Innominate mGuard Скачать руководство пользователя страница 1

Страница: 1 / 260

Hardware Reference Manual

Innominate

S e c u r i t y Te ch n o l o g i e s

Configuration of the mGuard Security Appliances

Содержание mGuard

Страница 1: ...Hardware Reference Manual Innominate Security Technologies Configuration of the mGuard Security Appliances...

Страница 2: ...d rs4000 rs2000 rs4000 TX TX rs4000 TX TX VPN rs2000 TX TX VPN mGuard rs4000 rs2000 Switch rs4000 4TX TX rs4000 4TX TX VPN rs2000 5TX TX VPN mGuard rs4000 rs2000 3G rs4000 4TX 3G TX VPN rs2000 4TX 3G...

Страница 3: ...assumed In general the provisions of the current standard Terms and Conditions of Innominate apply exclusively in particular as concerns any warranty liability This user manual including all illustra...

Страница 4: ...are pending Published by Innominate Security Technologies AG Rudower Chaussee 13 12489 Berlin Germany Phone 49 0 30 92 10 28 0 contact innominate com www innominate com 24 July 2015 Innominate Securi...

Страница 5: ...ly with the limits for a Class B digital device pursuant to part 15 of the FCC Rules These limits are designed to provide reasonable protection against harmful interfer ence in a residential installat...

Страница 6: ...Innominate Security Technologies...

Страница 7: ...ablishing a local configuration connection 43 2 7 Remote configuration 45 2 8 Restart recovery procedure and flashing the firmware 46 2 9 Technical data 50 3 mGuard rs4000 rs2000 3G 51 3 1 Operating e...

Страница 8: ...ion in Stealth mode 114 6 6 Establishing a local configuration connection 117 6 7 Remote configuration 119 6 8 Restart recovery procedure and flashing the firmware 120 6 9 Technical data 123 7 mGuard...

Страница 9: ...g the configuration 187 10 5 Establishing a local configuration connection 189 10 6 Remote configuration 191 10 7 Restart recovery procedure and flashing the firmware 192 10 8 Technical data 195 11 mG...

Страница 10: ...3 Installation of EAGLE mGuard 240 13 4 Preparing the configuration 243 13 5 Configuration in Stealth mode 244 13 6 Establishing a local configuration connection 247 13 7 Remote configuration 249 13 8...

Страница 11: ...It is suitable for secure remote maintenance applications in industry and enables the quick startup of robust field devices for industrial use thereby facilitating error free independent operation Bot...

Страница 12: ...ng Heartbeat The device is correctly connected and operating ERR Red Flashing System error Restart the device Press the Reset button for 1 5 seconds Alternatively briefly disconnect the device power s...

Страница 13: ...f firmware version 8 1 the configured VPN connections are being established or aborted or the defined firewall rule records are activated or deactivated LAN Green On The LAN WAN LEDs are located in th...

Страница 14: ...Package slip Plug in screw terminal blocks for the power supply connection and inputs outputs in serted NOTE Risk of material damage due to incorrect wiring Only connect the mGuard network ports to LA...

Страница 15: ...rail according to DIN EN 60715 Figure 1 3 Mounting the mGuard rs4000 rs2000 on a DIN rail Attach the top snap on foot of the mGuard rs4000 rs2000 to the DIN rail and then press the mGuard rs4000 rs200...

Страница 16: ...ions also use RJ45 sockets these must not be connected to the RJ45 sockets of the mGuard NOTE Do not connect the voltage and ground outputs GND CMD V to an external voltage source Please note that onl...

Страница 17: ...press and hold the push button for a few seconds and then release the push button To switch off the selected VPN connections or firewall rule records press and hold the push button for a few seconds...

Страница 18: ...light up this generally indicates that the defined VPN connection is not present Either the VPN connection was not established or it has failed due to an error If the INFO LED is illuminated the VPN c...

Страница 19: ...age connection The mGuard boots the firmware Status STAT LED flashes green The mGuard is ready for operation as soon as the Ethernet socket LEDs light up Additionally status LEDs P1 P2 light up green...

Страница 20: ...ards the EIS Easy Initial Setup procedure en ables startup to be performed via preset or user defined management addresses without actually having to connect to an external network The mGuard is confi...

Страница 21: ...work interface is not connected on startup Computers can access the mGuard via https 1 1 1 1 if they are directly or indirectly con nected to the LAN port of the mGuard For this purpose the mGuard wit...

Страница 22: ...This is the case if it is connected in an existing network connection and if the default gateway can be accessed via the WAN port of the mGuard at the same time In this case the web browser establish...

Страница 23: ...ansmits BootP requests without interruption until it re ceives a valid IP address After receiving a valid IP address the mGuard no longer sends BootP requests The product can then no longer be accesse...

Страница 24: ...e reset to the default set tings specified above for the IP address using the Recovery procedure see Performing a recovery procedure on page 28 If the administrator web page is not displayed If the we...

Страница 25: ...cate is supplied with the device Click Yes to acknowledge the security alert The login window is displayed Figure 1 5 Login To log in enter the preset user name and password please note these settings...

Страница 26: ...Start the web browser on the remote computer Under address enter the IP address where the mGuard can be accessed externally over the Internet or WAN together with the port number if required Example I...

Страница 27: ...following states Performing a restart Performing a recovery procedure Flashing the firmware rescue procedure Figure 1 6 Reset button 1 8 1 Performing a restart Objective The device is restarted with t...

Страница 28: ...e recovery procedure The mGuard is in Router or PPPoE mode The configured device address of the mGuard differs from the default setting The current IP address of the device is not known Action Slowly...

Страница 29: ...e mGuard The relevant firmware files are available for download from the download page of www innominate com The files must be located under the following path names or in the following folders on the...

Страница 30: ...repares for a new firmware installation The STAT MOD and SIG LEDs form a running light The jffs2 img p7s firmware file is downloaded from the TFTP server or SD card and written to the Flash memory Thi...

