Introduction to Firebox Cloud - WatchGuard

Introduction To Firebox Cloud WatchGuard-ppt Download

  • Date:27 Jun 2020
  • Views:24
  • Downloads:0
  • Size:4.35 MB

Share Presentation : Introduction To Firebox Cloud WatchGuard

Download and Preview : Introduction To Firebox Cloud WatchGuard

Report CopyRight/DMCA Form For : Introduction To Firebox Cloud WatchGuard


Transcription:

Introduction to Firebox CloudWatchGuard TrainingCopyright 2018 WatchGuard Technologies Inc All Rights Reserved Firebox Cloud Overview Fireware OS and Management.
Licensing and Services Feature Differences from other Deployment Overview Fireware Web UI Default Configuration.
Configuration Tips Firebox Cloud CLIWatchGuard TrainingCopyright 2018 WatchGuard Technologies Inc All Rights ReservedFirebox Cloud Overview.
Firebox Cloud is a virtual Fireboxdeployed in the cloud Supported cloud platforms Amazon Web Services AWS Microsoft Azure.
WatchGuard TrainingCopyright 2018 WatchGuard Technologies Inc All Rights ReservedFirebox Cloud Features Runs the same Fireware OS as other Protects a virtual network from attacks.
such as botnets cross site scripting SQL injection attempts and otherintrusion vectors Enables secure VPN connections to avirtual network.
Compatible with Dimension formonitoring and reporting Multiple purchasing options for FireboxCloud on AWSWatchGuard Training.
Copyright 2018 WatchGuard Technologies Inc All Rights ReservedPrimary Use Cases Protect a server on a virtual network Firewall Security services.
Branch Office VPN BOVPN endpoint VPN endpoint for encrypted connections between othernetworks and a virtual network Mobile VPN VPN endpoint for encrypted connections from SSL L2TP IPSec .
or IKEv2 mobile VPN clients to a virtual networkWatchGuard TrainingCopyright 2018 WatchGuard Technologies Inc All Rights ReservedPrimary Use Cases Example Firebox Cloud on AWS.
en crypte On premise FireboxMobile VPN ClientWatchGuard TrainingCopyright 2018 WatchGuard Technologies Inc All Rights ReservedFirebox Cloud Licensing AWS.
Two options in the AWS Marketplace Bring Your Own License BYOL Purchase a Firebox Cloud license from a WatchGuard reseller Activate the license and update the Firebox Cloud feature key Pay As You Go.
Purchase a metered Firebox Cloud instance in the AWSMarketplace Amazon meters Firebox Cloud and bills based on usage No activation or feature key is required Both options enable the same Fireware functionality features .
and security servicesWatchGuard TrainingCopyright 2018 WatchGuard Technologies Inc All Rights ReservedFirebox Cloud Licensing AWS BYOL The Firebox Cloud model license you purchase specifies the.
maximum number of vCPUs your Firebox Cloud can useFirebox Cloud Model Maximum AWS vCPUsExtra Large 16WatchGuard TrainingCopyright 2018 WatchGuard Technologies Inc All Rights Reserved.
Firebox Cloud Licensing Azure Firebox Cloud for Azure requires that you bring your ownlicense BYOL to enable all features Purchase a Firebox Cloud license from a WatchGuard reseller Activate the license and update the Firebox Cloud feature key.
The Firebox Cloud model license you purchase specifies themaximum number of CPU Cores your Firebox Cloud can useFirebox Cloud Model Maximum CPU CoresExtra Large 16WatchGuard Training.
Copyright 2018 WatchGuard Technologies Inc All Rights ReservedFirebox Cloud Instance Sizes Recommended instance sizes for Firebox Cloud depend onthe Firebox Cloud modelModel Instance Sizes for Azure Instance Sizes for AWS.
Small Standard A1 v2 Standard A2 v2 c4 large m4 largeStandard D2 v3 Standard D2s v3 Standard F1 Standard F2 Standard F2s v2Medium Standard A4 v2 Standard D4 v3 c4 xlarge m4 xlarge.
Standard D4s v3 Standard F4 Standard F4s v2Large Standard A8 v2 Standard D8 v3 c4 2xlarge m4 2xlargeStandard D8s v3 Standard F8 Standard F8s v2.
Extra Large Standard D16 v3 c4 4xlarge m4 4xlargeStandard D16s v3 Standard F16 Standard F16s v2WatchGuard TrainingCopyright 2018 WatchGuard Technologies Inc All Rights Reserved.
Fireware OS Firebox Cloud for AWS runs Fireware v11 12 1 or higher Firebox Cloud for Azure runs Fireware v12 1 or higher Most features are the same as for any other Firebox Includes most subscription services.
