Getting Started Guide Dell SonicWALL GMS Appliance UMA EM5000 Universal Management Appliance

Dell SonicWALL GMS Appliance
Management and Reporting
UMA EM5000 Universal Management Appliance
Getting Started Guide
For localized product information, see page 73.
ᴹ‫ޣ‬ᵜൠॆӗ૱ؑ᚟ˈ䈧৲➗ㅜ亥DŽ
䝻䞊䜹䝷䜲䝈䛥䜜䛯〇ရ䛾᝟ሗ䛻䛴䛔䛶䛿䚸㻣㻟㻌䝨䞊䝆䜢ཧ↷䛧䛶䛟䛰䛥䛔䚹
Ь˲߭ࢿ૽ࢽ‫ؿ‬Е૓ࢇएձॳˈଜ‫ࡁۿ‬
Para informação localizada do produto, veja página 74.
Notes, Cautions, and Warnings
NOTE: A NOTE indicates important information that helps you make better use of your system.
CAUTION: A CAUTION indicates potential damage to hardware or loss of data if instructions are not followed.
WARNING: A WARNING indicates a potential for property damage, personal injury, or death.
© 2014 Dell Inc.
Trademarks: Dell™, the DELL logo, SonicWALL™, SonicWALL GMS™, and all other SonicWALL product and service names and
slogans are trademarks of Dell Inc.
Microsoft Windows, Internet Explorer, and Active Directory are trademarks or registered trademarks of Microsoft Corporation.
2014 – 03
P/N 232-002290-51
Rev. A
1
In this Guide
This Getting Started Guide contains installation procedures and configuration guidelines for deploying the Dell SonicWALL Universal
Management Appliance EM5000 (Dell SonicWALL UMA EM5000) in your network. The Dell SonicWALL UMA EM5000 runs the Global
Management System, which is a Web-based application that can configure, manage, and monitor the status of thousands of Dell
SonicWALL Internet security appliances and non-Dell SonicWALL appliances from a central location.
The Dell SonicWALL UMA EM5000 provides these benefits:
• Centralized security and network management
• Sophisticated VPN deployment and configuration
• Active device monitoring and alerts
• Intelligent reporting and activity visualization
• Centralized logging and offline management
Note: For complete documentation, refer to the latest “Dell SonicWALL GMS Administrator’s Guide”. This and other documentation are
available at: http://www.sonicwall.com/us/Support.html. For the latest Dell SonicWALL UMA EM5000 firmware version
downloads and documentation, login to the MySonicWALL website at http://www.mysonicwall.com.
2 | In this Guide
Chapter 1
Sections Include
Introduction to the GMS UMA EM5000 - page 7
•
•
•
•
•
Chapter 2
Sections Include
Connecting and Initializing the GMS UMA EM5000 page 17
•
•
•
•
•
•
•
Chapter 3
Sections Include
Registering Your Appliance - page 25
• Creating a MySonicWALL Account - page 26
• Registering Your Appliance - page 26
• Registering as an Associated Component - page 28
Checking Package Contents - page 8
The Front Panel - page 9
The Rear Panel - page 10
System Requirements - page 11
Recording Configuration Information - page 15
Powering On Your Appliance - page 18
Restarting Your Appliance - page 18
Powering Off Your Appliance - page 18
Logging into the Appliance Management Interface - page 18
Using the Host Configuration Tool - page 19
Connecting the UMA EM5000 to Your Network - page 22
Configuring a Static IP Address on Your Management Computer - page 24
3
Chapter 4
Sections Include
Configuring the Role of Your Appliance - page 29
•
•
•
•
•
Chapter 5
Sections Include
Using the GMS Management Interface - page 47
•
•
•
•
•
•
•
•
•
•
•
•
4 | In this Guide
Overview of the UMA EM5000 Roles - page 30
Using the Role Configuration Tool - page 31
Manually Configuring the System Role - page 35
Configuring Deployment Settings - page 43
Starting and Stopping Host Services - page 45
Accessing the Correct Management Interface - page 48
GMS Management Interface Introduction - page 49
GMS Login Screen - page 49
GMS Navigation Tabs - page 49
Dashboard - page 50
Live Monitoring - page 51
Multi-Solution Management - page 51
Management Interface - page 51
Left Pane Overview - page 52
Center Pane Overview - page 52
Right Pane Overview - page 53
Description of Managed Appliance States - page 54
Chapter 6
Sections Include
Provisioning and Adding Units - page 57
•
•
•
•
•
Chapter 7
Sections Include
Front Panel LCD Controls - page 65
•
•
•
•
•
•
Chapter 8
Sections Include
Support and Training Options - page 69
•
•
•
•
•
•
•
Provisioning a Dell SonicWALL Firewall Appliance - page 58
Provisioning a Dell SonicWALL SRA SMB Appliance - page 59
Provisioning a Dell SonicWALL E-Class SRA Series Appliance - page 60
Provisioning a Dell SonicWALL CDP Appliance - page 60
Adding Dell SonicWALL Appliances - page 61
Front Panel Control Features - page 66
Using the Main Menu - page 66
About the Status Menu - page 67
Using the Configure Menu - page 67
Using the Restart Option - page 68
Using the Shutdown Option - page 68
Customer Support - page 70
Knowledge Portal - page 70
Dell SonicWALL Live Product Demos - page 71
User Forums - page 71
Training - page 72
Related Technical Documentation - page 72
Additionally Supported Languages - page 73
5
Chapter 9
Sections Include
Product Safety and Regulatory Information page 75
• Replacing a Single Hard Drive - page 76
• Safety and Regulatory Information - page 78
6 | In this Guide
Introduction to the GMS UMA EM5000
1
In this Section:
This section provides pre-configuration information for setting up your Dell SonicWALL UMA EM5000.
• Checking Package Contents - page 8
• The Front Panel - page 9
• The Rear Panel - page 10
• System Requirements - page 11
• Recording Configuration Information - page 15
7
Checking Package Contents
Before you begin the setup process, verify that your package contains the following items:
1.
2.
3.
4.
5.
6.
One Dell SonicWALL UMA EM5000 appliance
One Dell SonicWALL UMA EM5000 Getting Started Guide
One Rack Mounting Kit
One Ethernet cable
One standard power cord*
One set of Front Bezel Keys
*The included power cord(s) are approved for use only in specific countries or regions. Before using a power cord, verify that it is rated and approved for use in your location. The
power cords are for AC mains installation only. See Safety and Regulatory Information for more information.
1
3
2
Dell SonicWALL GMS Appliance
Universal Management Appliance
UMA EM5000
Management and Reporting
UMA EM5000 Universal Management Appliance
Getting Started Guide
4
5
6
Missing Items? If any items are missing from your package, contact Dell SonicWALL Support:
Web: http://www.sonicwall.com/us/Support.html
Email: customer_service@sonicwall.com
8 | Checking Package Contents
The Front Panel
D-Pad Controls
Power Switch
Provides up, left, right, and down buttons to
navigate the LCD menu:
Up/Down: Navigate lists
Left: Cancel changes / return to previous
Right: Accept changes
Allows the SonicWALL appliance to be
powered on or off
Reset Button
Reboots the SonicWALL appliance
Universal Management Appliance
Front Bezel Release
Allows access to drive bays under the
front bezel for addition/replacement of
hard disks (requires use of included key)
LCD Display
Provides access to basic system
information, settings, and features using
the D-Pad controls
UMA EM5000
LED Indicators
Provides the following system status indications:
ALARM: Thermal or other alert condition*
ETH0/ETH1: Ethernet link (solid), activity (blinking)
HDD: Hard disk activity (blinking)
PWR: The appliance is powered (off/on)
*For a full list of alerts, refer to the SonicWALL LED Alerts technote document.
• Pressing the reset button for several seconds will result in a reboot of the Dell SonicWALL UMA EM5000.
• Do not plug devices into any ports (other than those indicated) unless explicitly instructed to do so by a Dell SonicWALL technical
support representative; doing so may void your warranty.
9
The Rear Panel
Ethernet Port 1
Not authorized for use
Power Supply
Provides power connection
using the supplied power
cables
USB Ports (2)
For future use
eSATA Port (1)
VGA Port
Not authorized for use unless explicitly instructed
by a SonicWALL technical support representative
For future use
Ethernet Port 0 (Management/LAN)
Provides configurable Gigabit-capable
Ethernet connection to your local network
10 | The Rear Panel
Serial Port
Provides access to a command line interface
(CLI) for SonicWALL technical support use
System Requirements
The Dell SonicWALL UMA EM5000 comes with a default
license to manage 10 nodes. You can purchase additional
licenses on MySonicWALL. For more information on licensing
additional nodes, visit:
http://www.sonicwall.com/us/Products_Solutions.html
Database Requirements
The Dell SonicWALL UMA EM5000 comes installed with a
bundled MySQL 5.0 database and supports the following
databases on external systems:
• Bundled MySQL 5.0 running on another GMS/UMA server in
a distributed deployment
• Microsoft SQL Server 2005 SP2 64-bit
• Microsoft SQL Server 2008 R2 64-bit
Regarding MS SQL Server 2005, GMS supports:
• SQL Server 2005 Workgroup
• SQL Server 2005 Standard
• SQL Server 2005 Enterprise
Note: Dell SonicWALL GMS does not support MS SQL
Server 2005 or 2008 Express.
MySQL Requirements
Dell SonicWALL GMS automatically installs MySQL as part of
the base installation package. Separately installed instances of
MySQL are not supported with GMS.
Java Requirements
Download and install the latest version of the Java 7 plug-in on
any system that accesses the GMS management interface.
This can be downloaded from:
• www.java.com
or
• http://www.oracle.com/technetwork/java/javase/downloads/
index.html
Browser Requirements
• Microsoft Internet Explorer 8.0 or higher (do NOT use
Compatibility mode)
Note: Internet Explorer version 10.0 in Metro interfaces of
Windows 8 is currently not supported.
• Mozilla Firefox 16.0 or higher
• Google Chrome 18.0 or higher (recommended browser for
dashboard real-time graphics display)
System Requirements | 11
Dell SonicWALL Platform and Firmware Support
Dell SonicWALL
Platforms
Del SonicWALL Firmware
Version
Firewall / VPN
SuperMassive 10000
Series
SonicOS 6.0 or newer
Only partial policy management and
reporting support is currently
available. The following
SuperMassive specific features are
not supported for centralized policy
management in GMS:
• Multi-blade CASS
• High Availability/Clustering
• Support for Management Interface
• Flow Reporting Configurations
• Multi-blade VPN
• Advanced Switching
• Restart: SonicOS versus Chassis
Contact your Dell SonicWALL Sales
representative for more information.
SuperMassive 9000
Series
SonicOS 6.1 or newer
NSA Series
SonicOS 5.0 or newer
12 | System Requirements
TZ Series
SonicOS Enhanced 3.2 or newer
SonicOS Standard 3.2 or newer
PRO Series
SonicOS Enhanced 3.2 or newer
CSM Series
SonicOS CF 2.0 or newer
Secure Remote Access
SSL VPN SRA Series
SonicOS SSL-VPN 2.0 or newer
(management)
SonicOS SSL-VPN 2.1 or newer
(reporting)
E-Class SRA Series
SRA 9.0 or newer
Backup and Recovery
CDP Series
CDP 2.3 or newer (management)
CDP 5.1 or newer (reporting)
Email Security / Anti-Spam
Email Security Series
Email Security 7.2 or newer
(management only)
Non-Dell SonicWALL Appliance Support
Note: GMS supports Dell SonicWALL firewall App Control
policy management and App Control reporting. Please
refer to the latest SonicOS documentation for
information on the supported SonicOS firmware
versions.
Dell SonicWALL firewalls running SonicOS firmware
that is newer than the current GMS firmware can still be
managed and reports can still be generated. However,
the new features in the SonicOS firmware release will
be supported in an upcoming release of GMS.