Страница 31: ...x 114 mm up to DIN rail support Weight 725 g TX TX 722 g TX TX Firmware and power values mGuard rs4000 mGuard rs2000 Firmware compatibility For mGuard v7 4 0 or later Innominate recommends the use of...

Страница 32: ...mGuard rs4000 rs2000 32 Innominate Security Technologies I15007_en_02...

Страница 33: ...server is integrated For software independent remote maintenance the mGuard rs4000 Switch can be used as a VPN router for up to 250 parallel IPsec encrypted VPN tunnels The mGuard rs2000 Switch is a...

Страница 34: ...en On Power supply 2 is active mGuard rs2000 Switch not used Stat Green Flashing Heartbeat The device is correctly connected and operating Err Red Flashing System error Restart the device Press the re...

Страница 35: ...vated Flashing The configured VPN connections are being established or aborted at output O2 or the firewall rule records defined at output O2 are activated or deactivated WAN 1 Green On The LEDs are l...

Страница 36: ...lecommunications connections also use RJ45 sockets these must not be connected to the RJ45 sockets of the device For connecting a modem or serial terminal to the RS 232 interface you will need a null...

Страница 37: ...the mGuard rs4000 rs2000 Switch on a DIN rail Attach the top snap on foot of the mGuard rs4000 rs2000 Switch to the DIN rail and then press the mGuard rs4000 rs2000 Switch down towards the DIN rail un...

Страница 38: ...supply Connect the internal network interface LAN of the device to the corresponding Ethernet network card of the configuration computer or a valid network connection of the internal network LAN NOTE...

Страница 39: ...se ensure the same potential as well as voltage and current specifications are defined Depending on the firmware version used the service contacts can be used for various switching or signaling tasks...

Страница 40: ...ld the push button for a few seconds and then release the push button Operating a connected on off switch To switch on the selected VPN connections or firewall rule records set the switch to ON To swi...

Страница 41: ...oots the firmware The Stat LED flashes green The device is ready for opera tion as soon as the Ethernet socket LEDs light up Additionally the P1 P2 LEDs light up green and Stat LED flashes green at he...

Страница 42: ...open the Network and Sharing Center Click on LAN connection The LAN connection item is only displayed if a connection exists from the LAN interface on the computer to a mGuard in operation or another...

Страница 43: ...s been set to a different value and the current address is not known the device must be reset to the default settings specified above for the IP address using the Recovery procedure see Performing a r...

Страница 44: ...rtif icate is supplied with the device Click Yes to acknowledge the security alert The login window is displayed Figure 2 5 Login To log in enter the preset user name and password please note these se...

Страница 45: ...as follows Start the web browser on the remote computer Under address enter the IP address where the device can be accessed externally over the Internet or WAN together with the port number if requir...

Страница 46: ...the following states Performing a restart Performing a recovery procedure Flashing the firmware rescue procedure Figure 2 6 Reset button 2 8 1 Performing a restart Objective The device is restarted wi...

Страница 47: ...the firewall are retained including passwords Possible reasons for performing the recovery procedure The device is in Router or PPPoE mode The device address has been configured and is not known The c...

Страница 48: ...ad page of www innominate com The files must be located under the following path names in the following folders on the SD card Firmware install ubi mpc83xx p7s Firmware ubifs img mpc83xx p7s NOTE Duri...

Страница 49: ...rocedure deletes the current contents of the Flash memory and prepares for a new firmware installation The Stat Mod and Sig LEDs form a running light The jffs2 img p7s firmware file is downloaded from...

Страница 50: ...IN rail support Weight 835 g 835 g Firmware and power values mGuard rs4000 Switch mGuard rs2000 Switch Firmware compatibility Firmware 8 1 5 Innominate recommends the use of the latest firmware versio...

Страница 51: ...te automation devices with serial interfaces into networks as a COM server is integrated For software independent remote maintenance the mGuard rs4000 3G can be used as a VPN router for up to 250 para...

Страница 52: ...s2000 3G LED State Meaning P1 Green On Power supply 1 is active P2 Green On Power supply 2 is active mGuard rs2000 3G not used Stat Green Flashing Heartbeat The device is correctly connected and opera...

Страница 53: ...s being established or aborted at output O2 The configured VPN connections are being established or aborted at output O2 or the firewall rule records defined at output O2 are activated or deactivated...

Страница 54: ...Some telecommunications connections also use RJ45 sockets these must not be connected to the RJ45 sockets of the mGuard For connecting a modem or serial terminal to the RS 232 interface you will need...

Страница 55: ...ing the mGuard rs4000 rs2000 3G on a DIN rail Attach the top snap on foot of the mGuard rs4000 rs2000 3G to the DIN rail and then press the mGuard rs4000 rs2000 3G down towards the DIN rail until it e...

Страница 56: ...ith an impedance of 100 Connect the internal network interface LAN of the mGuard to the corresponding Ether net network card of the configuration computer or a valid network connection of the in terna...

Страница 57: ...ts and switching outputs can be connected with signals from external de vices e g with PLC signals In this case ensure the same potential as well as voltage and current specifications are defined Depe...

Страница 58: ...set whether certain VPN connections or firewall rule records are monitored and displayed via the LED Info 1 out put ACK O1 or LED Info 2 output ACK O2 If VPN connections are being monitored an illumin...

Страница 59: ...mGuard rs4000 rs2000 and thus enables re mote diagnostics The FAULT LED lights up red if the signal output takes low level due to an error inverted logic The voltage at the signal contact corresponds...

Страница 60: ...ot available The mobile network function is preset The mGuard rs2000 3G can only be operated in Router mode Connecting antennas Figure 3 5 Antenna connection Connect a suitable antenna to the antenna...

Страница 61: ...lashes green Quality of the mobile network connection The signal strength of the mobile network connection is indicated by three LEDs on the front of the mGuard rs4000 rs2000 3G The LEDs function as a...

Страница 62: ...ard rs4000 3G the status indicator P2 also lights up if there is a redundant supply voltage connection The mGuard boots the firmware The Stat LED flashes green The mGuard is ready for op eration as so...

