Secure Computing sidewinder User guide
www.securecomputing.com
Web Gateway – Comprehensive protection against
malware, viruses, data leakage and Internet misuse,
while ensuring policy enforcement, regulatory compli-
ance, and a productive application environment.
Messaging Gateway – Inbound defense against
spam, viruses, denial-of-service and intrusions;
outbound protection against data leaks and policy
violations.
Network Gateway – World’s strongest firewall
appliance contains the most comprehensive set of secu-
rity solutions consolidated in one appliance and
automatically discards huge volumes of unwanted
traffic from known “bad” entities.
Identity & Access Management – Providing safe
access to applications, data and resources through
policy-driven security and strong authentication.
Trademarks
Secure Computing, SafeWord, Sidewinder, SmartFilter, Type Enforcement, SofToken, Enterprise Strong,
Mobile Pass, G2 Firewall, PremierAccess, SecureSupport, SecureOS, Bess, Cyberguard, Total Stream
Protection, Webwasher, Strikeback, and Delivering the Web You Want are trademarks of Secure
Computing Corporation, registered in the U.S. Patent and Trademark Office and in other countries. G2
Enterprise Manager, SmartReporter, Security Reporter, Application Defenses, RemoteAccess, IronIM,
IronMail, IronMail Edge, SecureWire, SnapGear, Trusted Source, Securing connections between people,
applications and networks, and Access Begins with Identity are trademarks of Secure Computing
Corporation. All other trademarks, tradenames, service marks, service names, product names, and images
mentioned and/or used herein belong to their respective owners.
© 2007 Secure Computing Corporation. All rights reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any
language in any form or by any means without the written permission of Secure Computing Corporation.
Secure Computing Corporation
www.securecomputing.com
Corporate Headquarters
4810 Harwood Road
San Jose, Ca 95124 USA
Tel +1.800.379.4944
Tel +1.408.979.6100
Fax +1.408.979.6501
European Headquarters
1, The Arena
Downshire Way
Bracknell
Berkshire, RG12 1PU UK
Tel +44.0.870.460.4766
Fax +44.0.870.460.4767
Asia/Pac Headquarters
1604-5 MLC Tower
248 Queen’s Road East
Wan Chai, Hong Kong
Tel +852.2520.2422
Fax +852.2587.1333
Japan Headquarters
Level 15 JT Bldg.
2-2-1 Toranomen Minato-Ku
Tokyo 105-0001 Japan
Tel +81.3.5114.8224
Fax +81.3.5114.8226
STARTUP GUIDE
STARTUP GUIDE V 7.0
Sidewinder Network Gateway Security
SWOP-MN-STRT70-A
www.securecomputing.com
your trusted source
for enterprise securityTM
For more information visit us at:
Sidewinder
Network Gateway Security
Version 7.0
STARTUP GUIDE
Sidewinder
Network Gateway Security
Version 7.0
ii
i
Copyright
© 2007 Secure Computing Corporation. All rights reserved. No part of this publication may be reproduced, transmitted,
transcribed, stored in a retrieval system, or translated into any language in any form or by any means without the written
permission of Secure Computing Corporation.
Trademarks
Secure Computing, SafeWord, Sidewinder, Sidewinder G2, Sidewinder G2 Firewall, SmartFilter, Type Enforcement,
CipherTrust, IronMail, SofToken, Enterprise Strong, Mobile Pass, PremierAccess, SecureSupport, SecureOS, Total Stream
Protection, Webwasher, Strikeback and Web Inspector are trademarks of Secure Computing Corporation, registered in the
U.S. Patent and Trademark Office and in other countries. G2 Enterprise Manager, SmartReporter, Security Reporter,
Application Defenses, Central Management Control, RemoteAccess, IronIM, SecureWire, SnapGear, TrustedSource, are
trademarks of Secure Computing Corporation.