Legacy SonicWALL XPRS/XPRS2, SonicWALL
SOHO2, SonicWALL Tele2, and SonicWALL Pro/ProVX models are not supported for SonicWALL GMS
management. Appliances running SonicWALL legacy
firmware including SonicOS Standard 1.x and
SonicWALL legacy firmware 6.x.x.x are not supported
for SonicWALL GMS management.
The Dell SonicWALL UMA EM5000 provides monitoring
support for non-Dell SonicWALL TCP/IP and SNMP-enabled
devices and applications.
Network Requirements
To complete the Dell SonicWALL UMA EM5000 deployment
process, the following network requirements must be met:
• Access to the Internet
• A static IP address
• Network connection must be able to accommodate
1 Kilobit for each device under management. For example,
if the UMA EM5000 is monitoring 100 Dell SonicWALL
appliances, the connection must support at least 100 Kilobits.
Depending on the configuration of log settings and the amount
of traffic handled by each device, the network traffic can vary
dramatically. The 1 kilobit for each device is a general
recommendation. Your installation requirements may vary.
For the most recent platform support and firmware version
information, refer to the latest Dell SonicWALL GMS Release
Notes available at:
http://www.sonicwall.com/us/Support.html
System Requirements | 13
GMS Gateway Recommendations
A GMS gateway is a Dell SonicWALL firewall appliance that
allows for secure communication between the GMS server and
the managed appliance(s), using VPN tunnels.
A GMS gateway is not required in all deployment scenarios, but
when deployed, the GMS gateway must be a Dell SonicWALL
VPN-based network security appliance running SonicOS
Enhanced firmware or another VPN device that is interoperable
with Dell SonicWALL VPN. The GMS gateway provides a VPN
management tunnel for each managed appliance. The number
of management tunnels depends on the number of VPNs
supported by the GMS gateway appliance and may be a limiting
factor.
For complete information about GMS management methods
and requirements for a GMS Gateway, see the GMS Gateway
Requirements section in the Dell SonicWALL GMS
Administrator’s Guide, available on:
http://www.sonicwall.com/us/Support.html
14 | System Requirements
Recording Configuration Information
Before deploying the Dell SonicWALL UMA EM5000, record the following configuration information for your reference.
SMTP Server Address:
The IP address or host name of your Simple Mail Transfer Protocol (SMTP) server.
For example, mail.emailprovider.com.
The number of your Web server port if customized. The default port is 80.
HTTP Web Server Port:
HTTPS Web Server Port:
The number of your secure (SSL) Web server port if customized.
The default port is 443.
UMA EM5000 Administrator Email:
The email address of a UMA EM5000 administrator who will receive email
notifications from the UMA EM5000.
The email address from which the email notifications will be sent by the UMA EM5000.
Sender Email Address:
GMS Gateway IP:
The IP address of the GMS gateway between the UMA EM5000 agent and the
network. This optional field is only applicable if you have a GMS gateway.
GMS Gateway Password:
The password for the GMS gateway. This optional field is only applicable if you have a
GMS gateway between the UMA EM5000 and the network.
Your database vendor if you are using a SQL Server database.*
Database Vendor:
Database Host IP:
The IP address of the database host. This is not required when using the bundled
MySQL database on this appliance.*
Database User:
The MySQL user name for the database administrator. This is not required when using
the bundled MySQL database on this appliance.*
Database Password:
The MySQL password for the database administrator. This is not required when using
the bundled MySQL database on this appliance.*
* This information is needed if Microsoft SQL Server is used, or in the case of a distributed deployment.
15
16 | Recording Configuration Information
Connecting and Initializing the GMS UMA EM5000
2
In this Section:
This section provides instructions for powering on your Dell SonicWALL UMA EM5000, logging into the appliance management interface,
running the Host Configuration Tool, and then connecting the appliance to your local network.
• Powering On Your Appliance - page 18
• Restarting Your Appliance - page 18
• Powering Off Your Appliance - page 18
• Logging into the Appliance Management Interface - page 18
• Using the Host Configuration Tool - page 19
• Connecting the UMA EM5000 to Your Network - page 22
• Configuring a Static IP Address on Your Management Computer - page 24
17
Powering On Your Appliance
Powering Off Your Appliance
Perform the following steps to turn on your Dell SonicWALL
UMA EM5000 appliance:
To power off your Dell SonicWALL UMA EM5000 appliance,
press and then quickly release the power button on the upperright corner of the appliance front bezel.
1.
2.
Plug the supplied power cable into the back of the Dell
SonicWALL UMA EM5000.
Plug the other end of the power cable into an AC socket.
The Dell SonicWALL UMA EM5000 automatically powers
on and begins the initial boot process.
The boot process may take several minutes to complete
when powering on the Dell SonicWALL UMA EM5000 for
the first time.
Restarting Your Appliance
Perform the following steps to restart your Dell SonicWALL
UMA EM5000 appliance from the appliance management
interface:
1.
2.
3.
Navigate to the System > Restart page.
Click the Restart button.
In the confirmation dialog box, click OK.
The system will take approximately 3 minutes to restart.
To restart your appliance by using the D-Pad controls on the
front panel, see Using the Restart Option - page 68.
18 | Powering On Your Appliance
Tip: Do not hold down the power button to shutdown.
To power off your appliance by using the D-Pad controls on the
front panel, see Using the Shutdown Option - page 68.
Logging into the Appliance Management
Interface
To connect a management computer to your Dell SonicWALL
UMA EM5000 and log in to the appliance management
interface for the first time, perform the following steps:
1.
Using an Ethernet cable and the computer you are using to
administer the Dell SonicWALL UMA EM5000, connect the
LAN port of the computer to the Ethernet port (eth0) on the
back of your Dell SonicWALL UMA EM5000.
2.
3.
4.
Set your management computer to have a static IP address
on the 192.168.168.0/24 subnet, for example:
192.168.168.50. For help with setting up a static IP address
on your computer, refer to Configuring a Static IP Address
on Your Management Computer - page 24.
Open a Web browser on your management computer.
Enter http://192.168.168.169/appliance/ (the default IP
address of the Dell SonicWALL UMA EM5000) in the
Location or Address bar. The Dell
SonicWALL UMA EM5000 appliance management login
screen displays.
Note: One or more security warnings may display while
connecting to the appliance management interface.
Choose to accept the certificates in order to log in to the
Dell SonicWALL UMA EM5000.
5.
Log in to the appliance management interface using the
default credentials:
• User name – admin
• Password – password
The login page loads by default in English, type admin in
the User field, and password in the Password field and
then click Submit. GMS includes language support for
English, Japanese, Simplified Chinese, Traditional
Chinese. Click the language of your choice at the bottom of
this page.
The first time you log in to the appliance, you must change
the password. The login page re-displays with the default
login credentials prepopulated. Enter a new password for
the administrator account in the New Password field, and
enter it again in the Confirm New Password field.
Note: The new password must be at least 7 characters.
The Host Configuration Tool wizard starts automatically. See
Using the Host Configuration Tool - page 19.
Using the Host Configuration Tool
The Host Configuration Tool is a wizard that takes you through
several basic steps to get your Dell SonicWALL UMA EM5000
configured for your network.
The wizard starts automatically after you log in for the first time
and change the admin password. You can cancel the wizard at
this time, which leaves the default configuration on the
appliance and prevents the wizard from automatically starting
again.
Note: If you log out of the appliance management interface
without actually cancelling the wizard, it will start
automatically on your next login.
Using the Host Configuration Tool | 19
You can manually start the wizard at any time by
clicking the Wizards button at the top-right corner of
the page.
To use the Host Configuration Tool, perform the following steps:
1.
2.
3.
If the Host Configuration Tool has started automatically,
skip to step 2. If you are starting the Host Configuration
Tool manually, click the Wizards button in the top right
corner.
In the Introduction screen, click Next.
In the Network Settings screen, configure the network
settings for the Dell SonicWALL UMA EM5000, and then
click Next. Enter network settings values for the following
fields:
• Hostname – A descriptive name for this appliance
• Domain – In the form of “sonicwall.com”; this domain is
not used for authentication
20 | Using the Host Configuration Tool
• IP Address – The static IP address for the eth0 interface
of the appliance
• Subnet Mask – In the form of “255.255.255.0”
• Default Gateway – The IP address of the network
gateway – this is the default gateway and is required for
networking purposes. This is not the GMS Gateway
explained earlier in this guide.
• DNS Server 1 – The IP address of the primary DNS
server
• DNS Server 2 (Optional) – The IP address of the
secondary DNS server.
4.
In the Time Settings screen, select values for the following
system settings on the appliance, and then click Next:
• Time (hh:mm:ss) – Hours, minutes, and seconds of
current time
• Date – Month, day, and year of current date
• TimeZone – Select from the drop-down list
• Automatically adjust clock for daylight saving time –
Select this checkbox for automatic adjustment between
standard time and daylight savings time.
5.
In the Summary screen, verify the settings. Click Back to
make changes on a previous screen, or click Apply to
accept the settings.
Wait for the settings to be applied, possibly for a few
minutes. The screen displays a progress bar until it
finishes, and then displays the status.
Using the Host Configuration Tool | 21
Note: If you modified the DNS settings, the services on the
appliance will restart when the changes are applied,
causing a momentary connectivity loss to the Web
server. Your browser will be redirected to the appliance
management interface login page.
If you have modified the appliance IP address, you will lose
contact with the appliance when the changes are applied.
To connect the appliance to your network and access the
appliance management interface from a computer on your
LAN, see Connecting the UMA EM5000 to Your Network page 22.
Connecting the UMA EM5000 to Your
Network
To connect the Dell SonicWALL UMA EM5000 to your network
and access the appliance management interface from a
management computer on your LAN, perform the following
steps:
1.
2.
3.
4.
5.
6.
22 | Connecting the UMA EM5000 to Your Network
If you are using the same management computer that you
used for initial configuration, unplug the Ethernet cable
from the management computer and from the Dell
SonicWALL UMA EM5000.
Plug one end of the Ethernet cable into the eth0 port on the
back of your Dell SonicWALL UMA EM5000.
Plug the other end of the Ethernet cable into an open port
on your local network hub or switch.
Return your management computer to its previous settings
prior to assigning it a static IP address on the default
appliance subnet.
Connect your management computer to your local
network.
On the management computer, point a browser to the new
appliance IP address in the form:
http://<IP address>:<port>/appliance/
It is not necessary to provide the port in the URL if you kept
the default port.
The following network diagram illustrates how the Dell SonicWALL UMA EM5000 connects to an example network:
X0
X1
X2
X3
X4
X5 X6
X0
X1
link/spd
X2
X3
X4
X5 X6
X0
X1
link/spd
activity
lan wan
Remote UTM
X2
X3
X4
X5 X6
link/spd
activity
TZ 215
lan wan
activity
TZ 215
TZ 215
lan wan
Remote UTM
Remote UTM
Internet
Boston, USA
Yokohama, Japan
X6
X4
X7
X5
1GE
X2
X0
Cabarete, Dom. Rep.
M0
SDHC
M0
Expansion Module
ALARM
TEST
PWR
SonicWALL NSA 2600
CONSOLE
MGMT
X3
X1
Gateway UTM Appliance
Universal Management Appliance
UMA EM5000
UMA Appliance / Database
Management
Console
San Jose, USA
23
Configuring a Static IP Address on Your
Management Computer
This section is provided for your reference when preparing to
log in for the first time to your Dell SonicWALL UMA EM5000.
Complete the following steps to configure your management
computer with a static IP address:
Windows Vista
1.
2.
3.
4.
5.
Windows 7
1.
2.
3.
4.
On the Windows Start menu, select Control Panel.
Select Network and Intranet.
Select Network and Sharing Center.
On the left panel of the Network and Sharing Center
window, select Change Adapter Settings.
5. Double-click Local Area Connection.
6. In the Local Area Connection status window, click the
Properties button.
7. In the list, double-click the Internet Protocol Version 4
(TCP/IPv4).
8. Select Use the following IP address and type
192.168.168.50 in the IP address field.
