A template group always applies to one or more LogAn devices. The procedure for adding MDs to UserGate Management Center consists of the following steps:
Task |
Description |
---|---|
Step 1. Enable access to UGMC from the MDs. |
On the UGMC server, allow the UserGate Management Center service in the zone to which the MDs are connected. The UGMC server listens for MD connections on TCP ports 2022 and 9712. Data transfer between the UGMC server and MDs occurs over an encrypted data link. |
Step 2. Create a LogAn MD object. |
In the LogAn management --> LogAn devices section of the realm management console, click Add and provide the desired settings. |
Step 3. Link the LogAn MD object just created to a real UserGate NGFW device. |
In the LogAn management console, set up the link between UGMC and the device. This can be done during the initial configuration of LogAn or on an already configured LogAn device. Both options are described in detail later in this chapter. |
When creating a LogAn MD object, provide the following settings:
Name |
Description |
---|---|
Enabled |
Enables the MD object. When enabled, the MD object takes up one license. |
Name |
The name of the MD. The name can be arbitrary. |
Description |
A description of the MD. |
Templates group |
The templates group whose settings should be applied to this MD. |
Sync mode |
Select the mode used to synchronize the template group settings with the device. There are three options:
Regardless of the selected mode, it is possible to start synchronization of all settings for selected devices (click Actions --> Run full resync now in the LogAn management --> LogAn devices section). |
To enable LogAn-to-UGMC communication during the initial configuration, follow these steps:
Task |
Description |
---|---|
Step 1. Copy the device code. |
In UGMC, select the MD object you created and click Actions --> Show device unique code. Copy the code to the clipboard. |
Step 2. During the initial setup of the LogAn MD, select installation using UGMC. |
During the initial setup, at the step where the administrator login and password are set, select the link Configure by UserGate Management Center. |
Step 3. Provide the desired settings for the new node and enter the unique device code. |
Specify the following settings:
|
Step 4. Check the connection. |
After connecting to UGMC, LogAn should receive all settings prepared for it in UGMC. In LogAn, these settings are displayed with a lock icon, meaning that a local administrator cannot change them. In the UGMC console, the MD object will display additional information on the connected device, such as PIN code, serial number, license information, RAM usage, etc. |
To enable LogAn-to-UGMC communication for an already configured LogAn device, follow these steps:
Task |
Description |
---|---|
Step 1. Copy the device code. |
In UGMC, select the MD object you created and click Actions --> Show device unique code. Copy the code to the clipboard. |
Step 2. Specify the IP address of the UGMC server and enter the unique device code. |
In the General settings --> Management center agent, select Configure, specify the IP address of the UGMC server, paste the unique device code, and enable this connection. The UGMC server must be accessible over the network from this LogAn device for a successful completion of this step. |
Step 3. Check the connection. |
After connecting to UGMC, LogAn should receive all settings prepared for it in UGMC. In LogAn, these settings are displayed with a lock icon, meaning that a local administrator cannot change them. In the UGMC console, the MD object will display additional information on the connected device, such as PIN code, serial number, license information, RAM usage, etc. |
After the LogAn device has been successfully added to UGMC, the administrator can edit, enable/disable, and delete the MD, as well as:
Name |
Description |
---|---|
View advanced MD state information |
In the UGMC console, select the MD object and click Show device details. The following information about the connected MD will be displayed:
|
Connect to the MD console |
In the UGMC console, select the MD object and click Actions --> Open console. The LogAn console will open in a new window. |
Modify settings |
In the UGMC console, modify the settings of a template from the template group applied to the MD. The new settings will be applied to the LogAn device. |
In the UserGate Management Center web interface, the administrator can filter the view to display:
-
all devices;
-
enabled or disabled devices;
-
online (connected to UGMC), offline (disconnected from UGMC), or not linked devices (not yet connected to UGMC);
-
consistent (successfully synchronized) or inconsistent devices (with errors detected during MD synchronization).