Before you can set up the system and start configuring elements, you must consider how the different SMC components should be positioned and deployed.
The positioning of an IPS engine or Layer 2 Firewall depends on the network environment and the function of the IPS engine or Layer 2 Firewall.
IPS engines can be configured in IPS mode or IDS mode.
This online help was created for Forcepoint Next Generation Firewall (Forcepoint NGFW), version 6.11.0.
Before setting up Forcepoint Next Generation Firewall (Forcepoint NGFW), it is useful to know what the different components do and what engine roles are available.
When deploying the SMC, there are some general guidelines for positioning components to guarantee the security of the system.
The positioning of a firewall depends on the network environment and the function of the firewall.
You can run NGFW Engines on various platforms.
There are some hardware requirements and configuration limitations when you use an NGFW Engine as a Master NGFW Engine.
There are some basic hardware requirements when you run Forcepoint NGFW on third-party hardware.
There are some general deployment guidelines for IPS engines, Layer 2 Firewalls, and the Security Management Center (SMC).
IPS and Layer 2 Firewall engines pick up passing network traffic for inspection in real time. The positioning of the engines is the most critical part of the deployment.
One of the options in IDS mode is to use network TAP devices that copy packets for the IPS engines.
In an inline IPS configuration, the IPS engines are installed directly in the traffic path.
These examples show how to deploy Forcepoint NGFW in the IPS role in an organization.
There are some steps to follow after you have completed the installation, installed a basic policy, and turned the IPS engines online.
Layer 2 Firewalls can be configured in IPS mode or Passive Firewall mode.
This example shows how to deploy Forcepoint NGFW in the Layer 2 Firewall role in an organization.
There are some steps to follow after you have completed the installation, installed a basic policy, and turned the Layer 2 Firewall engines online.
The cabling of IPS engines and Layer 2 Firewalls depends on the engine type and the installation.
Mismatched speed and duplex settings are a frequent source of networking problems.
After deploying the SMC components, you are ready to start using the Management Client and carrying out some of the first configuration tasks.
You can use the SMC to monitor system components and third-party devices. You can also view and filter logs, and create Reports from them.
You can command and set options for engines through the Management Client or on the engine command line. You can also stop traffic manually.
Security Management Center (SMC) configuration allows you to customize how the SMC components work.
You can create and modify Firewalls, IPS engines, Layer 2 Firewalls, Master NGFW Engines and Virtual NGFW Engines. You can configure the NGFW Engine properties, activate optional features, and configure advanced NGFW Engine settings.
Use the Management Client to configure static or dynamic routing, and use a Multi-Link configuration to manage and distribute inbound and outbound connections.
Policies are key elements that contain rules for allowing or blocking network traffic and inspecting the content of traffic.
User accounts are stored in internal databases or external directory servers. You can use Forcepoint NGFW in the Firewall/VPN role or external authentication servers to authenticate users.
Forcepoint NGFW supports both policy-based and route-based VPN (virtual private network) tunnels between VPN gateways. For full remote access, Forcepoint NGFW supports both IPsec and SSL VPN tunnels for VPN clients.
Maintenance includes procedures that you do not typically need to do frequently.
Troubleshooting helps you resolve common problems in the Forcepoint NGFW and SMC.