Andrisoft Wanguard 5.2 Service manual
Copyright & trademark notices
!"#$%
&"'"'
Notices
!"$"()*+),"-#".()*+
),/$"'"()*+),0
&"!"1"'"-2"2.#$.()*+
),-$.()*+),.#""#
$1"3").#"#.."4"
"%-'#-()*+),/#-56"
Copyright Acknowledgment
7()*+), 89#
# " ".# # $. ()*+ ), !
" . $ " 3 . ! $. . - "" ""- "#
".# "#-$..!#.' '#
!()*+),
! " " $1" "# ' " (! . & . $
"-'#()*+),'$$!.-"
#"!"
)*+0:*;!()*+),)(</!
()*+),*".-"".$/"/!
!"##$#!%
&56"
''&56"
()3=>>'''6"
*+,-#&&-./
- 1 -
)&0+
1'2-&'3423-35(67
1'2-&'3423-35(67
!
!
?.+@&A
;
#
# 8&9(67+&
8&9(67+&
%
%
)#B!##;C
;#B!$$$C
)#B%"//-"#C
D#B<C
:&4&
:&4&
"
"
&"
"E
"F
*'F
;68<
@:*F
@:,#8
&5+&&'
,+'8
+'88
).8
'9&,=
";89
;"8
!
! :)/
:)/
%
%
$
$ :0'
:0'
"
"
..5"
;8E
"G)8H
")I#)8H
"+')8H
"+8F
#
)$
)8
)
,+'9
+'9
)09
*'A
%
% ://46
://46
#$
#$
(:$
(:
(:""#C
,+'E
+'E
:&E
*'E
- 2 -
"
" &&36/
&&36/
#>
#>
,?#>
)I#)<'%H
+')<'%F
+<'%F
;<'%F
@5&&345&/
-+&083
,"#:"9
A'9+8-3
>
> -46+8-3
-46+8-3
#
#
&+8-3
&+8-3
+8-3
+8-3
!
!
+/3&4,'$
B+8-3
B+8-3
!
!
&,/'3C-4&/&!
#
#+-/01'-
+-/01'-
!#
!#
+)5'91-/&52-!
1-+8-3
1-+8-3
!!
!!
!
!&5+8-3
&5+8-3
!"
!"
$
$D&+8-3
D&+8-3
$
$
%
%;6+'3+8-3
;6+'3+8-3
$
$
"
"&+8-3
&+8-3
$
$
>
>'/&/
'/&/
$"
$"
E.3-
E.3-
$>
$>
#
#72-
72-
$
$
#
#/<F59;'G&/;50
/<F59;'G&/;50
%
%
.!)+3%#
##
##/<#F+8--&5E<
/<#F+8--&5E<
%
%
+8--E.'%
+8--E+.'%!
+8--E3..'%!
+8--E!5'%$
+8--EH%$
#
#/<F+8--1'.
/<F+8--1'.
%"
%"
7//-;6.2/%"
;6+8-36/&%>
+).@:;&#CH
+).@:;CF
;"@:;&#E
;"@:;E
7//-1'5/-2/"
)"#B,.+'#E8
0>(:(:#B,.9+'#E8
;&##)"#B,.+'#E8
;&##0>(:(:#B,.9+'#E
- 3 -
IP Traffic Monitoring, Anomalies Detection & DDoS Mitigation
with WANGUARD
!I"3J"!"-D$"-"#".
/:##!"$'/""""!.#K
$"!'/!"""-&"#!
'/!"$.$"""2"),'/$.
%)"""##'-$3"/-*!)"3"/L)4M-
:M"N-!"-I"!#'DI" '/D'
"!"2-.-'"#'%"$!
!"&".#"#!D##."
WANGUARD Ke Features & Benefits
●*)00;(*(((*B("."#."
&I""-"3"/&
●:*0+,,0(B4"#D&-2$"=
-"&2@:-D#-):"
●0(,0;?(+*(*BG'3"/'3"/"/3"/
"$"..."
●++(;*(*(B)I"#"#=8 $"/I#-
+'-EF-+'-(:+(O-)-1+'
●+,,4D+00;*)*,0B;###-""&#$
'$'"$
●;*:,0O,4(;)B:"2'###!-
-!"-"--""
●0,D(00:*(B!/'""".!1"
#"""./I"#
●<()*(;,0:*(B4'!8 .-".