Some services and networking features are not supportedWatchGuard TrainingCopyright 2018 WatchGuard Technologies Inc All Rights ReservedAdministration Administer Firebox Cloud with Fireware Web UI CLI or.
Dimension Command requires Fireware 12 1 or higher You cannot administer Firebox Cloud with WatchGuardSystem Manager Policy Manager or WatchGuardManagement Server Limited Web Setup Wizard.
Firebox Cloud uses a default configurationWatchGuard TrainingCopyright 2018 WatchGuard Technologies Inc All Rights ReservedIncluded Subscription Services Application.
Edit Master Controltext styles o Fourth level Fifth level WebBlocker Second level.
Gateway AVlevel APT Blocker Intrusion Prevention Service Reputation Enabled Defense Geolocation.
Botnet Detection Data Loss PreventionWatchGuard Training Dimension CommandCopyright 2018 WatchGuard Technologies Inc All Rights Reserved.
Feature Differences from Other Fireboxes Networking features not supported Drop in mode and Bridge mode DHCP server and DHCP relay all interfaces are DHCP clients Multi WAN and policy based routing.
ARP entries Link Aggregation FireCluster Bridge InterfacesWatchGuard Training.
Copyright 2018 WatchGuard Technologies Inc All Rights ReservedFeature Differences from Other Fireboxes Policy and Security Services not supported Explicit proxy and Proxy Auto Configuration PAC files Quotas.
spamBlocker and Quarantine Server Network Discovery Mobile Security Authentication features not supported Hotspot.
Single Sign On SSO WatchGuard TrainingCopyright 2018 WatchGuard Technologies Inc All Rights ReservedFeature Differences from Other Fireboxes System Administration features not supported .
Management by WatchGuard Management Server Administration from Policy Manager Logon disclaimer for device management connections USB drive for backup and restore Other features not supported .
Gateway Wireless Controller Mobile VPN with SSL Bridge VPN Traffic optionWatchGuard TrainingCopyright 2018 WatchGuard Technologies Inc All Rights ReservedNetwork Interface Configuration.
Firebox Cloud supports up to 8 interfaces 1 external Up to 7 internal All interfaces use DHCP to request an IP address There are no interface settings in Fireware Web UI.
You configure all network interface settings in AWS or Azure For each additional interface you must configure the subnet route table and interface for the Firebox Cloud VMWatchGuard TrainingCopyright 2018 WatchGuard Technologies Inc All Rights Reserved.
Deployment Overview AWS To deploy Firebox Cloud on AWS you must 1 Create a VPC with public and private subnets2 Terminate the default NAT instance for the VPC3 Deploy a Firebox Cloud EC2 instance in the VPC.
4 Configure network settings in AWS for the EC2 instanceFor more information see the Firebox Cloud Deployment Guide Connect to Fireware Web UI at the eth0 public IP address ofyour Firebox For AWS this is the Elastic IP address for interface 0.
WatchGuard TrainingCopyright 2018 WatchGuard Technologies Inc All Rights ReservedFirebox Cloud Setup Wizard Connect to Fireware Web UI at the external IP addresshttps eth0 Public IP 8080.
Log in with these default credentials User Name admin Passphrase The Firebox Cloud Instance IDWatchGuard TrainingCopyright 2018 WatchGuard Technologies Inc All Rights Reserved.
Deployment Overview Azure To deploy Firebox Cloud on Microsoft Azure you must 1 Create a key pair for SSH authentication2 Deploy the Firebox Cloud instance3 Activate your Firebox Cloud license.
4 Add the feature keyFor more information see the Firebox Cloud Deployment Guide Connect to Fireware Web UI at the eth0 public IP address ofyour FireboxWatchGuard Training.
Copyright 2018 WatchGuard Technologies Inc All Rights ReservedFirebox Cloud Setup Wizard The first time you connect the Web Setup Wizard appears Create new passphrases for the built in user accounts Log in again with the new passphrase.
WatchGuard TrainingCopyright 2018 WatchGuard Technologies Inc All Rights ReservedConnect to Fireware Web UI Connect to Fireware Web UI at the external IP address ofyour Firebox Cloud.
