-server deployment. Neither the Database Only nor the Include Database (MYSQL) options are available if this system is part of an existing deployment. In the Database Configuration page, enter the database parameters that are required for the selected role. The database fields will vary depending on your previous selections. Note: If you selected Yes, skip step 5 and proceed to step 6. 4. 5. In the Deployment Type page, select Yes if this system will be the only GMS server in the deployment, or select No if there will be multiple GMS servers. Click Next. In the Role Configuration page, select the desired role for this system and select the Include Database (MYSQL) checkbox if you want to configure a GMS database on this system. Click Next. Certain fields will be prepopulated if you made a choice of role that automatically includes the MySQL database or if you chose Include Database (MYSQL). 32 | Using the Role Configuration Tool 7. For a MySQL instance, additional fields are available for configuring the database administrator credentials. The Administrator Credentials fields are only displayed and editable in the following circumstances: • The Database Type is MySQL • The Include Database (MYSQL) checkbox is selected either manually or automatically for the chosen role • The Database Host field is set to localhost and is not editable When these conditions are met, the administrator password is required to create a regular access user account for the Dell SonicWALL GMS application. If you selected a role that does not include the MySQL database, you have the option of configuring the use of a SQL Server database in this screen. Note the following when selecting values for these fields: • Database User – Do not use any special characters, and do not use 'sa', 'root', or 'admin'. • Database Password – Do not use any special characters. • Admin Login – If using MySQL, the default Admin Login is 'root'. This cannot be changed. • Admin Password – Do not use any special characters. When finished entering the database parameters, click Next. In the Redundancy page, select if you want to configure your host as a redundant console. Then, click Next. 8. In the Other Configuration page, the fields vary depending on the selected role, as follows: • Gateway Parameters – Required for All in One, Console, and Agent roles • Syslog Server Parameters - Required for All in One, Console, Agent, and Syslog Collector roles • SMTP Parameters - Required for All in One and Console roles Enter the GMS Gateway IP address and connection password, if you are using a GMS gateway. Leave these fields empty if you are using HTTP/HTTPS to connect to the managed appliances. Using the Role Configuration Tool | 33 9. In the Syslog Server Port field, type in the port used for receiving syslog messages or accept the default of 514. 10. For access to email on this system, including the ability to send email alerts, type the mail server IP address into the SMTP Server field and enter valid email addresses for the Sender Address and Administrator Address. 11. Click Next. 12. In the Summary page, verify that all parameters are correct. Click Back to make changes on a previous screen, or click Apply to accept the settings. 34 | Using the Role Configuration Tool 13. Wait for the settings to be applied. The screen displays a progress bar until it finishes, and then displays the status. This phase can take up to 10 minutes, especially if the database was included in the deployment. Click Close to exit the Role Configuration Tool. Manually Configuring the System Role You can configure the role of the UMA EM5000 appliance without using the Role Configuration Tool. All role configuration is performed in the appliance management interface on the Deployment > Roles page, available at the URL: http://<IP address>:<port>/appliance/ The Flow Server role is only available for configuration with the GMS Virtual Appliance platforms Refer to the following sections for instructions on manually configuring the system role: • Configuring the All In One Role - page 35 • Configuring the Database Only Role - page 36 • Configuring the Console Role - page 36 • Configuring the Agent Role - page 37 • Configuring the Monitor Role - page 37 • Configuring the Syslog Collector Role - page 38 • Configuring the Flow Server Role - page 39 • Configuring the All in One - Flow Server Role (Demo Mode Only) - page 39 • Configuring the Gateway - page 40 • Configuring Database Settings - page 42 • Configuring Deployment Settings - page 43 Configuring the All In One Role The All In One role is used for demonstrating functionality in test environments, it should not be used in production environments. Dell SonicWALL recommends that you use a multi-system, distributed deployment in production environments, with the database on a dedicated server and the other services on one or more systems. When only one other system is deployed, the Console role should be assigned to it. The All In One role provides all services utilized by Dell SonicWALL GMS: • • • • • • • • • • • Database Event Manager Monitoring Manager Reports Database Reports Scheduler Reports Summarizer Scheduler Syslog Collector Update Manager Web Server Web Service Server To configure the Gateway settings, refer to Configuring the Gateway - page 40. Manually Configuring the System Role | 35 Configuring the Database Only Role Configuring the Console Role The Database Only role is used in a multi-server GMS deployment. In this role, the server is configured to run only the database service. Dell SonicWALL recommends that one of the servers in a multi-server GMS deployment is assigned a Database Only role. The Console role is used in a multi-server, distributed Dell SonicWALL GMS deployment. In this role, the Dell SonicWALL UMA EM5000 will run all Dell SonicWALL Universal Management Suite services except for the Database service. In this scenario, the Database role is assigned to a separate appliance or server. Only the Dell SonicWALL Universal Management Suite Database service runs on a Database Only system. The MySQL database engine is pre-installed on the Dell SonicWALL UMA EM5000. GMS can also use a MySQL database or a Microsoft SQL Server database installed on a server. Only the MySQL database included in the installer is supported. On the Deployment > Role page in the Dell SonicWALL UMA EM5000 appliance management interface, you can configure your GMS systems to use either a MySQL or a SQL Server database. To deploy your Dell SonicWALL UMA EM5000 in the Database Only role, perform the steps described in the Configuring Database Settings - page 42. 36 | Manually Configuring the System Role In the Console role, the Dell SonicWALL UMA EM5000 behaves as an Agent, and also provides the following functions: • Provides Web user interface for the Dell SonicWALL GMS application • Emails Scheduled Reports • Performs Event Management tasks • Performs various periodic checks, such as checking for new appliances that can be managed, checking for new firmware versions of managed appliances, and similar functions To configure the Gateway settings, refer to Configuring the Gateway - page 40. Configuring the Agent Role Configuring the Monitor Role The Agent role can be used in a distributed deployment of Dell SonicWALL GMS. The primary functions of this role include the following: • Manages units by acquiring them, pushing configuration tasks to the units and tracking their up/down status • Performs monitoring based on ICMP probes, TCP probes, and SNMP OID retrievals • Collects and stores syslog messages • Performs report summarization The Monitor role is used to dedicate the Dell SonicWALL UMA EM5000 to monitoring appliances and applications in a multiserver GMS deployment. The monitoring is based on ICMP probes, TCP probes, and SNMP OID retrievals. The following Dell SonicWALL Universal Management Suite services run on an Agent system: • Syslog Collector • Reports Summarizer • SNMP Manager • Scheduler • Monitoring Manager 1. To configure the Gateway settings, refer to Configuring the Gateway - page 40. Only the Dell SonicWALL Universal Management Suite Monitoring Manager service runs on a Monitor system. To deploy your Dell SonicWALL UMA EM5000 in the Monitor role, perform the following steps in the appliance management interface: 2. 3. 4. 