Software License Agreement
The following is a copy of the Software License Agreement as shown in the software:
CAREFULLY READ THE FOLLOWING TERMS AND CONDITIONS BEFORE LOADING THE SOFTWARE. THIS
AGREEMENT GOVERNS THE USE OF THE SOFTWARE (AS DEFINED BELOW). BY CLICKING "I ACCEPT" BELOW,
OR BY INSTALLING, COPYING, OR OTHERWISE USING THE SOFTWARE, YOU ARE SIGNING THIS AGREEMENT,
THEREBY BECOMING BOUND BY ITS TERMS. BY INDICATING YOUR AGREEMENT, YOU ALSO REPRESENT AND
WARRANT THAT YOU ARE A DULY AUTHORIZED REPRESENTATIVE OF THE ENTITY THAT HAS PURCHASED THE
SOFTWARE AND THAT YOU HAVE THE RIGHT AND AUTHORITY TO ENTER INTO THIS AGREEMENT ON THE
ENTITY'S BEHALF. IF YOU DO NOT AGREE WITH THIS AGREEMENT, THEN CLICK "I DO NOT ACCEPT" BELOW OR
DO NOT USE THE SOFTWARE AND RETURN ALL COPIES OF THE SOFTWARE AND DOCUMENTATION TO SECURE
COMPUTING CORPORATION ("SECURE COMPUTING") OR THE RESELLER FROM WHOM YOU OBTAINED THE
SOFTWARE.
1. DEFINITIONS.
1.1 "Documentation" means the published user manuals and documentation that are made available for the Software.
1.2 "Sidewinder Software" means the machine-readable object-code version of Secure Computing's Sidewinder
software as indicated on your invoice and any updates or revisions of the Sidewinder Software that you may receive.
1.3 "Software Module" shall mean software applications that Secure Computing licenses to its customers in addition to
the Sidewinder Software (for example, without limitation, anti-virus software, anti-spam software and web filtering
software) as indicated on your invoice and any updates or revisions of the Software Module that you may receive.
1.4 "Software" shall mean, collectively the Sidewinder Software and, if purchased by you, the Software Module(s).
2. GRANT OF LICENSE. Secure Computing grants to you, and you accept, (a) a non-exclusive, and non-transferable
license to use the Sidewinder Software solely on and in conjunction with the Secure Computing appliance on which the
Sidewinder Software is installed, and, if purchased by you, (b) a non-exclusive, non-transferable license to use the Software
Module(s) for a specific period of time and for the specific number of licensed users as each is indicated on your invoice
solely on and in conjunction with the Secure Computing appliance on which the Software Module is installed. Under no
circumstances will you receive any source code of the Software. Secure Computing also grants to you, and you accept, a
non-exclusive, and non-transferable license to use the Documentation solely in conjunction with the Software.
3. LIMITATION OF USE. You may not: 1) copy, except to make one copy of the Software solely for back-up or archival
purposes; 2) transfer, distribute, rent, lease or sublicense all or any portion of the Software or Documentation to any third
party; 3) translate, modify, adapt, decompile, disassemble, or reverse engineer any Software in whole or in part; 4) modify or
prepare derivative works of the Software or the Documentation; or 5) use the Software to process the data of a third party.
You agree to keep confidential and use your best efforts to prevent and protect the contents of the Software and
Documentation from unauthorized disclosure or use. Secure Computing reserves all rights that are not expressly granted to
you.
4. DISCLAIMER OF WARRANTIES. Secure Computing does not warrant that the functions contained in the Software will
meet your requirements or that operation of the program will be uninterrupted or error-free. The entire risk as to the results
and performance of the Software is assumed by you. THE SOFTWARE IS FURNISHED, "AS IS" WITHOUT ANY
WARRANTY OF ANY KIND, AND SECURE COMPUTING AND ITS LICENSORS HEREBY DISCLAIM ALL WARRANTIES,
EXPRESS, IMPLIED OR STATUTORY IN RESPECT OF THE SOFTWARE INCLUDING, WITHOUT LIMITATION, ALL
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE, AND ANY
WARRANTIES AS TO NON-INFRINGEMENT. SOME STATES AND COUNTRIES DO NOT ALLOW THE EXCLUSION OF
IMPLIED WARRANTIES, SO THE ABOVE EXCLUSION MAY NOT APPLY TO YOU. THIS WARRANTY GIVES YOU
SPECIFIC LEGAL RIGHTS. YOU MAY HAVE OTHER RIGHTS WHICH VARY BY STATE OR COUNTRY.
ii
5. LIMITATION OF REMEDIES. SECURE COMPUTING'S AND ITS LICENSORS ENTIRE LIABILITY UNDER, FOR
BREACH OF, OR ARISING OUT OF THIS AGREEMENT, IS LIMITED TO A REFUND OF THE PURCHASE PRICE OF THE
PRODUCT OR SERVICE THAT GAVE RISE TO THE CLAIM. IN NO EVENT SHALL SECURE COMPUTING OR ITS
LICENSORS BE LIABLE FOR YOUR COST OF PROCURING SUBSTITUTE GOODS. IN NO EVENT WILL SECURE
COMPUTING OR ITS LICENSORS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, INCIDENTAL,
EXEMPLARY, OR OTHER DAMAGES WHETHER OR NOT SECURE COMPUTING HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH LOSS OR DAMAGE.
