Integrating the Protector with Citrix NetScaler SDX

Similar documents
Releasing blocked in Data Security

Setting up VMware ESXi for 2X VirtualDesktopServer Manual

Deployment Guide: Transparent Mode

Installing and Configuring vcloud Connector

Virtual Appliance Setup Guide

V Series Rapid Deployment Version 7.5

App Orchestration 2.5

Network Load Balancing

MultiSite Manager. Setup Guide

PineApp Surf-SeCure Quick

Setting up Citrix XenServer for 2X VirtualDesktopServer Manual

Set Up a VM-Series Firewall on the Citrix SDX Server

VCCC Appliance VMware Server Installation Guide

VPN-1 VE Evaluation Guide

MultiSite Manager. Setup Guide

F-Secure Messaging Security Gateway. Deployment Guide

How To - Deploy Cyberoam in Gateway Mode

Virtual Appliance Setup Guide

App Orchestration 2.0

DLP Quick Start

Product Version 1.0 Document Version 1.0-B

Citrix EdgeSight for NetScaler Rapid Deployment Guide

Cisco - Configure the 1721 Router for VLANs Using a Switch Module (WIC-4ESW)

Configure Cisco Unified Customer Voice Portal

Moving the TRITON Reporting Databases

Configuration Guide. Websense Web Security Solutions Version 7.8.1

SSL VPN. Virtual Appliance Installation Guide. Virtual Private Networks

Installing and Configuring vcloud Connector

Changing the C Interface IP Address: step-by-step

Citrix NetScaler Load Balancer Configuration

NSi Mobile Installation Guide. Version 6.2

Install Guide for JunosV Wireless LAN Controller

Using Logon Agent for Transparent User Identification

Quick Start for Network Agent. 5-Step Quick Start. What is Network Agent?

If you re not using Citrix XenCenter 6.0, your screens may vary. Required Virtual Interface Maps to... mgmt0. virtual network = mgmt0 wan0

VMware Identity Manager Connector Installation and Configuration

Network Agent Quick Start

Configuring User Identification via Active Directory

Configuring Trend Micro Content Security

Installing Intercloud Fabric Firewall

Configuring the BIG-IP system for FirePass controllers

Installing and Using the vnios Trial

Integrated Citrix Servers

How To - Implement Single Sign On Authentication with Active Directory

NETFORT LANGUARDIAN INSTALLING LANGUARDIAN ON MICROSOFT HYPER V

Configuration Information

ESX Server 3 Configuration Guide Update 2 and later for ESX Server 3.5 and VirtualCenter 2.5

Stratusphere UX Prerequisites & Preparation Overview. Stratusphere Requirements Stratusphere Hub Appliance (SHA)... 2

Setup Cisco Call Manager on VMware

Configuring PA Firewalls for a Layer 3 Deployment

Citrix XenServer Workload Balancing Quick Start. Published February Edition

About the VM-Series Firewall

MadCap Software. Upgrading Guide. Pulse

Cyberoam Virtual Security Appliance - Installation Guide for VMware ESX/ESXi. Version 10

Introducing the BIG-IP and SharePoint Portal Server 2003 configuration

Connecting your Virtual Machine to the Internet. BT Cloud Compute. The power to build your own cloud solutions to serve your specific business needs

How to install/upgrade the LANDesk virtual Cloud service appliance (CSA)

SIP Trunking using Optimum Business Sip Trunk Adaptor and the Zultys MX250 IP PBX

SolarWinds Log & Event Manager

Polycom RealPresence Access Director System Administrator s Guide

Deploying Windows Streaming Media Servers NLB Cluster and metasan

User Manual. User Manual for Version

Common Services Platform Collector (CSPC) Self-Service - Getting Started Guide. November 2015

Cisco Expressway Basic Configuration

Active Directory integration with CloudByte ElastiStor

F-SECURE MESSAGING SECURITY GATEWAY

F-Secure Internet Gatekeeper Virtual Appliance

Altor Virtual Network Security Analyzer v1.0 Installation Guide

Moving the Web Security Log Database

Configuring Switch Ports and VLAN Interfaces for the Cisco ASA 5505 Adaptive Security Appliance

Configuration Information

USER CONFERENCE 2011 SAN FRANCISCO APRIL Running MarkLogic in the Cloud DEVELOPER LOUNGE LAB