https eth0 Public IP 8080WatchGuard TrainingCopyright 2018 WatchGuard Technologies Inc All Rights ReservedFireware Web UI Instance Information Information about the Firebox Cloud instance appears in.
several places in Fireware Web UI Front Panel Dashboard page System section shows Instance Type Instance ID Availability Zone.
System Status VM Information More detailed instance information Dashboard Interfaces Detail Interface configuration and link statusWatchGuard Training.
Copyright 2018 WatchGuard Technologies Inc All Rights ReservedFireware Web UI for Firebox Cloud The Front Panel Dashboard page shows instance informationWatchGuard TrainingCopyright 2018 WatchGuard Technologies Inc All Rights Reserved.
Fireware Web UI for Firebox Cloud The VM Information System Status page shows moreinformation about the Firebox Cloud instanceWatchGuard TrainingCopyright 2018 WatchGuard Technologies Inc All Rights Reserved.
Fireware Web UI for Firebox Cloud The Interfaces Dashboard page shows interfaceconfiguration information for the Firebox Cloud instanceWatchGuard TrainingCopyright 2018 WatchGuard Technologies Inc All Rights Reserved.
Add a Feature Key When you purchase Firebox Cloud youget a serial number After you deploy Firebox Cloud activate the serial number in the.
WatchGuard Portal To activate specify the serialnumber and the Firebox CloudInstance ID VM ID The activation process generates.
a feature key for that instance You can apply the feature keyonly to a Firebox Cloud instancewith the specified instance IDWatchGuard Training.
Copyright 2018 WatchGuard Technologies Inc All Rights ReservedAdd a Feature Key Download the feature key to the Firebox to enable all features1 In Fireware Web UI click Add a feature key now2 The wizard can download and install the feature key.
WatchGuard TrainingCopyright 2018 WatchGuard Technologies Inc All Rights ReservedDefault Configuration User Accounts Default user accounts are the same as for any other Firebox Device Administrator account .
User name admin Passphrase the Firebox Cloud VM or Instance ID Device Monitor account User name status Passphrase readonly.
You change these default passphrases in the Web SetupWizard when you connect to Firebox Cloud the first time You can also select System Users and Roles to changethe passphrases for these user accountsWatchGuard Training.
Copyright 2018 WatchGuard Technologies Inc All Rights ReservedDefault Configuration Interfaces Interface 0 External IP address assigned through DHCP Interface 1 Trusted IP address assigned through DHCPWatchGuard Training.
Copyright 2018 WatchGuard Technologies Inc All Rights ReservedDefault Configuration Firewall Policies WatchGuard Web UI Allows Web UI managementconnections from any interface to the Firebox Ping Allows ping traffic from any interface to the Firebox.
No Outgoing policy by default The Firebox does not allowoutbound connections unless you configure a policy to allow itWatchGuard TrainingCopyright 2018 WatchGuard Technologies Inc All Rights ReservedDefault Configuration Services.
Supported subscription services are all configurable but arenot enabled by defaultWatchGuard TrainingCopyright 2018 WatchGuard Technologies Inc All Rights ReservedConfiguration Tips Protect a Web Server.
Configure a 1 to 1 NAT action Configure a 1 to 1 NAT action for IP address translation from theexternal interface to the private IP address of the web server If you have more than one server add a 1 to 1 NAT action foreach server.
WatchGuard TrainingCopyright 2018 WatchGuard Technologies Inc All Rights ReservedConfiguration Tips Protect a Web Server Enable and configure security services in proxy actions HTTP Server Standard 1 Modified HTTP proxy action.
HTTPS Server Standard 1 Modified HTTPS proxy action Services Gateway AV APT Blocker Enable with default settingsFirebox Cloud Licensing — AWS. Two options in the AWS Marketplace: Bring Your Own License (BYOL) Purchase a Firebox Cloud license from a WatchGuard reseller. Activate the license and update the Firebox Cloud feature key. Pay As You Go. Purchase a metered Firebox Cloud instance in the AWS Marketplace. Amazon meters Firebox Cloud and bills ...

Related Presentations