9. Type 255.255.255.0 in the Subnet Mask field.
10. Click OK, and then click OK again for the settings to take
effect.
24 | Configuring a Static IP Address on Your Management Computer
6.
7.
On the Windows Start menu, right-click Network and
select Properties.
In the Tasks menu, click Manage network connections.
The Network Connections window displays.
Right-click on your Local Area Connection and select
Properties.
In the list, double-click Internet Protocol Version 4 (TCP/
IP).
Select Use the following IP address and type
192.168.168.50 in the IP address field.
Type 255.255.255.0 in the Subnet Mask field.
Click OK, and then click OK again for the settings to take
effect.
Windows XP
1.
2.
3.
4.
5.
6.
On the Windows Start menu, highlight Connect To and
then select Show All Connections.
Open the Local Area Connection Properties window.
Highlight Internet Protocol (TCP/IP), and then click
Properties.
Select Use the following IP address and type
192.168.168.50 in the IP address field.
Type 255.255.255.0 in the Subnet Mask field.
Click OK for the settings to take effect.
Registering Your Appliance
3
In this Section:
This section provides instructions for registering your Dell SonicWALL UMA EM5000 appliance.
• Creating a MySonicWALL Account - page 26
• Registering Your Appliance - page 26
• Registering as an Associated Component - page 28
25
Creating a MySonicWALL Account
Registering Your Appliance
A MySonicWALL account is required for product registration. If
you already have an account, continue to Registering Your
Appliance - page 26. Perform the following steps to create a
MySonicWALL account:
You must register your Dell SonicWALL UMA EM5000
appliance on MySonicWALL before you can run GMS on it.
Registration is performed using the appliance management
interface. When registration is completed, GMS will be licensed
on your appliance.
1.
2.
3.
4.
5.
In your browser, navigate to www.mysonicwall.com.
In the login screen, click the Not a registered user? link.
Complete the Registration form and then click Register.
Verify that the information is correct and click Submit.
In the screen confirming that your account was created,
click Continue.
MySonicWALL registration information is not sold or
shared with any other company.
26 | Creating a MySonicWALL Account
When you log in to the UMA EM5000 appliance after
running the Host Configuration Tool, the Register
button is displayed in the top right corner of the page.
The registration process requires that the UMA
EM5000 appliance have access to the Internet.
To register your UMA EM5000 appliance, perform the following
steps:
1.
2.
3.
In a browser, log in to the appliance management interface
and click the Register button.
In the License Management page, type your
MySonicWALL user name and password and click Submit.
Specify the Serial Number, and type a descriptive name
for the appliance into the Friendly Name field. Click
Submit.
Note: If this is the first UMA EM5000 appliance that you
have registered, the Friendly Name for this appliance
will also be used as the name for the distributed
deployment. As you register more UMA EM5000
appliances or instances of GMS on Windows Server
systems, you will have the option of adding them to this
deployment.
4.
Next, click on the link to download the Manual License to
your system. You will then need to Upload Licenses and
specify the downloaded license file. Click Upload.
5.
A confirmation will display when you have finished
registering your appliance successfully. Click Continue.
Registering Your Appliance | 27
Registering as an Associated
Component
4.
The Serial Number field is automatically populated.
The next registration page prompts you to associate this
GMS component with an existing deployment, or create a
new GMS deployment instance. Select the Select from
existing Deployments radio button.
When you have a distributed Dell SonicWALL GMS deployment
involving more than one appliance or software instance of
GMS, you can associate these components on MySonicWALL.
Note: The default 10-node management license is not
automatically increased when additional components
are associated with an existing GMS deployment.
Contact Dell SonicWALL Technical Support to add the
node licenses to the deployment.
To register a Dell SonicWALL UMA EM5000 as an associated
component of an existing GMS deployment, perform the
following steps:
1.
2.
3.
In a browser, log in to the appliance management interface
and click the Register button.
Enter your MySonicWALL user name and password in the
appropriate fields and then click Submit.
Type a descriptive name for the appliance into the
Friendly Name field and then click Submit.
28 | Registering as an Associated Component
5.
Select the desired deployment for the association from the
drop-down list and then click Submit.
Note: When adding an existing GMS deployment, you may
need to type the 8-12 character serial number of the
primary GMS into the Serial Number field, and then
type the authentication code of the primary GMS into
the Authentication Code field. The primary GMS must
already be registered.
6.
A confirmation will display when you have finished
registering your appliance successfully. Click Continue.
Configuring the Role of Your Appliance
4
In this Section:
This section provides information about configuring the role for your Dell SonicWALL UMA EM5000, as well as information about
deployment settings and services.
• Overview of the UMA EM5000 Roles - page 30
• Using the Role Configuration Tool - page 31
• Manually Configuring the System Role - page 35
• Configuring Deployment Settings - page 43
• Starting and Stopping Host Services - page 45
29
Overview of the UMA EM5000 Roles
The role that you assign to your Dell SonicWALL UMA EM5000
defines the Dell SonicWALL Universal Management Suite
services that it will provide. Dell SonicWALL GMS uses these
services to perform management, monitoring, and reporting
tasks.
Your Dell SonicWALL UMA EM5000 can be deployed in any of
the following roles:
•
•
•
•
•
•
•
•
All In One
Database Only
Console
Agent
Monitor
Flow Server (Virtual Appliance only)
All in one - Flow Server Role (Demo mode only)
Syslog Collector
In the appliance management interface, clicking Details in the
same row as a role provides a list of the services that run on a
system in that role, and information about using the role.
30 | Overview of the UMA EM5000 Roles
As the number of managed appliances increases, a more
distributed deployment provides better performance. To
manage large numbers of Dell SonicWALL appliances, you can
use several Dell SonicWALL UMA EM5000 appliances
operating in different roles in a distributed deployment. You can
also use Windows Server machines running Dell SonicWALL
GMS in any of the roles.
You can include the MySQL database installation with any role.
The All In One or Database Only roles automatically include the
MySQL database. Only one server in a GMS deployment
should have the MySQL database included in its role.
You can scale your deployment to handle more units and more
reporting by adding more systems in the Agent role. Agents
provide built-in redundancy capability, meaning that if an Agent
goes down, other Agents can perform the configuration tasks
and other tasks of the Agent that went down.
Note: When configuring the role for the first appliance in a
distributed deployment, you should either include the
database or be prepared to provide the IP address of
an existing database server.
You can meet this database objective in one of the following
ways:
• By selecting a role that includes the database automatically,
such as All In One or Database Only
• By selecting the Include Database (MYSQL) checkbox if
configuring the appliance with any other role
• By setting up a compatible database on another machine and
providing that IP address when prompted
Using the Role Configuration Tool
The Role Configuration Tool is a wizard that guides you through
the process of defining the deployment role for your Dell
SonicWALL UMA EM5000 appliance. Your system must be
registered and licensed for GMS to run the Role Configuration
Tool.
There are two ways to access the Role Configuration Tool:
• After the appliance is registered and licensed for GMS, the
System > Status page of the appliance management
interface provides a link to the wizard.
• The Wizards button in the top right corner of the page
provides access to the Role Configuration Tool.
Using the Role Configuration Tool | 31
To use the Role Configuration Tool, perform the following steps:
1.
2.
3.
Log in to the appliance management interface and
navigate to the System > Status page. Click the Click
here link at the top of the page. Or you can click the
Wizards button in the top right hand corner.
The Introduction page of the Role Configuration Tool
displays. Click Next to continue.
In the Setup Type page, select Yes if you are adding this
system to an existing GMS deployment on one or more
systems. Selecting Yes indicates to the wizard that there is
an existing GMS database on another server. Select No if
this appliance is part of a new GMS deployment or is the
only system in your GMS deployment. Click Next.
6.
The list of roles on this page will vary depending on your
previous selections such as whether this system is part of
an existing GMS deployment and if it is a single-server or
part of a multi-server deployment. Neither the Database
Only nor the Include Database (MYSQL) options are
available if this system is part of an existing deployment.
In the Database Configuration page, enter the database
parameters that are required for the selected role. The
database fields will vary depending on your previous
selections.
Note: If you selected Yes, skip step 5 and proceed to step 6.
4.
5.
In the Deployment Type page, select Yes if this system will
be the only GMS server in the deployment, or select No if
there will be multiple GMS servers. Click Next.
In the Role Configuration page, select the desired role for
this system and select the Include Database (MYSQL)
checkbox if you want to configure a GMS database on this
system. Click Next.
Certain fields will be prepopulated if you made a choice of
role that automatically includes the MySQL database or if
you chose Include Database (MYSQL).
32 | Using the Role Configuration Tool
7.
For a MySQL instance, additional fields are available for
configuring the database administrator credentials. The
Administrator Credentials fields are only displayed and
editable in the following circumstances:
• The Database Type is MySQL
• The Include Database (MYSQL) checkbox is selected
either manually or automatically for the chosen role
• The Database Host field is set to localhost and is not
editable
When these conditions are met, the administrator
password is required to create a regular access user
account for the Dell SonicWALL GMS application.
If you selected a role that does not include the MySQL
database, you have the option of configuring the use of a
SQL Server database in this screen.
Note the following when selecting values for these fields:
• Database User – Do not use any special characters, and
do not use 'sa', 'root', or 'admin'.
• Database Password – Do not use any special
characters.
• Admin Login – If using MySQL, the default Admin Login
is 'root'. This cannot be changed.
• Admin Password – Do not use any special characters.
When finished entering the database parameters, click
Next.
In the Redundancy page, select if you want to configure
your host as a redundant console. Then, click Next.
8.
In the Other Configuration page, the fields vary depending
on the selected role, as follows:
• Gateway Parameters – Required for All in One,
Console, and Agent roles
• Syslog Server Parameters - Required for All in One,
Console, Agent, and Syslog Collector roles
• SMTP Parameters - Required for All in One and Console
roles
Enter the GMS Gateway IP address and connection
password, if you are using a GMS gateway. Leave these
fields empty if you are using HTTP/HTTPS to connect to
the managed appliances.
Using the Role Configuration Tool | 33
9.
In the Syslog Server Port field, type in the port used for
receiving syslog messages or accept the default of 514.
10. For access to email on this system, including the ability to
send email alerts, type the mail server IP address into the
SMTP Server field and enter valid email addresses for the
Sender Address and Administrator Address.
11. Click Next.
12. In the Summary page, verify that all parameters are
correct. Click Back to make changes on a previous screen,
or click Apply to accept the settings.
34 | Using the Role Configuration Tool
13. Wait for the settings to be applied. The screen displays a
progress bar until it finishes, and then displays the status.
This phase can take up to 10 minutes, especially if the
database was included in the deployment. Click Close to
exit the Role Configuration Tool.
Manually Configuring the System Role
You can configure the role of the UMA EM5000 appliance
without using the Role Configuration Tool.
All role configuration is performed in the appliance management
interface on the Deployment > Roles page, available at the
URL:
http://<IP address>:<port>/appliance/
The Flow Server role is only available for configuration with the
GMS Virtual Appliance platforms
Refer to the following sections for instructions on manually
configuring the system role:
• Configuring the All In One Role - page 35
• Configuring the Database Only Role - page 36
• Configuring the Console Role - page 36
• Configuring the Agent Role - page 37
• Configuring the Monitor Role - page 37
• Configuring the Syslog Collector Role - page 38
• Configuring the Flow Server Role - page 39
• Configuring the All in One - Flow Server Role (Demo Mode
Only) - page 39
• Configuring the Gateway - page 40
• Configuring Database Settings - page 42
• Configuring Deployment Settings - page 43
Configuring the All In One Role
The All In One role is used for demonstrating functionality in test
environments, it should not be used in production environments.
Dell SonicWALL recommends that you use a multi-system,
distributed deployment in production environments, with the
database on a dedicated server and the other services on one
or more systems. When only one other system is deployed, the
Console role should be assigned to it.