Install MS SQL Server 2012 Express Edition

VX 9000E WiNG Express Manager INSTALLATION GUIDE

SonicWALL Global Management System Configuration Guide Standard Edition

Avaya Video Conferencing Manager Deployment Guide

SonicWALL SRA Virtual Appliance Getting Started Guide

Installing Websense Data Security

Deploying NetScaler Gateway in ICA Proxy Mode

XenDesktop Implementation Guide

vsphere App HA Installation and Configuration Guide

Easy Setup Guide for the Sony Network Camera

Required Virtual Interface Maps to... mgmt0. bridge network interface = mgmt0 wan0. bridge network interface = wan0 mgmt1

Creating a Gateway to Client VPN between Sidewinder G2 and a Mac OS X Client

Deploy XenApp 7.5 and 7.6 and XenDesktop 7.5 and 7.6 with Amazon VPC

Step by Step Guide to implement SMS authentication to F5 Big-IP APM (Access Policy Manager)

Set Up Panorama. Palo Alto Networks. Panorama Administrator s Guide Version 6.0. Copyright Palo Alto Networks

HP Insight Control Server Provisioning 7.4 Installation Guide

Web Application Firewall

VELOCITY. Quick Start Guide. Citrix XenServer Hypervisor. Server Mode (Single-Interface Deployment) Before You Begin SUMMARY OF TASKS

If you re not using VMware vsphere Client 5.1, your screens may vary.

Using Device Discovery

How to Restore a Windows System to Bare Metal

Biznet GIO Cloud Connecting VM via Windows Remote Desktop

NETWRIX EVENT LOG MANAGER

Hosting more than one FortiOS instance on. VLANs. 1. Network topology

Forcepoint Sidewinder, Virtual Appliance Evaluation for Desktop. Installation Guide 8.x. Revision A

KeyControl Installation on Amazon Web Services

Quick Start Guide. Version R91. English

LifeSize Transit Virtual Appliance Installation Guide June 2011

Transcription:

1 Integrating the Protector with Citrix NetScaler SDX Prerequisites Protector with Citrix NetScaler SDX Data Security Solutions Version 7.7.3 The Citrix NetScaler SDX appliance optimizes delivery of applications over the Internet and private networks, offering application-level security, optimization, and traffic management. A virtual image of the Data Security protector can be installed on and managed by the SDX appliance to provide data loss prevention for inline HTTP traffic as well. Like all virtual instances on the SDX appliance, the protector instance is given dedicated CPU and memory resources and a completely isolated network. Because SDX is a multi-tenant platform, you can have multiple protector instances on the same SDX appliance. NetScaler can be used for load balancing and high availability scenarios. Although both inbound and outbound traffic can be directed to the protector, outbound content protection is more common. A running Citrix NetScaler SDX appliance A running Websense Data Security system. (The management server must be running on a separate machine.) Websense web DLP policies Ports The following ports must be kept open for the protector: Outbound To Port Purpose Data Security Server 17500-17515* Consecutive ports that allow communication with Websense agents and machines. Data Security Management Server 17443 Syslog, forensics, incidents, mobile status Integrating the Protector with Citrix Netscaler SDX 1

Websense Web Security Other 56992 Linking Service UDP 123 * This range is necessary for load balancing. Inbound From Port Purpose Data Security Management Server 17500-17515* Anywhere (including TRITON - Data Security) Data Security Server 17500-17515* * This range is necessary for load balancing. Inbound/ outbound NTPD (available on the appliance yet disabled by default) Consecutive ports that allow communication with Websense agents and machines. 22 SSH access Consecutive ports that allow communication with Websense agents and machines. Getting Started Integrating the Data Security protector with NetScaler SDX involves the following: 1. Installing and provisioning the protector image, page 2 2. Setting the protector to inline mode, page 7 Once you re done, you can update the protector and modify its settings as needed. For more information, see: Updating the protector image, page 7 Modifying protector settings, page 8 Installing and provisioning the protector image 1. Download the protector XVA image file from MyWebsense. 2. Log onto the NetScaler SDX Management Service. 3. Select the Configuration tab. 4. Upload the protector image to the SDX platform. a. On the left navigation pane, select Websense Protector > Software Images. 2 Websense Data Security Solutions

b. On the XVA Files tab, select Action > Upload. c. Browse to the protector.xva image you downloaded from MyWebsense. d. Click Upload. 5. Register the protector image with the Data Security Management Server. a. On the left navigation pane, select Websense Protector > Instances. b. Click Add. Integrating the Protector with Citrix Netscaler SDX 3

