Andrisoft Wanguard 5.2 Service manual
Copyright & trademark notices
!"#$%
&"'"'
Notices
!"$"()*+),"-#".()*+
),/$"'"()*+),0
&"!"1"'"-2"2.#$.()*+
),-$.()*+),.#""#
$1"3").#"#.."4"
"%-'#-()*+),/#-56"
Copyright Acknowledgment
7()*+), 89#
# " ".# # $. ()*+ ), !
" . $ " 3 . ! $. . - "" ""- "#
".# "#-$..!#.' '#
!()*+),
! " " $1" "# ' " (! . & . $
"-'#()*+),'$$!.-"
#"!"
)*+0:*;!()*+),)(</!
()*+),*".-"".$/"/!
!"##$#!%
&56"
''&56"
()3=>>'''6"
*+,-#&&-./
- 1 -
)&0+
1'2-&'3423-35(67
1'2-&'3423-35(67
!
!
?.+@&A
;
#
# 8&9(67+&
8&9(67+&
%
%
)#B!##;C
;#B!$$$C
)#B%"//-"#C
D#B<C
:&4&
:&4&
"
"
&"
"E
"F
*'F
;68<
@:*F
@:,#8
&5+&&'
,+'8
+'88
).8
'9&,=
";89
;"8
!
! :)/
:)/
%
%
$
$ :0'
:0'
"
"
..5"
;8E
"G)8H
")I#)8H
"+')8H
"+8F
#
)$
)8
)
,+'9
+'9
)09
*'A
%
% ://46
://46
#$
#$
(:$
(:
(:""#C
,+'E
+'E
:&E
*'E
- 2 -
"
" &&36/
&&36/
#>
#>
,?#>
)I#)<'%H
+')<'%F
+<'%F
;<'%F
@5&&345&/
-+&083
,"#:"9
A'9+8-3
>
> -46+8-3
-46+8-3
#
#
&+8-3
&+8-3
+8-3
+8-3
!
!
+/3&4,'$
B+8-3
B+8-3
!
!
&,/'3C-4&/&!
#
#+-/01'-
+-/01'-
!#
!#
+)5'91-/&52-!
1-+8-3
1-+8-3
!!
!!
!
!&5+8-3
&5+8-3
!"
!"
$
$D&+8-3
D&+8-3
$
$
%
%;6+'3+8-3
;6+'3+8-3
$
$
"
"&+8-3
&+8-3
$
$
>
>'/&/
'/&/
$"
$"
E.3-
E.3-
$>
$>
#
#72-
72-
$
$
#
#/<F59;'G&/;50
/<F59;'G&/;50
%
%
.!)+3%#
##
##/<#F+8--&5E<
/<#F+8--&5E<
%
%
+8--E.'%
+8--E+.'%!
+8--E3..'%!
+8--E!5'%$
+8--EH%$
#
#/<F+8--1'.
/<F+8--1'.
%"
%"
7//-;6.2/%"
;6+8-36/&%>
+).@:;&#CH
+).@:;CF
;"@:;&#E
;"@:;E
7//-1'5/-2/"
)"#B,.+'#E8
0>(:(:#B,.9+'#E8
;&##)"#B,.+'#E8
;&##0>(:(:#B,.9+'#E
- 3 -
IP Traffic Monitoring, Anomalies Detection & DDoS Mitigation
with WANGUARD
!I"3J"!"-D$"-"#".
/:##!"$'/""""!.#K
$"!'/!"""-&"#!
'/!"$.$"""2"),'/$.
%)"""##'-$3"/-*!)"3"/L)4M-
:M"N-!"-I"!#'DI" '/D'
"!"2-.-'"#'%"$!
!"&".#"#!D##."
WANGUARD Ke Features & Benefits
●*)00;(*(((*B("."#."
&I""-"3"/&
●:*0+,,0(B4"#D&-2$"=
-"&2@:-D#-):"
●0(,0;?(+*(*BG'3"/'3"/"/3"/
"$"..."
