Radware DefensePro VA Скачать руководство пользователя

Страница: 1 / 83

DefensePro VA

INSTALLATION AND

MAINTENANCE GUIDE

Document ID: RDWR-DPVA_IG2005

May, 2020

Содержание DefensePro VA

Страница 1: ...DefensePro VA INSTALLATION AND MAINTENANCE GUIDE Document ID RDWR DPVA_IG2005 May 2020...

Страница 2: ...DefensePro VA Installation and Maintenance Guide 2 Document ID RDWR DPVA_IG2005...

Страница 3: ...s guide or any part thereof without the prior written consent of Radware Notice importante Ce guide est sujet aux conditions et restrictions suivantes Les applications AppShape Script Files fournies p...

Страница 4: ...uch enthaltenen Informationen sind Eigentum von Radware und m ssen streng vertraulich behandelt werden Es ist streng verboten dieses Handbuch oder Teile daraus ohne vorherige schriftliche Zustimmung v...

Страница 5: ...h or without modification are permitted provided that the following conditions are met 1 Redistributions of source code must retain the above copyright notice this list of conditions and the following...

Страница 6: ...ogiciel d velopp par Dug Song Ce produit inclut un logiciel d velopp par Aaron Campbell Ce produit inclut un logiciel d velopp par Damien Miller Ce produit inclut un logiciel d velopp par Kevin Steves...

Страница 7: ...lt einen vom OpenBSD Projekt entwickelten Code Copyright 1983 1990 1992 1993 1995 The Regents of the University of California Alle Rechte vorbehalten Die Verbreitung und Verwendung in Quell und bin re...

Страница 8: ...ranted against defects in material and workmanship for a period of one year from date of shipment Radware software carries a standard warranty that provides bug fixes for up to 90 days after date of p...

Страница 9: ...egen Material und Verarbeitungsfehler f r einen Zeitraum von einem Jahr ab Lieferdatum Radware Software verf gt ber eine Standard Garantie zur Fehlerbereinigung f r einen Zeitraum von bis zu 90 Tagen...

Страница 10: ...EE COMME LIMITATIVE TOUS DOMMAGES DIRECTS INDIRECTS ACCIDENTELS SPECIAUX EXEMPLAIRES OU ACCESSOIRES INCLUANT MAIS SANS S Y RESTREINDRE LA FOURNITURE DE PRODUITS OU DE SERVICES DE REMPLACEMENT LA PERTE...

Страница 11: ...1 Electrical Shock Hazard Label DUAL POWER SUPPLY SYSTEM SAFETY WARNING IN CHINESE The following figure is the warning for Radware platforms with dual power supplies Figure 2 Dual Power Supply System...

Страница 12: ...nterference when the equipment is operated in a commercial environment This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with the instruc...

Страница 13: ...abel adjacent to the power inlet housing the fuse 6 Do not operate the device in a location where the maximum ambient temperature exceeds 40 C 104 F 7 Be sure to unplug the power supply cord from the...

Страница 14: ...curit pour les syst mes dotes de deux sources d alimentation lectrique en chinois Traduction de la Avertissement de s curit pour les syst mes dotes de deux sources d alimentation lectrique en chinois...

Страница 15: ...utilise et peut mettre des fr quences radio et s il n est pas install et utilis conform ment au manuel d instructions peut entra ner des interf rences nuisibles aux communications radio Le fonctionnem...

Страница 16: ...d le similaire de m me puissance tel qu indiqu sur l tiquette de s curit adjacente l arriv e lectrique h bergeant le fusible 6 Ne faites pas fonctionner l appareil dans un endroit o la temp rature amb...

Страница 17: ...pacit comme indiqu sur l tiquette de s curit proche de l entr e de l alimentation qui contient le fusible 5 NE PAS UTILISER l quipement dans des locaux dont la temp rature maximale d passe 40 degr s C...

Страница 18: ...ICHERUNGEN Vergewissern Sie sich dass nur Sicherungen mit der erforderlichen Stromst rke und der angef hrten Art verwendet werden Die Verwendung reparierter Sicherungen sowie die Kurzschlie ung von Si...

Страница 19: ...p ersetzt k nnte dies zu einer Explosion f hren Dies trifft zu f r manche Arten von Lithiumsbatterien zu und das folgende gilt es zu beachten Wird die Batterie in einem Bereich f r Bediener eingesetzt...

Страница 20: ...tements are presented in English French and German Electromagnetic Interference Statements SPECIFICATION CHANGES Specifications are subject to change without notice Note This equipment has been tested...