c. A dialog box appears. Under Instance Creation, configure general settings for the new image as follows, and then click Next. Field Name Domain Name XVA File Description Enter a logical name for the protector in the SDX Management Service. This is also the host name that is used for the protector. Optionally, enter a domain name. The protector domain name will be set to this value. Select the protector image you uploaded. 4 Websense Data Security Solutions

d. Under Initial Settings, configure basic protector properties as follows, and then click Next. Field Protector Root Password Protector Administrator Password Data Security Manager Address Data Security Administrator User Name Data Security Administrator Password Time Zone Description The root account provides full access to the protector and should be used carefully. Set a password for this account. The administrator account is used for installing and configuring the protector. Set a password for this account. Type the IP address or FQDN of the Data Security Server that will manage the protector. Type the user name of a Data Security administrator (one that was added to the Data Security manager) Password of the Data Security administrator. Select the time zone where the protector image is located. e. Under Network Settings, select the SDX interfaces that will be used by the protector. Select exactly one management interface and 2 bridge interfaces. Complete all fields as described below for the management interface. For the bridge interfaces, just select the interface checkbox and the Allow L2 Mode checkbox. The other settings are not required. Make sure that the Data Security Management Server can be accessed through the network selected for it. Integrating the Protector with Citrix Netscaler SDX 5

Important If you are running more than one protector on the same SDX platform, make sure to use different network interface for each. Field Description Management Interface Select the NIC for use by the Data Security Management Server, SSH connections, and logging onto the protector. Gateway VLAN ID IP Address Netmask Name Server Allow L2 Mode Type the IP address of the default gateway to be used to access the SDX network. Do not provide a VLAN ID. Leave this field with its default setting. Type the IP address of the management NIC you ve chosen. Type the subnet mask of this NIC in abbreviated format (the number of bits in the subnet mask). For example, 255.255.255.0. Type the IP address of the domain name server (DNS) that will service this protector. A DNS will allow access to other network resources using their names instead of their IP addresses. Bridge interface only. Select this option to enable promiscuous mode. Required. f. On the Summary page, check your configuration before it is applied, and then click Finish. The SDX Management Service will configure the protector image and register it to the Data Security Management Server. This can take a few minutes. If errors occur, they are reported. 6 Websense Data Security Solutions

Setting the protector to inline mode Once the protector instance is configured and registered to the Data Security Management Server and the network interfaces used by the bridge are in promiscuous mode, all that remains is to set the protector to inline mode and deploy settings to the protector. 1. Log onto the Data Security manager. 2. Select Settings > Deployment > System Modules, and then click the protector instance you created. 3. On the resulting page, select the Networking tab and then select Inline (Bridge) for the Connection mode. 4. On the Services tab, click HTTP. 5. For Mode, select Active Bridge. 6. On the Advanced tab, select Blocking for the Mode. 7. Click OK and then deploy your changes. After DLP incidents are generated, you can view reports in the Data Security manager. Updating the protector image When protector updates are available, update the image on the SDX appliance by doing the following: 1. Download protector update script from MyWebsense. 2. Log on to the NetScaler SDX Management Service. 3. Select the Configuration tab. 4. Upload the new image to the SDX platform. a. On the left navigation pane, select Websense Protector > Software Images. Integrating the Protector with Citrix Netscaler SDX 7

b. On the Software Images tab, select Action > Upload. c. Browse to the protector upgrade file you downloaded from MyWebsense. d. Click Upload. e. Select Websense Protector > Instances on the left pane, highlight the Protector you want to upgrade, then select Action > Upgrade. f. Select the protector upgrade image you uploaded earler, and then click OK. Modifying protector settings Once the protector has been provisioned and registered, you can change some of its properties (such as password and timezone) through the SDX Management Service as needed. Note that some properties cannot be modified, such as hostname and xva image file. To change these, you must delete the instance and provision a new one. 1. Log onto the SDX Management Service and select Configuration > Websense Protector > Instances. 8 Websense Data Security Solutions

2. Select the relevant protector and click Modify. 3. A modify wizard appears. 4. On the first page, change the domain name and instance name as desired. Changing the instance name affects only the SDX Management Service display name. It does not change the protector hostname. 5. On the second page, modify passwords, timezone, and registration details as desired. Submitting an empty field keeps the current setting with no change. 6. On the third page, make changes to the network interfaces as needed. 7. Review the summary page and click Finish. 8. Review the modification results and close the wizard. Integrating the Protector with Citrix Netscaler SDX 9

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information