6. TERM AND TERMINATION. This license is effective until terminated. You may terminate it at any time by destroying the
Software, including all computer programs and Documentation, and erasing any copies residing on computer equipment.
This Agreement also will automatically terminate if you do not comply with any terms or conditions of this Agreement. Upon
such termination you agree to destroy the Software and Documentation and erase all copies of the Software residing on
computer equipment. Notwithstanding the foregoing, each license to use a Software Module will automatically terminate on
expiration of its applicable term (as set forth on your invoice) unless it is renewed prior to such termination.
7. PROTECTION OF CONFIDENTIAL INFORMATION. The Software and Documentation are delivered to you on a
confidential basis and you are responsible for employing reasonable measures to prevent the unauthorized disclosure or use
thereof, which measures shall not be less than those measures employed by you in protecting your own proprietary
information. You may disclose the Software or Documentation to your employees as necessary for the use permitted under
this Agreement. You shall not remove any trademark, trade name, copyright notice or other proprietary notice from the
Software or Documentation.
8. OWNERSHIP. The Software and Documentation are licensed (not sold) to you. All intellectual property rights including
trademarks, service marks, patents, copyrights, trade secrets, and other proprietary rights in or related to the Software and
Documentation are and will remain the property of Secure Computing or its licensors, whether or not specifically recognized
or protected under local law. You will not remove any product identification, copyright notices, or other legends set forth on
the Software or Documentation.
9. EXPORT RESTRICTIONS. You agree to comply with all applicable United States export control laws, and regulations, as
from time to time amended, including without limitation, the laws and regulations administered by the United States
Department of Commerce and the United States Department of State. You have been advised that the Software is subject to
the U.S. Export Administration Regulations. You shall not export, import or transfer Software contrary to U.S. or other
applicable laws, whether directly or indirectly, and will not cause, approve or otherwise facilitate others such as agents or any
third parties in doing so. You represent and agree that neither the United States Department of Commerce nor any other
federal agency has suspended, revoked or denied your export privileges. You agree not to use or transfer the Software for
end use relating to any nuclear, chemical or biological weapons, or missile technology unless authorized by the U.S.
Government by regulation or specific license.
10. U.S. GOVERNMENT RIGHTS. Any Software or Documentation acquired by or on behalf of a unit or agency of the
United States Government is "commercial computer software" or "commercial computer software documentation" and,
absent a written agreement to the contrary, the Government's rights with respect to such Software or Documentation are
limited by the terms of this Agreement, pursuant to FAR § 12.212(a) and its successor regulations and/or DFARS §
227.7202-1(a) and its successor regulations, as applicable.
11. ENTIRE AGREEMENT. This Agreement is our offer to license the Software and Documentation to you exclusively on
the terms set forth in this Agreement, and is subject to the condition that you accept these terms in their entirety. If you have
submitted (or hereafter submit) different, additional, or other alternative terms to Secure Computing or any reseller or
authorized dealer, whether through a purchase order or otherwise, we object to and reject those terms. Without limiting the
generality of the foregoing, to the extent that you have submitted a purchase order for the Software, any shipment to you of
the Software is not an acceptance of your purchase order, but rather is a counteroffer subject to your acceptance of this
Agreement without any objections or modifications by you. To the extent that we are deemed to have formed a contract with
you related to the Software prior to your acceptance of this Agreement, this Agreement shall govern and shall be deemed to
be a modification of any prior terms in their entirety.
12. GENERAL. Any waiver of or modification to the terms of this Agreement will not be effective unless executed in writing
and signed by Secure Computing. If any provision of this Agreement is held to be unenforceable, in whole or in part, such
holding shall not affect the validity of the other provisions of this Agreement. You may not assign this License Agreement or
any associated transactions without the written consent of Secure Computing. This License Agreement shall be governed
by and construed in accordance with the laws of California, without regard to its conflicts of laws provisions.
iii
Other Terms and Conditions
This product includes software developed by Cavium Networks. Copyright © 2003-2005 Cavium Networks
This product includes software developed by Tarari, Inc. Copyright © 2003-2007 Tarari, Inc. All rights reserved.
