Hướng dẫn sử dụng thiết bị an ninh mạng WatchGuard Firebox T85-PoE

1. Giới thiệu

This manual provides essential instructions for the WatchGuard Firebox T85-PoE Network Security Appliance. It covers the physical installation, initial setup, operational guidelines, maintenance procedures, and troubleshooting steps to ensure optimal performance and security for your network environment. The Firebox T85-PoE is designed to deliver advanced, comprehensive security with high performance for small and midsize businesses and distributed enterprises.

2. Sản phẩm hếtview

The WatchGuard Firebox T85-PoE is a powerful unified threat management (UTM) appliance that integrates multiple security functions into a single device. It offers advanced firewall capabilities, VPN, intrusion prevention, and other security services to protect your network from various threats. The device includes Power over Ethernet (PoE+) ports for powering peripheral devices and an expansion bay for customizable port configurations.

Các tính năng chính:

• Thông lượng cao: Up to 4.96 Gbps firewall throughput for efficient data processing.
• Integrated PoE+ Ports: Two Power over Ethernet Plus ports (PoE+) to power compatible devices directly from the appliance, simplifying deployment.
• Kết nối linh hoạt: Eight 1 Gigabit Ethernet ports and an expansion bay for optional SFP+ fiber or 4G/LTE modules.
• Bảo mật toàn diện: Supports the Total Security Suite, including Cloud sandboxing, AI-powered anti-malware, threat correlation, and DNS filtering.
• Quản lý tập trung: Managed through WatchGuard Cloud for enhanced network visibility and control.

Thành phần vật lý:

Hình 2.1: Đằng trước view of the WatchGuard Firebox T85-PoE appliance. This image displays the front panel of the WatchGuard Firebox T85-PoE appliance. It features the WatchGuard logo on the left, 'Firebox T85-PoE' branding on the right, and a series of LED indicators for status, attention, module, mode, and port activity (10/100/1000 Mbps and Failover).

Hình 2.2: Ở phía sau view of the WatchGuard Firebox T85-PoE appliance. The rear panel of the WatchGuard Firebox T85-PoE appliance is shown, featuring various ports and controls. From left to right, it includes a console port, two USB 3.0 ports, eight 1 Gigabit Ethernet ports (labeled 0/WAN, 1/LAN, 2-7 PoE), a reset button, a power switch, and a 54V 2.22A power input.

3. Thiết lập

Follow these steps for the initial setup of your WatchGuard Firebox T85-PoE appliance.

3.1 Tháo dỡ và kiểm tra

1. Carefully unpack the Firebox T85-PoE appliance and all accessories from the packaging.
2. Inspect the device for any signs of physical damage. If damage is found, contact your reseller or WatchGuard Support immediately.
3. Xác minh rằng tất cả các thành phần được liệt kê trong phiếu đóng gói đều có đầy đủ.

3.2 Cài đặt vật lý

1. Vị trí: Position the appliance on a stable, flat surface or mount it in a rack using appropriate mounting hardware (sold separately). Ensure adequate ventilation around the device.
2. Kết nối nguồn điện: Connect the provided power adapter to the 54V 2.22A power input on the rear panel of the Firebox and then to a suitable power outlet. Do not power on the device yet.
3. Kết nối mạng:
   • Kết nối modem hoặc bộ định tuyến của nhà cung cấp dịch vụ internet của bạn với 0 / WAN cảng.
   • Connect your internal network switch or a management computer to the 1 / LAN cảng.
   • If using PoE+ devices, connect them to ports 2-7 PoE khi cần thiết.
4. Kết nối bảng điều khiển (Tùy chọn): For direct console access, connect a serial cable from your management computer to the console port on the Firebox.

3.3 Khởi động và kích hoạt ban đầu

1. After all physical connections are made, switch on the power button on the rear panel.
2. The appliance will begin its boot sequence. Monitor the front panel LEDs for status indications.
3. Access the WatchGuard Cloud portal (www.watchguard.com/cloud) to activate your Firebox T85-PoE and apply your Total Security Suite license. Follow the on-screen instructions for registration and initial configuration.
4. If you are participating in a 'Trade Up' program, ensure your previous WatchGuard appliance is retired as per program guidelines before activating the new T85-PoE.

4. Hướng dẫn vận hành

The WatchGuard Firebox T85-PoE operates as a central point for network security, enforcing policies and protecting against threats. Management and monitoring are primarily performed through WatchGuard Cloud.

4.1 Security Suites Overview

The Firebox T85-PoE supports various security suites, with the Total Security Suite offering the most comprehensive protection.