The All In One role provides all services utilized by Dell
SonicWALL GMS:
•
•
•
•
•
•
•
•
•
•
•
Database
Event Manager
Monitoring Manager
Reports Database
Reports Scheduler
Reports Summarizer
Scheduler
Syslog Collector
Update Manager
Web Server
Web Service Server
To configure the Gateway settings, refer to Configuring the
Gateway - page 40.
Manually Configuring the System Role | 35
Configuring the Database Only Role
Configuring the Console Role
The Database Only role is used in a multi-server GMS
deployment. In this role, the server is configured to run only the
database service. Dell SonicWALL recommends that one of the
servers in a multi-server GMS deployment is assigned a
Database Only role.
The Console role is used in a multi-server, distributed Dell
SonicWALL GMS deployment. In this role, the Dell SonicWALL
UMA EM5000 will run all Dell SonicWALL Universal
Management Suite services except for the Database service. In
this scenario, the Database role is assigned to a separate
appliance or server.
Only the Dell SonicWALL Universal Management Suite
Database service runs on a Database Only system.
The MySQL database engine is pre-installed on the Dell
SonicWALL UMA EM5000. GMS can also use a MySQL
database or a Microsoft SQL Server database installed on a
server. Only the MySQL database included in the installer is
supported. On the Deployment > Role page in the Dell
SonicWALL UMA EM5000 appliance management interface,
you can configure your GMS systems to use either a MySQL or
a SQL Server database.
To deploy your Dell SonicWALL UMA EM5000 in the Database
Only role, perform the steps described in the Configuring
Database Settings - page 42.
36 | Manually Configuring the System Role
In the Console role, the Dell SonicWALL UMA EM5000
behaves as an Agent, and also provides the following functions:
• Provides Web user interface for the Dell SonicWALL GMS
application
• Emails Scheduled Reports
• Performs Event Management tasks
• Performs various periodic checks, such as checking for new
appliances that can be managed, checking for new firmware
versions of managed appliances, and similar functions
To configure the Gateway settings, refer to Configuring the
Gateway - page 40.
Configuring the Agent Role
Configuring the Monitor Role
The Agent role can be used in a distributed deployment of Dell
SonicWALL GMS. The primary functions of this role include the
following:
• Manages units by acquiring them, pushing configuration tasks
to the units and tracking their up/down status
• Performs monitoring based on ICMP probes, TCP probes,
and SNMP OID retrievals
• Collects and stores syslog messages
• Performs report summarization
The Monitor role is used to dedicate the Dell SonicWALL UMA
EM5000 to monitoring appliances and applications in a multiserver GMS deployment. The monitoring is based on ICMP
probes, TCP probes, and SNMP OID retrievals.
The following Dell SonicWALL Universal Management Suite
services run on an Agent system:
• Syslog Collector
• Reports Summarizer
• SNMP Manager
• Scheduler
• Monitoring Manager
1.
To configure the Gateway settings, refer to Configuring the
Gateway - page 40.
Only the Dell SonicWALL Universal Management Suite
Monitoring Manager service runs on a Monitor system.
To deploy your Dell SonicWALL UMA EM5000 in the Monitor
role, perform the following steps in the appliance management
interface:
2.
3.
4.
5.
Navigate to the Deployment > Role page. Under Host
Role Configuration, select the Monitor radio button.
To include the MySQL database on this system, select the
Include Database (MYSQL) checkbox. To use a MySQL or
Microsoft SQL Server database on another system, do not
select this checkbox.
Configure the database settings as described in the
Configuring Database Settings - page 42.
Configure the Web port settings as described in the
Configuring Web Port Settings - page 43.
To apply your changes, click Update.
To change the settings on this page back to the defaults,
click Reset.
Manually Configuring the System Role | 37
Configuring the Syslog Collector Role
The Syslog Collector role can be assigned to a Dell SonicWALL
UMA EM5000 in a multi-server deployment of GMS. In this role,
the Dell SonicWALL UMA EM5000 is dedicated to collecting
syslog messages on the configured port (by default, port 514).
The syslog messages are stored in the Dell SonicWALL UMA
EM5000 file system.
The syslog messages are used by the Reports Summarizer
service running on another GMS server or Dell SonicWALL
UMA EM5000 in the distributed deployment. The folder where
the Syslog Collector service stores the syslog messages must
be accessible by the server running the Reports Summarizer
service.
Only the Dell SonicWALL Universal Management Suite Syslog
Collector service runs on a Syslog Collector system.
To deploy your Dell SonicWALL UMA EM5000 in the Syslog
Collector role, perform the following steps in the appliance
management interface:
1.
2.
Navigate to the Deployment > Role page. Under Host
Role Configuration, select the Syslog Collector radio
button.
If this Dell SonicWALL UMA EM5000 listens for syslog
messages on a non-standard port, type the port number
into the Syslog Server Port field. The default port is 514.
38 | Manually Configuring the System Role
3.
4.
5.
6.
To include the MySQL database on this system, select the
Include Database (MYSQL) checkbox. To use a MySQL
or Microsoft SQL Server database on another system, do
not select this checkbox.
Configure the database settings as described in the
Configuring Database Settings - page 42.
Configure the Web port settings as described in the
Configuring Web Port Settings - page 43.
To apply your changes, click Update.
To change the settings on this page back to the defaults,
click Reset.
Configuring the Flow Server Role
The Flow Server role can be used in a distributed deployment of
GMS. The Flow Server role is only available for configuration
with the GMS Virtual Appliance platforms. The primary functions
of this role include the following:
• Collect and stores flows from the firewalls
• Performs report summarization
The following Dell SonicWALL Universal Management Suite
services run on an Agent system:
• Dell SonicWALL Universal Management Suite - Flow Server
The single service that runs in this role is Dell SonicWALL
Universal Management Suite - Flow Server. The flows are
collected and stored in internal databases. To be able to create
reports out of these flows, you will need to have a GMS server
in this deployment with a minimum version of 7.1 and a role of
"Console" or "All in One", etc. You will also need to make sure
that the following ports are open:
• UDP 2055
• UDP 5055
• TCP 9063
• TCP 9064
• TCP 9065
• TCP 9066
• TCP 9067
To deploy your Dell SonicWALL UMA EM5000 in the Flow
Server role, perform the following steps in the appliance
management interface:
1.
Navigate to the Deployment > Role page. Under Host
Role Configuration, select the Flow Server radio button.
2.
Configure the database settings as described in the
Configuring Database Settings section, on page 42.
Configure the Web port settings as described in the
Configuring Deployment Settings section, on page 43.
To apply your changes, click Update.
To change the settings on this page back to the defaults,
click Reset.
3.
4.
Configuring the All in One - Flow Server
Role (Demo Mode Only)
All In One deployments are ideal for managing a small number
of Dell SonicWALL appliances or for test environments. The
Flow Server role is only available for configuration with the GMS
Virtual Appliance platforms.
Dell SonicWALL recommends that you use a multi-system
distributed deployment in production environments, with the
database on a dedicated server and the other services on one
or more systems. When only one other system is deployed, the
Console role should be assigned to it.
The All in One - Flow Server configuration is to be used for
demonstrating the Flow Server functionality and should NOT be
used in production environments.
Manually Configuring the System Role | 39
Following services run on an All in One-Flow Server
Management system:
• Dell SonicWALL Universal Management Suite - Database
• Dell SonicWALL Universal Management Suite - Event
Manager
• Dell SonicWALL Universal Management Suite - Flow Server
• Dell SonicWALL Universal Management Suite - Monitoring
Manager
• Dell SonicWALL Universal Management Suite - Reports
Database
• Dell SonicWALL Universal Management Suite - Reports
Scheduler
• Dell SonicWALL Universal Management Suite - Reports
Summarizer
• Dell SonicWALL Universal Management Suite - Scheduler
• Dell SonicWALL Universal Management Suite - Syslog
Collector
• Dell SonicWALL Universal Management Suite - Update
Manager
• Dell SonicWALL Universal Management Suite - Web Server
• Dell SonicWALL Universal Management Suite - Web Services
To configure the Gateway settings, refer to Configuring the
Gateway - page 40.
40 | Manually Configuring the System Role
Configuring the Gateway
After choosing a role, select a gateway to configure:
• None - page 40
• NAT Device - page 41
• GMS Gateway - page 41
Note: The gateway configuration is only available for the All
in One, Console, Agent, and All in One - Flow Server
roles.
None
No gateway is specified.
If you do not wish to configure a gateway, perform the following:
1.
Click the None radio button.
2.
Select the HTTP or HTTPS radio button for the MSM
Server Protocol.
Click the MSM Server Port text-field, then enter the MSM
Server port number.
Click the Syslog Server Port text-field, then enter the
Syslog Server port number.
To apply your changes, click Update. To change the
settings on this page back to the defaults, click Reset.
3.
4.
5.
NAT Device
To configure the GMS Gateway, perform the following:
Use this option when a NAT device is configured as the
gateway. The GMS appliance does not have to login to the unit
for any reason and all NAT configurations are taken care of by
the network Administrator directly through the device’s
management interface. To configure the NAT device, perform
the following:
1.
1.
Select the NAT Device radio button.
2.
Click the NAT Device IP text-field, then enter the NAT
Device IP address.
Click the NAT Device Syslog Port text-field, then enter the
NAT Device Syslog port number. This is the Syslog port
used for Syslogs sent from the managed units.
Select the HTTP or HTTPS radio button for the MSM
Server Protocol.
Click the MSM Server Port text-field, then enter the MSM
Server port number.
Click the Syslog Server Port text-field, then enter the
Syslog Server port number.
To apply your changes, click Update. To change the
settings on this page back to the defaults, click Reset.
3.
4.
5.
6.
7.
GMS Gateway
Use this option when a Dell SonicWALL device is acting as a
Gateway. Using a Dell SonicWALL appliance is recommended,
but can be setup as a NAT Device if all units are managed using
an SSL tunnel.
Click the GMS Gateway radio button.
2.
If the Dell SonicWALL UMA EM5000 will connect to
managed appliances through a GMS gateway, click the
GMS Gateway IP text-field, then enter the internal IP
address of the device.
If you change the GMS gateway IP address or password,
you must also change the settings on this page. To
determine if a GMS Gateway is required, see the Dell
SonicWALL Getting Started Guide for your product
3. Click the GMS Gateway Port text-field, then enter the
management port used to sign into the device.
4. Click the GMS Gateway User text-field, then enter the
username used to sign into the device.
5. Click the GMS Gateway Password text-field, then enter
the password used to sign into the device.
6. Confirm the GMS Gateway Password you entered.
7. Click the GMS Gateway Syslog Port text-field, then enter
the Syslog port used for syslogs sent from the managed
units.
8. Select the HTTP or HTTPS radio button for the MSM
Server Protocol.
9. Click the MSM Server Port text-field, then enter the MSM
Server port number.
10. Click the Syslog Server Port text-field, then enter the
Syslog Server port number.
11. To apply your changes, click Update. To change the
settings on this page back to the defaults, click Reset.
Manually Configuring the System Role | 41
Configuring Database Settings
To configure the database settings for any role, perform the
following steps in the appliance management interface:
Database settings configuration is largely the same for any role
when you choose to include the database on that appliance.
For roles that automatically include the default MySQL
database, such as All In One or Database Only, the Database
Type, Database Host, and Database Port fields are not editable.
This is also the case for any role when the Include Database
(MYSQL) checkbox is selected. The Administrator Credentials
fields are displayed only if the role has been defined to include
the installation of the MySQL database. These are not available
when a SQL Server database is selected.
1.
This section describes the options for configuring the database
settings for either the MySQL database or the Microsoft SQL
Server database. The Dell SonicWALL UMA EM5000 can run
the MySQL database, but GMS can also use either a MySQL or
a SQL Server database running on a Windows Server machine
in a multi-system deployment.
Note: If this appliance will connect to a SQL Server system
with a non-default instance name, then the entries will
be different than described in this section. Refer to the
latest “Dell SonicWALL GMS Administrator's Guide” for
configuration instructions.
42 | Manually Configuring the System Role
2.
3.
Navigate to the Deployment > Role page and select the
role for this appliance.