5. Navigate to the Deployment > Role page. Under Host Role Configuration, select the Monitor radio button. To include the MySQL database on this system, select the Include Database (MYSQL) checkbox. To use a MySQL or Microsoft SQL Server database on another system, do not select this checkbox. Configure the database settings as described in the Configuring Database Settings - page 42. Configure the Web port settings as described in the Configuring Web Port Settings - page 43. To apply your changes, click Update. To change the settings on this page back to the defaults, click Reset. Manually Configuring the System Role | 37 Configuring the Syslog Collector Role The Syslog Collector role can be assigned to a Dell SonicWALL UMA EM5000 in a multi-server deployment of GMS. In this role, the Dell SonicWALL UMA EM5000 is dedicated to collecting syslog messages on the configured port (by default, port 514). The syslog messages are stored in the Dell SonicWALL UMA EM5000 file system. The syslog messages are used by the Reports Summarizer service running on another GMS server or Dell SonicWALL UMA EM5000 in the distributed deployment. The folder where the Syslog Collector service stores the syslog messages must be accessible by the server running the Reports Summarizer service. Only the Dell SonicWALL Universal Management Suite Syslog Collector service runs on a Syslog Collector system. To deploy your Dell SonicWALL UMA EM5000 in the Syslog Collector role, perform the following steps in the appliance management interface: 1. 2. Navigate to the Deployment > Role page. Under Host Role Configuration, select the Syslog Collector radio button. If this Dell SonicWALL UMA EM5000 listens for syslog messages on a non-standard port, type the port number into the Syslog Server Port field. The default port is 514. 38 | Manually Configuring the System Role 3. 4. 5. 6. To include the MySQL database on this system, select the Include Database (MYSQL) checkbox. To use a MySQL or Microsoft SQL Server database on another system, do not select this checkbox. Configure the database settings as described in the Configuring Database Settings - page 42. Configure the Web port settings as described in the Configuring Web Port Settings - page 43. To apply your changes, click Update. To change the settings on this page back to the defaults, click Reset. Configuring the Flow Server Role The Flow Server role can be used in a distributed deployment of GMS. The Flow Server role is only available for configuration with the GMS Virtual Appliance platforms. The primary functions of this role include the following: • Collect and stores flows from the firewalls • Performs report summarization The following Dell SonicWALL Universal Management Suite services run on an Agent system: • Dell SonicWALL Universal Management Suite - Flow Server The single service that runs in this role is Dell SonicWALL Universal Management Suite - Flow Server. The flows are collected and stored in internal databases. To be able to create reports out of these flows, you will need to have a GMS server in this deployment with a minimum version of 7.1 and a role of "Console" or "All in One", etc. You will also need to make sure that the following ports are open: • UDP 2055 • UDP 5055 • TCP 9063 • TCP 9064 • TCP 9065 • TCP 9066 • TCP 9067 To deploy your Dell SonicWALL UMA EM5000 in the Flow Server role, perform the following steps in the appliance management interface: 1. Navigate to the Deployment > Role page. Under Host Role Configuration, select the Flow Server radio button. 2. Configure the database settings as described in the Configuring Database Settings section, on page 42. Configure the Web port settings as described in the Configuring Deployment Settings section, on page 43. To apply your changes, click Update. To change the settings on this page back to the defaults, click Reset. 3. 4. Configuring the All in One - Flow Server Role (Demo Mode Only) All In One deployments are ideal for managing a small number of Dell SonicWALL appliances or for test environments. The Flow Server role is only available for configuration with the GMS Virtual Appliance platforms. Dell SonicWALL recommends that you use a multi-system distributed deployment in production environments, with the database on a dedicated server and the other services on one or more systems. When only one other system is deployed, the Console role should be assigned to it. The All in One - Flow Server configuration is to be used for demonstrating the Flow Server functionality and should NOT be used in production environments. Manually Configuring the System Role | 39 Following services run on an All in One-Flow Server Management system: • Dell SonicWALL Universal Management Suite - Database • Dell SonicWALL Universal Management Suite - Event Manager • Dell SonicWALL Universal Management Suite - Flow Server • Dell SonicWALL Universal Management Suite - Monitoring Manager • Dell SonicWALL Universal Management Suite - Reports Database • Dell SonicWALL Universal Management Suite - Reports Scheduler • Dell SonicWALL Universal Management Suite - Reports Summarizer • Dell SonicWALL Universal Management Suite - Scheduler • Dell SonicWALL Universal Management Suite - Syslog Collector • Dell SonicWALL Universal Management Suite - Update Manager • Dell SonicWALL Universal Management Suite - Web Server • Dell SonicWALL Universal Management Suite - Web Services To configure the Gateway settings, refer to Configuring the Gateway - page 40. 40 | Manually Configuring the System Role Configuring the Gateway After choosing a role, select a gateway to configure: • None - page 40 • NAT Device - page 41 • GMS Gateway - page 41 Note: The gateway configuration is only available for the All in One, Console, Agent, and All in One - Flow Server roles. None No gateway is specified. If you do not wish to configure a gateway, perform the following: 1. Click the None radio button. 2. Select the HTTP or HTTPS radio button for the MSM Server Protocol. Click the MSM Server Port text-field, then enter the MSM Server port number. Click the Syslog Server Port text-field, then enter the Syslog Server port number. To apply your changes, click Update. To change the settings on this page back to the defaults, click Reset. 3. 4. 5. NAT Device To configure the GMS Gateway, perform the following: Use this option when a NAT device is configured as the gateway. The GMS appliance does not have to login to the unit for any reason and all NAT configurations are taken care of by the network Administrator directly through the device’s management interface. To configure the NAT device, perform the following: 1. 1. Select the NAT Device radio button. 2. Click the NAT Device IP text-field, then enter the NAT Device IP address. Click the NAT Device Syslog Port text-field, then enter the NAT Device Syslog port number. This is the Syslog port used for Syslogs sent from the managed units. Select the HTTP or HTTPS radio button for the MSM Server Protocol. Click the MSM Server Port text-field, then enter the MSM Server port number. Click the Syslog Server Port text-field, then enter the Syslog Server port number. To apply your changes, click Update. To change the settings on this page back to the defaults, click Reset. 3. 4. 5. 6. 7. GMS Gateway Use this option when a Dell SonicWALL device is acting as a Gateway. Using a Dell SonicWALL appliance is recommended, but can be setup as a NAT Device if all units are managed using an SSL tunnel. Click the GMS Gateway radio button. 2. If the Dell SonicWALL UMA EM5000 will connect to managed appliances through a GMS gateway, click the GMS Gateway IP text-field, then enter the internal IP address of the device. If you change the GMS gateway IP address or password, you must also change the settings on this page. To determine if a GMS Gateway is required, see the Dell SonicWALL Getting Started Guide for your product 3. Click the GMS Gateway Port text-field, then enter the management port used to sign into the device. 4. Click the GMS Gateway User text-field, then enter the username used to sign into the device. 5. Click the GMS Gateway Password text-field, then enter the password used to sign into the device. 6. Confirm the GMS Gateway Password you entered. 7. Click the GMS Gateway Syslog Port text-field, then enter the Syslog port used for syslogs sent from the managed units. 8. Select the HTTP or HTTPS radio button for the MSM Server Protocol. 9. Click the MSM Server Port text-field, then enter the MSM Server port number. 10. Click the Syslog Server Port text-field, then enter the Syslog Server port number. 