Hình 4.1: Comparison table of WatchGuard Security Suite features. This image presents a comparison table detailing the features included in WatchGuard's Support, Basic Security, and Total Security Suites. Features listed include Stateful Firewall, VPN, SD-WAN, Access Portal, Intrusion Prevention Service (IPS), Application Control, Webblocker, SpamBlocker, Gateway AntiVirus, Reputation Enabled Defense, Network Discovery, APT Blocker, Threat Detection & Response, DNSWatch, and IntelligentAV. It also shows WatchGuard Cloud Visibility Data Retention periods and support levels for each suite.

Basic Security Suite: Includes traditional network security services such as Intrusion Prevention System (IPS), antivirus, URL filtering, application control, spam blocking, and reputation lookup.

Total Security Suite: Expands upon the Basic Security Suite by adding advanced features like Cloud sandboxing, AI-powered malware protection, DNS filtering, and eXtended Detection and Response (XDR) for unified network and endpoint protection.

4.2 Network Policy Management

• Use WatchGuard Cloud to define and manage firewall policies, VPN configurations, and security services.
• Configure network zones, user authentication, and content filtering rules to control network access and usage.

4.3 Monitoring and Reporting

• WatchGuard Cloud provides real-time monitoring of network traffic, security events, and appliance status.
• Generate reports to analyze security posture, identify trends, and ensure compliance.

5. Bảo trì

Regular maintenance ensures the continued security and optimal performance of your Firebox T85-PoE appliance.

• Cập nhật chương trình cơ sở: Regularly check for and apply the latest firmware updates through WatchGuard Cloud to benefit from new features, security enhancements, and bug fixes.
• Security Service Updates: Ensure that all security services (e.g., antivirus, IPS signatures) are kept up-to-date automatically.
• Sao lưu cấu hình: Periodically back up your appliance configuration to prevent data loss in case of unforeseen issues.
• Kiểm tra thể chất: Ensure the appliance is free from dust and that ventilation openings are not obstructed.

KHAI THÁC. Xử lý sự cố

This section provides basic troubleshooting steps for common issues. For more complex problems, refer to the WatchGuard knowledge base or contact support.

6.1 Các vấn đề về nguồn điện

• Không có điện: Verify the power cable is securely connected to both the appliance and the power outlet. Check the power switch position.
• Đèn LED nguồn tắt: If the power LED is off, try a different power outlet or power adapter.

6.2 Các vấn đề về kết nối mạng

• Không có kết nối mạng: Check the cable connection to the 0/WAN port. Verify your internet service provider's status.
• Truy cập mạng nội bộ: Ensure cables are properly connected to LAN ports. Check network switch status.
• Đèn báo LED: Observe the port LEDs on the front panel. A solid green or amber light indicates a link, and a blinking light indicates activity. No light suggests a cable or port issue.

6.3 Thiết bị không phản hồi

• Đèn LED trạng thái: If the status LED indicates an error, consult the WatchGuard documentation for specific error codes.
• Đặt lại mềm: Press the reset button on the rear panel briefly to restart the device.
• Khôi phục cài đặt gốc: A factory reset will erase all configurations. Only perform this as a last resort and after backing up your configuration. Refer to WatchGuard documentation for the specific procedure.

7. Thông số kỹ thuật

The following table outlines the key technical specifications for the WatchGuard Firebox T85-PoE Network Security Appliance.

Hình 7.1: Detailed technical specifications for WatchGuard Firebox T85. This image provides a comprehensive table of technical specifications for the WatchGuard Firebox T85. It covers performance metrics like firewall and VPN throughput, UTM and HTTPS inspection, capacity details such as interfaces and concurrent connections, security features including firewall and threat protection, site-to-site and remote access VPNs, visibility and logging, certifications, networking capabilities like SD-WAN and dynamic routing, and physical/environmental specifications including dimensions, weight, power, operating temperature, and humidity.

8. Bảo hành và Hỗ trợ

WatchGuard provides comprehensive support for its products. For detailed warranty information, please refer to the official WatchGuard webtrang web hoặc hợp đồng mua hàng của bạn.

8.1 Hỗ trợ kỹ thuật

If you encounter issues that cannot be resolved using the troubleshooting steps in this manual, please contact WatchGuard Technical Support. Ensure you have your product serial number and a description of the issue ready.

Visit the WatchGuard Support Center at www.watchguard.com/support for access to documentation, knowledge base articles, and support contact information.

8.2 Trade Up Program Information

This product may be part of a 'Trade Up' program. To activate Trade Up products, the owner must retire an earlier generation WatchGuard appliance. A retired product will no longer appear among your managed products, cannot receive upgrades or add-on activations, and its ownership cannot be transferred. For full details on the Trade Up program, consult WatchGuard's official program terms and conditions.