Страница 63: ...If the supply voltage is not redundant the mGuard rs4000 3G indicates the failure of the supply voltage via the signal contact This message can be prevented by feeding the supply voltage via both inp...

Страница 64: ...the Network and Sharing Center Click on LAN connection The LAN connection item is only displayed if a connection exists from the LAN interface on the computer to a mGuard in operation or another part...

Страница 65: ...known the mGuard must be reset to the default set tings specified above for the IP address using the Recovery procedure see Performing a recovery procedure on page 69 If the administrator web page is...

Страница 66: ...security alert The login window is displayed Figure 3 8 Login To log in enter the preset user name and password please note these settings are case sensitive The mGuard can then be configured via the...

Страница 67: ...Start the web browser on the remote computer Under address enter the IP address where the mGuard can be accessed externally over the Internet or WAN together with the port number if required Example...

Страница 68: ...e following states Performing a restart Performing a recovery procedure Flashing the firmware rescue procedure Figure 3 9 Reset button 3 8 1 Performing a restart Objective The device is restarted with...

Страница 69: ...recovery procedure The mGuard is in Router or PPPoE mode The configured device address of the mGuard differs from the default setting The current IP address of the device is not known Action Slowly p...

Страница 70: ...age of www innominate com The files must be located under the following path names or in the following folders on the SD card Firmware install ubi mpc83xx p7s Firmware ubifs img mpc83xx p7s NOTE Durin...

Страница 71: ...l procedure deletes the current contents of the Flash memory and prepares for a new firmware installation The Stat Mod and Sig LEDs form a running light The jffs2 img p7s firmware file is downloaded f...

Страница 72: ...C storage Dimensions H x W x D 130 x 45 x 114 mm up to DIN rail support 130 x 45 x 114 mm up to DIN rail support Weight 850 g 835 g Firmware and power values mGuard rs4000 3G mGuard rs2000 3G Firmwar...

Страница 73: ...nologies 73 Other mGuard rs4000 3G mGuard rs2000 3G Conformance CE FCC UL 508 electrical isolation VCC PE ANSI ISA 12 12 Class I Div 2 Special features GPS GLONASS receiver realtime clock Trusted Plat...

Страница 74: ...mGuard rs4000 rs2000 3G 74 Innominate Security Technologies I15007_en_02...

Страница 75: ...se to production processes with low requirements for industrial hardening Individual devices or network segments can be safely networked and comprehensively pro tected The mGuard delta can be used as...

Страница 76: ...s LAN 1 WAN 1 LEDs Figure 4 2 Operating elements and LEDs on the Table 4 2 LEDs on the mGuard delta LEDs State Meaning WAN 1 LAN 1 Green On Full duplex Off Half duplex WAN 2 LAN 2 Yellow On 10 Mbps Fl...

Страница 77: ...mGuard delta Package slip 12 V DC power supply including different country adapters NOTE Risk of material damage due to incorrect wiring Only connect the mGuard network ports to LAN installations Som...

Страница 78: ...Figure 4 3 Low voltage plug of the power supply unit The status LED PWR lights up green when the supply voltage has been connected properly The mGuard boots the firmware Status LED STAT flashes green...

Страница 79: ...he EIS Easy Initial Setup procedure en ables startup to be performed via preset or user defined management addresses without actually having to connect to an external network The mGuard is configured...

Страница 80: ...interface is not connected on startup Computers can access the mGuard via https 1 1 1 1 if they are directly or indirectly con nected to the LAN port of the mGuard For this purpose the mGuard with LAN...

Страница 81: ...is the case if it is connected in an existing network connection and if the default gateway can be accessed via the WAN port of the mGuard at the same time In this case the web browser establishes a...

Страница 82: ...s BootP requests without interruption until it re ceives a valid IP address After receiving a valid IP address the mGuard no longer sends BootP requests The FL MGUARD can then no longer be accessed vi...

Страница 83: ...known the mGuard must be reset to the default set tings specified above for the IP address using the Recovery procedure see Performing a recovery procedure on page 87 If the administrator web page is...

Страница 84: ...is supplied with the device Click Yes to acknowledge the security alert The login window is displayed Figure 4 4 Login To log in enter the preset user name and password please note these settings are...

Страница 85: ...t the web browser on the remote computer Under address enter the IP address where the mGuard can be accessed externally over the Internet or WAN together with the port number if required Example If th...

Страница 86: ...owing states Performing a restart Performing a recovery procedure Flashing the firmware rescue procedure Figure 4 5 Reset button 4 8 1 Performing a restart Objective The device is restarted with the c...

Страница 87: ...easons for performing the recovery procedure The mGuard is in Router or PPPoE mode The configured device address of the mGuard differs from the default setting The current IP address of the device is...

Страница 88: ...uard The relevant firmware files are available for download from the download page of www innominate com The files must be located under the following path names or in the following folders on the SD...

Страница 89: ...res for a new firmware installation The STAT MOD and SIG LEDs form a running light The jffs2 img p7s firmware file is downloaded from the TFTP server or SD card and written to the Flash memory This fi...

Страница 90: ...te recommends the use of the latest firmware version and patch releases in each case For the scope of functions please refer to the relevant firmware data sheet Data throughput router firewall Router...

Страница 91: ...with PCI Express bus To aid understanding mGuard pci SD is used for the two device versions in this user man ual The mGuard pci SD is suitable for distributed protection of industrial and panel PCs i...

Страница 92: ...lash ing 10 Mbps data transmission active Green On 100 Mbps Flash ing 100 Mbps data transmission active LAN 1 LAN 2 WAN 1 Various LED light codes Recovery procedure flashing See Restart recovery proce...

Страница 93: ...ard network ports to LAN installations Some telecommunications connections also use RJ45 sockets these must not be connected to the RJ45 sockets of the mGuard NOTE Connection notes A free PCI slot 3 3...

Страница 94: ...supply lines must be isolated or laid separately to live circuits NOTE Electrostatic discharge Before installation touch the metal frame of the PC in which the mGuard pci SD is to be installed in ord...