11. To apply your changes, click Update. To change the settings on this page back to the defaults, click Reset. Manually Configuring the System Role | 41 Configuring Database Settings To configure the database settings for any role, perform the following steps in the appliance management interface: Database settings configuration is largely the same for any role when you choose to include the database on that appliance. For roles that automatically include the default MySQL database, such as All In One or Database Only, the Database Type, Database Host, and Database Port fields are not editable. This is also the case for any role when the Include Database (MYSQL) checkbox is selected. The Administrator Credentials fields are displayed only if the role has been defined to include the installation of the MySQL database. These are not available when a SQL Server database is selected. 1. This section describes the options for configuring the database settings for either the MySQL database or the Microsoft SQL Server database. The Dell SonicWALL UMA EM5000 can run the MySQL database, but GMS can also use either a MySQL or a SQL Server database running on a Windows Server machine in a multi-system deployment. Note: If this appliance will connect to a SQL Server system with a non-default instance name, then the entries will be different than described in this section. Refer to the latest “Dell SonicWALL GMS Administrator's Guide” for configuration instructions. 42 | Manually Configuring the System Role 2. 3. Navigate to the Deployment > Role page and select the role for this appliance. To run the MySQL database on this UMA EM5000, select the Include Database (MYSQL) checkbox. To use a MySQL or Microsoft SQL Server database on another system, do not select this checkbox. Under Database Configuration, if Include Database (MYSQL) was not selected in the previous step, select either MYSQL or SQL Server from the Database Type drop-down list. This field is not editable if you previously selected Include Database (MYSQL) or if the selected role is All In One or Database Only. 4. 5. 6. 7. In the Database Host field, type in the IP address of the database server or accept the default, localhost, if this Dell SonicWALL UMA EM5000 includes the database. This field is not editable if you previously selected Include Database (MYSQL) or if the selected role is All In One or Database Only. To use a different user name when GMS accesses the database, type the user name into the Database User field. The default user name is “sa”. Type the password that GMS will use to access the database into both the Database Password and Confirm Database Password fields. Under Administrator Credentials, type the password for the administrator (root) account into both the Admin Password and Confirm Admin Password fields. Note that the Administrator Credentials fields are only displayed and editable in the following circumstances: • The Database Type is MySQL • The Include Database (MYSQL) checkbox is selected either manually or automatically for the chosen role • The Database Host field is set to localhost and is not editable When these conditions are met, the administrator password is required to create a regular access user account for the Dell SonicWALL GMS application. Configuring Deployment Settings This section describes the settings available on the Deployment > Settings page of the appliance management interface. Configuring Web Port Settings To change the Web port settings, perform the following steps: 1. On the Deployment > Settings page under Web Port Configuration, to use a different port for HTTP access to the Dell SonicWALL UMA EM5000, type the port number into the HTTP Port field. The default port is 80. 2. To use a different port for HTTPS access to the Dell SonicWALL UMA EM5000, type the port number into the HTTPS Port field. The default port is 443. Click the Enable HTTPS Redirection checkbox to redirect HTTP to HTTPS when accessing the Analyzer management interface. 3. Configuring Deployment Settings | 43 4. 5. In the Public IP text-field, enter the public IP or FQDN of the outside web services. Click Update to apply the Web port settings. Note: Changing the Web port settings will cause the appliance to restart. 6. Configuring SMTP Settings The SMTP settings are used for sending email alerts to the Dell SonicWALL UMA EM5000 administrator. To configure the SMTP settings, perform the following steps: 1. On the Deployment > Settings page under SMTP Configuration, enter the IP address of the SMTP server into the SMTP server field. 2. If the SMTP server in your deployment is set to use authentication, click the Use Authentication checkbox. This option is necessary for all outgoing Analyzer emails to properly send to the intended recipients. Enter the username in the User field, and enter/confirm the password in the Password and Confirm Password fields. This is the username/password that is used to authenticate against the SMTP server.. After the appliance restarts, use the new port to access the appliance management interface. For example: • If you changed the HTTP port to 8080, use the URL: http://<IP Address>:8080/appliance/ • If you changed the HTTPS port to 4430, use the URL: http://<IP Address>:4430/appliance/ 44 | Configuring Deployment Settings 3. 4. 5. 6. 7. In the Sender address field, enter the email address that will appear as the ‘From’ address when email alerts are sent to the administrator. In the Administrator address field, enter a valid email address for the administrator who will receive email alerts. In the Email send timeout field, enter a value in minutes. Click the Test Connectivity button to verify your SMTP server configuration settings. Click Update to apply the SMTP settings. Starting and Stopping Host Services You can stop, start, or restart any of the Dell SonicWALL UMS services on the Deployment > Services page of the appliance management interface. The page displays different services depending on the role of the appliance. The image below shows all services running on an All In One system: Configuring SSL Certificates Most Dell SonicWALL GMS deployments use the default certificate accompanied with your GMS Web Server. You can also choose to use a custom certificate and a respective unique password for your Dell SonicWALL GMS deployment as shown below. Starting and Stopping Host Services | 45 To change the current state of a service, perform the following steps: 1. 2. On the Deployment > Services page, select the checkbox next to the service whose state you want to change and then do one of the following: • To stop the service, click the Disable/Stop button. • To start a stopped service, click the Enable/Start button. • To restart the service, click the Restart button. This option stops and then starts the service. A progress bar is displayed. Wait for the desired action to complete before navigating away from the page. The status of the action is displayed at the top of the page. 46 | Starting and Stopping Host Services Using the GMS Management Interface 5 In this Section: This section provides an overview of the Dell SonicWALL GMS management interface, and includes the following sections: • Accessing the Correct Management Interface - page 48 • GMS Management Interface Introduction - page 49 • GMS Login Screen - page 49 • GMS Navigation Tabs - page 49 • Dashboard - page 50 • Live Monitoring - page 51 • Multi-Solution Management - page 51 • Left Pane Overview - page 52 • Center Pane Overview - page 52 • Right Pane Overview - page 53 • Description of Managed Appliance States - page 54 47 Accessing the Correct Management Interface The Dell SonicWALL UMA EM5000 comes installed with two separate management interfaces: • UMA Appliance Management Interface – Used for system management of the appliance, including registration and licensing, setting the admin password, creating backups, restarting the appliance, configuring network settings, selecting the deployment role, and configuring other system settings. Access the appliance management interface with the URL: http://<IP address>:<port>/appliance/ If you are using the standard HTTP port “80” it is not necessary to append the port number to the IP address. • GMS Management Interface – Used to access the GMS application that runs on the Dell SonicWALL UMA EM5000. This interface is used to configure GMS management of Dell SonicWALL appliances, including creating policies, viewing reports, and monitoring networks, and