How it Works
Mako
Loading...
7550-E
Instruction Manual
70 pgs4.93 Mb0

Mako 7550-E Instruction Manual

Mako Networks Mako 7550-E
Product Handbook
v.1.1
Mako Networks Mako 7550-E Product Handbook v.1.1
Page 1
Mako Networks Limited Mako 7550-E Product Handbook
Version 1.1 2008 Mako Networks Limited. All rights reserved.
The Mako logo is a registered trademark of Mako Networks Limited.
Other product and company names mentioned herein can be trademarks and/or registered trademarks of their respective companies.
Information in this document is subject to change without notice and does not represent a commitment on the part of Mako Networks Limited.
No portion of this document may be reproduced in any form, or by any means, without prior written permission from Mako Networks Limited.
This document should be read in conjunction with the Mako Networks Limited Terms and Conditions available from the Mako Networks website (http://www.makonetworks.com).
Mako Networks, its parent or associate companies may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written licence agreement from Mako Networks, its parent or associate companies, the furnishing of this document does not give you any rights or licence to these patents, trademarks, copyrights, or other intellectual property.
Mako Networks Mako 7550-E Product Handbook v.1.1
Page 2
Table of Contents
..........................................................................................................Limited Warranty 4
...................................................................................................................Introduction 5
..........................................................................................Unpacking and Connection 7
....................................................................................................................Turning on 9
..........................................................................................................MakoScope LCD 9
...........................................................................................................................Login 10
..........................................................................................................................Home 11
..........................................................................................................Reports: Usage 14
..........................................................................................................Reports: Status 26
..........................................................................................Reports: Mako MailGuard 26
.....................................................................................Reports: Licence Information 26
....................................................................................................................Configure 27
......................................................................................................Configure: Internet 27
.....................................................................................................Configure: Network 31
......................................................................................................Configure: Firewall 35
...........................................................................................................Configure: VPN 46
....................................................................................................Configure: Services 55
....................................................................................................Configure: Location 58
......................................................................................................Configure: Access 59
...................................................................................................Management: Home 60
.............................................................................................Management: Company 60
.....................................................................................................Management: User 61
...................................................................................................Help: Help Contacts 66
..................................................................................................Help: Documentation 66
...................................................................................................Help: Known Issues 67
..........................................................................................................Troubleshooting 68
......................................................................................................Glossary of Terms 69
Mako Networks Mako 7550-E Product Handbook v.1.1
Page 3
Limited Warranty
a) Standard Limited Warranty. If the products purchased hereunder are resold by a distributor or
reseller to an end-user (customer) pursuant to the terms hereof in their original, unmodified, unused condition, Purchaser shall pass on to its customers, or keep as applicable for internal use, the MAKO NETWORKS, LTD. standard limited warranty for the products, as summarized in documentation supplied with the product and including provisions and limitations set forth below. The Manufacturer warrants the Mako appliance for one (1) year. The Warranty begins on the date of purchase as shown on your providers invoice.
b) Express End-user Limited Warranty. Each MAKO NETWORKS, LTD. product purchased
hereunder is warranted against defect in material and workmanship and will substantially conform to MAKO NETWORKS, LTD. product documentation for the period set forth in the documentation supplied with the product following delivery to end-user (the “Warranty Period”). This warranty extends only to end-user and will not extend to, nor may it be assigned to, any subsequent user, Purchaser or user of a MAKO NETWORKS, LTD. product, whether such MAKO NETWORKS, LTD. product is alone or incorporated into end-user’s product.
c) Exclusions. The express warranty set forth above is contingent upon the proper use of a
MAKO NETWORKS, LTD. product in the application for which it was intended and will not apply to any MAKO NETWORKS, LTD. product that has been (i) damaged during shipping, (ii) modified or improperly maintained or repaired by a party other than MAKO NETWORKS, LTD. or its designees, or (iii) subjected to unusual physical or electrical stress. This includes operation of the product outside the Operating Specifications of the product.
d) Limitation of Remedy. In the event a MAKO NETWORKS, LTD. product fails to perform as
warranted, MAKO NETWORKS, LTD. sole and exclusive liability and end-user’s only remedies for breach of this warranty shall be, at MAKO NETWORKS, LTD.’s option to repair, replace or credit an amount not exceeding the Purchaser’s purchase price of each product found to be defective, provided that:
1. End-user complies with the rejection and warranty procedures contained in Section 5 below and returns the MAKO NETWORKS, LTD. product that the end-user considers defective for examination and testing.
