Mako 7550-E User manual
Mako Networks Mako 7550-E
Product Handbook
v.1.1
Mako Networks Mako 7550-E Product Handbook v.1.1
Page 1
Mako Networks Limited
Mako 7550-E Product Handbook
Version 1.1
2008 Mako Networks Limited. All rights reserved.
The Mako logo is a registered trademark of Mako Networks Limited.
Other product and company names mentioned herein can be trademarks and/or registered
trademarks of their respective companies.
Information in this document is subject to change without notice and does not represent a commitment
on the part of Mako Networks Limited.
No portion of this document may be reproduced in any form, or by any means, without prior written
permission from Mako Networks Limited.
This document should be read in conjunction with the Mako Networks Limited Terms and Conditions
available from the Mako Networks website (http://www.makonetworks.com).
Mako Networks, its parent or associate companies may have patents, patent applications, trademarks,
copyrights, or other intellectual property rights covering subject matter in this document. Except as
expressly provided in any written licence agreement from Mako Networks, its parent or associate
companies, the furnishing of this document does not give you any rights or licence to these patents,
trademarks, copyrights, or other intellectual property.
Mako Networks Mako 7550-E Product Handbook v.1.1
Page 2
Table of Contents
..........................................................................................................Limited Warranty 4
...................................................................................................................Introduction 5
..........................................................................................Unpacking and Connection 7
....................................................................................................................Turning on 9
..........................................................................................................MakoScope LCD 9
...........................................................................................................................Login 10
..........................................................................................................................Home 11
..........................................................................................................Reports: Usage 14
..........................................................................................................Reports: Status 26
..........................................................................................Reports: Mako MailGuard 26
.....................................................................................Reports: Licence Information 26
....................................................................................................................Configure 27
......................................................................................................Configure: Internet 27
.....................................................................................................Configure: Network 31
......................................................................................................Configure: Firewall 35
...........................................................................................................Configure: VPN 46
....................................................................................................Configure: Services 55
....................................................................................................Configure: Location 58
......................................................................................................Configure: Access 59
...................................................................................................Management: Home 60
.............................................................................................Management: Company 60
.....................................................................................................Management: User 61
...................................................................................................Help: Help Contacts 66
..................................................................................................Help: Documentation 66
...................................................................................................Help: Known Issues 67
..........................................................................................................Troubleshooting 68
......................................................................................................Glossary of Terms 69
Mako Networks Mako 7550-E Product Handbook v.1.1
Page 3
Limited Warranty
a) Standard Limited Warranty. If the products purchased hereunder are resold by a distributor or
reseller to an end-user (customer) pursuant to the terms hereof in their original, unmodified,
unused condition, Purchaser shall pass on to its customers, or keep as applicable for internal
use, the MAKO NETWORKS, LTD. standard limited warranty for the products, as summarized
in documentation supplied with the product and including provisions and limitations set forth
below. The Manufacturer warrants the Mako appliance for one (1) year. The Warranty begins
on the date of purchase as shown on your providers invoice.
b) Express End-user Limited Warranty. Each MAKO NETWORKS, LTD. product purchased
hereunder is warranted against defect in material and workmanship and will substantially
conform to MAKO NETWORKS, LTD. product documentation for the period set forth in the
documentation supplied with the product following delivery to end-user (the “Warranty Period”).
This warranty extends only to end-user and will not extend to, nor may it be assigned to, any
subsequent user, Purchaser or user of a MAKO NETWORKS, LTD. product, whether such
MAKO NETWORKS, LTD. product is alone or incorporated into end-user’s product.
c) Exclusions. The express warranty set forth above is contingent upon the proper use of a
MAKO NETWORKS, LTD. product in the application for which it was intended and will not
apply to any MAKO NETWORKS, LTD. product that has been (i) damaged during shipping, (ii)
modified or improperly maintained or repaired by a party other than MAKO NETWORKS, LTD.
or its designees, or (iii) subjected to unusual physical or electrical stress. This includes
operation of the product outside the Operating Specifications of the product.
d) Limitation of Remedy. In the event a MAKO NETWORKS, LTD. product fails to perform as
warranted, MAKO NETWORKS, LTD. sole and exclusive liability and end-user’s only remedies
for breach of this warranty shall be, at MAKO NETWORKS, LTD.’s option to repair, replace or
credit an amount not exceeding the Purchaser’s purchase price of each product found to be
defective, provided that:
1. End-user complies with the rejection and warranty procedures contained in
Section 5 below and returns the MAKO NETWORKS, LTD. product that the end-user
considers defective for examination and testing.
