utm - virtual appliance readme - sophos · utm - virtual appliance readme author: sophos subject:...
TRANSCRIPT
Sophos UTM
Virtual Appliance Readme
Product version: UTM 9Document date: Friday, July 13, 2012
The specifications and information in this document are subject to change without notice. Companies, names,and data used in examples herein are fictitious unless otherwise noted. This document may not be copied or dis-tributed by any means, in whole or in part, for any reason, without the express written permission of AstaroGmbH & Co. KG. Translations of this original manual must bemarked as follows: "Translation of the originalmanual".© 2000–2012 Astaro GmbH & Co. KG.All rights reserved.Amalienbadstraße 41/Bau 52,76227 Karlsruhe,Germanyhttp://www.astaro.com, http://www.sophos.comSophos UTM, Astaro CommandCenter, Astaro Gateway Manager, andWebAdmin are trademarks of AstaroGmbH & Co. KG. Cisco is a registered trademark of Cisco Systems Inc. iOS is a trademark of Apple Inc. Linuxis a trademark of Linus Torvalds. All further trademarks are the property of their respective owners.
Limited WarrantyNo guarantee is given for the correctness of the information contained in this document. Please send any com-ments or corrections to [email protected].
Contents1 Overview 12 Installation 22.1 Important Note on Root Password 22.2 Installation of Desktop Products 22.2.1 Installation of VMware Player 22.2.2 Installation of VMwareWorkstation 4
2.3 Installation of ESX 4 / vSphere ESX(i) 5 73 Support 13
1 OverviewWelcome! This Readme is about how to get Sophos UTM 9 running as a virtual appliance in any VMware vir-tualization product.New customers are recommended to download the UTM Virtual Appliance image via http://www.-sophos.com/en-us/products/free-trials/utm.aspx. You are requested to fill out the registration form. Then youwill be sent an e-mail with the download link and additional information. Later on you will receive latest securityand product information by our UTM team. Already registered users can directly download the virtual appliancesfrom one of the following locations:l ftp://ftp.astaro.com/pub/UTM/v9/virtual_appliance/
l http://download.astaro.com/UTM/v9/virtual_appliance/
In addition, Sophos offers a free home use license including all base level components of UTM at no cost forhome users for personal, non-commercial, and non-revenue generating use.
Recommended Reading –Once Sophos UTM virtual appliance is installed and running, please refer to theUTM 9 Administration Guide or the online help for further usage information, both of which are included in Soph-os UTM.
2 Installation
2 InstallationHave any VMware virtualization product installed. Supported VMware virtualization software is:l VMware ESX(i) 4
l VMware ESX(i) 5
l VMware Player
l VMwareWorkstation
If you just want to glance at UTM Virtual Appliance to get a first impression of what UTM really does, we rec-ommend using VMware Player for its ease-of-use. However, if you are considering using UTM Virtual Appliancein a production environment, or if you would like to conduct performance or load testing with UTM, we rec-ommend using VMware ESX/ESXi, because its network performance is much better.Download the UTM Virtual Appliance image from http://www.sophos.com/en-us/products/free-trials/utm.aspx.If you are using VMware ESX/i, make sure to get one of the ESX optimized images for ESX Server.
2.1 Important Note on Root PasswordBy default, there is no root password set by Sophos. The proper way to set the command line passwords andenable SSH functionality is viaWebAdmin underManagement > System Settings, on theShell Access tab.However, if this has not been done and a login directly at the console is tried for root, specify any password, andyou will then be prompted to set this password by confirming it again. From there, root access will be granted.Note that this happens only the first time a direct console login is performed, and if the root password is thenlater specified from theWebAdmin GUI, it will overwrite the previously manually set password.
2.2 Installation of Desktop Products
2.2.1 Installation of VMware Player1. Unzip your downloaded package in your self-defined VMachines directory.
2. Start the VMware Player, open the image and boot it.System boot was successful when you hear five beeps in a row and when the command-line login screenappears.UTM has a network interface card pre-configured as eth0, whose IP address is 192.168.0.1 by default.
2 UTM 9 – Virtual Appliance Readme
Figure 1 UTM virtual appliance login screen as displayed in VMware player
3. Configure your VMnet8 network adapter with the IP address 192.168.0.2 and the subnet255.255.255.0.InWindows, this can be done in theNetwork Connections menu.
4. To edit the network connections, click Start > Control Panel and then double-click Network Con-nections.
5. Select VMware Network Adapter VMnet8 and change its IP address to 192.168.0.2.
Figure 2 Configuring VMware network adapter VMnet8
6. Point your browser to https://192.168.0.1:4444, accept the SSL certificate, and you areready to go.From here on, configuring Sophos UTM Virtual Appliance is like working with any Sophos UTM.The first time you start UTM's web frontend (calledWebAdmin), the initial setup page will open.
UTM 9 – Virtual Appliance Readme 3
2 Installation
2 Installation
7. Enter accurate information of your company in the text boxes presented here. In addition, specifya password and valid e-mail address for the administrator account.
Figure 3 Initial setup screen of WebAdmin
8. Click Perform Basic System Setup to continue logging in.The login page appears.
9. Type admin in the Username field and enter the password you have specified on the previousscreen.After logging in, the Dashboard of WebAdmin appears, providing you with all system status information ofthe Sophos UTM unit.Sophos UTM 9 comes with an essential license including all base level components of UTM at no cost forhome users for personal, non-commercial, and non-revenue generating use.
