Professional Documents
Culture Documents
Data Protection | Web Security | CASB | NGFW | Advanced Malware Detection | Behavioral Analytics | Insider Threat | Email Security | Data Guard | Cross Domain
Scenarios • CLUSTERING
• RESTORING BACKUP
• EASY TO USE IPS
• EASY DEPLOY
© 2019 Forcepoint | 2
STOP SMC-2
STOP ENGINE-EXTRA
Be sure you
Stopped SMC-2
Stopped ENGINE-EXTRA
© 2019 Forcepoint | 4
BASED ON CUSTOMER EXPECTATIONS
BUILD
BUILD DOCUMENT
© 2019 Forcepoint | 5
• Restoring Backup
With a system with Windows SMC
Make backup on SMC1
Copy file to SMC2
Power off SMC1
Restore backup
Run SMC Client
Explain what happened and fill document
© 2019 Forcepoint | 7
Copy backup from Landing machine to SMC-2
Username and password for Windows are:
• Stop SMC-1 and start SMC-2
Administrator
Forcepoint1
• Connect eth0 to swich, and delete link from SMC-1, you can
do that by right click over the link, and delete
© 2019 Forcepoint | 8
Stop Forcepoint log and management services
Stop Log and SMC Servers
© 2019 Forcepoint | 10
• CLUSTERING
With a cluster configured
Connect vpn client, using windows machine
Download a file
Reboot engine managing the connections
Explain what happened and fill document
Connecting VPN client
Check everything
is connected
© 2019 Forcepoint | 12
Check for connections on the Cluster
© 2019 Forcepoint | 13
Check which node handles the connection
© 2019 Forcepoint | 14
Initiate unc connection to server From VPN client by
using \\192.168.122.10\c$ Username and password for Windows are:
Administrator
Forcepoint1
© 2019 Forcepoint | 15
And power-off it
© 2019 Forcepoint | 16
• EASY to Deploy new firewalls
From the new SMC-2
Go to single firewall
Save initial config
Power on ENGINE EXTRA
Attach usb
Explain what happened and fill document
Go to SMC gui, select Single Firewall on home page
© 2019 Forcepoint | 18
Saving to USB
Select the initial policy
Save as to the usb
© 2019 Forcepoint | 19
Start ENGINE-EXTRA
• Move to GNS3
• Select ENGINE-EXTRA and power on
• Open console by right click and console
• Select File -> USB device, and attach usb
• Wait until you see this
© 2019 Forcepoint | 20
Review status is uploading policy, and wait until this finish
© 2019 Forcepoint | 21
• EASY to use IPS
With a system with Windows SMC
Open Configuration and create a new IPS Policy
Name your policy
Develop based on what you think
Explain what your policy is doing
Explain what happened and fill the document
Create IPS policy
• Go to Configuration
• Policies
• Inspection
• Create a new one Based on
noPolicy
© 2019 Forcepoint | 23
Configure Policy
• On inspection tab:
• Set attacks and botnet to terminate
• Select logging to essential
• Recording to excerpt
© 2019 Forcepoint | 24
Now exceptions
• On exceptions tab:
• Add new rule by right click on insert point
© 2019 Forcepoint | 26
Copy these two rules, and paste below the second
section
© 2019 Forcepoint | 27
Create a new section at the end
• Name it Miscelaneous and pretare to use it
adding an empty rule
© 2019 Forcepoint | 28
Move to inspection, expand Traffic Identification, and select
© 2019 Forcepoint | 29
Finally, this is how your policy should looks like
© 2019 Forcepoint | 30