Страница 21: ...ke adequate measures D clarations sur les Interf rences lectromagn tiques MODIFICATIONS DES SP CIFICATIONS Les sp cifications sont sujettes changement sans notice pr alable Remarque Cet quipement a t...

Страница 22: ...commission des communications de Cor e pour les equipements de radiodiffusion et communication Figure 13 D claration pour l quipement de classe A certifi KCC en langue cor enne Translation de la D cla...

Страница 23: ...e Interferenzen auf eigene Kosten zu korrigieren ERKL RUNG DER VCCI ZU ELEKTROMAGNETISCHER INTERFERENZ Figure 15 Erkl rung zu VCCI zertifizierten Ger ten der Klasse A bersetzung von Erkl rung zu VCCI...

Страница 24: ...u BSMI zertifizierten Ger ten der Klasse A Dies ist ein Class A Produkt bei Gebrauch in einer Wohnumgebung kann es zu Funkst rungen kommen in diesem Fall ist der Benutzer verpflichtet angemessene Ma n...

Страница 25: ...n an Ger t Software oder Daten Note Additional information Informations compl mentaires Zus tzliche Informationen To A statement and instructions R f rences et instructions Eine Erkl rung und Anweisun...

Страница 26: ...DefensePro VA Installation and Maintenance Guide 26 Document ID RDWR DPVA_IG2005...

Страница 27: ...lation and Configuration 32 Prerequisites 32 DefensePro VA for KVM Deployment 32 Optimizing the VM for Best DefensePro VA Performance 37 Configuring DefensePro VA for KVM 37 DefensePro VA for VMware I...

Страница 28: ...ation Files 69 Upgrading DefensePro VA 69 Downloading the Software Image File 70 CHAPTER 4 DEFENSEPRO VA RECOVERY AND LICENSE MIGRATION PROCEDURE 71 Recovery and License Migration Procedure over a KVM...

Страница 29: ...tualization concepts and the process of network appliance installations How This Book Is Organized This book contains the following chapters and appendixes DefensePro VA Installation and Configuration...

Страница 30: ...DefensePro VA Installation and Maintenance Guide Preface 30 Document ID RDWR DPVA_IG2005...

Страница 31: ...tion and Configuration page 32 DefensePro VA for VMware Installation and Configuration for Passthrough Mode page 38 DefensePro VA for VMware Installation and Configuration for VirtIO Mode page 53 Obta...

Страница 32: ...ePro VA for KVM Deployment page 32 Optimizing the VM for Best DefensePro VA Performance page 37 Configuring DefensePro VA for KVM page 37 Prerequisites DefensePro VA supports PCI passthrough mode only...

Страница 33: ...ownload and extract the installation file for example DefensePro_VA_8_17_00 tgz into a local directory on the host where the hypervisor is located 2 Locate the folder to where the installation file wa...

Страница 34: ..._IG2005 6 Select the directory to where DefensePro VA is to be installed default var lib libvirt images 7 Set the name or accept the default name of DefensePro VA 8 From the list shown select two prev...

Страница 35: ...GbE or Intel Ethernet Controller XL710 40 GbE For the best performance if the vCPU fits into a single NUMA if the number of vCPUs are less than or equal to the number of cores in a single NUMA Radware...

Страница 36: ...Note When DefensePro VA for KVM is installed through a libvirt virsh deployment a virtual serial line or virsh console to the serial line is used instead of the usual TTY Therefore you should switch t...

Страница 37: ...itecture Radware recommends assigning all DefensePro VA vCPUs to cores hyperthreads on the same NUMA node You should also be aware of the of PCI slots to NUMA nodes mapping on such a host machine Use...

Страница 38: ...age page 44 Configuring the DefensePro VA VM Settings page 48 Core Pinning page 52 Prerequisites For passthrough mode you should first associate the physical ports of the host server PCI addresses wit...

Страница 39: ...intenance Guide DefensePro VA Installation and Configuration Document ID RDWR DPVA_IG2005 39 3 Select Virtual Machine and click Next 4 Select Create a vSphere standard switch and select one of the ava...

Страница 40: ...DefensePro VA Installation and Maintenance Guide DefensePro VA Installation and Configuration 40 Document ID RDWR DPVA_IG2005 5 Add Network Label Name and click Next 6 Click Finish...

Страница 41: ...dge on the vSwitch 7 Repeat the process to create a second bridge For the second bridge used internally by DefensePro VA create a vSphere switch step 4 without selecting a connection Selecting Network...