This product includes software and algorithms developed by RSA Data Security Inc., including the RSA Data Security, Inc.
MD5 Message Digest Algorithm.
**********************************************************************************************************************************
This product includes software developed by the University of California, Berkeley and its contributors.
Copyright © 1983, 1990, 1991, 1992, 1993, 1994, 1995, 1996 The Regents of the University of California.
This product contains software developed by the Net-SNMP project. Copyright © 1989, 1991, 1992 by Carnegie Mellon
University. Copyright © 2001-2003, Networks Associates Technology, Inc. All rights reserved. Portions of this code are
copyright © 2001-2003, Cambridge Broadband Ltd. All rights reserved. Portions Copyright © Sun Microsystems, Inc., 4150
Network Circle, Santa Clara, California 95054, USA, All rights reserved. Portions Copyright © 2003-2006 Sparta, Inc, All rights
reserved. Portions Copyright © 2004 Cisco, Inc and Information Network Center of Beijing University of Posts and
Telecommunications, All rights reserved. Portions Code are copyright © 2003 Fabasoft R&D Software GmbH & Co KG.
This product contains software developed through the Internet Software Consortium (http://www.isc.org). Copyright © 1996-
2003 Internet Software Consortium. Portions Copyright © 1996-2001 Nominum, Inc. Portions Copyright © 2004, 2005 Internet
Software Consortium, Inc. ("ISC")
This product contains software developed by Sendmail, Inc. Copyright © 1998-2006 Sendmail, Inc. All rights reserved.
This product includes software developed by the Python Software Foundation. All rights reserved.
This product includes cryptographic software written by Eric Young (eay@cryptsoft.com).
This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit. (http:// www.openssl.org)
Copyright © 1998-2005 The OpenSSL Project. All rights reserved.
This product utilizes MySQL (http://www.mysql.com/). Copyright © 1995, 1996, 2000 TcX AB & Monty Program KB & Detron
Stockholm SWEDEN, Helsingfors FINLAND and Uppsala SWEDEN. All rights reserved.
This product incorporates compression code from the Info-ZIP group. There are no extra charges or costs due to the use of
this code, and the original compression sources are freely available from http://www.info-zip.org or ftp://ftp.info-zip.org on the
Internet.
This product includes software developed at the Information Technology Division, US Naval Research Laboratory. Copyright ©
1995 US Naval Research Laboratory (NRL). All Rights Reserved.
This product includes software developed by Computing Services at Carnegie Mellon University
(http://www.cmu.edu/computing/). Copyright © 1998-2003 Carnegie Mellon University. All rights reserved.
This product incorporates the Mailshell Anti-Spam SDK, which is Copyright © 1999-2007 Mailshell.
This product incorporates the PCRE library package, which is open source software, written by Philip Hazel, and copyrighted
by the University of Cambridge, England.
This product also uses libspf, an implemention of the Sender Policy Framework, which is Copyright © 2004 James Couzens &
Sean Comeau All rights reserved.
This product includes the OpenSSH package. Portions Copyright © 1998 CORE SDI S.A., Buenos Aires, Argentina. Portions
Copyright © 1995, 1996 by David Mazieres. Portions Copyright © 1995 Patrick Powell. Portions Copyright Markus Friedl,
Theo de Raadt, Niels Provos, Dug Song, Aaron Campbell, Damien Miller, Kevin Steves, Daniel Kouril, Wesley Griffin, Per
Allansson, Nils Nordman, Simon Wilkinson, Ben Lindstrom, Tim Rice, Andre Lucas, Chris Adams, Corinna Vinschen, Cray
Inc., Denis Parker, Gert Doering, Jakob Schlyter, Jason Downs, Juha Yrjl, Michael Stone, Networks Associates Technology,
Inc., Solar Designer, Todd C. Miller, Wayne Schroeder, William Jones, Darren Tucker, Eric P. Allman.
Redistribution and use in source and binary forms of the above listed software, with or without modification, are permitted
provided that the following conditions are met:
1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer
in the documentation and/or other materials provided with the distribution.
3. Neither the name of the University nor the names of its contributors may be used to endorse or promote products derived
from this software without specific prior written permission.
iv
THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL LICENSORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
OF SUCH DAMAGE.