")F"
●);<0,00:*(B4"#)"..
""&#!
●0+,*,4P0B:!.!+'.K;"'/'
+'-1+'-"+'-)(:+(O
●:;?0)(++0B$:"/)J""/!J!.
'/""!/D/'$!"
●G;0;*+((*B4"&D-!""".!(:#
"
- 4 -
●*)()::*B))%$.'$.2"
#A")/.G'
●;*0O,<0,:B(";2<.-(K
:+!!.#
")Q,$"$.%!"
"#""$'#"-.DD12D$'$!"
WANGUARD Components
6D#,2D$!".*;-(
)".J"."'/##-#"/#
"$$!#$#!#-$"
(671-&5DI".-I"
""#-$'#I"."""!$.#
"2I"-#-.'"!'/"-3
"!"/#"".#")-)*)3"/""-
&"3"/3"$JI"#'"#
2"#'
+&J#D##$."#"!
".''/
- 5 -
A first look at WANGUARD Console
(!../'"&#-/(;
#H
:!'#"#"'!$"%!
!6'2""#!-'3"
"&#!
!;$'!"!'$"=
Side Region – used for navigation throughout the Console
("'#!''-""#!"(!$
"$.;"/##!#2"
)#""B;&#B"$"2$.
""/#$@""""2-$#/
$':!"..8 "
"$"RQ"/)"S!".$3)"=;D)
Central Region – home of tabbed Reports and Dashboards
;J'./"""0"$.
%#)#$L#N;#4.'"$'$"
2"!,#$&!"(.,#$;&#
K
South Region – provides a quick look on the latest events, live statistics and graphs
("$3!$'''("$.!2""/
$3#(%"/'.'=#---"!
"
Upper-right Menus – Help menu and User menu
<"-!$''#
"2-'""$#''$;2<
'/.'$:+
.%"/."#'-;,#*
- 6 -
Reports » Anomalies & Tools
:&4&"/&$-;68<$-
&5+&&'$'9&,=$
Anomalies
$""))3"/I"
$!"I".'!.
8 "(.!K
$"9$D$"$3=
Active Anomalies
""$$.')""I"$'
"-$."#$"=
I%2!.;"/.
8< (:(:"!I".)
(!!:&2-#"'""!I"=$'
'#':&2-$''#'.!:&2
;"/'$'"&"!:&2
6 (:!:&2
;"/'$'"&"!(:
&, "!.
D& /!I"@'-
!)".
;"/'$'"&")
'.
& <'"""!.
9JF;J "/>"$>"#!*,I"
'3 "$!*=
- 7 -
•B$!(:$!&2
•B$!"I";#"
•B$!@:"'!&2
•B!."
•B!")".
/ "!I"&$.+.
., .&#".$'I"
0.$8 T!
"!."/.= DT$-TD T.'- TDET#-
ETD8 T/.$'.I"I"!
/L)(!"N
2"./..D
2EED;EG(KEGEL7M
&9 $!"/!I"#.
&; $!$!I"#.
.&&1' "$'.I"I"
&/
B (:P!);"/:&2U#!(:P
& ".-!.
E<3 $!"$'.$""
!2"!.
+ "&!"
(!+""3"/3"/3'$''
I".''$'$"/#!"3"/3.'
$"/#!"3"/3
& !+"3"/3
&-& "/3I"+.".
!'#&#= !!"#
$
+#.'&#".'#!I"(!&"M"
'+-2"'
- 8 -
5&& ("!'6'&&'&-$
'3"/3'&"
73& '3"/3'"
& <'"""!3"/3
2<9J 2"/>"#!I""#3"/3
2<;J 2$>"#!I""#3"/3
9 $!"/"I""#3"/3
; $!$"I""#3"/3
- ""/#"-'$'"/D"!3"/3$
.!"I";#"
Anomalies Archive
"'I"$."#@.""/#'
'."-.".&-"##"'"
VWX#!&"2''!$.-
#!"*"2#
Anomalies Overview
<."'K!3"/!"D!-)"
BGP Prefixes
@::&2$""@:"$!