Страница 42: ...R DPVA_IG2005 To set the NICs for passthrough 1 Open the vSphere client and select the node of the host machine 2 In the Configuration tab select Hardware Advanced Settings A list of all the available...

Страница 43: ...r VMs and to prevent the hypervisor from moving them Memory over subscription is discouraged In a hyperthreaded environment it is best to configure an even number of DefensePro engines and allocate wh...

Страница 44: ...the DefensePro VA OVA Package To deploy the DefensePro VA OVA 1 Log into the VMware vSphere client 2 Deploy the OVA package by selecting File Deploy OVF Template The Deployment OVF Template wizard di...

Страница 45: ...nstallation and Maintenance Guide DefensePro VA Installation and Configuration Document ID RDWR DPVA_IG2005 45 4 In the End User Agreement dialog box click Accept to accept the end user license agreem...

Страница 46: ...ment ID RDWR DPVA_IG2005 5 In the Name and Location dialog box provide a name and location for the deployed template The name can contain up to 80 characters and must be unique within the inventory fo...

Страница 47: ...d and then click Finish Note Ensure that the option Power on after deployment is not selected Configuring the Network Adapters 1 From the Home Inventory drop down menu select Templates and VMs 2 In th...

Страница 48: ...u have to resize the VM by setting the vCPUs disk and RAM size enable huge page assign the PCI passthrough NICs for data ports and add a serial connection for console To configure the VM settings 1 Ac...

Страница 49: ...guration Document ID RDWR DPVA_IG2005 49 4 Press OK Assign the PCI passthrough NIC designated in the prerequisites stage to the DefensePro VA VM 5 From the navigation tree right click on the Virtual M...

Страница 50: ...ation and Maintenance Guide DefensePro VA Installation and Configuration 50 Document ID RDWR DPVA_IG2005 8 Click Next and Finish Do this for the two interface ports 9 Select the PCI NIC to attach to t...

Страница 51: ...llation and Maintenance Guide DefensePro VA Installation and Configuration Document ID RDWR DPVA_IG2005 51 10 Click Finish 11 Repeat steps 1 through 5 to attach all the NICs to the VM The VM settings...

Страница 52: ...Telnet port 20XX for example setup 29 will be 2029 Core Pinning In order to optimize performance it is suggested to set core pinning in VMware To set core pinning 1 In the virtual machine go to the R...

Страница 53: ...m Nodes and select 1 Core pining is now configured DefensePro VA for VMware Installation and Configuration for VirtIO Mode This procedure details the steps and prerequisite procedures required for ins...

Страница 54: ...are infrastructure including A VMware ESX server versions 5 5 6 0 An installed vSphere client The DefensePro VA OVA package For console support VMware requires an Enterprise license Creating a vSwitch...

Страница 55: ...intenance Guide DefensePro VA Installation and Configuration Document ID RDWR DPVA_IG2005 55 4 Select Create a vSphere standard switch and select one of the available connections and click Next 5 Add...

Страница 56: ...ePro VA Installation and Maintenance Guide DefensePro VA Installation and Configuration 56 Document ID RDWR DPVA_IG2005 6 Click Finish This creates a vSwitch 7 Repeat the process to create a second vS...

Страница 57: ...re switch step 4 without selecting a connection Note Make sure you set both data vSwitches to Promiscuous Mode Accept as shown below Deploying the DefensePro VA OVA Package DefensePro VA for ESXi OS c...

Страница 58: ...5 3 In the Deploy OVF Template dialog box for Deploy from a file click Browse to select the DefensePro VA OVA file and click Next 4 In the Name and Location dialog box provide a name and location for...

Страница 59: ...ment ID RDWR DPVA_IG2005 59 5 In the Host Cluster screen select a server to add the DefensePro VM to 6 Click Next until you get to the Network Mapping screen Two interfaces are shown one is for manage...

Страница 60: ...fensePro VA from the list and then select Edit Settings Note If no virtual machines are displayed verify that Show VMs in Inventory is selected in the Vsphere client View menu option 3 Assign each net...

Страница 61: ...t ID RDWR DPVA_IG2005 61 To configure the VM settings 1 Access the vSphere client 2 Right click on the DefensePro VA VM and select Edit Settings 3 Enter the number of virtual sockets as 1 and the numb...

Страница 62: ...tenance Guide DefensePro VA Installation and Configuration 62 Document ID RDWR DPVA_IG2005 5 Select the relevant data vSwitch for the setup Do this step twice once for the client and once for the serv...