Страница 95: ...this version onwards the EIS Easy Initial Setup procedure en ables startup to be performed via preset or user defined management addresses without actually having to connect to an external network Th...

Страница 96: ...network con nection of the internal network Connect the external network interface WAN 1 of the mGuard pci SD to the external network e g Internet The STAT status LED lights up green when the supply...

Страница 97: ...owledge this message with Accept this certificate always temporarily Mozilla Firefox Continue loading this website Internet Explorer Continue anyway Google Chrome Click Yes to acknowledge the security...

Страница 98: ...ection of the internal network Disconnect the external network interface WAN 1 of the mGuard pci SD from the ex ternal network WAN Switch on the system The STAT LED lights up green when the supply vol...

Страница 99: ...nnominate com under Downloads Software If an non configured mGuard pci SD accesses a BootP server after booting the BootP pro tocol assigns an IP address a subnet mask and optionally a default gateway...

Страница 100: ...mits BootP requests without interruption until it re ceives a valid IP address After receiving a valid IP address the mGuard no longer sends BootP requests The product can then no longer be accessed v...

Страница 101: ...n the mGuard must be reset to the default set tings specified above for the IP address using the Recovery procedure see Performing a recovery procedure on page 105 If the administrator web page is not...

Страница 102: ...e is supplied with the device Click Yes to acknowledge the security alert The login window is displayed Figure 5 5 Login To log in enter the preset user name and password please note these settings ar...

Страница 103: ...rt the web browser on the remote computer Under address enter the IP address where the mGuard can be accessed externally over the Internet or WAN together with the port number if required Example If t...

Страница 104: ...the following states Performing a restart Performing a recovery procedure Flashing the firmware rescue procedure Figure 5 6 Reset button 5 8 1 Performing a restart Objective The device is restarted wi...

Страница 105: ...easons for performing the recovery procedure The mGuard is in Router or PPPoE mode The configured device address of the mGuard differs from the default setting The current IP address of the device is...

Страница 106: ...his SD card has been inserted into the mGuard The relevant firmware files are available for download from the download page of www innominate com The files must be located under the following path nam...

Страница 107: ...950 mm X 18 mm X 130 mm Weight 72 g Firmware and power values Firmware compatibility For mGuard v7 5 0 or later Innominate recommends the use of the latest firmware version and patch releases in each...

Страница 108: ...mGuard pci SD 108 Innominate Security Technologies I15007_en_02...

Страница 109: ...ice or when traveling The mGuard smart is a further development of the mGuard smart To aid understanding mGuard smart is mostly used for the two device versions in this user manual The proper ties des...

Страница 110: ...d to the power supply After a few seconds this LED changes to the heartbeat state Green Flashing Heartbeat The device is correctly connected and operating Red Flashing System error Restart the device...

Страница 111: ...ing The scope of supply includes mGuard smart Package slip NOTE Risk of material damage due to incorrect wiring Only connect the mGuard network ports to LAN installations Some telecommunications conne...

Страница 112: ...Con nections to the remote device or network are established via this network Use a UTP cable CAT5 Figure 6 3 mGuard smart Connection in the network Before After A LAN can also be on the left If your...

Страница 113: ...tup of mGuard products provided in Stealth mode is considerably easier From this version onwards the EIS Easy Initial Setup procedure en ables startup to be performed via preset or user defined manage...

Страница 114: ...twork interface is not connected on startup Computers can access the mGuard via https 1 1 1 1 if they are directly or indirectly con nected to the LAN port of the mGuard For this purpose the mGuard wi...

Страница 115: ...This is the case if it is connected in an existing network connection and if the default gateway can be accessed via the WAN port of the mGuard at the same time In this case the web browser establishe...

Страница 116: ...nsmits BootP requests without interruption until it re ceives a valid IP address After receiving a valid IP address the mGuard no longer sends BootP requests The product can then no longer be accessed...

Страница 117: ...ot known the mGuard must be reset to the default set tings specified above for the IP address using the Recovery procedure see Performing a recovery procedure on page 121 If the administrator web page...

Страница 118: ...cate is supplied with the device Click Yes to acknowledge the security alert The login window is displayed Figure 6 4 Login To log in enter the preset user name and password please note these settings...

Страница 119: ...tart the web browser on the remote computer Under address enter the IP address where the mGuard can be accessed externally over the Internet or WAN together with the port number if required Example If...

Страница 120: ...rocedure Flashing the firmware rescue procedure Figure 6 5 Reset button 6 8 1 Performing a restart Objective The device is restarted with the configured settings Action Press the Reset button for arou...

Страница 121: ...easons for performing the recovery procedure The mGuard is in Router or PPPoE mode The configured device address of the mGuard differs from the default setting The current IP address of the device is...

Страница 122: ...y and prepares for a new firmware installation The three green LEDs form a running light The jffs2 img p7s firmware file is downloaded from the TFTP server or SD card and written to the Flash memory T...

Страница 123: ...y For mGuard v7 2 or later Innominate recommends the use of the latest firm ware version and patch releases in each case For the scope of functions please refer to the relevant firmware data sheet Dat...

Страница 124: ...condensing Degree of protection IP30 Dimensions H x W x D 27 x 77 x 115 mm Weight 158 g Firmware and power values Firmware compatibility mGuard v5 0 or later Innominate recommends firmware version 6 x...

Страница 125: ...c IP address The mGuard centerport performs secure remote services such as remote support remote diagnostics remote maintenance and condition monitoring for a large number of machines and systems via...

Страница 126: ...perating elements and LEDs on the mGuard centerport front side LEDs 19 angled connector ON OFF button SD card slot Front 19 angled connector USB ports Display Table 7 2 LEDs on the mGuard centerport L...

Страница 127: ...ckage slip 2 x AC mains connecting cables 19 server rails telescopic rails 2 x short 2 x long Screw set Installation instructions for 19 frame industrial cabinet Quickrails installation instruc tions...

Страница 128: ...ockets to the mains or power supply source 100 240 V AC using a mains connecting cable 3 Connect the network connections see Connecting the network connections on page 129 4 Optional Connect a PC moni...