2. MAKO NETWORKS, LTD. shall not be liable under this warranty if testing and
examination by MAKO NETWORKS, LTD. discloses that the MAKO NETWORKS,
LTD. product has been modified or altered in any manner after it was shipped by
MAKO NETWORKS, LTD.
3. MAKO NETWORKS, LTD. shall not be liable under this warranty if testing
and examination by MAKO NETWORKS, LTD. discloses that the alleged defect in the
MAKO NETWORKS, LTD. product does not exist or was caused by end-user or any
third person’s misuse, neglect, improper installation or testing, unauthorized attempts
to repair or any other cause beyond the range of intended user, or by accident, fire or
other hazard.
4. MAKO NETWORKS, LTD. shall not be liable under any warranty under this
Agreement with respect to any MAKO NETWORKS, LTD. product that is not returned
in its original shipping container or a functionally equivalent container.
5. If MAKO NETWORKS, LTD. testing and examination does not disclose a defect
warranted under this Agreement: MAKO NETWORKS, LTD. shall so advise Purchaser
and dispose of such MAKO NETWORKS, LTD. product in accordance with
Purchaser’s instructions on behalf of end-user and at Purchaser’s cost.
Mako Networks Mako 7550-E Product Handbook v.1.1
Page 4
Introduction
The Mako Networks System combines a web server driven configuration, management and
reporting user interface with client end hardware to provide users with considerable cost
savings as well as functionality and flexibility not currently available in traditional devices used
to meet either the same or similar requirements. The Mako Networks System is targeted at
small to medium sized businesses (SME), small to medium sized branch office of larger
organisations and their use of broadband as a data transfer medium.
Mako 7550-E Firewall/Router/VPN Appliance
The Mako 7550-E by Mako Networks is a solid-state ethernet router with a stateful inspection
firewall, VPN functionality and four LAN Ethernet ports. Designed to work in conjunction with
the Mako Networks Central Management System, it provides you with enterprise level control
over your connection to the Internet.
Complete Security
Your Mako 7550-E is managed by the Mako Networks Central Management System giving
you complete peace of mind that your networks are always fully protected. All software is
updated and patched automatically for you and intrusion attempts are dealt with. Your Mako
7550-E incorporates a stateful inspection firewall. This means that all traffic entering and
leaving your networks is analysed comprehensively to ensure network integrity.
Firewall
Central to the security of your networks is the type of firewall you use. The Mako 7550-E
utilises a stateful inspection firewall. A stateful inspection firewall does not just examine
packets of information, instead it makes decisions based upon information derived from all
communication layers and from other applications. This type of firewall provides true
enterprise level protection. Working with the Mako Networks Central Management System,
you have full control over all traffic entering and leaving your networks.
Four Networks
The Mako 7550-E protects up to four separate networks. This allows you to segregate your
networks as you see fit.
Ethernet Router
An Ethernet Router is incorporated in to your Mako 7550-E connecting your networks to the
Internet at high speed. You have the option to connect directly to an Ethernet connection to
the Internet or via any other connection medium that supports Ethernet forwarding.
VPN
Virtual Private Networks allow you to assign secure remote access to your networks over the
Internet. You can link two Mako protected networks together using the Mako Networks Central
Management System in seconds with just three mouse-clicks! Linking three or more Mako
protected networks is just as easy. The Mako Networks Central Management System allows
this to happen without static IP addresses. In the same way you can also allow specified
users remote access to your Mako protected networks with the Remote VPN feature. This is
very useful for accessing your networks from home or while traveling.*
Logging/Reporting
Whilst all traffic from your Mako 7550-E goes directly out onto the Internet, your Mako sends
traffic information securely to the Mako Networks Central Management System. This gives
you the ability to monitor and control your Internet usage from anywhere in the world with
Internet access. Simply log onto the Mako Networks website to view your usage, see how
your broadband internet connection is being used, monitor where PCs on your network have
been going and much more. And with MakoScope VGA feedback, you can easily see what
your Mako is doing in real time.