To run the MySQL database on this UMA EM5000, select
the Include Database (MYSQL) checkbox. To use a
MySQL or Microsoft SQL Server database on another
system, do not select this checkbox.
Under Database Configuration, if Include Database
(MYSQL) was not selected in the previous step, select
either MYSQL or SQL Server from the Database Type
drop-down list. This field is not editable if you previously
selected Include Database (MYSQL) or if the selected
role is All In One or Database Only.
4.
5.
6.
7.
In the Database Host field, type in the IP address of the
database server or accept the default, localhost, if this Dell
SonicWALL UMA EM5000 includes the database. This
field is not editable if you previously selected Include
Database (MYSQL) or if the selected role is All In One or
Database Only.
To use a different user name when GMS accesses the
database, type the user name into the Database User
field. The default user name is “sa”.
Type the password that GMS will use to access the
database into both the Database Password and Confirm
Database Password fields.
Under Administrator Credentials, type the password for
the administrator (root) account into both the Admin
Password and Confirm Admin Password fields.
Note that the Administrator Credentials fields are only
displayed and editable in the following circumstances:
• The Database Type is MySQL
• The Include Database (MYSQL) checkbox is selected
either manually or automatically for the chosen role
• The Database Host field is set to localhost and is not
editable
When these conditions are met, the administrator
password is required to create a regular access user
account for the Dell SonicWALL GMS application.
Configuring Deployment Settings
This section describes the settings available on the
Deployment > Settings page of the appliance management
interface.
Configuring Web Port Settings
To change the Web port settings, perform the following steps:
1.
On the Deployment > Settings page under Web Port
Configuration, to use a different port for HTTP access to
the Dell SonicWALL UMA EM5000, type the port number
into the HTTP Port field. The default port is 80.
2.
To use a different port for HTTPS access to the Dell
SonicWALL UMA EM5000, type the port number into the
HTTPS Port field. The default port is 443.
Click the Enable HTTPS Redirection checkbox to redirect
HTTP to HTTPS when accessing the Analyzer
management interface.
3.
Configuring Deployment Settings | 43
4.
5.
In the Public IP text-field, enter the public IP or FQDN of
the outside web services.
Click Update to apply the Web port settings.
Note: Changing the Web port settings will cause the
appliance to restart.
6.
Configuring SMTP Settings
The SMTP settings are used for sending email alerts to the Dell
SonicWALL UMA EM5000 administrator. To configure the
SMTP settings, perform the following steps:
1.
On the Deployment > Settings page under SMTP
Configuration, enter the IP address of the SMTP server
into the SMTP server field.
2.
If the SMTP server in your deployment is set to use
authentication, click the Use Authentication checkbox.
This option is necessary for all outgoing Analyzer emails
to properly send to the intended recipients. Enter the
username in the User field, and enter/confirm the
password in the Password and Confirm Password
fields. This is the username/password that is used to
authenticate against the SMTP server..
After the appliance restarts, use the new port to access the
appliance management interface. For example:
• If you changed the HTTP port to 8080, use the URL:
http://<IP Address>:8080/appliance/
• If you changed the HTTPS port to 4430, use the URL:
http://<IP Address>:4430/appliance/
44 | Configuring Deployment Settings
3.
4.
5.
6.
7.
In the Sender address field, enter the email address that
will appear as the ‘From’ address when email alerts are
sent to the administrator.
In the Administrator address field, enter a valid email
address for the administrator who will receive email alerts.
In the Email send timeout field, enter a value in minutes.
Click the Test Connectivity button to verify your SMTP
server configuration settings.
Click Update to apply the SMTP settings.
Starting and Stopping Host Services
You can stop, start, or restart any of the Dell SonicWALL UMS
services on the Deployment > Services page of the appliance
management interface. The page displays different services
depending on the role of the appliance. The image below shows
all services running on an All In One system:
Configuring SSL Certificates
Most Dell SonicWALL GMS deployments use the default
certificate accompanied with your GMS Web Server. You can
also choose to use a custom certificate and a respective unique
password for your Dell SonicWALL GMS deployment as shown
below.
Starting and Stopping Host Services | 45
To change the current state of a service, perform the following
steps:
1.
2.
On the Deployment > Services page, select the checkbox
next to the service whose state you want to change and
then do one of the following:
• To stop the service, click the Disable/Stop button.
• To start a stopped service, click the Enable/Start button.
• To restart the service, click the Restart button. This
option stops and then starts the service.
A progress bar is displayed. Wait for the desired action to
complete before navigating away from the page.
The status of the action is displayed at the top of the page.
46 | Starting and Stopping Host Services
Using the GMS Management Interface
5
In this Section:
This section provides an overview of the Dell SonicWALL GMS management interface, and includes the following sections:
• Accessing the Correct Management Interface - page 48
• GMS Management Interface Introduction - page 49
• GMS Login Screen - page 49
• GMS Navigation Tabs - page 49
• Dashboard - page 50
• Live Monitoring - page 51
• Multi-Solution Management - page 51
• Left Pane Overview - page 52
• Center Pane Overview - page 52
• Right Pane Overview - page 53
• Description of Managed Appliance States - page 54
47
Accessing the Correct Management
Interface
The Dell SonicWALL UMA EM5000 comes installed with two
separate management interfaces:
• UMA Appliance Management Interface – Used for system
management of the appliance, including registration and
licensing, setting the admin password, creating backups,
restarting the appliance, configuring network settings,
selecting the deployment role, and configuring other system
settings.
Access the appliance management interface with the URL:
http://<IP address>:<port>/appliance/
If you are using the standard HTTP port “80” it is not
necessary to append the port number to the IP address.
• GMS Management Interface – Used to access the GMS
application that runs on the Dell SonicWALL UMA EM5000.
This interface is used to configure GMS management of Dell
SonicWALL appliances, including creating policies, viewing
reports, and monitoring networks, and for configuring GMS
administrative settings. The GMS management interface is
only available on appliances deployed in a role that runs the
Web Server service, such as the All In One or Console roles.
Access the GMS management interface with the URL:
http://<IP address>:<port>/sgms/
48 | Accessing the Correct Management Interface
Switching Between Management Interfaces
On appliances deployed in the All In One or Console role, you
can easily switch between the appliance management interface
and the Dell SonicWALL GMS management interface. The
login page of each interface provides a link to the login page of
the other interface.
When logged in to either interface, you can switch to
the login page of the other interface by clicking the
Switch button in the top right corner of the page.
GMS Management Interface Introduction
GMS Login Screen
Dell SonicWALL GMS is a Web-based application that runs on
the Dell SonicWALL UMA EM5000. GMS is used for
configuring, managing, monitoring and gathering reports from
thousands of Dell SonicWALL Internet security appliances and
non-Dell SonicWALL appliances, as well as for configuring
GMS administrative settings. This section provides an
introduction to the main elements of the GMS management
interface.
The GMS management interface login screen allows you to
securely login to GMS using your User ID and Password. After
you have registered your Dell SonicWALL UMA EM5000 and it
is licensed for GMS, the GMS login screen is the first screen
that displays each time you access the GMS management
interface using a Web browser on your management computer.
Access the GMS management interface with the URL:
http://<IP address>:<port>/sgms/
Note: The GMS management interface is separate from the
appliance management interface used to configure
appliance settings, and can have different login
credentials. See Logging into the Appliance
Management Interface - page 18.
GMS Navigation Tabs
The GMS management interface navigation tabs are located at
the top of the management interface. The six navigation tabs
are Dashboard, Firewall, SRA, ES, CDP, Monitor, and
Console.
The Monitor tab provides real-time monitoring at the global,
group or appliance level. The Console tab provides tools to
customize options found in the other GMS tabs and to manage
GMS settings and settings that affect the environment globally.
GMS Management Interface Introduction | 49
Dashboard
The Dashboard tab is a customizable dashboard of your Dell
SonicWALL GMS deployment. The Dashboard tab provides
powerful network visualization reporting, monitoring, and
search filtering tools consolidated into one area of the
management user interface. The Dashboard tab provides
administrators with an executive summary through a Universal
Dashboard geographic map. As depicted in the screenshot
below, the Geographic View provides a scalable map that
displays your Dell SonicWALL GMS-managed units and GMS
servers using graphical icons—these icons provide system
state information with a mouse over.
The Dashboard tab also provides administrators with a
centralized location to create Universal Scheduled Reports
for Firewall, SRA, CDP, and Email Security reporting solutions.
50 | Dashboard
For more information on configuring the Universal Dashboard
and Universal Scheduled Reports, refer to the “Using the
Dashboard Panel” chapter in the Dell SonicWALL GMS
Administrator’s Guide.
Live Monitoring
Management Interface
The Live Monitoring feature provides users with the ability to
monitor an entire network through the correlation of syslog
messages received from appliances throughout a deployment.
The collected syslogs are filtered with user-defined rules to
become alerts. By viewing alerts in the Live Monitoring screen,
users can monitor a network, analyze traffic based on protocols,
Web usage and productivity, and detect viruses and attacks in
the network.
The GMS management interface is the main control panel for
GMS. The management interface allows you to add and modify
appliances, perform monitoring and reporting tasks, set policies
for managed appliances, and configure GMS settings.
Multi-Solution Management
The Multi-Solution Management feature in Dell SonicWALL
GMS provides next generation management capability by
allowing administrators to manage multiple appliance types—
Firewall, CDP, SMB SRA, EX-Series SRA, and Email
Security—through their respective Web user interfaces over
HTTP and HTTPS. Multi-Solution Management enables GMS
Core Management functionality through the GMS user
interface. Functions such as creating tasks, posting policies,
scheduling tasks, and more are easily completed across
multiple appliances at Unit Node and Group Node levels.
Live Monitoring | 51
Left Pane Overview
Center Pane Overview
The left pane of the GMS
management interface provides a
tree control that displays the
current view and a list of managed
appliances within the current tab.
The left pane is only displayed for
the four appliance tabs: Firewall,
SRA, CDP, and ES. The current
category and view are indicated
by a blue highlighting.
The left pane tree control provides the ability to switch between
views and displays the current state of each appliance under
management. A single box in the tree control indicates a node
at appliance or unit level. Two boxes in the tree control
indicates a node at a group level. A global node at the top of the
tree control is indicated by a three-box icon. The color of these
icons provides useful status information. For detailed
information about appliance states, refer to Description of
Managed Appliance States - page 54.
The center pane displays for the four
appliance tabs: Firewall, SRA, CDP, and
ES. A navigational tree control that
provides access to the configuration
options available based on navigational
tab and left pane selections. At the top of
the Center pane there are two sub-tabs,
Policies and Reports. The Policies subtab provides policy configuration options
for managed appliances. The Reports
sub-tab provides reporting on the global,
group, or appliance level, and is only available for Firewall,
SRA, and CDP.
Note: If there is only one appliance visible in the Left Pane,
then the Left Pane will automatically collapse to present
a larger screen for the rest of the management
interface.
52 | Left Pane Overview
The current selection in the center pane is indicated by the
highlighted item. For example, the figure to the left displays the
current selection Log > Log Settings. The center pane options
change based on the navigational tab and left pane selections,
and selections in the center pane modify the display in the right
pane. For example, the figure in the next section illustrates the
contents of the right pane when the global view is selected in
the left pane and System > Status is selected on the Policies
tab in the center pane.
Right Pane Overview
The right pane displays the available status or tasks based on
the current selection of navigational tab, left pane and center
pane options. Configurations performed in the right pane modify
global, group or appliance settings. For example, the right pane
image below displays the status and tasks available for the
Policies navigation tab, left pane selection GlobalView, and
center pane selection System > Status.
Right Pane Overview | 53
Description of Managed Appliance
States
This section describes the meaning of icons that appear next to
managed appliances listed in the left pane of the GMS
management interface.
Appliance
Status
Description
One blue box indicates that the appliance is operating
normally. The appliance is accessible from GMS, and
no tasks are pending or scheduled.
Two blue boxes indicate that appliances in a group
are operating normally. All appliances in the group
are accessible from GMS and no tasks are pending or
scheduled.