"@:".'!.8 "(
.!K
@::&2$"$D$"$3=
BGP Operations
@:*#@:"$.)-+#;
*"@:".'@:
".:&2"."&#@:;"
- 9 -
$"#@:"$.'""$
"=
;6+'3 @:;"&@:;""&#B#8
8< :&2"""#>9;(!(:A
>8H;(!(:C
'@:"'
73& '@:"'$''
&, (!@:"'##$..-"/
.
+ &.""$@:"(!"'0*
/!0B#H
'3 ("/!!@:""&$.!
*
BGP Logs
@:,#'@:"$.-$."#@.
""/#''."-.".&-"##"'
""2#
4"!.!"$.$D""/#'
Flow Collector
:&4&"/&5+&&'$!+')
'"&#
<."-###-&M'-#I""-'
I"#!).
+';"$"9$D$"$3=
List Flows
4"&M'""#.$.#&$'=
●
)"+')(!""I".""
$"&'")$
- 10 -
●N0
)"&D!.'$."#R;S
●&5&
<."&!M';"/#$$"#''"#
"".2+%.M'&"$.
●
4""!-."..'!"!!
"&"!!
+$3$.(:C-"$$"
"$.Y6##"#K'(:C.
/#!(!.!(:C-""/(:C#
●E<
(!."$.0.":
@'.##!M'-#.#$'.
$$("-"RS';,("#
4"2""".-!'&"
●---3
@.!M'###@.""/#""/$2-.""'.'
.M'###4.###$'"#"(:A>V$
$X
●&5
,.&M'!"
●3-
#M'!J+')..""#!
M'*'M'%"!"+')
Flows Tops
4""&M'#$.#&$'=
●
)"+')(!""I".""
$"&'")$
●N0
)"&D!.'$."#R;S
●&5&
<."M'&;"/#$$"#''"#
"".2+%.M'&"$.
- 11 -
●
4""!-."..'!"!!
"&"!!
+$3$.(:C-"$$"
"$.Y6##"#K'(:C.
/#!(!.!(:C-""/(:C#
●E<
(!."$.0.":
@'.##!M'-#.#$'.
$$("-"RS';,("#
4"2""".-!'&"
●,
)"".'!
●---3
@.!M'###@.""/#""/$2-.""'.'
.M'###4.###$'"#"(:A>V$
$X
●
,."'"/$.""&
●
,"&
Autonomous S stems
(!.#+')-."#I"$'#!
).4"!.@:D$M'2"&#")
!2M'
=
●
)"+').""$"&
'")$
●
)"&D!.'$."#R;S
●)
;"/#$$"#''"#"".2*6)
$"$.
(!./'')$LN"():#."""/D#!
- 12 -
''=<Z)(!Z)$,.".J&$.""/#
$'"
●E<
4"-:+#)#
●0
!.'.VVXX$3(!."!
#'$".!
●6=
4""&K.".'KRVO2X2V42XS!
●6&
"".D#!R!S-!RS
-.".'2'$
●'9
(!""/-J)##!.+')*'#)#
"I"#!+')
●'9
(!.)$."!#)#!'():
)'8")$
Packet Analyzer
:&4&"/'9&,=$!)I#
)'"&#
:"/.K'..""/#$)I#)4"'
"/".!;##/D/!"
$"$D$"$3=
Active Captures
-*':"/;##"#"/$.""/#
VV;XX$3=
●'3
".!."
●1-
)")I#)""I".""$
"&')$
- 13 -
●;E<
;"/#$$"#''"#""@:+B@/.:"/+
.2*6@:+2"$.
!@:+2.$."RS#"(:I"
●2<-
2#
●+
2#RS."2"'"'
●2<&=O2;P
@!'#'"/&-""/'&".#V$X-!
-""&'
●2<'9
"6"#V$X"/
●2<&)
)U#'$!&""&V$X-$#'#&
!$##-"##$J(-'&'#
# 2$!&-'#"".
●3OP
(!"&-&.V$X"
●&-,4D&
)"RS'"/#%)"R8>GS1"/.
VX"/)"RG>S2VX"/."
●&8<
!"&(!.&D$'$
&
●O),J9P
)!V$X$.!!""/!!C9$./#
#$"!/""/-J".-
"!"/$J#.""/$4V$X
$'""!.