2. MAKO NETWORKS, LTD. shall not be liable under this warranty if testing and examination by MAKO NETWORKS, LTD. discloses that the MAKO NETWORKS, LTD. product has been modified or altered in any manner after it was shipped by MAKO NETWORKS, LTD.
3. MAKO NETWORKS, LTD. shall not be liable under this warranty if testing and examination by MAKO NETWORKS, LTD. discloses that the alleged defect in the MAKO NETWORKS, LTD. product does not exist or was caused by end-user or any third person’s misuse, neglect, improper installation or testing, unauthorized attempts to repair or any other cause beyond the range of intended user, or by accident, fire or other hazard.
4. MAKO NETWORKS, LTD. shall not be liable under any warranty under this Agreement with respect to any MAKO NETWORKS, LTD. product that is not returned in its original shipping container or a functionally equivalent container.
5. If MAKO NETWORKS, LTD. testing and examination does not disclose a defect warranted under this Agreement: MAKO NETWORKS, LTD. shall so advise Purchaser and dispose of such MAKO NETWORKS, LTD. product in accordance with Purchaser’s instructions on behalf of end-user and at Purchaser’s cost.
Mako Networks Mako 7550-E Product Handbook v.1.1
Page 4
Introduction
The Mako Networks System combines a web server driven configuration, management and reporting user interface with client end hardware to provide users with considerable cost savings as well as functionality and flexibility not currently available in traditional devices used to meet either the same or similar requirements. The Mako Networks System is targeted at small to medium sized businesses (SME), small to medium sized branch office of larger organisations and their use of broadband as a data transfer medium.
Mako 7550-E Firewall/Router/VPN Appliance
The Mako 7550-E by Mako Networks is a solid-state ethernet router with a stateful inspection firewall, VPN functionality and four LAN Ethernet ports. Designed to work in conjunction with the Mako Networks Central Management System, it provides you with enterprise level control over your connection to the Internet.
Complete Security
Your Mako 7550-E is managed by the Mako Networks Central Management System giving you complete peace of mind that your networks are always fully protected. All software is updated and patched automatically for you and intrusion attempts are dealt with. Your Mako 7550-E incorporates a stateful inspection firewall. This means that all traffic entering and leaving your networks is analysed comprehensively to ensure network integrity.
Firewall
Central to the security of your networks is the type of firewall you use. The Mako 7550-E utilises a stateful inspection firewall. A stateful inspection firewall does not just examine packets of information, instead it makes decisions based upon information derived from all communication layers and from other applications. This type of firewall provides true enterprise level protection. Working with the Mako Networks Central Management System, you have full control over all traffic entering and leaving your networks.
Four Networks
The Mako 7550-E protects up to four separate networks. This allows you to segregate your networks as you see fit.
Ethernet Router
An Ethernet Router is incorporated in to your Mako 7550-E connecting your networks to the Internet at high speed. You have the option to connect directly to an Ethernet connection to the Internet or via any other connection medium that supports Ethernet forwarding.
VPN
Virtual Private Networks allow you to assign secure remote access to your networks over the Internet. You can link two Mako protected networks together using the Mako Networks Central Management System in seconds with just three mouse-clicks! Linking three or more Mako protected networks is just as easy. The Mako Networks Central Management System allows this to happen without static IP addresses. In the same way you can also allow specified users remote access to your Mako protected networks with the Remote VPN feature. This is very useful for accessing your networks from home or while traveling.
*
Logging/Reporting
Whilst all traffic from your Mako 7550-E goes directly out onto the Internet, your Mako sends traffic information securely to the Mako Networks Central Management System. This gives you the ability to monitor and control your Internet usage from anywhere in the world with Internet access. Simply log onto the Mako Networks website to view your usage, see how your broadband internet connection is being used, monitor where PCs on your network have been going and much more. And with MakoScope VGA feedback, you can easily see what your Mako is doing in real time.
Mako Networks Mako 7550-E Product Handbook v.1.1
Page 5
*
Third Party software may be required.
24 Hour Remote Control
Because your Mako utilises the Mako Networks Central Management System, you or your designated IT Professional have 24 hour secure remote control over your connection to the Internet. Via the Mako Networks website, you can modify firewall rules, create and disable VPNs, check usage patterns and even change your networks’ IP addressing.
Automatic Updates
Because the Mako 7550-E is a centrally managed device, its software is kept up to date automatically. The Mako Networks Central Management System looks after all software updates, security patches and system updates for you. You can be assured that your Mako 7550-E will continue to be current as long as it has an up to date service licence.
