Email Security Gateway (V5000 G2) > Setting up the appliance
|
If you have already completed the appliance set up steps provided in the Websense V-Series Getting Started guide, skip to Installing Email Security Log Server.The Quick Start poster, which comes in the shipping box with your appliance, shows you all items included in each Websense appliance shipping box. The 2-page Quick Start explains how to set up the hardware and shows how to connect the cables to the appliance and to your network.Interface C, P1, and P2 (if used) must be able to access a DNS server. These interfaces typically have continuous access to the Internet once the appliance is operational. Essential databases are downloaded from Websense servers through these interfaces.
Ensure that C, and P1 or P2 (if used), are able to access the download servers at download.websense.com.
Make sure that this address is permitted by all firewalls, proxy servers, routers, or host files that control the URLs that the C, P1, and P2 interfaces can access.After hardware setup, connect directly to the appliance through the serial port or the monitor and keyboard ports. For serial port activation, use:See the next section.The first time you start a Websense appliance, a brief script (firstboot) prompts you to supply settings for the network interface labeled C and a few other general items. You can run the script again if you want to examine your settings or change settings. You can also change settings through the Appliance Manager (user interface) after firstboot has been executed.Gather the following information before running the script. Some of this information may have been written down on the Quick Start during hardware setup.
Note: If you do not provide access to the Internet for interface C, configure:
P1 to download antispam and antivirus database updates from Websense (Email Security mode)Configuring these interfaces to access the Internet for database downloads is done through the Appliance Manager and through the TRITON Unified Security Center. See the Appliance Manager Help for information about configuring the interfaces. See the TRTION - Email Security Help for information about configuring database downloads. Primary DNS server for network interface C
(IP address) Unified password (8 to 15 characters, at least 1 letter and 1 number) When you have gathered the necessary information, run the initial command line configuration, as follows.
To configure the appliance, connect through the serial port or the keyboard/video ports and complete the firstboot script. For serial port activation, use:
3. When asked if you want to begin, enter yes to launch the firstboot activation script.
4. At the first prompt, select Email Security only mode.After the activation script has been completed successfully, access the Appliance Manager. Open a supported browser, and enter this URL in the address bar:Replace <IP address> with the address assigned to network interface C during initial configuration of the appliance.The Appliance Manager is the Web-based configuration interface for the appliance. Through it you can view system status, configure network and communication settings, and perform general appliance administration tasks.After completing the initial configuration required by the firstboot script, use the Appliance Manager to configure important settings for network interfaces P1 and (optionally) P2.Gather the following information before running the Appliance Manager. Some of this information may have been written on the Quick Start during hardware setup.
Be sure that interface C can access the NTP server. If interface C does not have Internet access, you can install an NTP server locally on a subnet that can be accessed by interface C. If you use both P1 and P2, the default gateway is automatically assigned to P2 (which is bound to eth1). Primary DNS server for network interface P1 and P2 (if used) Follow these steps to configure basic system and network interface settings. See the Appliance Manager Help for detailed instructions on any field or area, or for information about other available settings.Replace <IP address> with the address assigned to network interface C during initial configuration of the appliance (see Perform initial command-line configuration)
2. Log on with the user name admin and the password set during initial appliance configuration.
3.
4. Under Time and Date:
Automatically synchronize with an NTP server: select this option to use a Network Time Protocol server. Specify up to three NTP servers. Use of an NTP server is recommended, to ensure that database downloads and time-based policies are handled precisely.
Manually set time and date: select this option to enter a system time and date yourself.
c. Click Save in the Time and Date area.
5.
6. Under Websense Email Security Gateway Interfaces (P1 and P2), configure the P1 and P2 (optional) interfaces.The P interfaces are used to accept users' requests (inbound traffic) and communicate with the Internet (outbound traffic).
a. If you choose P1 only, enter configuration information (IP address, subnet mask, default gateway, DNS IP addresses) under P1.If you choose P1 and P2, enter configuration information under both P1 and P2. Note that default gateway and DNS configuration (under Shared Setting) are shared between both P1 and P2.
b. Alternatively, you could use both P1 and P2 such that P1 handles inbound traffic and P2 handles outbound traffic.See the Appliance Manager Help for more information about configuring Email Security interfaces.
a.
b. Under Static Routes, use the Add/Import button to specify customized, static routes.
c. Under Module Routes, use the Add button to specify non-management Web Security or Email Security traffic through the C interface.
d. For either static or module routes, use the Delete button to remove existing routes, if necessary.
An existing route cannot be edited. If you want to edit a route, delete it and then use the Add/Import (static) or Add (module) button to specify the route with the changes you want.
8. Click Log Off, at the top right, when you are ready to log off Appliance Manager.
Email Security Gateway (V5000 G2) > Setting up the appliance
|