for configuring GMS administrative settings. The GMS management interface is only available on appliances deployed in a role that runs the Web Server service, such as the All In One or Console roles. Access the GMS management interface with the URL: http://<IP address>:<port>/sgms/ 48 | Accessing the Correct Management Interface Switching Between Management Interfaces On appliances deployed in the All In One or Console role, you can easily switch between the appliance management interface and the Dell SonicWALL GMS management interface. The login page of each interface provides a link to the login page of the other interface. When logged in to either interface, you can switch to the login page of the other interface by clicking the Switch button in the top right corner of the page. GMS Management Interface Introduction GMS Login Screen Dell SonicWALL GMS is a Web-based application that runs on the Dell SonicWALL UMA EM5000. GMS is used for configuring, managing, monitoring and gathering reports from thousands of Dell SonicWALL Internet security appliances and non-Dell SonicWALL appliances, as well as for configuring GMS administrative settings. This section provides an introduction to the main elements of the GMS management interface. The GMS management interface login screen allows you to securely login to GMS using your User ID and Password. After you have registered your Dell SonicWALL UMA EM5000 and it is licensed for GMS, the GMS login screen is the first screen that displays each time you access the GMS management interface using a Web browser on your management computer. Access the GMS management interface with the URL: http://<IP address>:<port>/sgms/ Note: The GMS management interface is separate from the appliance management interface used to configure appliance settings, and can have different login credentials. See Logging into the Appliance Management Interface - page 18. GMS Navigation Tabs The GMS management interface navigation tabs are located at the top of the management interface. The six navigation tabs are Dashboard, Firewall, SRA, ES, CDP, Monitor, and Console. The Monitor tab provides real-time monitoring at the global, group or appliance level. The Console tab provides tools to customize options found in the other GMS tabs and to manage GMS settings and settings that affect the environment globally. GMS Management Interface Introduction | 49 Dashboard The Dashboard tab is a customizable dashboard of your Dell SonicWALL GMS deployment. The Dashboard tab provides powerful network visualization reporting, monitoring, and search filtering tools consolidated into one area of the management user interface. The Dashboard tab provides administrators with an executive summary through a Universal Dashboard geographic map. As depicted in the screenshot below, the Geographic View provides a scalable map that displays your Dell SonicWALL GMS-managed units and GMS servers using graphical icons—these icons provide system state information with a mouse over. The Dashboard tab also provides administrators with a centralized location to create Universal Scheduled Reports for Firewall, SRA, CDP, and Email Security reporting solutions. 50 | Dashboard For more information on configuring the Universal Dashboard and Universal Scheduled Reports, refer to the “Using the Dashboard Panel” chapter in the Dell SonicWALL GMS Administrator’s Guide. Live Monitoring Management Interface The Live Monitoring feature provides users with the ability to monitor an entire network through the correlation of syslog messages received from appliances throughout a deployment. The collected syslogs are filtered with user-defined rules to become alerts. By viewing alerts in the Live Monitoring screen, users can monitor a network, analyze traffic based on protocols, Web usage and productivity, and detect viruses and attacks in the network. The GMS management interface is the main control panel for GMS. The management interface allows you to add and modify appliances, perform monitoring and reporting tasks, set policies for managed appliances, and configure GMS settings. Multi-Solution Management The Multi-Solution Management feature in Dell SonicWALL GMS provides next generation management capability by allowing administrators to manage multiple appliance types— Firewall, CDP, SMB SRA, EX-Series SRA, and Email Security—through their respective Web user interfaces over HTTP and HTTPS. Multi-Solution Management enables GMS Core Management functionality through the GMS user interface. Functions such as creating tasks, posting policies, scheduling tasks, and more are easily completed across multiple appliances at Unit Node and Group Node levels. Live Monitoring | 51 Left Pane Overview Center Pane Overview The left pane of the GMS management interface provides a tree control that displays the current view and a list of managed appliances within the current tab. The left pane is only displayed for the four appliance tabs: Firewall, SRA, CDP, and ES. The current category and view are indicated by a blue highlighting. The left pane tree control provides the ability to switch between views and displays the current state of each appliance under management. A single box in the tree control indicates a node at appliance or unit level. Two boxes in the tree control indicates a node at a group level. A global node at the top of the tree control is indicated by a three-box icon. The color of these icons provides useful status information. For detailed information about appliance states, refer to Description of Managed Appliance States - page 54. The center pane displays for the four appliance tabs: Firewall, SRA, CDP, and ES. A navigational tree control that provides access to the configuration options available based on navigational tab and left pane selections. At the top of the Center pane there are two sub-tabs, Policies and Reports. The Policies subtab provides policy configuration options for managed appliances. The Reports sub-tab provides reporting on the global, group, or appliance level, and is only available for Firewall, SRA, and CDP. Note: If there is only one appliance visible in the Left Pane, then the Left Pane will automatically collapse to present a larger screen for the rest of the management interface. 52 | Left Pane Overview The current selection in the center pane is indicated by the highlighted item. For example, the figure to the left displays the current selection Log > Log Settings. The center pane options change based on the navigational tab and left pane selections, and selections in the center pane modify the display in the right pane. For example, the figure in the next section illustrates the contents of the right pane when the global view is selected in the left pane and System > Status is selected on the Policies tab in the center pane. Right Pane Overview The right pane displays the available status or tasks based on the current selection of navigational tab, left pane and center pane options. Configurations performed in the right pane modify global, group or appliance settings. For example, the right pane image below displays the status and tasks available for the Policies navigation tab, left pane selection GlobalView, and center pane selection System > Status. Right Pane Overview | 53 Description of Managed Appliance States This section describes the meaning of icons that appear next to managed appliances listed in the left pane of the GMS management interface. Appliance Status Description One blue box indicates that the appliance is operating normally. The appliance is accessible from GMS, and no tasks are pending or scheduled. Two blue boxes indicate that appliances in a group are operating normally. All appliances in the group are accessible from GMS and no tasks are pending or scheduled. Three blue boxes indicate that all appliances in the global group of this type (Firewall/SRA/CDP/ES) are operating normally. All appliances of this type are accessible from GMS and no tasks are pending or scheduled. One blue box with a lightning flash indicates that one or more tasks are pending or running on the appliance. 