●++(;*(*(B)I"#"#=8 $"/I#-
+'-EF-+'-(:+(O-)-1+'
●+,,4D+00;*)*,0B;###-""&#$
'$'"$
●;*:,0O,4(;)B:"2'###!-
-!"-"--""
●0,D(00:*(B!/'""".!1"
#"""./I"#
●<()*(;,0:*(B4'!8 .-".
")F"
●);<0,00:*(B4"#)"..
""&#!
●0+,*,4P0B:!.!+'.K;"'/'
+'-1+'-"+'-)(:+(O
●:;?0)(++0B$:"/)J""/!J!.
'/""!/D/'$!"
●G;0;*+((*B4"&D-!""".!(:#
"
- 4 -
●*)()::*B))%$.'$.2"
#A")/.G'
●;*0O,<0,:B(";2<.-(K
:+!!.#
")Q,$"$.%!"
"#""$'#"-.DD12D$'$!"
WANGUARD Components
6D#,2D$!".*;-(
)".J"."'/##-#"/#
"$$!#$#!#-$"
(671-&5DI".-I"
""#-$'#I"."""!$.#
"2I"-#-.'"!'/"-3
"!"/#"".#")-)*)3"/""-
&"3"/3"$JI"#'"#
2"#'
+&J#D##$."#"!
".''/
- 5 -
A first look at WANGUARD Console
(!../'"&#-/(;
#H
:!'#"#"'!$"%!
!6'2""#!-'3"
"&#!
!;$'!"!'$"=
Side Region – used for navigation throughout the Console
("'#!''-""#!"(!$
"$.;"/##!#2"
)#""B;&#B"$"2$.
""/#$@""""2-$#/
$':!"..8 "
"$"RQ"/)"S!".$3)"=;D)
Central Region – home of tabbed Reports and Dashboards
;J'./"""0"$.
%#)#$L#N;#4.'"$'$"
2"!,#$&!"(.,#$;&#
K
South Region – provides a quick look on the latest events, live statistics and graphs
("$3!$'''("$.!2""/
$3#(%"/'.'=#---"!
"
Upper-right Menus – Help menu and User menu
<"-!$''#
"2-'""$#''$;2<
'/.'$:+
.%"/."#'-;,#*
- 6 -
Reports » Anomalies & Tools
:&4&"/&$-;68<$-
&5+&&'$'9&,=$
Anomalies
$""))3"/I"
$!"I".'!.
8 "(.!K
$"9$D$"$3=
Active Anomalies
""$$.')""I"$'
"-$."#$"=
I%2!.;"/.
8< (:(:"!I".)
(!!:&2-#"'""!I"=$'
'#':&2-$''#'.!:&2
;"/'$'"&"!:&2
6 (:!:&2
;"/'$'"&"!(:
&, "!.
D& /!I"@'-
!)".
;"/'$'"&")
'.
& <'"""!.
9JF;J "/>"$>"#!*,I"
'3 "$!*=
- 7 -
•B$!(:$!&2
•B$!"I";#"
•B$!@:"'!&2
•B!."
•B!")".
/ "!I"&$.+.
., .&#".$'I"
0.$8 T!
"!."/.= DT$-TD T.'- TDET#-
ETD8 T/.$'.I"I"!
/L)(!"N
2"./..D
2EED;EG(KEGEL7M
&9 $!"/!I"#.
&; $!$!I"#.
.&&1' "$'.I"I"
&/
B (:P!);"/:&2U#!(:P
& ".-!.
E<3 $!"$'.$""
!2"!.
+ "&!"
(!+""3"/3"/3'$''
I".''$'$"/#!"3"/3.'
$"/#!"3"/3
& !+"3"/3
&-& "/3I"+.".
!'#&#= !!"#
$
+#.'&#".'#!I"(!&"M"
'+-2"'
- 8 -
5&& ("!'6'&&'&-$
'3"/3'&"
73& '3"/3'"
& <'"""!3"/3
2<9J 2"/>"#!I""#3"/3
2<;J 2$>"#!I""#3"/3
9 $!"/"I""#3"/3
; $!$"I""#3"/3
- ""/#"-'$'"/D"!3"/3$
.!"I";#"
Anomalies Archive
"'I"$."#@.""/#'
'."-.".&-"##"'"
VWX#!&"2''!$.-
#!"*"2#
Anomalies Overview
<."'K!3"/!"D!-)"
BGP Prefixes
@::&2$""@:"$!