Страница 63: ...igure an even number of DefensePro engines and allocate whole physical cores both hyperthreads on each physical core for DefensePro VA and not mix them with other VMs On a host with multiple CPUs usin...

Страница 64: ...DefensePro VA Installation and Maintenance Guide DefensePro VA Installation and Configuration 64 Document ID RDWR DPVA_IG2005 e Select Advanced Memory f Select Use Memory from Nodes and select 1...

Страница 65: ...Configuration Document ID RDWR DPVA_IG2005 65 6 At the end of the process the VM settings should look as follows 7 Power on the Virtual machine 8 Log in to the VM console Connect to the servers IP for...

Страница 66: ...hroughput and 2 vCPUs After 60 days traffic will be bypassed and you are required to purchase permanent DefensePro VA throughput and vCPU licenses DefensePro VA throughput license options include 200M...

Страница 67: ...new license 1 In the Radware portal in the Software License Generator screen https portals radware com Customer Home Tools LicenseGeneratorSW enter the MAC or IP address your name and product select...

Страница 68: ...DefensePro VA Installation and Maintenance Guide DefensePro VA Installation and Configuration 68 Document ID RDWR DPVA_IG2005...

Страница 69: ...Managing Configuration Files To ensure off device configuration backup you should always save existing configurations of each DefensePro VA instance You can save the configuration file using APSolute...

Страница 70: ...hardware appliance For more information see the DefensePro Installation and Maintenance Guide An upgrade password is required when you upgrade to a major version For example an upgrade from version 8...

Страница 71: ...e is started before the Linux UDEV sub system recognizes the new MAC addresses and creates a new rule file if you later change the MAC addresses and start the system again the UDEV will add the new MA...

Страница 72: ...nt ID RDWR DPVA_IG2005 3 Enter the command virsh edit domain_name to open the KVM domain VM XML definition file 4 Find the MAC address in the XML definition file as shown in the example below and manu...

Страница 73: ...ro VA Installation and Maintenance Guide DefensePro VA Recovery and License Migration Procedure Document ID RDWR DPVA_IG2005 73 5 Re install the original licenses by running the command oper swkey lic...

Страница 74: ...DefensePro VA Installation and Maintenance Guide DefensePro VA Recovery and License Migration Procedure 74 Document ID RDWR DPVA_IG2005...

Страница 75: ...ge 77 Validating the PCI Slots 1 When you insert the PCI NICs into the host server write down the slot number 2 For performance optimization when more than one NIC is used Radware recommends that you...

Страница 76: ...ates a file PCImapping txt which includes the PCI mapping of the host see the example in Figure 20 PCImapping txt Example page 77 2 In the PCImapping txt file search for the string Physical Slot 5 for...

Страница 77: ...Imapping txt Example Association of the NIC ports After you have all the PCI addresses written down continue with the installation detailed in DefensePro VA for KVM Installation and Configuration page...

Страница 78: ...DefensePro VA Installation and Maintenance Guide Configuring DefensePro VA in PCI Passthrough Mode 78 Document ID RDWR DPVA_IG2005...

Страница 79: ...E PACKAGE CONTAINING RADWARE S PRODUCT OR BEFORE DOWNLOADING INSTALLING COPYING OR OTHERWISE USING RADWARE S STANDALONE SOFTWARE AS APPLICABLE THE SOFTWARE IS LICENSED NOT SOLD BY OPENING THE PACKAGE...

Страница 80: ...u agree to pay Radware any amounts due for any applicable license fees at Radware s then current list prices 3 Lab Development License Notwithstanding anything to the contrary in this License Agreemen...

Страница 81: ...acknowledge and agree that the Software is a proprietary product of Radware and or its licensors and is protected under applicable copyright law 8 No Warranty The Software and any and all accompanyin...

Страница 82: ...rmination This License Agreement is effective upon the first to occur of your opening the package of the Product purchasing downloading installing copying or using the Software or any portion thereof...

Страница 83: ...e entitled to injunction relief This License Agreement constitutes the entire agreement between the parties hereto and supersedes all prior agreements between the parties hereto with respect to the su...

Результаты поиска

Содержание DefensePro VA

Отзывы:

Похожие инструкции для DefensePro VA

Бренды по названию

Популярные бренды

Radware DefensePro VA, Руководство по установке и обслуживанию

Результаты поиска

Содержание DefensePro VA

Отзывы:

Похожие инструкции для DefensePro VA

Бренды по названию

Популярные бренды