54 | Description of Managed Appliance States Two blue boxes with a lightning flash indicate that tasks are currently pending or running on one or more appliances within the group. Two blue boxes with a clock indicate that tasks are currently scheduled to execute at a future time on one or more appliances within the group. One blue box with a clock indicates that one or more tasks are scheduled on the appliance. One yellow box indicates that the appliance has been added to GMS management (provisioned), but not yet acquired. Two yellow boxes indicate that one or more appliances in the group have been added to GMS management, but not acquired. Three yellow boxes indicate that one or more of the global group of appliances of this type (Firewall/ SRA/CDP/ES) have been added to GMS management, but not acquired. One yellow box with a lightning flash indicates that one or more tasks are pending on the provisioned appliance. Two yellow boxes with a lightning flash indicates that tasks are pending on one or more provisioned appliances within the group. One red box indicates that the appliance is no longer sending heartbeats to GMS. This icon indicates a fail over to a secondary Ethernet port. Two red boxes indicate that one or more appliance in the group is no longer sending heartbeats to GMS. This icon indicates the a modem is connected using a dialup. Three red boxes indicate that one or more of the global group of appliances of this type (Firewall/ SRA/CDP/ES) is no longer sending heartbeats to GMS. This icon indicates the wireless is connected using WWAN. One red box with a lightning flash indicates that the appliance is no longer sending heartbeats to GMS and has one or more tasks pending. Two red boxes with a lightning flash indicate that one or more appliance in the group is no longer sending heartbeats to GMS and has one or more tasks pending. This icon indicates the unit’s Task Pending status is “Immediate”. This icon indicates the unit’s Task Pending status is “Scheduled”. A box with a dot in the top-left corner indicates that the appliance is being managed by GMS using a static IP address. A green circle with the number 1 in the middle indicates that the unit is in an HA pair and is currently the Primary unit. A yellow circle with the number 2 in the middle indicates that the unit is in an HA pair and is currently on backup. Description of Managed Appliance States | 55 56 | Description of Managed Appliance States Provisioning and Adding Units 6 In this Section: After installation, registration, and role configuration, the next steps in setting up your Dell SonicWALL UMA are provisioning Dell SonicWALL appliances to support GMS and adding them to the Dell SonicWALL UMA EM5000. All Dell SonicWALL appliances must be provisioned before adding them to the Dell SonicWALL UMA EM5000. Make sure the provisioned Dell SonicWALL appliances have a valid Global Management System. This chapter contains the following sections: • Provisioning a Dell SonicWALL Firewall Appliance - page 58 • Provisioning a Dell SonicWALL SRA SMB Appliance - page 59 • Provisioning a Dell SonicWALL E-Class SRA Series Appliance - page 60 • Provisioning a Dell SonicWALL CDP Appliance - page 60 • Adding Dell SonicWALL Appliances - page 61 57 Provisioning a Dell SonicWALL Firewall Appliance To provision a Dell SonicWALL firewall appliance to support GMS, perform the following: 1. 2. 3. Log in to the firewall appliance. Navigate to the Log > Syslog page. In Syslog Servers, click the Add button. Enter the GMS IP address to start sending syslogs. The GMS service should be activated. Set the log in UTC format and log category. 58 | Provisioning a Dell SonicWALL Firewall Appliance 4. Navigate to the System > Time page, and enable the Display UTC in logs (instead of local time) checkbox. Provisioning a Dell SonicWALL SRA SMB Appliance 4. Navigate to the System > Time page, and enable the Display UTC in logs (instead of local time) checkbox. To provision a Dell SonicWALL SRA SMB appliance for Dell SonicWALL UMA EM5000 perform the following: 1. 2. 3. Log in to the SRA SMB appliance. Navigate to the Log > Analyzer page. In Analyzer Settings, click the Enable Analyzer checkbox. Click the Add button to add the GMS IP address, this starts sending syslogs. Provisioning a Dell SonicWALL SRA SMB Appliance | 59 Provisioning a Dell SonicWALL E-Class SRA Series Appliance Provisioning a Dell SonicWALL CDP Appliance Currently there is no GMS settings implementation in Dell SonicWALL E-Class SRA series appliances. To add GMS reporting support, use the Additional ViewPoint settings in the General Settings > Configure Centralized Management screen. And enter the GMS IP address and port number to start sending syslog. Currently there is no GMS settings implementation in Dell SonicWALL CDP appliances. To add GMS reporting support, use the GMS settings in the Settings > SMB screen. In Active Report, select the Enable checkbox. And enter the GMS IP address and port number to start sending CDP syslog. 60 | Provisioning a Dell SonicWALL E-Class SRA Series Appliance Adding Dell SonicWALL Appliances This section describes how to add Dell SonicWALL appliances to the GMS. Dell SonicWALL UMA checks with the Dell SonicWALL licensing server when you add an appliance, so it is important that Dell SonicWALL UMA EM5000 has Internet access to the server. Dell SonicWALL UMA can communicate with Dell SonicWALL appliances through HTTP or HTTPS. 2. Expand the Dell SonicWALL UMA EM5000 tree and select the group to which you will add the Dell SonicWALL appliance. Then, right-click the group and select Add Unit from the pop-up menu. To not specify a group, right-click an open area in the left pane (TreeControl pane) of the Dell SonicWALL UMA management interface and select Add Unit or click the Add Unit icon in the tool bar. To add a Dell SonicWALL appliance using the Dell SonicWALL UMA management interface, perform the following: 1. Click the appliance tab that corresponds to the type of appliance that you want to add: • Firewall • SRA • CDP Adding Dell SonicWALL Appliances | 61 The Add Unit dialog box appears: 4. 5. 6. 7. 8. 3. Enter a descriptive name for the Dell SonicWALL appliance in the Unit Name field. Do not enter the single quote character (‘) in the Unit Name field. 62 | Adding Dell SonicWALL Appliances Enter the serial number of the Dell SonicWALL appliance in the Serial Number field. For the Managed Address, choose whether to Determine automatically, or Specify manually. Most deployments will be able to determine the IP address automatically. If you choose to specify the IP address manually, an option to Make manual address sticky is available. This will retain the Manual Mode and the specified IP address will not be overwritten. Enter the Administrator login name for the Dell SonicWALL appliance in the Login Name field. The Administrator of the appliance can also enter a Local User or a Remote User name (as configured on the Firewall) for GMS Management. If using Local User or Remote User names, they must be included in the user list created on the Firewall. Enter the password used to access the Dell SonicWALL appliance in the Password field. For Management Mode, select from the following: • If the Dell SonicWALL appliance will be managed through an existing VPN tunnel or over a private network, select Using Existing Tunnel or LAN. • If the Dell SonicWALL appliance will be managed through a dedicated management VPN tunnel, select Using Management Tunnel. • If the Dell SonicWALL appliance will be managed using SSL, select Using SSL (default). 9. Enter the IP address of the managed appliance in the Management Port field (default port for is HTTPS: 443). The Dell SonicWALL appliance will be connected with HTTPS by default. 10. For VPN tunnel management, enter a 16-character encryption key in the SA Encryption Key field. The key must be exactly 16 characters long and composed of hexadecimal characters. Valid hexadecimal characters are “0” to “9”, and “a” to “f” (i.e., 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, a, b, c, d, e, f). For example, a valid key would be: 1234567890abcdef Note: This key must match the encryption key of the SonicWALL appliance. You can set the key on the appliance by logging directly into it. 11. For VPN tunnel management, enter a 32-character authentication key in the SA Authentication Key field. The key must be exactly 32 characters long and composed of hexadecimal characters. For example, a valid key would be: 1234567890abcdef1234567890abcdef Note: This key must match the authentication key of the SonicWALL appliance. 