Mako Networks Mako 7550-E Product Handbook v.1.1
Page 5
*Third Party software may be required.
24 Hour Remote Control
Because your Mako utilises the Mako Networks Central Management System, you or your
designated IT Professional have 24 hour secure remote control over your connection to the
Internet. Via the Mako Networks website, you can modify firewall rules, create and disable
VPNs, check usage patterns and even change your networks’ IP addressing.
Automatic Updates
Because the Mako 7550-E is a centrally managed device, its software is kept up to date
automatically. The Mako Networks Central Management System looks after all software
updates, security patches and system updates for you. You can be assured that your Mako
7550-E will continue to be current as long as it has an up to date service licence.
Optional Feature Enhancements
The Mako 7550-E gives you the option to incorporate optional feature enhancements such as
Advanced Content Filtering, Email Sanitisation and Spam protection as well as virus
protection. New features and options are being added all the time. Make sure you keep up to
date by regularly logging into www.makonetworks.com.
Mako Networks Mako 7550-E Product Handbook v.1.1
Page 6
Unpacking and Connection
Opening the carton you should find the following items:
•1x Mako Device
•1x Power Cord
•2x Cat-5 Ethernet Cables
•Documentation CD
•Rack mounting kit
•USB Key – may not be supplied depending upon your location
What Goes Where
Place the Mako device in a convenient spot adjacent to your LAN hub(s) or switch(es) and the
incoming Ethernet connection or Ethernet-Terminated Modem/NTU. For preference the
location should be off the floor, out of direct sunlight and well ventilated, with a computer
compatible power socket available.
Mako 7550-E Rear Panel
KEY
1. Ethernet WAN Port
2. Power Socket
3. Power Switch
Mako 7550-E Front Panel
KEY
1. LCD Screen
2. LCD Keypad
3. Diagnostic Port (authorised use only)
4. USB Ports
5. LAN 1 Port
6. LAN 2 Port
7. LAN 3 Port
8. LAN 4 Port
Connect cables to their corresponding sockets on the Mako. Connect the Power Cable to the
mains supply. Connect the WAN Port to the network service providers termination point or an
Ethernet-terminated Modem/NTU. Connect LAN Cables to your networks hub or switch.
DO NOT TURN YOUR MAKO ON AT THIS STAGE!
If this is the first time you are using your Mako, place the supplied USB Key in any USB
port at the front of your Mako – If your Mako was not supplied with a USB Key you do not
need one in your location and can skip this step.
Mako Networks Mako 7550-E Product Handbook v.1.1
Page 7
What will be needed
There are a few special circumstances to be aware of:
HUB OR SWITCH PORT
Your office network needs to have an RJ-45 connection Port available for the Mako. If your
network hardware does not have a spare 10/100 Ethernet Port available, you will need to
either upgrade your existing hardware to increase the available Ports, or install an additional
hub or switch.
DIRECT CONNECTION TO A COMPUTER
Normally the Mako is connected between the WAN port and a hub or switch device on your
office network.
If you are connecting directly to a computer you will not need to obtain an Ethernet crossover
cable or equivalent device. Your Mako 7550-E incorporates Auto Cross LAN Ethernet Ports.
POWER SUPPLY
The Mako has an adaptive power supply which sets itself to match the supply voltage
provided at your site.
Connecting to your Internet service
Network Service Provider
Internet services are provided by a variety of network service providers in each country. In
many cases the network service provider will be your local telephone supplier.
Network service providers have a variety of procedures for approving customer premises
equipment for connection to their network. The connection interface in the Mako has been
developed to connect to the majority of network service providers. If you have any queries
your reseller will be happy to confirm whether the Mako is approved by your network service
provider for connection to their telecommunications network.
Service Provider Manual
Your Network Provider can provide you with a Manual which covers all aspects of connecting
to their Internet service. Please refer to this for any additional information you require.