Страница 129: ...port of the device to a network connection of the local network LAN This network is used for communication according to the firewall rules of the demilita rized zone DMZ IPMI port Use a UTP cable CAT5...

Страница 130: ...lug the mains plug to disconnect the device from the mains If the device is installed in a control cabinet where the sockets cannot be accessed an ad equate disconnecting device must be installed duri...

Страница 131: ...Check the file system s of firmware on rootfs1 If required checks and repairs all firmware file systems This menu item is only to be used in special cases when the user has the appropriate knowledge o...

Страница 132: ...gura tion of your computer Example Under Windows 7 proceed as follows In the Control Panel open the Network and Sharing Center Click on LAN connection The LAN connection item is only displayed if a co...

Страница 133: ...PPPoE or PPTP mode has been set to a different value and the current address is not known the mGuard must be reset to the default set tings specified above for the IP address using the Recovery proce...

Страница 134: ...acknowledge the security alert The login window is displayed Figure 7 5 Login Enter your user name and password which are specified for this access type For access type Administration the user name an...

Страница 135: ...Start the web browser on the remote computer Under address enter the IP address where the mGuard can be accessed externally over the Internet or WAN together with the port number if required Example...

Страница 136: ...reset to router mode with the fixed IP address The CIFS integrity monitoring function is also disabled because this only works when the management IP is active In addition MAU configuration is activat...

Страница 137: ...ebsite and has been saved on the installation medium of your choice or on the local installation computer If your current firmware version is newer than the version by default upon delivery a li cense...

Страница 138: ...Start rescue procedure via DHCP BootP TFTP Effect The mGuard downloads the necessary files from the TFTP server install x86_64 p7s firmware img x86_64 p7s Start rescue procedure from CD DVD USB stick...

Страница 139: ...CD DVD with the mGuard firmware into the CD DVD drive For security reasons the mGuard centerport does not boot from the CD DVD Once the rescue procedure is complete a corresponding message appears on...

Страница 140: ...he mGuard centerport does not boot from an SD card Once the rescue procedure is complete a corresponding message appears on the monitor Follow any further on screen instructions The mGuard is in the d...

Страница 141: ...x D 44 mm x 447 mm x 458 mm 1 HU x 19 x 18 5 Weight 9 kg Firmware and power values Firmware compatibility mGuard v8 1 2 or later Innominate recommends using the latest patch releases For the scope of...

Страница 142: ...mGuard centerport 142 Innominate Security Technologies I15007_en_02...

Страница 143: ...d network environments where the locally connected computers networks share the mGuard functions An additional serial interface enables configuration via a telephone dial up connection or a terminal W...

Страница 144: ...t LAN Figure 8 2 Operating elements and LEDs on the mGuard delta Table 8 2 LEDs on the mGuard delta LED State Meaning Power On The power supply is active Status On The mGuard starts Heartbeat Flash fl...

Страница 145: ...cludes mGuard delta Package slip One 5 V DC power supply Two UTP Ethernet cables NOTE Risk of material damage due to incorrect wiring Only connect the mGuard network ports to LAN installations Some te...

Страница 146: ...local computer or the local network to one of the Ethernet LAN connections 4 to 7 of the mGuard delta using a UTP Ethernet cable CAT5 WARNING The serial interface DE 9 plug in connection must not be c...

Страница 147: ...ons must be working 8 4 2 Local configuration on startup EIS As of firmware version 7 2 initial startup of mGuard products provided in Stealth mode is considerably easier From this version onwards the...

Страница 148: ...Click on Properties Select the menu item Internet protocol Version 4 TCP IPv4 Click on Properties First select Use the following IP address under Internet Protocol Version 4 Proper ties then enter the...

Страница 149: ...is not known the mGuard must be reset to the default set tings specified above for the IP address using the Recovery procedure see Performing a recovery procedure on page 153 If the administrator web...

Страница 150: ...e is supplied with the device Click Yes to acknowledge the security alert The login window is displayed Figure 8 4 Login To log in enter the preset user name and password please note these settings ar...

Страница 151: ...t the web browser on the remote computer Under address enter the IP address where the mGuard can be accessed externally over the Internet or WAN together with the port number if required Example If th...

Страница 152: ...ng states Performing a restart Performing a recovery procedure Flashing the firmware rescue procedure Figure 8 5 Reset button 8 7 1 Performing a restart Objective The device is restarted with the conf...

Страница 153: ...The current IP address of the device is not known Action Slowly press the Reset button six times After approximately 2 seconds the Status LED lights up green Press the Reset button slowly again six ti...

Страница 154: ...ents of the Flash memory and prepares for a new firmware installation The Status LED flashes faster The jffs2 img p7s firmware file is downloaded from the TFTP server or SD card and written to the Fla...

Страница 155: ...f protection IP20 Temperature range 0 C 40 C operation 20 C 70 C storage Dimensions H x W x D 30 x 239 x 156 mm Weight 1300 g Firmware and power values Firmware compatibility mGuard v5 0 or later Inno...

Страница 156: ...mGuard delta 156 Innominate Security Technologies I15007_en_02...

Страница 157: ...ter in which the card is installed with all mGuard functions as well as acting as a normal network card In Power over PCI mode an existing network card in the computer or another com puter network can...

Страница 158: ...e Reset button for 1 5 seconds Alternatively briefly disconnect the device power supply and then connect it again If the error is still present start the recovery procedure see Performing a recov ery...

Страница 159: ...rect wiring Only connect the mGuard network ports to LAN installations Some telecommunications connections also use RJ45 sockets these must not be connected to the RJ45 sockets of the mGuard NOTE Conn...

Страница 160: ...like an mGuard stand alone device In this operating mode the mGuard pci actu ally only uses the PCI slot of a computer in order to receive power and as housing This op erating mode of the mGuard is r...

Страница 161: ...ot appear as a separate device with its own address for data traffic to and from the computer In Stealth mode PPPoE and PPTP cannot be used Router mode in Driver mode Figure 9 4 Driver mode Router mod...