This product uses unmodified GNU software. GNU source code is available on request by contacting Secure Computing.
Technical Support information
Secure Computing works closely with our reseller partners to offer the best worldwide Technical Support services. Your
Secure Computing reseller is the first line of support when you have questions about our products and services; however, if
you require additional assistance, contact us directly.
• To contact Secure Computing Technical Support directly, telephone +1.800.700.8328 or +1.651.628.1500. If you prefer,
send an e-mail to support@securecomputing.com.
• To inquire about obtaining a support contract, refer to our “Contact Secure” Web page for the latest information at
www.securecomputing.com.
• To use the Secure KnowledgeBase, go to www.securecomputing.com/goto/kb. Enter your company ID.
Customer Advocate information
To suggest enhancements in a product or service, or to request assistance in resolving a problem, please contact a Customer
If you have comments or suggestions you would like to make regarding this document or any other Secure Computing
Printing history
Date Part number Software release
March 2007 SWOP-MN-STRT70-A Sidewinder 7.0.0.00
v
Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .vii
Welcome to the Sidewinder appliance . . . . . . . . . . . . . . . . . . . . . . . . . vii
Who should read this guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii
Where to find additional information . . . . . . . . . . . . . . . . . . . . . . . . . . . vii
CHAPTER 1 Installation Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1
Shipment contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2
Sidewinder environment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Selecting the best startup method . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4
Checklist for success . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
CHAPTER 2 Planning Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7
Learning about network perimeter security . . . . . . . . . . . . . . . . . . . . . . 8
Preparing your Quick Start Wizard responses . . . . . . . . . . . . . . . . . . . .8
Preparing an integration schedule . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
CHAPTER 3 Setting Up the Management Tools . . . . . . . . . . . . . . . . . . . . .15
Verifying management system requirements . . . . . . . . . . . . . . . . . . . .16
Installing the Management Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
CHAPTER 4 Configuring your Sidewinder Appliance . . . . . . . . . . . . . . . .19
Setting up the hardware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .20
Running the Quick Start Wizard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
CHAPTER 5 Managing your Sidewinder Appliance . . . . . . . . . . . . . . . . . .25
Starting the Admin Console . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
Activating the license . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Licensing an isolated Sidewinder appliance . . . . . . . . . . . . . . . . . . . 28
Licensing an internet-connected Sidewinder appliance . . . . . . . . . .30
Performing other post-startup tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
CONTENTS
Table of Contents
vi
APPENDIX A Other Quick Start Methods . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
Using a locally attached terminal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
Setting up the Sidewinder appliance . . . . . . . . . . . . . . . . . . . . . . . . 34
Configuring your serial connection . . . . . . . . . . . . . . . . . . . . . . . . . . 35
Running the Quick Start program . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
Saving your initial configuration to removable media . . . . . . . . . . . . . 37
Preparing the systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
Running the Quick Start Wizard . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
Powering on the Sidewinder appliance . . . . . . . . . . . . . . . . . . . . . . 40
APPENDIX B Tips and Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
Troubleshooting technical difficulties and configuration issues . . . . . . 42
Troubleshooting newly installed or re-imaged appliances . . . . . . . . 42
Troubleshooting connectivity and misconfiguration difficulties . . . . . 43
Verifying interface information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
Glossary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
vii
PREFACE
Welcome to the
Sidewinder
appliance
This guide leads you through planning and setting up your initial Sidewinder®
network gateway security appliance configuration. It also covers basic post-
installation tasks for integrating a new appliance into your network. While
problems are not anticipated, this guide also includes helpful troubleshooting
tips.
Who should read
this guide
This guide is for anyone assigned to initially set up a Sidewinder Network
Gateway appliance. It assumes you are familiar with networks and network
terminology. You should also be familiar with the Internet and its associated
terms and applications. Please take a few minutes to get acquainted with the
documentation.
Where to find
additional
information
The Management Tools CD includes the Sidewinder documentation in portable
document format (PDF). When you install the Management Tools on a
Microsoft Windows®-based system, the documents are automatically loaded
onto your hard drive. Updated documents, when necessary, will automatically
load when you upgrade your Sidewinder. You can view the documents by
selecting Start > Programs > Secure Computing > Sidewinder 7 Admin
Console > Documentation
Note: To view Sidewinder documents prior to installing the Windows-based tools,
browse to the \Manuals directory on the Management Tools CD. These documents
are updated every time you upgrade your Admin Console.