Firewall and VPN Router Operation
Under normal conditions there is nothing which requires your intervention. The Mako is
designed to detect many forms of internal malfunction and reset itself to correct operation.
In the worst case this may require it to download a fresh configuration from the Mako
Networks’ Central Command Servers. You can force a reload by a simple power off and on of
the unit.
Changes to the configuration of the Mako cannot be made on the unit itself. These are
performed by securely accessing and using the convenient menus on the Central
Management web site https://secure.makonetworks.com.
Mako Networks Mako 7550-E Product Handbook v.1.1
Page 8
Turning on
There are three lights on the front panel—only two, the Power light and the Status light are
utilised at present.
When turning on for the first time the unit will connect directly to the Central Command
Servers to download its configuration. The Power light should be on as download of the
secure profile takes place.
Once your profile has been downloaded from the Central Command Servers, the Status light
will illuminate green and your Internet communications are now established.
Please allow up to five minutes for the line light to illuminate green and your Mako to
be ready for use.
MakoScope LCD
MakoScope LCD is the name for the Mako 7550 LCD Feedback System. By interacting with
the LCD screen on the front of your Mako, you can get real time information of the status of
your Mako.
MakoScope LCD
The MakoScope LCD shows the following useful information:
•Internet Status - If the Mako is online, your public IP Address is shown otherwise
“Offline” will be displayed.
•WAN Interface Information - If connected, will display your media connection speed,
otherwise will display “Down”.
•LAN Interface Listing - IP Addresses of your LAN interfaces.
•Mako ID – The unique identifier of your Mako
Testing
You can test whether you have Internet communications established by opening a web
browser on one of your office computers and accessing two or three web sites. For example,
a news web site (e.g. www.cnn.com) or a search engine (e.g. www.google.com).
If you are having difficulties do try more than one web site as they are sometimes “off the air”
for various reasons of their own. If web browsing services work then Internet access is
functional and all other services should be available.
Possible problems and their symptoms
•A problem on the Internet circuit. If you believe that the line is at fault, please contact
your Internet Service Provider Help Desk for status information on the circuit. They
will work in conjunction with the network service provider to resolve the problem.
•A faulty profile, if the configuration profile of your unit has recently been changed.
Another possibility is that the network Gateway configuration of your office computers
has been changed. If you believe the problem is with the Mako then please contact
your reseller, who will be able to check the status of the unit and verify the profile.
•Some computers on your office network can access the Internet, others cannot. Or
perhaps some services work but others do not. Both of these indicate a faulty
configuration of the network and/or computers in your office. If you believe the
problem is with the configuration of the network and/or computers in your office, then
please contact your site support organisation.
Mako Networks Mako 7550-E Product Handbook v.1.1
Page 9
Login
Open your Web browser and type http://www.makonetworks.com into the Address or Location
box, depending on your browser software. Click on Customer Login.
Mako Networks Home Page & Login Screens
Login
To administer your Mako appliance(s), enter your user name and password. Then click Login.
Remote VPN
To log in to the web site to start a remote secure IPSec VPN session, enter your user name
and password, then click Login. The process is detailed in the Operations Guide section:
VPN: Remote Access.
Considerations
•The Mako Networks web site has been tested against several versions of the popular
browser software products. It is likely that different browser products, versions and
settings will format screen displays slightly differently.
•Please note that you must accept Cookies to access the Mako Networks web site,
and that you must have JavaScript enabled. These properties are set in your
browser preferences.
•While accessing the Mako Networks web site your browser will be switched into a
secure mode, known as SSL, in which traffic between the browser and the Central
Command Servers is encrypted.
Mako Networks Mako 7550-E Product Handbook v.1.1
Page 10
Home
Once your Login is successful a screen like the one below will be displayed. This is the
starting point for administration of your Mako devices and Users.
Home Screen
This document will cover Adding a New User in the Management section. For now, click on
View my Makos or click on the Selection menu to go to the Selection screen.
Alternatively, you can click on Change Password to change the password for the account you
used to log in to the Mako Networks site.