2.2.2 Installation of VMware Workstation1. Unzip your downloaded package in your self-defined VMachines directory.
2. Start your VMware Workstation and open the image.The virtual UTM appliance has three preconfigured network interfaces, which are set to bridged mode.
4 UTM 9 – Virtual Appliance Readme
Figure 4 Open UTM virtual appliance in VMware workstation
3. Customize this setting so that it fits your environment and needs.
Figure 5 How to change UTM virtual appliance in VMware Workstation
System boot was successful when you hear five beeps in a row and when the command-line login screenappears.UTM has a network interface card pre-configured as eth0, whose IP address is 192.168.0.1 by default.
UTM 9 – Virtual Appliance Readme 5
2 Installation
2 Installation
Figure 6 UTM virtual appliance login screen as displayed in VMware workstation
4. Configure your VMnet8 network adapter with the IP address 192.168.0.2 and the subnet255.255.255.0.InWindows, this can be done in theNetwork Connections menu:1. Click Start > Control Panel and then double-click Network Connections.
2. Select VMware Network Adapter VMnet8 and change its IP address to 192.168.0.2.
Figure 7 Configuring VMware Network Adapter VMnet8
5. Point your browser to https://192.168.0.1:4444, accept the SSL certificate, and you areready to go.From here on, configuring Sophos UTM Virtual Appliance is like working with any Sophos UTM.The first time you start UTM's web frontend (calledWebAdmin), the initial setup page will open.
6. Enter accurate information of your company in the text boxes presented here. In addition, specifya password and valid e-mail address for the administrator account.
6 UTM 9 – Virtual Appliance Readme
Figure 8 Initial setup screen of WebAdmin
7. Click Perform Basic System Setup to continue logging in.The login page appears.
8. Type admin in the Username field and enter the password you have specified on the previousscreen.After logging in, the Dashboard of WebAdmin appears, providing you with all system status information ofthe Sophos UTM unit.Sophos UTM 9 comes with an essential license including all base level components of UTM at no cost forhome users for personal, non-commercial, and non-revenue generating use.
2.3 Installation of ESX 4 / vSphere ESX(i) 5The zip packages for VMware ESX 4 and vSphere ESX(i) 5contain two virtual machine related files.We use for all architectures theOpen Virtualization Format (OVF).Do the following:
1. Unzip your downloaded package to a directory of your choice.
2. Open the vSphere Client and log in to the management interface of VMware ESX Server 4 or 5.
3. From the menu select File > Deploy OVF Template.The VMwareDeploy OVF TemplateWizard opens.
4. Select the option Deploy from file, browse to the folder of your unzipped UTM, select the utm_9.xxx_esx_v5_x64_smp.ovf file and click Next.You get a detailed overview about the appliance.
UTM 9 – Virtual Appliance Readme 7
2 Installation
2 Installation
Figure 9 Import from file
5. Click Next.
Figure 10 Import overview
8 UTM 9 – Virtual Appliance Readme
6. Enter a name and click Next.
Figure 11 Name the appliance
7. Select a host or cluster to deploy to and click Next.
Figure 12 Target of the deployed template
UTM 9 – Virtual Appliance Readme 9
2 Installation
2 Installation
8. Click Finish to start the import.
Figure 13 Finish the Import Wizard
An import dialog window appears and displays the import progress.After the successful import the virtual UTM appliance has three preconfigured network interfaces, whichare set to bridgedmode.
Figure 14 Import progress window
9. Customize this setting according to your environment and needs.
Figure 15 Network settings of the virtual UTM
10 UTM 9 – Virtual Appliance Readme
10. Start the virtual UTM and open the Virtual Console to watch the boot process.System boot was successful when you hear five beeps in a row and when the command-line login screenappears.UTM has a network interface card pre-configured as eth0, whose IP address is 192.168.0.1 by default.
Figure 16 Virtual Console of UTM
11. Give a notebook or another client IP address 192.168.0.2 and connect via web browser tohttps://192.168.0.1:4444.The first time you start UTM's web frontend (calledWebAdmin), the initial setup page will open.
12.1. Enter accurate information of your company in the text boxes presented here. In addition, specifya password and valid e-mail address for the administrator account.
UTM 9 – Virtual Appliance Readme 11
2 Installation
2 Installation
Figure 17 Initial setup screen of WebAdmin
2. Click Perform Basic System Setup to continue logging in.The login page appears.
3. Type admin in the Username field and enter the password you have specified on the previousscreen.After logging in, the Dashboard of WebAdmin appears, providing you with all system status information ofthe Sophos UTM unit.Sophos UTM 9 comes with an essential license including all base level components of UTM at no cost forhome users for personal, non-commercial, and non-revenue generating use.
12 UTM 9 – Virtual Appliance Readme
3 SupportIf you run into problems please contact us through http://www.sophos.com/en-us/support/contact-support/utm-support.aspx or by writing an email to our Support team. Our customer service representatives will be happy tohelp you.Finally, we recommend to register at http://www.sophos.com/en-us/products/free-trials/utm.aspx to obtain afree license for Sophos UTM or to gain access to latest security and product information.Enjoy,Your Sophos/Astaro Team
UTM 9 – Virtual Appliance Readme 13
3 Support