●+
&.""$I""
";$'!'#!=
●'3Q;R
""@:+2
- 14 -
●&-
.!#$#
●
')I#)"#"/
●73&
"'"#!"
●
("!"(#!"#
●0'
)I#)+""/
●&J=
$!&#-K!&
●'9
$!"/"
●'3
;"/&"'&/D/'$!";"/""
'&;"/""
Captures Archive
;""$."#@.""/#''.
"-.".&-"##"'"
VWX#!&"2''!$"-
""."&*"2#
- 15 -
Reports » Dashboards
$".#$[)/'.#
""#.
+'$";-$.""$.## :
)/*2#$""/VV$XX
5/-.$-""/$
"'#-""/&"'#$'#-""/""!$
'#-""/"!$
#'"&"&-.'#"&#$#,'##
\\!'#/"""#!'#
$!2
#!D2."$"
*.\\\*\$"-$\\
'&"$
- 16 -
Reports » Interfaces
:0'"/..5$-0'6$
$
*'$D'!"
(!"$D'!$##)LN+LN
""'(!"$
)$"&"")
O er iew
*'$"!D!#$'D.""!"
"
Console
;).$!'#!=
(!;!"#.-#R""/S'.(!
"-LN!;
&7 $!";
69 /"$"&#(:#
;9 /"$"&#$
;= !/"$.$
;'3.+& $!"".#)Q,
;'3.+'3 $!""")Q,
.-;AJ #$!$%"$.)Q,
/ !#.!
2 !$.:<:"
/ ';$
- 17 -
Active Virtual Sensors
G)$&)I#)$2$'$
.!G)#
Active Sniffing Sensors
")I#)$.!)I#)#$
!'#!=
(!")I#)!"#.#R""/S".(!
;"#")I#)ROS".(
"/)I#)"&#"".-/
#/!0B#H
.!)I#)"$2';&
"&#;"/'$'"&")
*"#D""/)"&#
$!(:"I"*..'/(:
"
9JOJP $$"/>"#6
)/;J $$>"#6-$#"
)/;J $$>"#6-$#"
'./9J !J"/$!
/ !"/"#"$#-"
I#!"$
/ !#.!
+7S ;:"$.)I#)"
2 !.$.)I#)"
/ ')I#)
Active Flow Sensors
"+')$.!+')#$
!'#!=
- 18 -
(!"+')!"#.#R""/S".(!
;"#"+')ROS".("
/)I#)"&#"".-/
#/!0B#H
.!+');"/'$'"&"
)*"#D""/)"&#
0' !""$2'"&#;
(!!"#66)-
""/M'2""/."K'
$!(:"I"#!"*..
'/(:"
9JOJP $$"/>"#6
)/;J $$>"#6-$#"
)/;J $$>"#6-$#"
&5J !M'""$.+')
&5&, @"I"$###&-M'"2M''"&#
.)"2M'""&#.-&"
2M'."$.+')
+')"'.K#
!"!+')"-M'$2$
/ $!""M'(!$#"!"$
)'/"".'M'2
/ !#.!
+7S ;:"$.+')"
2 !.$.+')"
/ '+')
Active Filters
"+$.!+#$!'#!=
(!"+!"#.#R""/S".(!;
"#"+ROS".("/
+"&#"".-/#/
!0B#H
& .!+
- 19 -
Table of contents
Other Andrisoft Firewall manuals
Popular Firewall manuals by other brands
Sophos
Sophos WS1100 Setup guide
McAfee
McAfee M4050 - Network Security Platform troubleshooting guide
Cisco
Cisco Small Business RV215W quick start guide
ZyXEL Communications
ZyXEL Communications ZYWALL 1050 - V1.00 EDITION 1 quick start guide
Hillstone
Hillstone SG-6000-X7180 Hardware reference guide
Fortinet
Fortinet FortiAnalyzer-100A quick start guide
Fortinet
Fortinet FortiGate-200A Administration guide
Fortinet
Fortinet FortiManager-1000C Rack and hardware install guide
D-Link
D-Link NetDefend SOHO DFL-160 reference guide
CyberGuard
CyberGuard SG565 user manual
SonicWALL
SonicWALL TZ 170 Getting started guide
HP
HP ProCurve Access Controller 720wl Disassembly instructions