Three blue boxes indicate that all appliances in the
global group of this type (Firewall/SRA/CDP/ES) are
operating normally. All appliances of this type are
accessible from GMS and no tasks are pending or
scheduled.
One blue box with a lightning flash indicates that one
or more tasks are pending or running on the
appliance.
54 | Description of Managed Appliance States
Two blue boxes with a lightning flash indicate that
tasks are currently pending or running on one or more
appliances within the group.
Two blue boxes with a clock indicate that tasks are
currently scheduled to execute at a future time on one
or more appliances within the group.
One blue box with a clock indicates that one or more
tasks are scheduled on the appliance.
One yellow box indicates that the appliance has been
added to GMS management (provisioned), but not
yet acquired.
Two yellow boxes indicate that one or more
appliances in the group have been added to GMS
management, but not acquired.
Three yellow boxes indicate that one or more of the
global group of appliances of this type (Firewall/
SRA/CDP/ES) have been added to GMS
management, but not acquired.
One yellow box with a lightning flash indicates that
one or more tasks are pending on the provisioned
appliance.
Two yellow boxes with a lightning flash indicates that
tasks are pending on one or more provisioned
appliances within the group.
One red box indicates that the appliance is no longer
sending heartbeats to GMS.
This icon indicates a fail over to a secondary Ethernet
port.
Two red boxes indicate that one or more appliance in
the group is no longer sending heartbeats to GMS.
This icon indicates the a modem is connected using a
dialup.
Three red boxes indicate that one or more of the
global group of appliances of this type (Firewall/
SRA/CDP/ES) is no longer sending heartbeats to
GMS.
This icon indicates the wireless is connected using
WWAN.
One red box with a lightning flash indicates that the
appliance is no longer sending heartbeats to GMS
and has one or more tasks pending.
Two red boxes with a lightning flash indicate that one
or more appliance in the group is no longer sending
heartbeats to GMS and has one or more tasks
pending.
This icon indicates the unit’s Task Pending status is
“Immediate”.
This icon indicates the unit’s Task Pending status is
“Scheduled”.
A box with a dot in the top-left corner indicates that
the appliance is being managed by GMS using a
static IP address.
A green circle with the number 1 in the middle
indicates that the unit is in an HA pair and is currently
the Primary unit.
A yellow circle with the number 2 in the middle
indicates that the unit is in an HA pair and is currently
on backup.
Description of Managed Appliance States | 55
56 | Description of Managed Appliance States
Provisioning and Adding Units
6
In this Section:
After installation, registration, and role configuration, the next steps in setting up your Dell SonicWALL UMA are provisioning Dell
SonicWALL appliances to support GMS and adding them to the Dell SonicWALL UMA EM5000. All Dell SonicWALL appliances must be
provisioned before adding them to the Dell SonicWALL UMA EM5000. Make sure the provisioned Dell SonicWALL appliances have a valid
Global Management System.
This chapter contains the following sections:
• Provisioning a Dell SonicWALL Firewall Appliance - page 58
• Provisioning a Dell SonicWALL SRA SMB Appliance - page 59
• Provisioning a Dell SonicWALL E-Class SRA Series Appliance - page 60
• Provisioning a Dell SonicWALL CDP Appliance - page 60
• Adding Dell SonicWALL Appliances - page 61
57
Provisioning a Dell SonicWALL Firewall
Appliance
To provision a Dell SonicWALL firewall appliance to support
GMS, perform the following:
1.
2.
3.
Log in to the firewall appliance. Navigate to the Log >
Syslog page.
In Syslog Servers, click the Add button.
Enter the GMS IP address to start sending syslogs. The
GMS service should be activated. Set the log in UTC
format and log category.
58 | Provisioning a Dell SonicWALL Firewall Appliance
4.
Navigate to the System > Time page, and enable the
Display UTC in logs (instead of local time) checkbox.
Provisioning a Dell SonicWALL SRA
SMB Appliance
4.
Navigate to the System > Time page, and enable the
Display UTC in logs (instead of local time) checkbox.
To provision a Dell SonicWALL SRA SMB appliance for Dell
SonicWALL UMA EM5000 perform the following:
1.
2.
3.
Log in to the SRA SMB appliance. Navigate to the Log >
Analyzer page.
In Analyzer Settings, click the Enable Analyzer checkbox.
Click the Add button to add the GMS IP address, this starts
sending syslogs.
Provisioning a Dell SonicWALL SRA SMB Appliance | 59
Provisioning a Dell SonicWALL E-Class
SRA Series Appliance
Provisioning a Dell SonicWALL CDP
Appliance
Currently there is no GMS settings implementation in Dell
SonicWALL E-Class SRA series appliances. To add GMS
reporting support, use the Additional ViewPoint settings in the
General Settings > Configure Centralized Management
screen. And enter the GMS IP address and port number to start
sending syslog.
Currently there is no GMS settings implementation in Dell
SonicWALL CDP appliances. To add GMS reporting support,
use the GMS settings in the Settings > SMB screen. In Active
Report, select the Enable checkbox. And enter the GMS IP
address and port number to start sending CDP syslog.
60 | Provisioning a Dell SonicWALL E-Class SRA Series Appliance
Adding Dell SonicWALL Appliances
This section describes how to add Dell SonicWALL appliances
to the GMS. Dell SonicWALL UMA checks with the Dell
SonicWALL licensing server when you add an appliance, so it is
important that Dell SonicWALL UMA EM5000 has Internet
access to the server. Dell SonicWALL UMA can communicate
with Dell SonicWALL appliances through HTTP or HTTPS.
2.
Expand the Dell SonicWALL UMA EM5000 tree and select
the group to which you will add the Dell SonicWALL
appliance. Then, right-click the group and select Add Unit
from the pop-up menu. To not specify a group, right-click an
open area in the left pane (TreeControl pane) of the Dell
SonicWALL UMA management interface and select Add
Unit or click the Add Unit icon in the tool bar.
To add a Dell SonicWALL appliance using the Dell
SonicWALL UMA management interface, perform the
following:
1.
Click the appliance tab that corresponds to the type of
appliance that you want to add:
• Firewall
• SRA
• CDP
Adding Dell SonicWALL Appliances | 61
The Add Unit dialog box appears:
4.
5.
6.
7.
8.
3.
Enter a descriptive name for the Dell SonicWALL appliance
in the Unit Name field.
Do not enter the single quote character (‘) in the Unit
Name field.
62 | Adding Dell SonicWALL Appliances
Enter the serial number of the Dell SonicWALL appliance in
the Serial Number field.
For the Managed Address, choose whether to Determine
automatically, or Specify manually. Most deployments
will be able to determine the IP address automatically. If
you choose to specify the IP address manually, an option
to Make manual address sticky is available. This will
retain the Manual Mode and the specified IP address will
not be overwritten.
Enter the Administrator login name for the Dell SonicWALL
appliance in the Login Name field. The Administrator of
the appliance can also enter a Local User or a Remote
User name (as configured on the Firewall) for GMS
Management. If using Local User or Remote User names,
they must be included in the user list created on the
Firewall.
Enter the password used to access the Dell SonicWALL
appliance in the Password field.
For Management Mode, select from the following:
• If the Dell SonicWALL appliance will be managed through
an existing VPN tunnel or over a private network, select
Using Existing Tunnel or LAN.
• If the Dell SonicWALL appliance will be managed through
a dedicated management VPN tunnel, select Using
Management Tunnel.
• If the Dell SonicWALL appliance will be managed using
SSL, select Using SSL (default).
9.
Enter the IP address of the managed appliance in the
Management Port field (default port for is HTTPS: 443).
The Dell SonicWALL appliance will be connected with
HTTPS by default.
10. For VPN tunnel management, enter a 16-character
encryption key in the SA Encryption Key field. The key
must be exactly 16 characters long and composed of
hexadecimal characters. Valid hexadecimal characters are
“0” to “9”, and “a” to “f” (i.e., 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, a, b, c,
d, e, f). For example, a valid key would be:
1234567890abcdef
Note: This key must match the encryption key of the
SonicWALL appliance. You can set the key on the
appliance by logging directly into it.
11. For VPN tunnel management, enter a 32-character
authentication key in the SA Authentication Key field. The
key must be exactly 32 characters long and composed of
hexadecimal characters. For example, a valid key would
be: 1234567890abcdef1234567890abcdef
Note: This key must match the authentication key of the
SonicWALL appliance.
12. Select the IP address of the GMS agent server that will
manage the Dell SonicWALL appliance from the Agent IP
Address drop-down.
Note: If GMS is configured in a multi-tier distributed
environment, you must select the GMS Agent whose IP
address matches the IP address that you specified
when configuring the SonicWALL appliance for GMS
management.
If GMS is in a single-server environment, the IP
address of the GMS agent server already appears in
the field.
13. If the GMS is configured in a multi-tier distributed
environment, enter the IP address of the backup GMS
server in the Standby Agent IP field. The backup server
will automatically manage the SonicWALL appliance in the
event of a primary server failure. Any Agent can be
configured as the backup. If the GMS is deployed in a
single server environment, leave this field blank.
14. Click OK. The new Dell SonicWALL appliance appears in
the GMS management interface. It will have a yellow icon
that indicates it has not yet been successfully acquired.
GMS will then attempt to set up an HTTPS connection to
access the appliance. GMS then reads the appliance
configuration and acquires the Dell SonicWALL appliance
for reporting. This will take a few minutes.
After the Dell SonicWALL appliance is successfully
acquired, its icon turns blue, its configuration settings are
displayed at the unit level, and its settings are saved to the
database.
Adding Dell SonicWALL Appliances | 63
64 | Adding Dell SonicWALL Appliances
Front Panel LCD Controls
7
In this Section:
This section provides information about using the LCD controls on the front panel of the Dell SonicWALL UMA EM5000.
• Front Panel Control Features - page 66
• Using the Main Menu - page 66
• About the Status Menu - page 67
• Using the Configure Menu - page 67
• Using the Restart Option - page 68
• Using the Shutdown Option - page 68
65
Front Panel Control Features
Using the Main Menu
The Dell SonicWALL UMA EM5000 appliance is equipped with
a front panel interface that allows an administrator to customize
certain aspects of the appliance or simply monitor its status
without having to log into it through a separate terminal.
Upon booting, the LCD display will initially show the Main Menu.
The menu is made up of four options:
Contains basic status values including
system resources, connections, and
port configuration values.
Allows configuration of basic LAN port
settings. Requires system pin for
access, default: 76642.
Allows the appliance to be restarted.
Universal Management Appliance
By default, the LCD display cycles through the Status values in
screen-saver mode. The display returns to screen-saver mode
after 6 seconds of no activity on the 4-way D-pad or after
pressing the Left button from the Main Menu.
66 | Front Panel Control Features
Allows the appliance to be shut down
and powered off.
The Status and Configure options are menus that contain
multiple selections. The Restart and Shutdown options provide
confirmation screens when selected. Use the Up and Down
buttons to navigate to the option or menu that you wish to enter.
Click the Right button to select the option or enter the menu
and view its selections.
About the Status Menu
Using the Configure Menu
The Status menu allows you to view specific aspects of the
appliance. The LCD cycles through the Status list by default
when no other menu is in use. You can also navigate the list
using the Up and Down buttons. Status values in the list include
the following:
The Configure menu allows you to configure specific aspects of
the appliance. When the Configure menu is selected, the LCD
will display a PIN request.
•
•
•
•
•
•
•
•
Appliance name
Software version
Date
Time
Uptime
Management URL
Interface eth0 IP (default LAN)
Interface eth0 subnet mask
Note: The Default PIN is 76642. This number spells SONIC
on a phone keypad.
All numbers are entered using the 4 buttons on the D-pad.
To enter the PIN, use the buttons as follows:
1.
2.
3.
4.
Select the desired number using the Up and Down
buttons. Digits increase incrementally from 0 to 9.
To move to the next digit field, press the Right button.
To move back to a previous digit field, press the Left
button.