Optional Feature Enhancements
The Mako 7550-E gives you the option to incorporate optional feature enhancements such as Advanced Content Filtering, Email Sanitisation and Spam protection as well as virus protection. New features and options are being added all the time. Make sure you keep up to date by regularly logging into www.makonetworks.com.
Mako Networks Mako 7550-E Product Handbook v.1.1
Page 6
Unpacking and Connection
Opening the carton you should find the following items:
1x Mako Device
1x Power Cord
2x Cat-5 Ethernet Cables
Documentation CD
Rack mounting kit
USB Key – may not be supplied depending upon your location
What Goes Where
Place the Mako device in a convenient spot adjacent to your LAN hub(s) or switch(es) and the incoming Ethernet connection or Ethernet-Terminated Modem/NTU. For preference the location should be off the floor, out of direct sunlight and well ventilated, with a computer compatible power socket available.
Mako 7550-E Rear Panel
KEY
1. Ethernet WAN Port
2. Power Socket
3. Power Switch
Mako 7550-E Front Panel
KEY
1. LCD Screen
2. LCD Keypad
3. Diagnostic Port (authorised use only)
4. USB Ports
5. LAN 1 Port
6. LAN 2 Port
7. LAN 3 Port
8. LAN 4 Port
Connect cables to their corresponding sockets on the Mako. Connect the Power Cable to the mains supply. Connect the WAN Port to the network service providers termination point or an Ethernet-terminated Modem/NTU. Connect LAN Cables to your networks hub or switch.
DO NOT TURN YOUR MAKO ON AT THIS STAGE!
If this is the first time you are using your Mako, place the supplied USB Key in any USB port at the front of your Mako – If your Mako was not supplied with a USB Key you do not
need one in your location and can skip this step.
Mako Networks Mako 7550-E Product Handbook v.1.1
Page 7
What will be needed
There are a few special circumstances to be aware of:
HUB OR SWITCH PORT Your office network needs to have an RJ-45 connection Port available for the Mako. If your network hardware does not have a spare 10/100 Ethernet Port available, you will need to either upgrade your existing hardware to increase the available Ports, or install an additional hub or switch.
DIRECT CONNECTION TO A COMPUTER Normally the Mako is connected between the WAN port and a hub or switch device on your office network.
If you are connecting directly to a computer you will not need to obtain an Ethernet crossover cable or equivalent device. Your Mako 7550-E incorporates Auto Cross LAN Ethernet Ports.
POWER SUPPLY The Mako has an adaptive power supply which sets itself to match the supply voltage provided at your site.
Connecting to your Internet service
Network Service Provider
Internet services are provided by a variety of network service providers in each country. In many cases the network service provider will be your local telephone supplier.
Network service providers have a variety of procedures for approving customer premises equipment for connection to their network. The connection interface in the Mako has been developed to connect to the majority of network service providers. If you have any queries your reseller will be happy to confirm whether the Mako is approved by your network service provider for connection to their telecommunications network.
Service Provider Manual
Your Network Provider can provide you with a Manual which covers all aspects of connecting to their Internet service. Please refer to this for any additional information you require.
Firewall and VPN Router Operation
Under normal conditions there is nothing which requires your intervention. The Mako is designed to detect many forms of internal malfunction and reset itself to correct operation.
In the worst case this may require it to download a fresh configuration from the Mako Networks’ Central Command Servers. You can force a reload by a simple power off and on of the unit.
Changes to the configuration of the Mako cannot be made on the unit itself. These are performed by securely accessing and using the convenient menus on the Central Management web site https://secure.makonetworks.com.
Mako Networks Mako 7550-E Product Handbook v.1.1
Page 8
Turning on
There are three lights on the front panel—only two, the Power light and the Status light are utilised at present.
When turning on for the first time the unit will connect directly to the Central Command Servers to download its configuration. The Power light should be on as download of the secure profile takes place.
Once your profile has been downloaded from the Central Command Servers, the Status light will illuminate green and your Internet communications are now established.
Please allow up to five minutes for the line light to illuminate green and your Mako to be ready for use.
MakoScope LCD
MakoScope LCD is the name for the Mako 7550 LCD Feedback System. By interacting with the LCD screen on the front of your Mako, you can get real time information of the status of your Mako.
MakoScope LCD
The MakoScope LCD shows the following useful information:
Internet Status - If the Mako is online, your public IP Address is shown otherwise “Offline” will be displayed.
WAN Interface Information - If connected, will display your media connection speed, otherwise will display “Down”.
LAN Interface Listing - IP Addresses of your LAN interfaces.
Mako ID – The unique identifier of your Mako
Testing
You can test whether you have Internet communications established by opening a web browser on one of your office computers and accessing two or three web sites. For example, a news web site (e.g. www.cnn.com) or a search engine (e.g. www.google.com).