12. Select the IP address of the GMS agent server that will manage the Dell SonicWALL appliance from the Agent IP Address drop-down. Note: If GMS is configured in a multi-tier distributed environment, you must select the GMS Agent whose IP address matches the IP address that you specified when configuring the SonicWALL appliance for GMS management. If GMS is in a single-server environment, the IP address of the GMS agent server already appears in the field. 13. If the GMS is configured in a multi-tier distributed environment, enter the IP address of the backup GMS server in the Standby Agent IP field. The backup server will automatically manage the SonicWALL appliance in the event of a primary server failure. Any Agent can be configured as the backup. If the GMS is deployed in a single server environment, leave this field blank. 14. Click OK. The new Dell SonicWALL appliance appears in the GMS management interface. It will have a yellow icon that indicates it has not yet been successfully acquired. GMS will then attempt to set up an HTTPS connection to access the appliance. GMS then reads the appliance configuration and acquires the Dell SonicWALL appliance for reporting. This will take a few minutes. After the Dell SonicWALL appliance is successfully acquired, its icon turns blue, its configuration settings are displayed at the unit level, and its settings are saved to the database. Adding Dell SonicWALL Appliances | 63 64 | Adding Dell SonicWALL Appliances Front Panel LCD Controls 7 In this Section: This section provides information about using the LCD controls on the front panel of the Dell SonicWALL UMA EM5000. • Front Panel Control Features - page 66 • Using the Main Menu - page 66 • About the Status Menu - page 67 • Using the Configure Menu - page 67 • Using the Restart Option - page 68 • Using the Shutdown Option - page 68 65 Front Panel Control Features Using the Main Menu The Dell SonicWALL UMA EM5000 appliance is equipped with a front panel interface that allows an administrator to customize certain aspects of the appliance or simply monitor its status without having to log into it through a separate terminal. Upon booting, the LCD display will initially show the Main Menu. The menu is made up of four options: Contains basic status values including system resources, connections, and port configuration values. Allows configuration of basic LAN port settings. Requires system pin for access, default: 76642. Allows the appliance to be restarted. Universal Management Appliance By default, the LCD display cycles through the Status values in screen-saver mode. The display returns to screen-saver mode after 6 seconds of no activity on the 4-way D-pad or after pressing the Left button from the Main Menu. 66 | Front Panel Control Features Allows the appliance to be shut down and powered off. The Status and Configure options are menus that contain multiple selections. The Restart and Shutdown options provide confirmation screens when selected. Use the Up and Down buttons to navigate to the option or menu that you wish to enter. Click the Right button to select the option or enter the menu and view its selections. About the Status Menu Using the Configure Menu The Status menu allows you to view specific aspects of the appliance. The LCD cycles through the Status list by default when no other menu is in use. You can also navigate the list using the Up and Down buttons. Status values in the list include the following: The Configure menu allows you to configure specific aspects of the appliance. When the Configure menu is selected, the LCD will display a PIN request. • • • • • • • • Appliance name Software version Date Time Uptime Management URL Interface eth0 IP (default LAN) Interface eth0 subnet mask Note: The Default PIN is 76642. This number spells SONIC on a phone keypad. All numbers are entered using the 4 buttons on the D-pad. To enter the PIN, use the buttons as follows: 1. 2. 3. 4. Select the desired number using the Up and Down buttons. Digits increase incrementally from 0 to 9. To move to the next digit field, press the Right button. To move back to a previous digit field, press the Left button. When you are finished entering the PIN, press the Right button to confirm your PIN and enter the Configure Menu. The appliance allows the user to navigate in and out of the Configure menu without having to re-enter the PIN. However, once the appliance enters screen-saver mode, whether from the 6 second time out or from pressing the Left button while in the Main Menu, the PIN number must be re-entered to access the Configure menu. About the Status Menu | 67 After entering a new value for a setting in the Configure menu, you are asked if you want to commit changes. Using the 4-way D-pad, press the Right button for yes or the Left button for no. If you choose yes, the screen notifies you that the settings are updated. Using the Restart Option When you select Restart from the Main Menu, you are asked to confirm the appliance restart. Press the Right button for yes or the Left button for no. 68 | Using the Restart Option Using the Shutdown Option When you select Shutdown from the Main Menu, you are asked to confirm the appliance shutdown. Press the Right button for yes or the Left button for no. 8 Support and Training Options 8 In this Section: This section provides Dell SonicWALL support and training information. • Customer Support - page 70 • Knowledge Portal - page 70 • Dell SonicWALL Live Product Demos - page 71 • User Forums - page 71 • Training - page 72 • Related Technical Documentation - page 72 • Additionally Supported Languages - page 73 69 Customer Support Knowledge Portal Dell SonicWALL offers Web-based and telephone support to customers who have a valid Warranty or who purchased a Support Contract. Please review our Warranty Support Policy for product coverage. Dell SonicWALL also offers a full range of consulting services to meet your needs, from our innovative implementation services to traditional statement of work-based services. The Knowledge Portal allows users to search for Dell SonicWALL documents based on the following types of search tools: For further information, visit: http://www.sonicwall.com/us/support/contact.html For further information, navigate to the Support > Knowledge Portal page at: http://www.mysonicwall.com/ 70 | Customer Support • Browse • Search for keywords • Full-text search Dell SonicWALL Live Product Demos User Forums The Dell SonicWALL Live Demo Site provides free test drives of Dell SonicWALL security products and services through interactive live product installations: The Dell SonicWALL User Forums is a resource that provides users the ability to communicate and discuss a variety of security and appliance subject matters. In this forum, the following categories are available for users: • • • • • • • • Dell SonicWALL GMS and Analyzer Unified Threat Management Platform Secure Cellular Wireless Continuous Data Protection SSL VPN Secure Remote Access Content Filtering Secure Wireless Solutions Email Security For further information, visit: http://livedemo.sonicwall.com/ • • • • • • • • • • • Content Security Manager topics Continuous Data Protection topics Email Security topics Firewall topics Network Anti-Virus topics Security Services and Content Filtering topics Dell SonicWALL GMS and Analyzer topics SonicPoint and Wireless topics SSL VPN topics VPN Client topics VPN site-to-site and interoperability topics For further information, visit: https://forum.sonicwall.com/ Dell SonicWALL Live Product Demos | 71 Training Related Technical Documentation Dell SonicWALL offers an extensive sales and technical training curriculum for Network Administrators, Security Experts and Medallion Partners who need to enhance their knowledge and maximize their investment in Dell SonicWALL Products and Security Applications. Dell SonicWALL Training provides the following resources for its customers: Dell SonicWALL reference documentation is available at the Dell SonicWALL Technical Documentation Online Library: http://www.sonicwall.com/us/Support.html • • • • • E-Training Instructor-Led Training Custom Training Technical Certification Authorized Training Partners For further information, visit: http://www.sonicwall.com/us/training.html Dell SonicWALL GMS video training is available from the GMS Development Team: http://software.sonicwall.com/gmsvp/Dev-Training/ 72 | Training The Dell SonicWALL GMS documentation set includes the following: • GMS Release Notes • GMS Software Getting Started Guide • GMS Virtual Appliance Getting Started Guide • UMA EM5000 Getting Started Guide • GMS Administrator’s Guide For more advanced deployment examples or interoperability solutions, refer to Dell SonicWALL GMS Technical Notes. Additionally Supported Languages Dell SonicWALL Getting Started Guides, Quick Start Guides, User Guides, appliance firmware, and various end-user clients are now available in multiple languages. After registering your product, you can check for applicable firmware or end-user client software on MySonicWALL. New releases are posted as they become available, so please check periodically for additional firmware, software, and documents. 