When you are finished entering the PIN, press the Right
button to confirm your PIN and enter the Configure Menu.
The appliance allows the user to navigate in and out of the
Configure menu without having to re-enter the PIN. However,
once the appliance enters screen-saver mode, whether from
the 6 second time out or from pressing the Left button while in
the Main Menu, the PIN number must be re-entered to access
the Configure menu.
About the Status Menu | 67
After entering a new value for a setting in the Configure menu,
you are asked if you want to commit changes. Using the 4-way
D-pad, press the Right button for yes or the Left button for no.
If you choose yes, the screen notifies you that the settings are
updated.
Using the Restart Option
When you select Restart from the Main Menu, you are asked to
confirm the appliance restart. Press the Right button for yes or
the Left button for no.
68 | Using the Restart Option
Using the Shutdown Option
When you select Shutdown from the Main Menu, you are
asked to confirm the appliance shutdown. Press the Right
button for yes or the Left button for no.
8
Support and Training Options
8
In this Section:
This section provides Dell SonicWALL support and training information.
• Customer Support - page 70
• Knowledge Portal - page 70
• Dell SonicWALL Live Product Demos - page 71
• User Forums - page 71
• Training - page 72
• Related Technical Documentation - page 72
• Additionally Supported Languages - page 73
69
Customer Support
Knowledge Portal
Dell SonicWALL offers Web-based and telephone support to
customers who have a valid Warranty or who purchased a
Support Contract. Please review our Warranty Support Policy
for product coverage. Dell SonicWALL also offers a full range of
consulting services to meet your needs, from our innovative
implementation services to traditional statement of work-based
services.
The Knowledge Portal allows users to search for Dell
SonicWALL documents based on the following types of search
tools:
For further information, visit:
http://www.sonicwall.com/us/support/contact.html
For further information, navigate to the Support > Knowledge
Portal page at:
http://www.mysonicwall.com/
70 | Customer Support
• Browse
• Search for keywords
• Full-text search
Dell SonicWALL Live Product Demos
User Forums
The Dell SonicWALL Live Demo Site provides free test drives of
Dell SonicWALL security products and services through
interactive live product installations:
The Dell SonicWALL User Forums is a resource that provides
users the ability to communicate and discuss a variety of
security and appliance subject matters. In this forum, the
following categories are available for users:
•
•
•
•
•
•
•
•
Dell SonicWALL GMS and Analyzer
Unified Threat Management Platform
Secure Cellular Wireless
Continuous Data Protection
SSL VPN Secure Remote Access
Content Filtering
Secure Wireless Solutions
Email Security
For further information, visit: http://livedemo.sonicwall.com/
•
•
•
•
•
•
•
•
•
•
•
Content Security Manager topics
Continuous Data Protection topics
Email Security topics
Firewall topics
Network Anti-Virus topics
Security Services and Content Filtering topics
Dell SonicWALL GMS and Analyzer topics
SonicPoint and Wireless topics
SSL VPN topics
VPN Client topics
VPN site-to-site and interoperability topics
For further information, visit:
https://forum.sonicwall.com/
Dell SonicWALL Live Product Demos | 71
Training
Related Technical Documentation
Dell SonicWALL offers an extensive sales and technical training
curriculum for Network Administrators, Security Experts and
Medallion Partners who need to enhance their knowledge and
maximize their investment in Dell SonicWALL Products and
Security Applications. Dell SonicWALL Training provides the
following resources for its customers:
Dell SonicWALL reference documentation is available at the
Dell SonicWALL Technical Documentation Online Library:
http://www.sonicwall.com/us/Support.html
•
•
•
•
•
E-Training
Instructor-Led Training
Custom Training
Technical Certification
Authorized Training Partners
For further information, visit:
http://www.sonicwall.com/us/training.html
Dell SonicWALL GMS video training is available from the GMS
Development Team:
http://software.sonicwall.com/gmsvp/Dev-Training/
72 | Training
The Dell SonicWALL GMS documentation set includes the
following:
• GMS Release Notes
• GMS Software Getting Started Guide
• GMS Virtual Appliance Getting Started Guide
• UMA EM5000 Getting Started Guide
• GMS Administrator’s Guide
For more advanced deployment examples or interoperability
solutions, refer to Dell SonicWALL GMS Technical Notes.
Additionally Supported Languages
Dell SonicWALL Getting Started Guides, Quick Start Guides,
User Guides, appliance firmware, and various end-user clients
are now available in multiple languages.
After registering your product, you can check for applicable
firmware or end-user client software on MySonicWALL. New
releases are posted as they become available, so please check
periodically for additional firmware, software, and documents.
本地化固件和文档通知
Dell SonicWALL 《入门指南》、《快速入门指南》、《用户指
南》、设备固件和多种终端用户客户端现已支持多种语言。请从
http://www.sonicwall.com/cn/downloads.html 查找可用的中
文文档。
ロー カ ラ イ ズ版フ ァ ームウ ェ アおよび ド キ ュ メ
ン ト について
Dell SonicWALL 導入ガ イ ド 、 ク イ ッ ク ス タ ー ト ガ イ ド 、 ユー
ザ ガ イ ド 、 装置用フ ァ ームウ ェ ア、 および多彩なエ ン ド ユー
ザ ク ラ イ ア ン ト が複数の言語で利用で き る よ う にな り ま し た。
利用可能な日本語 ド キ ュ メ ン ト は、 http://www.sonicwall.com/
japan/documents/support_document.html を ご覧下 さ い。
導入ガ イ ド またはク イ ッ ク ス タ ー ト ガ イ ド の手順に沿っ て、
MySonicWALL (http://www.mysonicwall.com) で製品を登録 し ま
す。 製品の登録後に、 利用可能な フ ァ ームウ ェ ア またはエ ン ド
ユーザ ク ラ イ ア ン ト を MySonicWALL 上で確認で き ます。 新 し
い リ リ ースは利用可能にな る と 公開 さ れるので、 フ ァ ームウ ェ
ア、 ソ フ ト ウ ェ ア、 および ド キ ュ メ ン ト を定期的に確認 し て く
だ さ い。
请按照 《入门指南》或 《快速入门指南》中的说明,在
MySonicWALL 网站 http://www.mysonicwall.com 注册您的设
备。注册完成后,您可以在 MySonicWALL 网站查看相应的固件
和终端用户客户端软件。我们会在第一时间发布可用的新版本,
请定期检查以获取最新的固件、软件和文档。
Additionally Supported Languages | 73
펌웨어 및 문서 한글화 안내
Dell SonicWALL Getting Started 가이드 , Quick Start 가이드 ,
사용자 가이드 , 어플라이언스 펌웨어 및 다양한 엔드유져 클라
이언트가 다국어를 지원합니다 . 다음에서 사용 가능한 한국어
문서를 찾아 보세요 . http://www.sonicwall.com/apac/en/ko/
documents.html.
Getting Started 가이드 또는 Quick Start 가이드에 있는 절차에
따라 http://www.mysonicwall.com 에서 제품 등록을 하세요 .
제품 등록 후 , MySonicWALL 에서 적용 가능한 한국어 펌웨어
또는 사용자 클라이언트 소프트웨어를 확인할 수 있습니다 .
새로운 버젼은 사용 가능할 때 등록됩니다 . 그러므로 , 추가되
는 한국어 펌웨어 , 소프트웨어와 문서가 있는지 주기적으로 체
크하세요 .
74 | Additionally Supported Languages
Notificação de Firmware e Documentação
Localizada
As Guias de noções básicas, Guias de início rápido, Guias de
Usuário, firmware de aplicações, e varios clientes de usuário
final de Dell SonicWALL estão agora disponíveis em varias
línguas. Pode encontrar a documentação disponível em
Português em http://www.sonicwall.com/br/pt/.
Siga as instruções da Guia de noções básicas ou Guia de início
rápido para registrar seu produto em MySonicWALL no
http://www.mysonicwall.com. Depois de registrar o produto,
você pode procurar firmaware ou clientes de usuário final
aplicáveis em MySonicWALL. Novos lançamentos são
publicados tão pronto estejam disponíveis, assim que por favor
visite periodicamente esta página para ver firmware, software e
documentos adicionais.
Product Safety and Regulatory Information
9
In this Section:
This section provides instructions for safely replacing the hard drive, and also provides product safety and regulatory information.
• Replacing a Single Hard Drive - page 76
• Safety and Regulatory Information - page 78
75
Replacing a Single Hard Drive
You can order a replacement hard drive from Dell SonicWALL
for your Dell SonicWALL UMA EM5000. The 750GB
replacement hard drive can be inserted into any drive slot on
your Dell SonicWALL UMA EM5000. You can insert the drive
while the appliance is powered on.
The front bezel on the Dell SonicWALL UMA EM5000 covers
the drive slots. The bezel can be unlocked with the front bezel
security key supplied with the appliance.
Removing the Defective Hard Drive
To remove the defective drive from the Dell SonicWALL UMA
EM5000, perform the following steps:
1.
2.
On your Dell SonicWALL UMA EM5000, use the front
bezel key to unlock the front bezel, then remove the front
bezel to expose the hard drive array.
In the appliance Web interface, navigate to the System >
RAID page.
3.
The defective drive is indicated by a drive status box
displaying a status such as:
•
UNKNOWN
•
NOT SUPPORTED
•
NOT PRESENT
You might see a different status than those listed,
depending on the condition of the drive as interpreted by
the RAID controller.
On the appliance, press the square button on the right side
of the defective drive to pop out the drive handle.
Warning: Be careful to remove only the defective drive from
the drive array while the appliance is powered on.
Removing more than one drive from an active
array will cause loss of data.
76 | Replacing a Single Hard Drive
4.
5.
Grasp the drive handle and pull the drive straight out to
remove it from the slot.
Click Refresh on the System > RAID page and confirm that
the status of the correct (defective) drive is the only
change. The status should be NOT PRESENT.
If you removed the wrong drive, reinsert it and allow the
RAID controller to rebuild the array before proceeding.
See Inserting the Replacement Drive into the UMA
EM5000 Appliance - page 77.
Inserting the Replacement Drive into the
UMA EM5000 Appliance
Warning: Do not insert anything other than the Dell
SonicWALL approved hard drive into the Dell
SonicWALL UMA EM5000.
To view the hard drive array and insert the replacement drive
into the Dell SonicWALL UMA EM5000, perform the following
steps:
1.
2.
Remove the hard drive and the drive number stickers from
the replacement drive shipping carton.
Depending on which drive you are replacing, apply the
appropriate sticker to the drive handle. While holding the
drive with the label side up, place the sticker near the edge
of the handle next to the square button.
3.
4.
5.
6.
7.
In the appliance Web interface, navigate to the System >
RAID page.
Pop open the drive handle on the new hard drive by
pressing the square button.
Insert the drive into the empty slot, label side up with the
handle sticking out.
Press the drive firmly into place to seat the connectors, and
then close the handle.
Click Refresh on the System > RAID page. You will see
the drive slot status change to DEGRADED, and the Array
Status change to REBUILD-PAUSED.
The DEGRADED drive status indicates that the RAID
controller senses that data is missing from the drive. The
Array Status will change to REBUILDING within a few
minutes.
8. You may continue to use your UMA EM5000 while the
RAID controller rebuilds the array with the new drive. The
rebuilding process requires at least three hours.
When finished rebuilding, the status for both the drive and
the array changes to OK on the System > RAID page.
9. Re-install the front bezel, being sure to properly line up the
LCD connectors. The best practice is to align and seat the
right side of the bezel (as you are facing the front of the
UMA EM5000), then view the connectors from above as
you carefully press the left side of the bezel into place.
10. Lock the bezel with the front bezel security key.
Replacing a Single Hard Drive | 77
Safety and Regulatory Information
Regulatory Model / Type
Product Name
1RK19-066
UMA EM5000
78 | Safety and Regulatory Information
Unauthorized Ports
Do not plug devices into any ports (other than those indicated)
unless explicitly instructed to do so by a Dell SonicWALL
technical support representative. Doing so may void your
warranty.