Страница 162: ...e Figure 9 5 Power over PCI mode Stealth mode Since the network card functions of the mGuard pci are switched off in Power over PCI mode no driver software is installed for it A previously installed n...

Страница 163: ...as a separate network For the IP configuration of the network interface of the operating system for the computer in which the network card is installed this means that an IP address must be assigned t...

Страница 164: ...d pci is to be in stalled in order to remove electrostatic discharge The device contains components that can be damaged or destroyed by electrostatic dis charge When handling the device observe the ne...

Страница 165: ...therboard and then press the card evenly into the socket strip Tighten the card slot plate Close the computer cover again Connect the computer power cable again and switch on the computer 9 3 4 Instal...

Страница 166: ...the computer Log on with administrator rights and wait until the following window appears Figure 9 8 Driver installation under Windows XP 1 After inserting the data carrier select the Install from a...

Страница 167: ...switch on the computer Log on with administrator rights and wait until the following window appears Figure 9 9 Driver installation under Windows 2000 1 1 Click Next 2 Select Search for a suitable dri...

Страница 168: ...must be compiled before use First set up and compile the Linux kernel 2 4 25 in the directory usr src linux Extract the drivers from the ZIP to the directory usr src pci driver Execute the following...

Страница 169: ...rd products provided in Stealth mode is considerably easier From this version onwards the EIS Easy Initial Setup procedure en ables startup to be performed via preset or user defined management addres...

Страница 170: ...computer that is connected to the LAN interface of the mGuard has not yet been configured This network interface must be configured before the mGuard can be configured Under Windows XP proceed as foll...

Страница 171: ...ddresses for example In DOS Start Programs Accessories Command Prompt enter the following arp s IP address of the default gateway 00 aa aa aa aa aa Example You have determined or specified the address...

Страница 172: ...known the mGuard must be reset to the default set tings specified above for the IP address using the Recovery procedure see Performing a recovery procedure on page 176 If the administrator web page is...

Страница 173: ...is supplied with the device Click Yes to acknowledge the security alert The login window is displayed Figure 9 12 Login To log in enter the preset user name and password please note these settings are...

Страница 174: ...the web browser on the remote computer Under address enter the IP address where the mGuard can be accessed externally over the Internet or WAN together with the port number if required Example If the...

Страница 175: ...ing states Performing a restart Performing a recovery procedure Flashing the firmware rescue procedure Figure 9 13 Reset button 9 8 1 Performing a restart Objective The device is restarted with the co...

Страница 176: ...e reasons for performing the recovery procedure The mGuard is in Router or PPPoE mode The configured device address of the mGuard differs from the default setting The current IP address of the device...

Страница 177: ...sword have been lost Requirements Requirements for flashing If the mGuard is operated in Power over PCI mode the DHCP TFTP server must be connected via the LAN socket of the mGuard If the mGuard is op...

Страница 178: ...ver or SD card and written to the Flash memory This file contains the actual mGuard operating system and is signed electronically Only files signed by Innominate are accepted This process takes around...

Страница 179: ...C 70 C storage Dimensions H x W x D Low profile PCI Weight 72 g Firmware and power values Firmware compatibility mGuard v5 0 or later Innominate recommends firmware version 6 x or 7 x to be used with...

Страница 180: ...mGuard pci 180 Innominate Security Technologies I15007_en_02...

Страница 181: ...on is therefore ideal for use in industrial applica tions where several server systems can be protected individually and independently of one another An additional serial interface enables remote conf...

Страница 182: ...eset button for 1 5 seconds If the error is still present start the recovery procedure see Performing a re covery procedure on page 193 or contact your dealer WAN LAN Green On or flash ing Ethernet st...

Страница 183: ...the controller Two power supply units Two power cables 12 place holders 12 labeling plates M1 to M12 Screws for mounting the mGuard bladebase NOTE Risk of material damage due to incorrect wiring Only...

Страница 184: ...on the front of the power supplies are now green Installation of mGuard blade The mGuard bladebase does not have to be switched off when installing or removing an mGuard blade Loosen the top and bott...

Страница 185: ...he firewall CIFS integrity monitoring and VPN functions are reset and deactivated Connecting the mGuard blade Figure 10 4 Connecting the mGuard blade to the network NOTE If your computer is already co...

Страница 186: ...GSM network The user of a remote PC which is also connected to the telephone network by a modem can then establish a PPP Point to Point Protocol dial up connection to the mGuard and config ure it via...

Страница 187: ...products provided in Stealth mode is considerably easier From this version onwards the EIS Easy Initial Setup procedure en ables startup to be performed via preset or user defined management addresse...

Страница 188: ...lick on Properties Select the menu item Internet protocol Version 4 TCP IPv4 Click on Properties First select Use the following IP address under Internet Protocol Version 4 Proper ties then enter the...

Страница 189: ...ot known the mGuard must be reset to the default set tings specified above for the IP address using the Recovery procedure see Performing a recovery procedure on page 193 If the administrator web page...

Страница 190: ...is supplied with the device Click Yes to acknowledge the security alert The login window is displayed Figure 10 6 Login To log in enter the preset user name and password please note these settings ar...

Страница 191: ...rt the web browser on the remote computer Under address enter the IP address where the mGuard can be accessed externally over the Internet or WAN together with the port number if required Example If t...

Страница 192: ...owing states Performing a restart Performing a recovery procedure Flashing the firmware rescue procedure Figure 10 7 Reset button 10 7 1 Performing a restart Objective The device is restarted with the...

Страница 193: ...The current IP address of the device is not known Action Slowly press the Reset button six times After approximately 2 seconds the LAN LED lights up red Press the Reset button slowly again six times...

Страница 194: ...d are executed The control procedure deletes the current contents of the Flash memory and prepares for a new firmware installation The green LEDs and the red LAN LED form a running light The jffs2 img...

Страница 195: ...C storage Dimensions H x W x D blade 100 x 26 x 160 mm bladebase 133 x 483 x 235 mm 3 HU Weight blade 245 g bladepack 7 7 kg Firmware and power values Firmware compatibility mGuard v5 0 or later Inno...