Table 1: Summary of Sidewinder documentation
Document Description
Sidewinder
Startup Guide
Leads you through your initial appliance configuration.
Sidewinder
Administration
Guide
Complete administration information on all appliance
functions and features. You should read this guide if you
are responsible for configuring and managing an individual
appliance.
More...
Preface
viii
Tip: For the latest information regarding Sidewinder appliance and other Secure
Computing products, see our web site at: www.securecomputing.com.
Documentation
addendum
If needed, a software update will include an addendum,
which serves as a supplement to the existing administration
guides. Addenda describe new features, as well as any
changes to existing documentation.
Online help Online help is built into Sidewinder Management Tools
programs. The Quick Start Wizard provides help for each
configuration window. The Admin Console program
provides detailed screen-based online help as well as topic-
based online help.
Note: If you use a browser with a pop-up blocker turned on,
you must allow blocked content to view the Sidewinder
appliance help.
Application notes Detailed instructions for setting up specific configurations,
such as setting up appliance to work with another vendor's
product or environment. Application notes are located at
www.securecomputing.com/goto/appnotes.
Knowledge Base Supplemental information for all other Sidewinder
documentation. Articles include helpful troubleshooting tips
and commands. All manuals and application notes are also
posted here.
The Knowledge Base is located at
www.securecomputing.com/goto/kb.
Document Description
1
1
CHAPTER
In this chapter...
Shipment contents............................................................................2
Sidewinder environment...................................................................3
Selecting the best startup method....................................................4
Checklist for success........................................................................5
Installation Overview
Chapter 1: Installation Overview
Shipment contents
2
Shipment
contents
Before configuring your Sidewinder network gateway security appliance,
ensure that you have received all Sidewinder components. In addition to this
document, you should have the Management Tools CD, the Installation-Disk
Imaging CD, and system hardware pre-loaded with Sidewinder software.
Note: For warranty information, please visit
www.securecomputing.com/goto/warranty.
Only the following shipment items are to be used during the startup process:
•Sidewinder Startup Guide and the Quick Start fold-out
•Hardware platform, serial cable, and power cord(s)
•Sidewinder Management Tools CD
•Activation Certificate
•Rack Mount Kit (optional)
Installation-Disk Imaging CD:
to be used only if system
needs re-imaging
Activation Certificate
& other notices
Startup Guide
Sidewinder
Administration Guide
(PDF on Management
Tools CD)
Sidewinder media
Hardware components
Management Tools CD
(for Window-based
systems): Admin Console,
Quick Start Wizard,
product documentation
Quick Start fold-out
Hardware platform
(models may vary)
(rack mounted systems only)
Power cord and
serial cable
Rack Mount
Kit
Chapter 1: Installation Overview
Sidewinder environment
3
Sidewinder
environment
Note: If you have experience setting up a Sidewinder appliance, this may be the
only chapter you need to read. If you are new to the Sidewinder appliance or want a
more thorough explanation about each startup task, this chapter points where you
can go for those details.
You configure and manage a Sidewinder Network Gateway appliance from a
Windows-based computer (see Figure 1). The Management Tools CD provides
the programs needed to prepare the initial configuration (the Quick Start
Wizard) and manage your appliances after installation (the Admin Console).
The appliance also supports a local console using a serial connection or a
standard VGA connection.
Figure 1: Basic
Sidewinder appliance
environment
R
R
Management system on Windows PC:
Install the Management Tools to create an
initial configuration profile and manage the
appliance. You can also administer other
appliances in your organization.
Sidewinder appliance
running SecureOS:
Appliance with pre-installed
software
Standalone
Sidewinder
appliance
Sidewinder
Admin Console
(Windows)
Chapter 1: Installation Overview
Selecting the best startup method
4
Selecting the
best startup
method
The following figures provide snapshots of the different initial configuration
methods. The most common method, using the Quick Start Wizard while
directly connected to an appliance, is also reflected in the checklist starting on
page 5.
There are three possible methods:
Figure 2: Direct connect
with the Quick Start
Wizard
Th
e most common met
h
o
d
i
s to connect a
Wi
n
d
ows-
b
ase
d
computer to t
h
e
appliance using a serial cable, then use the Quick Start Wizard.