本地化固件和文档通知 Dell SonicWALL 《入门指南》、《快速入门指南》、《用户指 南》、设备固件和多种终端用户客户端现已支持多种语言。请从 http://www.sonicwall.com/cn/downloads.html 查找可用的中 文文档。 ロー カ ラ イ ズ版フ ァ ームウ ェ アおよび ド キ ュ メ ン ト について Dell SonicWALL 導入ガ イ ド 、 ク イ ッ ク ス タ ー ト ガ イ ド 、 ユー ザ ガ イ ド 、 装置用フ ァ ームウ ェ ア、 および多彩なエ ン ド ユー ザ ク ラ イ ア ン ト が複数の言語で利用で き る よ う にな り ま し た。 利用可能な日本語 ド キ ュ メ ン ト は、 http://www.sonicwall.com/ japan/documents/support_document.html を ご覧下 さ い。 導入ガ イ ド またはク イ ッ ク ス タ ー ト ガ イ ド の手順に沿っ て、 MySonicWALL (http://www.mysonicwall.com) で製品を登録 し ま す。 製品の登録後に、 利用可能な フ ァ ームウ ェ ア またはエ ン ド ユーザ ク ラ イ ア ン ト を MySonicWALL 上で確認で き ます。 新 し い リ リ ースは利用可能にな る と 公開 さ れるので、 フ ァ ームウ ェ ア、 ソ フ ト ウ ェ ア、 および ド キ ュ メ ン ト を定期的に確認 し て く だ さ い。 请按照 《入门指南》或 《快速入门指南》中的说明,在 MySonicWALL 网站 http://www.mysonicwall.com 注册您的设 备。注册完成后,您可以在 MySonicWALL 网站查看相应的固件 和终端用户客户端软件。我们会在第一时间发布可用的新版本, 请定期检查以获取最新的固件、软件和文档。 Additionally Supported Languages | 73 펌웨어 및 문서 한글화 안내 Dell SonicWALL Getting Started 가이드 , Quick Start 가이드 , 사용자 가이드 , 어플라이언스 펌웨어 및 다양한 엔드유져 클라 이언트가 다국어를 지원합니다 . 다음에서 사용 가능한 한국어 문서를 찾아 보세요 . http://www.sonicwall.com/apac/en/ko/ documents.html. Getting Started 가이드 또는 Quick Start 가이드에 있는 절차에 따라 http://www.mysonicwall.com 에서 제품 등록을 하세요 . 제품 등록 후 , MySonicWALL 에서 적용 가능한 한국어 펌웨어 또는 사용자 클라이언트 소프트웨어를 확인할 수 있습니다 . 새로운 버젼은 사용 가능할 때 등록됩니다 . 그러므로 , 추가되 는 한국어 펌웨어 , 소프트웨어와 문서가 있는지 주기적으로 체 크하세요 . 74 | Additionally Supported Languages Notificação de Firmware e Documentação Localizada As Guias de noções básicas, Guias de início rápido, Guias de Usuário, firmware de aplicações, e varios clientes de usuário final de Dell SonicWALL estão agora disponíveis em varias línguas. Pode encontrar a documentação disponível em Português em http://www.sonicwall.com/br/pt/. Siga as instruções da Guia de noções básicas ou Guia de início rápido para registrar seu produto em MySonicWALL no http://www.mysonicwall.com. Depois de registrar o produto, você pode procurar firmaware ou clientes de usuário final aplicáveis em MySonicWALL. Novos lançamentos são publicados tão pronto estejam disponíveis, assim que por favor visite periodicamente esta página para ver firmware, software e documentos adicionais. Product Safety and Regulatory Information 9 In this Section: This section provides instructions for safely replacing the hard drive, and also provides product safety and regulatory information. • Replacing a Single Hard Drive - page 76 • Safety and Regulatory Information - page 78 75 Replacing a Single Hard Drive You can order a replacement hard drive from Dell SonicWALL for your Dell SonicWALL UMA EM5000. The 750GB replacement hard drive can be inserted into any drive slot on your Dell SonicWALL UMA EM5000. You can insert the drive while the appliance is powered on. The front bezel on the Dell SonicWALL UMA EM5000 covers the drive slots. The bezel can be unlocked with the front bezel security key supplied with the appliance. Removing the Defective Hard Drive To remove the defective drive from the Dell SonicWALL UMA EM5000, perform the following steps: 1. 2. On your Dell SonicWALL UMA EM5000, use the front bezel key to unlock the front bezel, then remove the front bezel to expose the hard drive array. In the appliance Web interface, navigate to the System > RAID page. 3. The defective drive is indicated by a drive status box displaying a status such as: • UNKNOWN • NOT SUPPORTED • NOT PRESENT You might see a different status than those listed, depending on the condition of the drive as interpreted by the RAID controller. On the appliance, press the square button on the right side of the defective drive to pop out the drive handle. Warning: Be careful to remove only the defective drive from the drive array while the appliance is powered on. Removing more than one drive from an active array will cause loss of data. 76 | Replacing a Single Hard Drive 4. 5. Grasp the drive handle and pull the drive straight out to remove it from the slot. Click Refresh on the System > RAID page and confirm that the status of the correct (defective) drive is the only change. The status should be NOT PRESENT. If you removed the wrong drive, reinsert it and allow the RAID controller to rebuild the array before proceeding. See Inserting the Replacement Drive into the UMA EM5000 Appliance - page 77. Inserting the Replacement Drive into the UMA EM5000 Appliance Warning: Do not insert anything other than the Dell SonicWALL approved hard drive into the Dell SonicWALL UMA EM5000. To view the hard drive array and insert the replacement drive into the Dell SonicWALL UMA EM5000, perform the following steps: 1. 2. Remove the hard drive and the drive number stickers from the replacement drive shipping carton. Depending on which drive you are replacing, apply the appropriate sticker to the drive handle. While holding the drive with the label side up, place the sticker near the edge of the handle next to the square button. 3. 4. 5. 6. 7. In the appliance Web interface, navigate to the System > RAID page. Pop open the drive handle on the new hard drive by pressing the square button. Insert the drive into the empty slot, label side up with the handle sticking out. Press the drive firmly into place to seat the connectors, and then close the handle. Click Refresh on the System > RAID page. You will see the drive slot status change to DEGRADED, and the Array Status change to REBUILD-PAUSED. The DEGRADED drive status indicates that the RAID controller senses that data is missing from the drive. The Array Status will change to REBUILDING within a few minutes. 8. You may continue to use your UMA EM5000 while the RAID controller rebuilds the array with the new drive. The rebuilding process requires at least three hours. When finished rebuilding, the status for both the drive and the array changes to OK on the System > RAID page. 9. Re-install the front bezel, being sure to properly line up the LCD connectors. The best practice is to align and seat the right side of the bezel (as you are facing the front of the UMA EM5000), then view the connectors from above as you carefully press the left side of the bezel into place. 10. Lock the bezel with the front bezel security key. Replacing a Single Hard Drive | 77 Safety and Regulatory Information Regulatory Model / Type Product Name 1RK19-066 UMA EM5000 78 | Safety and Regulatory Information Unauthorized Ports Do not plug devices into any ports (other than those indicated) unless explicitly instructed to do so by a Dell SonicWALL technical support representative. Doing so may void your warranty. Mounting the UMA EM5000 Appliance The following conditions are required for proper installation: • Reliable grounding of rack-mounted equipment must be maintained. Particular attention must be given to power supply connections other than direct connections to the branch circuits, such as power strips. • The Dell SonicWALL appliance is designed to be mounted in a standard 19-inch rack mount cabinet. • The included power cord is approved for use only in specific countries or regions. Before using a power cord, verify that it is rated and approved for use in your location. • Use the mounting hardware recommended by the rack manufacturer and ensure that the rack is adequate for the application. • The power cord must be removed to disconnect power. • Ensure that no water or excessive moisture can enter the unit. • Allow unrestricted airflow around the unit and through the vents on the side of the unit. A minimum of 1 inch (25.44mm) clearance is recommended. • Route cables away from power lines, fluorescent lighting fixtures, and sources of noise such as radios, transmitters, and broadband amplifiers. • Mount in a location away from direct sunlight and sources of heat. A maximum ambient temperature of 104º F (40º C) is recommended. • If installed in a closed or multi-unit rack assembly, the operating ambient temperature of the rack environment may be greater than room ambient. Therefore, consideration should be given to installing the equipment in an environment compatible with