Страница 196: ...mGuard blade 196 Innominate Security Technologies I15007_en_02...

Страница 197: ...usand simultaneous tunnels which all belong to the same unique public IP address The mGuard centerport performs secure remote services such as remote support remote diagnostics remote maintenance and...

Страница 198: ...ments and LEDs on the mGuard centerport front side Figure 11 3 Operating elements for the mGuard centerport with front flap open Table 11 2 LEDs on the mGuard centerport LED State Meaning Green On Lig...

Страница 199: ...erport Package slip 2 x keys for front flap lock 2 x AC mains connecting cables Rubber feet self adhesive NOTE Risk of material damage due to incorrect wiring Only connect the mGuard network ports to...

Страница 200: ...drives reset button and ON OFF switch Ensure that you keep safe hold of the two keys provided Housing on page 202 8 Connect the two power supply units to the mains or power supply source via the two...

Страница 201: ...ne Or a modem is connected to the serial interface of the mGuard This modem is connect ed to the telephone network fixed line or GSM network The user of a remote PC which is also connected to the tele...

Страница 202: ...ing booting mGuard centerport Press the ON OFF button The mGuard centerport boots the firmware and is ready to operate 11 3 4 1 Boot options when monitor and keyboard are connected If a monitor and a...

Страница 203: ...when the user has the appropriate knowledge or upon instruction from the dealer support team The mGuard firmware checks and repairs the file systems if required even during the normal startup process...

Страница 204: ...d must be connected i e the required connections must be working 11 4 2 Local configuration on startup EIS As of firmware version 7 2 initial startup of mGuard products provided in Stealth mode is con...

Страница 205: ...er Click on Properties Select the menu item Internet protocol Version 4 TCP IPv4 Click on Properties First select Use the following IP address under Internet Protocol Version 4 Proper ties then enter...

Страница 206: ...is not known the mGuard must be reset to the default set tings specified above for the IP address using the Recovery procedure see Performing a recovery procedure on page 210 If the administrator web...

Страница 207: ...ate is supplied with the device Click Yes to acknowledge the security alert The login window is displayed Figure 11 6 Login To log in enter the preset user name and password please note these settings...

Страница 208: ...tart the web browser on the remote computer Under address enter the IP address where the mGuard can be accessed externally over the Internet or WAN together with the port number if required Example If...

Страница 209: ...ey which can be used to perform a restart The res cue procedure and therefore the reloading of mGuard firmware is initiated via the boot menu Figure 11 7 Reset button 11 8 Performing a restart Objecti...

Страница 210: ...rs from the default setting The current IP address of the device is not known Action Requirement a monitor and a keyboard are connected to the device Press the following keyboard shortcut Alt SysRq a...

Страница 211: ...r using this update This applies to major release upgrades e g from Version 4 x y to Version 5 x y to Version 6 x y etc DHCP and TFTP servers can be accessed under the same IP address Action To flash...

Страница 212: ...he mGuard centerport does not boot from the CD Start rescue procedure from USB mass storage Requirement The firmware of the mGuard has been previously copied to a USB stor age medium USB stick As the...

Страница 213: ...e rescue procedure Rescue Config serial lic As above only the wildcard serial is replaced by the serial number of the device The same CD can be used for various devices simultaneously Rescue Config pr...

Страница 214: ...of service Degree of protection Front IP20 Temperature range 0 C 50 C operation 20 C 70 C storage Dimensions H x W x D 88 x 482 x 472 mm 2 HE x 19 x 18 58 Weight 10 kg Firmware and power values Firmw...

Страница 215: ...ostics re mote configuration The device is designed for standard DIN rail mounting and is therefore ideal for use in industrial applications The VPN tunnels can be initiated using software or hardware...

Страница 216: ...contact is open due to an error see Signal contact on page 222 The signal contact is interrupted during a restart State Green Flash ing Heartbeat The device is correctly connected and operating Error...

Страница 217: ...power supply connection inserted Terminal block for the signal contact button and an optional ISDN or telephone con nection 2 cover caps for RJ45 sockets NOTE Risk of material damage due to incorrect...

Страница 218: ...Attach the top snap on foot of the mGuard industrial rs to the DIN rail and then press the mGuard industrial rs down towards the DIN rail until it engages with a click Insert the wired terminal block...

Страница 219: ...dustrial rs alone The supply voltage is electrically isolated from the housing If the supply voltage is not redundant the mGuard industrial rs indicates the failure of the supply voltage via the signa...

Страница 220: ...rd industrial rs is available in three versions which can be distinguished by the connection options on the lower terminal strip Figure 12 5 mGuard industrial rs Lower terminal strip Please note that...

Страница 221: ...unctional earth ground Signal contact in terrupted in the event of an error Service contacts CMD ACK for establishing a predefined VPN connection Button or on off switch Signal LED 20 mA ACK CMD Lower...

Страница 222: ...ted between service contacts CMD and _ _ A standard LED up to 3 5 V or a corresponding optocoupler can be connected between contacts ACK and _ _ The contact is short circuit proof and supplies 20 mA m...

Страница 223: ...N network The table below describes the as signment of the contacts to 8 pos connections both for plugs and for sockets for example RJ45 In the case of direct connection to an ISDN NTBA the mGuard con...

Страница 224: ...connected to the telephone network by a modem can then establish a PPP Point to Point Protocol dial up connection to the mGuard and configure it via a web browser To manage data traffic via the serial...

Страница 225: ...to be performed via preset or user defined management addresses without actually having to connect to an external network The mGuard is configured using a web browser on the computer used for configu...

Страница 226: ...twork interface is not connected on startup Computers can access the mGuard via https 1 1 1 1 if they are directly or indirectly con nected to the LAN port of the mGuard For this purpose the mGuard wi...

Страница 227: ...This is the case if it is connected in an existing network connection and if the default gateway can be accessed via the WAN port of the mGuard at the same time In this case the web browser establish...

Страница 228: ...nsmits BootP requests without interruption until it re ceives a valid IP address After receiving a valid IP address the mGuard no longer sends BootP requests The FL MGUARD can then no longer be access...