Mounting the UMA EM5000 Appliance
The following conditions are required for proper installation:
• Reliable grounding of rack-mounted equipment must be maintained. Particular
attention must be given to power supply connections other than direct
connections to the branch circuits, such as power strips.
• The Dell SonicWALL appliance is designed to be mounted in a standard 19-inch
rack mount cabinet.
• The included power cord is approved for use only in specific countries or regions.
Before using a power cord, verify that it is rated and approved for use in your
location.
• Use the mounting hardware recommended by the rack manufacturer and ensure
that the rack is adequate for the application.
• The power cord must be removed to disconnect power.
• Ensure that no water or excessive moisture can enter the unit.
• Allow unrestricted airflow around the unit and through the vents on the side of the
unit. A minimum of 1 inch (25.44mm) clearance is recommended.
• Route cables away from power lines, fluorescent lighting fixtures, and sources of
noise such as radios, transmitters, and broadband amplifiers.
• Mount in a location away from direct sunlight and sources of heat. A maximum
ambient temperature of 104º F (40º C) is recommended.
• If installed in a closed or multi-unit rack assembly, the operating ambient
temperature of the rack environment may be greater than room ambient.
Therefore, consideration should be given to installing the equipment in an
environment compatible with the maximum recommended ambient temperature
shown above.
Lithium Battery Warning
The Lithium Battery used in the Dell SonicWALL Internet security appliance may
not be replaced by the user. The Dell SonicWALL must be returned to a Dell
SonicWALL authorized service center for replacement with the same or equivalent
type recommended by the manufacturer. If, for any reason, the battery or Dell
SonicWALL Internet security appliance must be disposed of, do so following the
battery manufacturer's instructions.
Cable Connections
All Ethernet cables are designed for intra-building connection to other equipment.
Do not connect these ports directly to communication wiring or other wiring that
exits the building where the Dell SonicWALL is located.
• Mount the Dell SonicWALL appliances evenly in the rack in order to prevent a
hazardous condition caused by uneven mechanical loading.
• Four mounting screws, compatible with the rack design, must be used and hand
tightened to ensure secure installation. Choose a mounting location where all
four mounting holes line up with those of the mounting bars of the 19-inch rack
mount cabinet.
• A suitably rated and approved branch circuit breaker shall be provided as part of
the building installation. Follow local code when purchasing materials or
components.
• Consideration must be given to the connection of the equipment to the supply
circuit. Appropriate consideration of equipment nameplate ratings must be used
when addressing this concern. Do not overload the circuit.
Safety and Regulatory Information | 79
Weitere Hinweise zur Montage
Für eine ordnungsgemäße Montage sollten die folgenden Hinweise beachtet
werden:
• Das Dell SonicWALL Modell ist für eine Montage in einem standardmäßigen 19Zoll-Rack konzipiert.
• Vergewissern Sie sich, dass das Rack für dieses Gerät geeignet ist und
verwenden Sie das vom Rack-Hersteller empfohlene Montagezubehör.
• Stellen Sie sicher, dass das Gerät vor Wasser und hoher Luftfeuchtigkeit
geschützt ist.
• Stellen Sie sicher, dass die Luft um das Gerät herum zirkulieren kann und die
Lüftungsschlitze an der Seite des Gehäuses frei sind. Hier ist ein
Belüftungsabstand von mindestens 26 mm einzuhalten.
• Achten Sie darauf, das sich die Netzwerkkabel nicht in der unmittelbaren Nähe
von Stromleitungen, Leuchtstoffröhren und Störquellen wie Funksendern oder
Breitbandverstärkern befinden.
• Wählen Sie für die Montage einen Ort, der keinem direkten Sonnenlicht
ausgesetzt ist und sich nicht in der Nähe von Wärmequellen befindet. Die
Umgebungstemperatur darf nicht mehr als 40 °C betragen.
• Wenn das Gerät in einem geschlossenen 19"-Gehäuse oder mit mehreren
anderen Geräten eingesetzt ist, wird die Temperatur in der Gehäuse höher sein
als die Umgebungstemperatur. Achten Sie daraf, daß die
Umgebungstemperatur nicht mehr als 40° C beträgt.
• Bringen Sie die Dell SonicWALL waagerecht im Rack an, um mögliche Gefahren
durch ungleiche mechanische Belastung zu vermeiden.
• Verwenden Sie für eine sichere Montage vier passende
Befestigungsschrauben, und ziehen Sie diese mit der Hand an. Wählen Sie
einen Ort im 19-Zoll-Rack, wo alle vier Befestigungen der Montageschien
verwendet werden.
• Ein angemessen dimensionierter und geprüfte Sicherung, sollte Bestandteil der
Haus-Installation sein. Bitte folgen die den lokalen Richtlinien beim Einkauf von
Material oder Komponenten.
• Prüfen Sie den Anschluss des Geräts an die Stromversorgung, damit der
Überstromschutz sowie die elektrische Leitung nicht von einer eventuellen
Überlastung der Stromversorgung beeinflusst werden. Prüfen Sie dabei
80 | Safety and Regulatory Information
sorgfältig die Angaben auf dem Aufkleber des Geräts. Überlasten Sie nicht den
Stromkreis.
• Eine sichere Erdung der Geräte im Rack muss gewährleistet sein. Insbesondere
muss auf nicht direkte Anschlüsse an Stromquellen geachtet werden wie z. B.
bei Verwendung von Mehrfachsteckdosen.
• Das im Lieferumfang enthaltene bzw. die im Lieferumfang enthaltenen
Netzkabel sind nur für die Verwendung in bestimmten Ländern und Regionen
zugelassen. Überprüfen Sie bitte vor der Verwendung eines Netzkabels, ob es
für die Verwendung in Ihrem Land oder Ihrer Region zugelassen ist und den
geforderten Normen entspricht.
• Das Netzanschlusskabel muss entfernt werden, um Energie zu trennen.
Hinweis zur Lithiumbatterie
Die in der Internet Security appliance von Dell SonicWALL verwendete
Lithiumbatterie darf nicht vom Benutzer ausgetauscht werden. Zum Austauschen
der Batterie muss die Dell SonicWALL in ein von Dell SonicWALL autorisiertes
Service-Center gebracht werden. Dort wird die Batterie durch denselben oder
entsprechenden, vom Hersteller empfohlenen Batterietyp ersetzt. Beachten Sie
bei einer Entsorgung der Batterie oder der Dell SonicWALL Internet Security
appliance die diesbezüglichen Anweisungen des Herstellers.
Kabelverbindungen
Alle Ethernet-Kabel eignen sich für die Verbindung von Geräten in Innenräumen.
Schließen Sie an die Anschlüsse der Dell SonicWALL keine Kabel an, die aus dem
Gebäude herausgeführt werden, in dem sich das Gerät befindet.
架設 UMA EM5000 裝置
•必須維護可靠的機架裝載設備接地。必須特別留意電源供應器
連線,而不是直接連接到電源板之類的分支電路。
需要滿足以下條件以進行正確安裝:
•戴爾 SonicWALL 設備被設計成安裝在一個標準的 19 吋機架安
裝櫃。
•隨附的電源線僅限於特定的國家或地區使用。使用前,請確認
電源線的額定值且已被認可在你的地區上使用。
•使用機架製造商推薦的裝載硬體,確認機架足夠裝置所需
•請確認裝置內不會滲入水分或過多的濕氣。
•裝置週邊請保持通風,特別是裝置通風口側。建議裝置與牆壁
間至少要有 1 英吋 (25.44 公釐 ) 的淨空。
•纜線的路徑應遠離電源線、日光燈,以及會產生雜訊的來源,
如無線電、發送器與寬頻放大器。
鋰電池警告
使用者不得自行更換 戴爾 SonicWALL 網際網路安全性裝置中使
用的鋰電池。必須將 戴爾 SonicWALL 送回 戴爾 SonicWALL 授權
的服務中心,以更換相同的鋰電池或製造商推薦的同類型鋰電
池。若因任何原因必須丟棄電池或 戴爾 SonicWALL 網際網路安
全性裝置,請嚴格遵守電池製造商的指示。
•架設位置需遠離陽光直射與熱源。建議周圍溫度最高溫不 要
超過 104°F (40°C)。
纜線連結
•如果是安裝於封閉式或多組機架配件,機架環境的周圍操作溫
度可能會高過室內周遭。因此,在與上述建議之最高周圍溫度
相容的環境中安裝設備時,應將此列入考量。
所有乙太網路與 RS232 ( 主控台 ) 線路都是為與其他裝置進行內
建連接所設計的。請不要將這些連接埠直接連接至通訊線路,或
其他連出 戴爾 SonicWALL 所在建築的線路。
•將 戴爾 SonicWALL 裝置平坦地裝設在機架中,如此才能避免
因不均勻的機械負荷造成危險狀況。
•必須使用四顆與機架設計相容的安裝螺釘,並用手鎖緊螺釘,
確定安裝牢固。選擇一個安裝位置,將四個裝載洞孔對齊 19
吋架設機櫃的安裝桿。
•應當提供一個合適額定值並且已被認可的分支電路斷路器作為
安裝該裝置的一部分。在購買材料或部件時,應遵循當地安全
代碼。
•必須留心裝置與電源電路的連接問題,電路過載對過電流保護
與電路電線的影響需降至最低。解決這個問題時,需正確考慮
裝置銘牌額定值。不要過載電路。
Safety and Regulatory Information | 81
FCC Part 15 Class A Notice
This equipment was tested and found to comply with the limits for a Class A digital
device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide
reasonable protection against harmful interference when the equipment is
operated in a commercial environment. This equipment generates, uses, and can
radiate radio frequency energy. And if not installed and used in accordance with
the instruction manual, the device may cause harmful interference to radio
communications. Operation of this equipment in a residential area is likely to cause
harmful interference in which case the user is required to correct the interference
at his own expense.
CAUTION: Modifying this equipment or using this equipment for purposes not
shown in this manual without the written consent of Dell SonicWALL, Inc. could
void the user’s authority to operate this equipment.
Declaration of Conformity
A “Declaration of Conformity” in accordance with the directives and standards has
been made and is on file at Dell Inc. Products Europe BV, Limerick, Ireland.
CISPR 22 (EN 55022) Class A
Complies with EN 55022 Class A and CISPR 22 Class A.
WARNING: This is a class A product. In a domestic environment, this product may
cause radio interference, in which case the user may be required to take adequate
measures.
BMSI Statement
警告使用者:
此為甲類資訊技術設備,於居住環境中使用時,可能會造成射
頻擾動,在此種情況下,使用者會被要求採取某些適當的對策。
82 | Safety and Regulatory Information
VCCI Statement
この装置は、クラスA情報技術装置です。この装置を家庭環
境で使用すると電波妨害を引き起こすことがあります。この
場合には使用者が適切な対策を講ずるよう要求
されることがあります。 VCCI - A
Canadian Radio Frequency Emissions
Statement
This Class A digital apparatus complies with Canadian ICES-003.
Cet appareil numérique de la classe A est conforme à la norme NMB-003 du
Canada.
India RoHS Statement
This product complies with Restriction of Hazardous Substances (RoHS)
requirements as prescribed by E-Waste (Management & Handling) Rules, by the
Ministry of Environment & Forests, Government of India.
For further information, please see:
http://www.dell.com/regulatory_compliance
Regulatory Information for Korea
Ministry of Information and Telecommunication
Certification Number SWL-1RK19-066
All products with country code “A” and “J” are made in the U.S.A.
All products with country code “C” or “D” are made in Taiwan R.O.C.
All certificates held by Secuwide, Corps.
A 급 기기 ( 업무용 정보통신기기 )
이 기기는 업무용으로 전자파적합등록을 한 기기이오니 판매자
또는 사용자는 이 점을 주의하시기 바라며 , 만약 잘못 판매 또는
구입하였을 때에는 가정용으로 교환하시기 바랍니다 .
Safety and Regulatory Information | 83
84 | Safety and Regulatory Information