the maximum recommended ambient temperature shown above. Lithium Battery Warning The Lithium Battery used in the Dell SonicWALL Internet security appliance may not be replaced by the user. The Dell SonicWALL must be returned to a Dell SonicWALL authorized service center for replacement with the same or equivalent type recommended by the manufacturer. If, for any reason, the battery or Dell SonicWALL Internet security appliance must be disposed of, do so following the battery manufacturer's instructions. Cable Connections All Ethernet cables are designed for intra-building connection to other equipment. Do not connect these ports directly to communication wiring or other wiring that exits the building where the Dell SonicWALL is located. • Mount the Dell SonicWALL appliances evenly in the rack in order to prevent a hazardous condition caused by uneven mechanical loading. • Four mounting screws, compatible with the rack design, must be used and hand tightened to ensure secure installation. Choose a mounting location where all four mounting holes line up with those of the mounting bars of the 19-inch rack mount cabinet. • A suitably rated and approved branch circuit breaker shall be provided as part of the building installation. Follow local code when purchasing materials or components. • Consideration must be given to the connection of the equipment to the supply circuit. Appropriate consideration of equipment nameplate ratings must be used when addressing this concern. Do not overload the circuit. Safety and Regulatory Information | 79 Weitere Hinweise zur Montage Für eine ordnungsgemäße Montage sollten die folgenden Hinweise beachtet werden: • Das Dell SonicWALL Modell ist für eine Montage in einem standardmäßigen 19Zoll-Rack konzipiert. • Vergewissern Sie sich, dass das Rack für dieses Gerät geeignet ist und verwenden Sie das vom Rack-Hersteller empfohlene Montagezubehör. • Stellen Sie sicher, dass das Gerät vor Wasser und hoher Luftfeuchtigkeit geschützt ist. • Stellen Sie sicher, dass die Luft um das Gerät herum zirkulieren kann und die Lüftungsschlitze an der Seite des Gehäuses frei sind. Hier ist ein Belüftungsabstand von mindestens 26 mm einzuhalten. • Achten Sie darauf, das sich die Netzwerkkabel nicht in der unmittelbaren Nähe von Stromleitungen, Leuchtstoffröhren und Störquellen wie Funksendern oder Breitbandverstärkern befinden. • Wählen Sie für die Montage einen Ort, der keinem direkten Sonnenlicht ausgesetzt ist und sich nicht in der Nähe von Wärmequellen befindet. Die Umgebungstemperatur darf nicht mehr als 40 °C betragen. • Wenn das Gerät in einem geschlossenen 19"-Gehäuse oder mit mehreren anderen Geräten eingesetzt ist, wird die Temperatur in der Gehäuse höher sein als die Umgebungstemperatur. Achten Sie daraf, daß die Umgebungstemperatur nicht mehr als 40° C beträgt. • Bringen Sie die Dell SonicWALL waagerecht im Rack an, um mögliche Gefahren durch ungleiche mechanische Belastung zu vermeiden. • Verwenden Sie für eine sichere Montage vier passende Befestigungsschrauben, und ziehen Sie diese mit der Hand an. Wählen Sie einen Ort im 19-Zoll-Rack, wo alle vier Befestigungen der Montageschien verwendet werden. • Ein angemessen dimensionierter und geprüfte Sicherung, sollte Bestandteil der Haus-Installation sein. Bitte folgen die den lokalen Richtlinien beim Einkauf von Material oder Komponenten. • Prüfen Sie den Anschluss des Geräts an die Stromversorgung, damit der Überstromschutz sowie die elektrische Leitung nicht von einer eventuellen Überlastung der Stromversorgung beeinflusst werden. Prüfen Sie dabei 80 | Safety and Regulatory Information sorgfältig die Angaben auf dem Aufkleber des Geräts. Überlasten Sie nicht den Stromkreis. • Eine sichere Erdung der Geräte im Rack muss gewährleistet sein. Insbesondere muss auf nicht direkte Anschlüsse an Stromquellen geachtet werden wie z. B. bei Verwendung von Mehrfachsteckdosen. • Das im Lieferumfang enthaltene bzw. die im Lieferumfang enthaltenen Netzkabel sind nur für die Verwendung in bestimmten Ländern und Regionen zugelassen. Überprüfen Sie bitte vor der Verwendung eines Netzkabels, ob es für die Verwendung in Ihrem Land oder Ihrer Region zugelassen ist und den geforderten Normen entspricht. • Das Netzanschlusskabel muss entfernt werden, um Energie zu trennen. Hinweis zur Lithiumbatterie Die in der Internet Security appliance von Dell SonicWALL verwendete Lithiumbatterie darf nicht vom Benutzer ausgetauscht werden. Zum Austauschen der Batterie muss die Dell SonicWALL in ein von Dell SonicWALL autorisiertes Service-Center gebracht werden. Dort wird die Batterie durch denselben oder entsprechenden, vom Hersteller empfohlenen Batterietyp ersetzt. Beachten Sie bei einer Entsorgung der Batterie oder der Dell SonicWALL Internet Security appliance die diesbezüglichen Anweisungen des Herstellers. Kabelverbindungen Alle Ethernet-Kabel eignen sich für die Verbindung von Geräten in Innenräumen. Schließen Sie an die Anschlüsse der Dell SonicWALL keine Kabel an, die aus dem Gebäude herausgeführt werden, in dem sich das Gerät befindet. 架設 UMA EM5000 裝置 •必須維護可靠的機架裝載設備接地。必須特別留意電源供應器 連線,而不是直接連接到電源板之類的分支電路。 需要滿足以下條件以進行正確安裝: •戴爾 SonicWALL 設備被設計成安裝在一個標準的 19 吋機架安 裝櫃。 •隨附的電源線僅限於特定的國家或地區使用。使用前,請確認 電源線的額定值且已被認可在你的地區上使用。 •使用機架製造商推薦的裝載硬體,確認機架足夠裝置所需 •請確認裝置內不會滲入水分或過多的濕氣。 •裝置週邊請保持通風,特別是裝置通風口側。建議裝置與牆壁 間至少要有 1 英吋 (25.44 公釐 ) 的淨空。 •纜線的路徑應遠離電源線、日光燈,以及會產生雜訊的來源, 如無線電、發送器與寬頻放大器。 鋰電池警告 使用者不得自行更換 戴爾 SonicWALL 網際網路安全性裝置中使 用的鋰電池。必須將 戴爾 SonicWALL 送回 戴爾 SonicWALL 授權 的服務中心,以更換相同的鋰電池或製造商推薦的同類型鋰電 池。若因任何原因必須丟棄電池或 戴爾 SonicWALL 網際網路安 全性裝置,請嚴格遵守電池製造商的指示。 •架設位置需遠離陽光直射與熱源。建議周圍溫度最高溫不 要 超過 104°F (40°C)。 纜線連結 •如果是安裝於封閉式或多組機架配件,機架環境的周圍操作溫 度可能會高過室內周遭。因此,在與上述建議之最高周圍溫度 相容的環境中安裝設備時,應將此列入考量。 所有乙太網路與 RS232 ( 主控台 ) 線路都是為與其他裝置進行內 建連接所設計的。請不要將這些連接埠直接連接至通訊線路,或 其他連出 戴爾 SonicWALL 所在建築的線路。 •將 戴爾 SonicWALL 裝置平坦地裝設在機架中,如此才能避免 因不均勻的機械負荷造成危險狀況。 •必須使用四顆與機架設計相容的安裝螺釘,並用手鎖緊螺釘, 確定安裝牢固。選擇一個安裝位置,將四個裝載洞孔對齊 19 吋架設機櫃的安裝桿。 •應當提供一個合適額定值並且已被認可的分支電路斷路器作為 安裝該裝置的一部分。在購買材料或部件時,應遵循當地安全 代碼。 •必須留心裝置與電源電路的連接問題,電路過載對過電流保護 與電路電線的影響需降至最低。解決這個問題時,需正確考慮 裝置銘牌額定值。不要過載電路。 Safety and Regulatory Information | 81 FCC Part 15 Class A Notice This equipment was tested and found to comply with the limits for a Class A digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment. This equipment generates, uses, and can radiate radio frequency energy. And if not installed and used in accordance with the instruction manual, the device may cause harmful interference to radio communications. Operation of this equipment in a residential area is likely to cause harmful interference in which case the user is required to correct the interference at his own expense. CAUTION: Modifying this equipment or using this equipment for purposes not shown in this manual without the written consent of Dell SonicWALL, Inc. could void the user’s authority to operate this equipment. Declaration of Conformity A “Declaration of Conformity” in accordance with the directives and standards has been made and is on file at Dell Inc. Products Europe BV, Limerick, Ireland. CISPR 22 (EN 55022) Class A Complies with EN 55022 Class A and CISPR 22 Class A. WARNING: This is a class A product. In a domestic environment, this product may cause radio interference, in which case the user may be required to take adequate measures. BMSI Statement 警告使用者: 此為甲類資訊技術設備,於居住環境中使用時,可能會造成射 頻擾動,在此種情況下,使用者會被要求採取某些適當的對策。 82 | Safety and Regulatory Information VCCI Statement この装置は、クラスA情報技術装置です。この装置を家庭環 境で使用すると電波妨害を引き起こすことがあります。この 場合には使用者が適切な対策を講ずるよう要求 されることがあります。 VCCI - A Canadian Radio Frequency Emissions Statement This Class A digital apparatus complies with Canadian ICES-003. Cet appareil numérique de la classe A est conforme à la norme NMB-003 du Canada. India RoHS Statement This product complies with Restriction of Hazardous Substances (RoHS) requirements as prescribed by E-Waste (Management & Handling) Rules, by the Ministry of Environment & Forests, Government of India. For further information, please see: http://www.dell.com/regulatory_compliance Regulatory Information for Korea Ministry of Information and Telecommunication Certification Number SWL-1RK19-066 All products with country code “A” and “J” are made in the U.S.A. All products with country code “C” or “D” are made in Taiwan R.O.C. All certificates held by Secuwide, Corps. A 급 기기 ( 업무용 정보통신기기 ) 이 기기는 업무용으로 전자파적합등록을 한 기기이오니 판매자 또는 사용자는 이 점을 주의하시기 바라며 , 만약 잘못 판매 또는 구입하였을 때에는 가정용으로 교환하시기 바랍니다 . Safety and Regulatory Information | 83 84 | Safety and Regulatory Information
© Copyright 2024