"@:".'!.8 "(
.!K
@::&2$"$D$"$3=
BGP Operations
@:*#@:"$.)-+#;
*"@:".'@:
".:&2"."&#@:;"
- 9 -
$"#@:"$.'""$
"=
;6+'3 @:;"&@:;""&#B#8
8< :&2"""#>9;(!(:A
>8H;(!(:C
'@:"'
73& '@:"'$''
&, (!@:"'##$..-"/
.
+ &.""$@:"(!"'0*
/!0B#H
'3 ("/!!@:""&$.!
*
BGP Logs
@:,#'@:"$.-$."#@.
""/#''."-.".&-"##"'
""2#
4"!.!"$.$D""/#'
Flow Collector
:&4&"/&5+&&'$!+')
'"&#
<."-###-&M'-#I""-'
I"#!).
+';"$"9$D$"$3=
List Flows
4"&M'""#.$.#&$'=
●
)"+')(!""I".""
$"&'")$
- 10 -
●N0
)"&D!.'$."#R;S
●&5&
<."&!M';"/#$$"#''"#
"".2+%.M'&"$.
●
4""!-."..'!"!!
"&"!!
+$3$.(:C-"$$"
"$.Y6##"#K'(:C.
/#!(!.!(:C-""/(:C#
●E<
(!."$.0.":
@'.##!M'-#.#$'.
$$("-"RS';,("#
4"2""".-!'&"
●---3
@.!M'###@.""/#""/$2-.""'.'
.M'###4.###$'"#"(:A>V$
$X
●&5
,.&M'!"
●3-
#M'!J+')..""#!
M'*'M'%"!"+')
Flows Tops
4""&M'#$.#&$'=
●
)"+')(!""I".""
$"&'")$
●N0
)"&D!.'$."#R;S
●&5&
<."M'&;"/#$$"#''"#
"".2+%.M'&"$.
- 11 -
●
4""!-."..'!"!!
"&"!!
+$3$.(:C-"$$"
"$.Y6##"#K'(:C.
/#!(!.!(:C-""/(:C#
●E<
(!."$.0.":
@'.##!M'-#.#$'.
$$("-"RS';,("#
4"2""".-!'&"
●,
)"".'!
●---3
@.!M'###@.""/#""/$2-.""'.'
.M'###4.###$'"#"(:A>V$
$X
●
,."'"/$.""&
●
,"&
Autonomous S stems
(!.#+')-."#I"$'#!
).4"!.@:D$M'2"&#")
!2M'
=
●
)"+').""$"&
'")$
●
)"&D!.'$."#R;S
●)
;"/#$$"#''"#"".2*6)
$"$.
(!./'')$LN"():#."""/D#!
- 12 -
''=<Z)(!Z)$,.".J&$.""/#
$'"
●E<
4"-:+#)#
●0
!.'.VVXX$3(!."!
#'$".!
●6=
4""&K.".'KRVO2X2V42XS!
●6&
"".D#!R!S-!RS
-.".'2'$
●'9
(!""/-J)##!.+')*'#)#
"I"#!+')
●'9
(!.)$."!#)#!'():
)'8")$
Packet Analyzer
:&4&"/'9&,=$!)I#
)'"&#
:"/.K'..""/#$)I#)4"'
"/".!;##/D/!"
$"$D$"$3=
Active Captures
-*':"/;##"#"/$.""/#
VV;XX$3=
●'3
".!."
●1-
)")I#)""I".""$
"&')$
- 13 -
●;E<
;"/#$$"#''"#""@:+B@/.:"/+
.2*6@:+2"$.
!@:+2.$."RS#"(:I"
●2<-
2#
●+
2#RS."2"'"'
●2<&=O2;P
@!'#'"/&-""/'&".#V$X-!
-""&'
●2<'9
"6"#V$X"/
●2<&)
)U#'$!&""&V$X-$#'#&
!$##-"##$J(-'&'#
# 2$!&-'#"".
●3OP
(!"&-&.V$X"
●&-,4D&
)"RS'"/#%)"R8>GS1"/.