Figure 3: Direct connect
with the Quick Start text-
mode program
prompt %:
For users who do not have a Windows system near their appliance, connect a
terminal or terminal emulator to the appliance using a serial cable or monitor
and keyboard, then use the text-mode Quick Start program.
See “Using a locally attached terminal” on page 34 for more information.
Figure 4: Diskette or
flash drive transfer with
Quick Start Wizard
For users who must create an initial configuration away from their appliance,
use the Quick Start Wizard to save a configuration to a diskette or USB flash
drive, then insert the media into the appliance and power it on.
See “Saving your initial configuration to removable media” on page 37 for
more information.
Chapter 1: Installation Overview
Checklist for success
5
Checklist for
success
The checklist describes how to make your Sidewinder appliance fully
operational using a direct connection between the Quick Start Wizard and the
appliance. This method is shown in Figure 2 on page 4. The other methods
(shown in Figure 3 and Figure 4) are described in Appendix A. Use the
checklist to mark off each step as you complete it. For guidance on managing
and customizing a Sidewinder appliance after the initial configuration, see the
Sidewinder Administration Guide.
Plan your configuration
Learn more about network perimeter security and basic issues relevant
to integrating a Sidewinder appliance into your existing network. See
the web-based training for more details:
www.securecomputing.com/training_sidewinder.cfm
Read the latest Release Notes for up-to-date information. Release
Notes are located here:
www.securecomputing.com/goto/updates
Gather network information and answer the questions that relate to
choices you will be asked to make when you run the Quick Start
Wizard. See page 8 for more details.
Plan your integration schedule. See page 13 for an example.
Install the Management Tools
Ensure that you have a Windows-based computer that meets the
minimum requirements. See page 16 for more details.
Install the Management Tools software on a Windows computer.
See page 17 for more details.
More...
1
2
Chapter 1: Installation Overview
Checklist for success
6
Configure your Sidewinder appliance
Set up the hardware by doing the following:
aMake sure the security appliance is properly situated in your
network.
bConnect the power cord and the network cables.
cPower on the Sidewinder appliance.
dConnect a serial cable from the appliance to the Windows-based
computer installed with the Sidewinder Management Tools.
See page 20 for more information.
Start the Quick Start Wizard. See page 20 for more information.
After the Quick Start Wizard completes, detach the serial cable.
Start managing your Sidewinder appliance
Start the Admin Console from your Windows-based management
workstation and connect to your appliance. See page 26 for details.
Check for recently released patches:
www.securecomputing.com/goto/updates
Read the section titled “Performing other post-startup tasks” on page
31. It lists tasks that serve as a good starting point for implementing
your policy. Complete details are provided in the Sidewinder
Administration Guide.
3
4
Chapter 2: Planning Considerations
Learning about network perimeter security
8
Learning about
network
perimeter
security
If you are new to the Sidewinder Network Gateway appliance, Secure
Computing recommends you spend some time reviewing network perimeter
security concepts and basic issues relevant to integrating a Sidewinder
appliance into your existing network. Here are a few suggestions to get you
started:
•Prepare a diagram that indicates where you will place appliances in your
existing network. Include routers, mail servers, web servers, FTP servers,
and DNS machines. Also include all internal or partner networks and their
routes. This will help you organize your network information.
•Use the free Sidewinder training available online from Secure Computing.
Tutorials walk you through different administration tasks. Access the
training at:
www.securecomputing.com/training_sidewinder.cfm
•Install an SSH client on your computer. An SSH client can be used to
provide secure command line access to the appliance.
Tip: For information on training, network services consultations, and technical
support options, contact Secure Computing Customer Service at +1.888.683.3030.
Preparing your
Quick Start
Wizard
responses
This section helps you define and organize the information you will need to
initially configure your Sidewinder appliance using the Quick Start Wizard.The
Quick Start Wizard asks these questions when you run the program. Use the
space provided to record your unique configuration information.
What is your serial number?
Serial number: _______________________________________________
The Sidewinder appliance’s serial number is on your Activation Certificate and/
or attached to the top of the security appliance. Enter your 16-digit,
alphanumeric serial number in the field provided. The serial number is in this
format: SWXX-XXXX-XXXX-XXXX.
Who is your company contact?
Contact: ________________________________________
Phone #:___________________________
E-mail: ____________________________
Enter the contact information for this appliance’s administrator. Secure
Computing uses this information to send customer announcements, such as
patches or end-of-life notifications.
Table of contents