Страница 229: ...known the mGuard must be reset to the default set tings specified above for the IP address using the Recovery procedure see Performing a recovery procedure on page 233 If the administrator web page i...

Страница 230: ...cate is supplied with the device Click Yes to acknowledge the security alert The login window is displayed Figure 12 10 Login To log in enter the preset user name and password please note these settin...

Страница 231: ...Start the web browser on the remote computer Under address enter the IP address where the mGuard can be accessed externally over the Internet or WAN together with the port number if required Example...

Страница 232: ...ming a recovery procedure Flashing the firmware rescue procedure Figure 12 11 Reset button 12 8 1 Performing a restart Objective The device is restarted with the configured settings Action Press the R...

Страница 233: ...sons for performing the recovery procedure The mGuard is in Router or PPPoE mode The configured device address of the mGuard differs from the default setting The current IP address of the device is no...

Страница 234: ...gned are executed The control procedure deletes the current contents of the Flash memory and prepares for a new firmware installation The Modem State and LAN LEDs form a running light The jffs2 img p7...

Страница 235: ...nge 0 C 55 C operation 20 C 70 C storage Dimensions H x W x D 100 x 45 x 112 mm Weight 250 g Firmware and power values Firmware compatibility mGuard v5 0 or later Innominate recommends firmware versio...

Страница 236: ...mGuard industrial rs 236 Innominate Security Technologies I15007_en_02...

Страница 237: ...15 and is therefore ideal for use in industrial applications The optional configuration connection and option to establish a phone dial up connection via the RS 232 interface open up a wealth of appli...

Страница 238: ...Ground connection Link status data 1 LAN USB Figure 13 2 Operating elements and LEDs on the EAGLE mGuard Table 13 2 LEDs on the EAGLE mGuard LED State Meaning P1 P2 Green On Power supply 1 or 2 is ac...

Страница 239: ...ng The scope of supply includes EAGLE mGuard Package slip NOTE Risk of material damage due to incorrect wiring Only connect the mGuard network ports to LAN installations Some telecommunications connec...

Страница 240: ...e sup plies the EAGLE mGuard alone The supply voltage is electrically isolated from the housing Startup Start up the EAGLE mGuard with the connection of the supply voltage via the 6 pos terminal block...

Страница 241: ...ace There are two options A PC is connected directly to the serial interface of the mGuard via the serial interface of the PC The PC user can then use a terminal program to configure the mGuard via th...

Страница 242: ...ed via the ground connection Network connection Both network interfaces of the EAGLE mGuard are configured for connection on a comput er Removal To remove the EAGLE mGuard from the DIN rail insert a s...

Страница 243: ...ier From this version onwards the EIS Easy Initial Setup procedure en ables startup to be performed via preset or user defined management addresses without actually having to connect to an external ne...

Страница 244: ...k interface is not connected on startup Computers can access the mGuard via https 1 1 1 1 if they are directly or indirectly con nected to the LAN port of the mGuard For this purpose the mGuard with L...

Страница 245: ...s is the case if it is connected in an existing network connection and if the default gateway can be accessed via the WAN port of the mGuard at the same time In this case the web browser establishes a...

Страница 246: ...its BootP requests without interruption until it re ceives a valid IP address After receiving a valid IP address the mGuard no longer sends BootP requests The product can then no longer be accessed vi...

Страница 247: ...known the mGuard must be reset to the default set tings specified above for the IP address using the Recovery procedure see Performing a recovery procedure on page 251 If the administrator web page i...

Страница 248: ...is supplied with the device Click Yes to acknowledge the security alert The login window is displayed Figure 13 6 Login To log in enter the preset user name and password please note these settings ar...

Страница 249: ...rt the web browser on the remote computer Under address enter the IP address where the mGuard can be accessed externally over the Internet or WAN together with the port number if required Example If t...

Страница 250: ...rescue procedure Figure 13 7 Reset button 13 8 1 Performing a restart Objective The device is restarted with the configured settings Action Press the Reset button for around 1 5 seconds until the midd...

Страница 251: ...ns for performing the recovery procedure The mGuard is in Router or PPPoE mode The configured device address of the mGuard differs from the default setting The current IP address of the device is not...

Страница 252: ...e current contents of the Flash memory and prepares for a new firmware installation The 1 2 and V 24 LEDs form a running light The jffs2 img p7s firmware file is downloaded from the TFTP server or SD...

Страница 253: ...IP20 Temperature range 0 C 60 C operation 40 C 80 C storage Dimensions H x W x D 131 x 47 x 111 mm Weight 340 g Firmware and power values Firmware compatibility mGuard v5 0 or later Innominate recomm...

Страница 254: ...EAGLE mGuard 254 Innominate Security Technologies I15007_en_02...

Страница 255: ...he start screen of the addressing tool appears The program is mainly in English However the program buttons change according to the country specific settings The start screen displays the IP address o...

Страница 256: ...settings Figure 14 2 Set IP Address window with incorrect settings Adjust the IP parameters according to your requirements If inconsistencies are no longer detected a message appears indicating that...

Страница 257: ...hat address assignment has been successfully com pleted It gives an overview of the IP parameters that have been transmitted to the device with the MAC address shown To assign IP parameters for additi...

Страница 258: ...host IP to be specified is 192 168 10 1 It must also be used as the address for the net work card Click on Browse to switch to the folder where the mGuard image files are saved in stall p7s jffs2 img...

Страница 259: ...tion provides 20 IP addresses 100 to 119 It is assumed that the DHCP server has the address 192 168 134 1 settings for ISC DHCP 2 0 The required TFTP server is configured in the following file etc ine...

Страница 260: ...Assigning IP addresses and setting up DHCP TFTP servers 260 Innominate Security Technologies I15007_en_02...

Результаты поиска

Содержание mGuard

Отзывы:

Бренды по названию

Популярные бренды

Innominate mGuard, Справочное руководство

Результаты поиска

Содержание mGuard

Отзывы:

Бренды по названию

Популярные бренды