Mako Networks Mako 7550-E Product Handbook v.1.1
Page 11
Selection screen
This screen shows the Mako units you are registered as using, and allows you to select sub-
menus for Reports, Configuration and Help as described below depending upon the
agreement between you and your IT professional. You can also see what country the Makos
are located in and their Online/Offline/Awaiting Connection status. If any of your Makos have
reached their Absolute Traffic Threshold, this will be shown as in the example depicted above
for the Head Office Mako.
First, select which of your devices you wish to work with. Click on the radio button next to the
device you wish to choose in the central box. Depending on your browser you may get an
immediate response and the screen will refresh, or you may need to click on OK.
Once you have selected a Mako appliance you will see two new menus appear on the left
side of the page: Reports and Configure. From these menus you can — obtain Reports,
review or update the Mako appliance Configuration or add services.
Mako Networks Mako 7550-E Product Handbook v.1.1
Page 12
Mako Appliance Selected
The chosen Mako appliance is now shown in the session status line, near the top right of the
screen.
Selected Mako
Select your desired operation: Reporting, Configuration or Help by clicking on the required
menu from the list on the left hand side.
The different operations are described on the following pages.
Quick Information Snapshot
There is an information “I” symbol near the top right of the page which gives you a snapshot
of information about your selected Mako.
Information & Quick Selection buttons
Selection Shortcut
Next to the Information symbol is an upside down triangle. Clicking on this gives you a list of
your recently selected Makos. This comes in handy when you are in other areas of the site
and want to select another Mako or if you have a large number of Makos to manage.
Mako Networks Mako 7550-E Product Handbook v.1.1
Page 13
Reports: Usage
The Reports section provides a comprehensive array of options for displaying analysis of the
traffic that has flowed through the Mako device.
Reports let you review traffic usage:
•As snapshots or cumulative use over different time spans, taken for your network as
a whole;
•Similar reports, this time for traffic related to a particular PC in your office, to which
you can assign a name;
•Detailed PC reports, which review a PC’s traffic in relation to the type of traffic
(protocol) and the remote site (destination) of the communications.
You are also able to check on the status of your Mako appliance.
Mako Usage
This section allows you to obtain a selection of reports from the chosen device. The options
available are shown in the example screen below.
Reports, Mako Usage
Examples of typical reports are shown on the following pages
Considerations
Mako Usage refers to the total traffic which has passed through the Mako device. These
reports therefore give you the sum total of your networks Internet usage, broken down into the
listed time periods. You can drill down by day hour or PC by clicking on the appropriate parts
of the graphs.
Usage cycle time periods commence at the Billing Cycle Start Date set in the Internet
configuration section.
Mako Networks Mako 7550-E Product Handbook v.1.1
Page 14
Usage Reports are displayed as a column graph in a pop-up window. The columns show
incoming and outgoing traffic for each day in the selected time period.
Cumulative usage reports are displayed as a line graph in a pop-up window. A line shows the
sum of the accumulated incoming and outgoing traffic over the selected cycle.
In regions where traffic is billed on a usage/plan basis there are options available to set
various thresholds. In the event that these are set up, up to three horizontal threshold limit
lines can be displayed. The first shows the Traffic Warning Threshold value where you and
your reseller will be emailed on the limit being reached. A second line shows the total amount
of free traffic your ISP Connection Plan provides. The third shows the optional absolute
threshold value where your firewall will disallow all incoming and outgoing traffic other than
access to the Mako Networks Web Site where it can be re-allocated.
Please contact your reseller or ISP if you have any queries regarding your ISP charging
structure.
Mako Report, Last Five Days
Mako Report, Last Cycle Usage
Mako Networks Mako 7550-E Product Handbook v.1.1
Page 15
Mako Report, Last Billing Cycle
PC Usage
The PC Usage Reports focus on the composition of your traffic volume.
The entry screen to this section is shown below.
Reports, PC Usage
Mako Networks Mako 7550-E Product Handbook v.1.1
Page 16
MAC Address & Naming PCs
Each PC on your network is assigned an IP Address to identify its communications. In many
networks the network configuration allows the IP address to change from time to time. The
IP address is thus not useful as a unique and unambiguous identifier over time for any
particular PC.
