Next Generation Firewall - Forcepoint ?· Forcepoint Next Generation Firewall 6.2 ... Example network…

Download Next Generation Firewall - Forcepoint ?· Forcepoint Next Generation Firewall 6.2 ... Example network…

Post on 04-Jun-2018

221 views

Category:

Documents

5 download

Embed Size (px)

TRANSCRIPT

  • Next GenerationFirewallInstallation Guide6.2Revision B

  • 2017 ForcepointForcepoint and the FORCEPOINT logo are trademarks of Forcepoint.

    Raytheon is a registered trademark of Raytheon Company.All other trademarks used in this document are the property of their respective owners.

    Published 2017

    This document may not, in whole or in part, be copied, photocopied, reproduced, translated, or reduced to anyelectronic medium or machine-readable form without prior consent in writing from Forcepoint. Every effort hasbeen made to ensure the accuracy of this manual. However, Forcepoint makes no warranties with respect tothis documentation and disclaims any implied warranties of merchantability and fitness for a particular purpose.Forcepoint shall not be liable for any error or for incidental or consequential damages in connection with thefurnishing, performance, or use of this manual or the examples herein. The information in this documentation issubject to change without notice.

  • Forcepoint Next Generation Firewall 6.2 | Installation Guide

    3

    Table of contentsPreface................................................................................................................................................................ 7

    Introduction to the Forcepoint Next Generation Firewall solution........................ 91 Introduction to Forcepoint NGFW.........................................................................................................11

    Components in the Forcepoint NGFW solution................................................................................11Security Management Center (SMC)................................................................................................12NGFW Engines..................................................................................................................................12

    2 Preparing for installation....................................................................................................................... 15Supported platforms.......................................................................................................................... 15Clustering...........................................................................................................................................17Deployment options for Forcepoint NGFW in the IPS and Layer 2 Firewall roles............................18Cable connection guidelines............................................................................................................. 20Speed and duplex settings for NGFW Engines................................................................................23Obtain installation files...................................................................................................................... 24Licensing Forcepoint NGFW components........................................................................................ 26Installation overview.......................................................................................................................... 27

    Security Management Center (SMC) deployment............................................................ 293 Installing the SMC...................................................................................................................................31

    SMC installation options....................................................................................................................31Install SMC components................................................................................................................... 34Install the SMC in Demo Mode........................................................................................................ 40Install the SMC from the command line........................................................................................... 42Install the SMC Appliance.................................................................................................................47Start the SMC after installation.........................................................................................................49Post-installation SMC configurations................................................................................................ 54

    4 Configuring the SMC.............................................................................................................................. 55Configuring NAT addresses for SMC components...........................................................................55Add Management Servers for high availability................................................................................. 58Distribute Management Clients through Web Start.......................................................................... 60

    Forcepoint NGFW deployment....................................................................................................... 635 Configuring Forcepoint NGFW for the Firewall/VPN role...................................................................65

    Install licenses for NGFW Engines...................................................................................................65Configuring Single Firewalls..............................................................................................................66Configuring Firewall Clusters............................................................................................................ 82

    6 Configuring Forcepoint NGFW for the IPS role...................................................................................93Install licenses for NGFW Engines...................................................................................................93Configuring IPS engines................................................................................................................... 94Bind engine licenses to IPS elements............................................................................................107

  • Forcepoint Next Generation Firewall 6.2 | Installation Guide

    4

    7 Configuring Forcepoint NGFW for the Layer 2 Firewall role........................................................... 109Install licenses for NGFW Engines.................................................................................................109Configuring Layer 2 Firewalls......................................................................................................... 110Bind engine licenses to Layer 2 Firewall elements........................................................................ 122

    8 Configuring NGFW Engines as Master NGFW Engines and Virtual NGFW Engines..................... 123Master NGFW Engine and Virtual NGFW Engine configuration overview..................................... 123Install licenses for NGFW Engines.................................................................................................124Add Master NGFW Engine elements............................................................................................. 124Add Virtual Firewall elements......................................................................................................... 132Add Virtual IPS elements................................................................................................................137Add Virtual Layer 2 Firewall elements............................................................................................139

    9 Configuring Forcepoint NGFW software............................................................................................ 143Options for initial configuration....................................................................................................... 143Using plug-and-play configuration...................................................................................................144Using automatic configuration.........................................................................................................147Configure Forcepoint NGFW software using the NGFW Initial Configuration Wizard.................... 149

    10 NGFW Engine post-installation tasks...............................................................................................163Configuring routing and basic policies............................................................................................163Monitor and command NGFW Engines..........................................................................................172

    Maintenance................................................................................................................................................ 17311 Maintaining the SMC...........................................................................................................................175

    Upgrading the SMC.........................................................................................................................175Uninstall the SMC........................................................................................................................... 180

    12 Upgrading NGFW Engines................................................................................................................. 183How engine upgrades work............................................................................................................ 183Obtain NGFW Engine upgrade files............................................................................................... 185Prepare NGFW Engine upgrade files............................................................................................. 186Upgrading or generating licenses for NGFW Engines................................................................... 18

Recommended

View more >