VX"/)"RG>S2VX"/."
●&8<
!"&(!.&D$'$
&
●O),J9P
)!V$X$.!!""/!!C9$./#
#$"!/""/-J".-
"!"/$J#.""/$4V$X
$'""!.
●+
&.""$I""
";$'!'#!=
●'3Q;R
""@:+2
- 14 -
●&-
.!#$#
●
')I#)"#"/
●73&
"'"#!"
●
("!"(#!"#
●0'
)I#)+""/
●&J=
$!&#-K!&
●'9
$!"/"
●'3
;"/&"'&/D/'$!";"/""
'&;"/""
Captures Archive
;""$."#@.""/#''.
"-.".&-"##"'"
VWX#!&"2''!$"-
""."&*"2#
- 15 -
Reports » Dashboards
$".#$[)/'.#
""#.
+'$";-$.""$.## :
)/*2#$""/VV$XX
5/-.$-""/$
"'#-""/&"'#$'#-""/""!$
'#-""/"!$
#'"&"&-.'#"&#$#,'##
\\!'#/"""#!'#
$!2
#!D2."$"
*.\\\*\$"-$\\
'&"$
- 16 -
Reports » Interfaces
:0'"/..5$-0'6$
$
*'$D'!"
(!"$D'!$##)LN+LN
""'(!"$
)$"&"")
O er iew
*'$"!D!#$'D.""!"
"
Console
;).$!'#!=
(!;!"#.-#R""/S'.(!
"-LN!;
&7 $!";
69 /"$"&#(:#
;9 /"$"&#$
;= !/"$.$
;'3.+& $!"".#)Q,
;'3.+'3 $!""")Q,
.-;AJ #$!$%"$.)Q,
/ !#.!
2 !$.:<:"
/ ';$
- 17 -
Active Virtual Sensors
G)$&)I#)$2$'$
.!G)#
Active Sniffing Sensors
")I#)$.!)I#)#$
!'#!=
(!")I#)!"#.#R""/S".(!
;"#")I#)ROS".(
"/)I#)"&#"".-/
#/!0B#H
.!)I#)"$2';&
"&#;"/'$'"&")
*"#D""/)"&#
$!(:"I"*..'/(:
"
9JOJP $$"/>"#6
)/;J $$>"#6-$#"
)/;J $$>"#6-$#"
'./9J !J"/$!
/ !"/"#"$#-"
I#!"$
/ !#.!
+7S ;:"$.)I#)"
2 !.$.)I#)"
/ ')I#)
Active Flow Sensors
"+')$.!+')#$
!'#!=
- 18 -
(!"+')!"#.#R""/S".(!
;"#"+')ROS".("
/)I#)"&#"".-/
#/!0B#H
.!+');"/'$'"&"
)*"#D""/)"&#
0' !""$2'"&#;
(!!"#66)-
""/M'2""/."K'
$!(:"I"#!"*..
'/(:"
9JOJP $$"/>"#6
)/;J $$>"#6-$#"
)/;J $$>"#6-$#"
&5J !M'""$.+')
&5&, @"I"$###&-M'"2M''"&#
.)"2M'""&#.-&"
2M'."$.+')
+')"'.K#
!"!+')"-M'$2$
/ $!""M'(!$#"!"$
)'/"".'M'2
/ !#.!
+7S ;:"$.+')"
2 !.$.+')"
/ '+')
Active Filters
"+$.!+#$!'#!=
(!"+!"#.#R""/S".(!;
"#"+ROS".("/
+"&#"".-/#/
!0B#H
& .!+
- 19 -
Table of contents
Other Andrisoft Firewall manuals
Popular Firewall manuals by other brands
Siemens
Siemens SIMATIC NET SCALANCE S615 operating instructions
Cisco
Cisco Small Business RV215W quick start guide
Barracuda
Barracuda CloudGen Firewall F1000 CE0 quick start guide
Fortinet
Fortinet FortiGate 3600 quick start guide
3Com
3Com SUPERSTACK 3CR16110-95 user guide
Fortinet
Fortinet FortiMail-2000 quick start guide