Since reports show traffic over time, Mako uses the PC’s MAC Address as a unique identifier.
The MAC Address is rather cryptic, so to make reports more intelligible you can assign a
name to each machine. This name will henceforth be displayed in your reports in place of the
MAC Address.
If you click on ‘edit’ in a report a small pop-up window will be displayed. Enter the desired
name in the box next to Machine Name and click on Update to save the name. Where PCs
have been assigned static IP addresses via the Mako DHCP Server, a PC name can also be
entered via the DHCP screen.
PC Traffic
PC Traffic reports let you analyse the network Internet activity to see the elements of traffic in
relation to the individual PCs in the office. This is the place to look if you wish to see why a
user has an exceptional load pattern for a given period.
Reports can be obtained for Today, Yesterday, the Last Five Days, the Current Billing Period,
and the Last Billing Period. These reports are broadly similar, changing only by the amount of
traffic that is analysed.
PC Usage, Last Five Days
Mako Networks Mako 7550-E Product Handbook v.1.1
Page 17
The above screen shows an example PC Traffic report. Each device on the local network
which has contributed to traffic flow in the selected period is listed under Identification.
Alongside each entry is the volume of traffic Downloaded from (inbound) the Internet or
Uploaded to (outbound) the Internet.
Note the ‘edit’ tab next to each name to permit the device to be given a more relevant name.
Where a device has not been named the MAC Address will be shown. Clicking on ‘edit’ will
pop-up the small window shown, which allows the name to be updated.
Clicking on the device name itself produces a new report, shown below. This report breaks
down the total traffic for a device into the different services which contribute to the total. Each
service is listed in the first column, headed Port/Type. Services are listed in descending order
based on greatest volume first.
Services
PC Usage by Services
A further analysis can be performed by clicking on one of the service protocols listed. In this
example we will analyse the HTTP traffic (web browsing).
Mako Networks Mako 7550-E Product Handbook v.1.1
Page 18
PC Usage, Service, HTTP
This breaks down the service by Destination IP address, that is, the Internet location with
which the particular traffic was exchanged.
In our example the web browser traffic has been listed under all the web sites which were
contacted during the selected report period, and the amount of traffic associated with each.
Each IP address in the list can be clicked on to bring up a small pop-up window. This details
everything that the Mako appliance knows about the Destination.
If you click on the IP address in this small window a new window will be opened to the actual
web site concerned.
Using this functionality you can drill down into the reports to determine exactly which web site
a PC user connected to, to generate an item of download traffic.
The reports incorporate hyperlinks to the Destination IP address, a convenient way to check
on the type of downloaded information by simply opening a window at the web site. Detailed
data on the amount and type of traffic relating to that web site is shown in the pop-up box.
•Click on the Destination IP address in the main report table to show the pop-up box.
•Click on either the IP Address or the Host Name in the pop-up box to open a window
to the destination web site.
Mako Traffic
Mako Traffic reports let you see how a specific PC’s Internet activity relates to other PCs on
your network. This is the place to look to get a breakdown of the traffic by service (protocol,
port) over a given period.
Reports can be obtained for Today, Yesterday, the Last Five Days, the Current Billing Period,
and the Last Billing Period. These reports are broadly similar, changing only by the amount of
traffic that is analysed.
Mako Networks Mako 7550-E Product Handbook v.1.1
Page 19
PC Traffic, Mako Traffic
The screen above shows a comprehensive example of a Mako Traffic report, which is
displayed in the pop-up window. A large number of services are permitted through this Mako
device, each one of which is monitored.
Uploaded (outbound) and Downloaded (inbound) traffic volumes are shown by each of the
services available, under Identification.
If you click on a service the pop-up window shows the PCs, which contributed to that service’s
traffic volume.
Remote Access
Remote access reporting gives you visibility over the PPTP Remote VPN users who connect
to your Mako.
Remote Access Reports
Click on a period for which you would like to view details about PPTP connections. A popup
window will display like the one below.
Mako Networks Mako 7550-E Product Handbook v.1.1
Page 20
Table of contents