If you are having difficulties do try more than one web site as they are sometimes “off the air” for various reasons of their own. If web browsing services work then Internet access is functional and all other services should be available.
Possible problems and their symptoms
A problem on the Internet circuit. If you believe that the line is at fault, please contact your Internet Service Provider Help Desk for status information on the circuit. They will work in conjunction with the network service provider to resolve the problem.
A faulty profile, if the configuration profile of your unit has recently been changed. Another possibility is that the network Gateway configuration of your office computers has been changed. If you believe the problem is with the Mako then please contact your reseller, who will be able to check the status of the unit and verify the profile.
Some computers on your office network can access the Internet, others cannot. Or perhaps some services work but others do not. Both of these indicate a faulty configuration of the network and/or computers in your office. If you believe the problem is with the configuration of the network and/or computers in your office, then please contact your site support organisation.
Mako Networks Mako 7550-E Product Handbook v.1.1
Page 9
Login
Open your Web browser and type http://www.makonetworks.com into the Address or Location box, depending on your browser software. Click on Customer Login.
Mako Networks Home Page & Login Screens
Login
To administer your Mako appliance(s), enter your user name and password. Then click Login.
Remote VPN
To log in to the web site to start a remote secure IPSec VPN session, enter your user name and password, then click Login. The process is detailed in the Operations Guide section: VPN: Remote Access.
Considerations
The Mako Networks web site has been tested against several versions of the popular browser software products. It is likely that different browser products, versions and settings will format screen displays slightly differently.
Please note that you must accept Cookies to access the Mako Networks web site, and that you must have JavaScript enabled. These properties are set in your browser preferences.
While accessing the Mako Networks web site your browser will be switched into a secure mode, known as SSL, in which traffic between the browser and the Central Command Servers is encrypted.
Mako Networks Mako 7550-E Product Handbook v.1.1
Page 10
Home
Once your Login is successful a screen like the one below will be displayed. This is the starting point for administration of your Mako devices and Users.
Home Screen
This document will cover Adding a New User in the Management section. For now, click on View my Makos or click on the Selection menu to go to the Selection screen.
Alternatively, you can click on Change Password to change the password for the account you used to log in to the Mako Networks site.
Mako Networks Mako 7550-E Product Handbook v.1.1
Page 11
Selection screen
This screen shows the Mako units you are registered as using, and allows you to select sub­menus for Reports, Configuration and Help as described below depending upon the agreement between you and your IT professional. You can also see what country the Makos are located in and their Online/Offline/Awaiting Connection status. If any of your Makos have reached their Absolute Traffic Threshold, this will be shown as in the example depicted above for the Head Office Mako.
First, select which of your devices you wish to work with. Click on the radio button next to the device you wish to choose in the central box. Depending on your browser you may get an immediate response and the screen will refresh, or you may need to click on OK.
Once you have selected a Mako appliance you will see two new menus appear on the left side of the page: Reports and Configure. From these menus you can — obtain Reports, review or update the Mako appliance Configuration or add services.
Mako Networks Mako 7550-E Product Handbook v.1.1
Page 12
Mako Appliance Selected
The chosen Mako appliance is now shown in the session status line, near the top right of the screen.
Selected Mako
Select your desired operation: Reporting, Configuration or Help by clicking on the required menu from the list on the left hand side.
The different operations are described on the following pages.
Quick Information Snapshot
There is an information “I” symbol near the top right of the page which gives you a snapshot of information about your selected Mako.
Information & Quick Selection buttons
Selection Shortcut
Next to the Information symbol is an upside down triangle. Clicking on this gives you a list of your recently selected Makos. This comes in handy when you are in other areas of the site and want to select another Mako or if you have a large number of Makos to manage.
Mako Networks Mako 7550-E Product Handbook v.1.1
Page 13
Reports: Usage
The Reports section provides a comprehensive array of options for displaying analysis of the traffic that has flowed through the Mako device.
Reports let you review traffic usage:
As snapshots or cumulative use over different time spans, taken for your network as a whole;
Similar reports, this time for traffic related to a particular PC in your office, to which you can assign a name;
Detailed PC reports, which review a PC’s traffic in relation to the type of traffic (protocol) and the remote site (destination) of the communications.
You are also able to check on the status of your Mako appliance.
Mako Usage
This section allows you to obtain a selection of reports from the chosen device. The options available are shown in the example screen below.
Reports, Mako Usage
Examples of typical reports are shown on the following pages
Considerations
Mako Usage refers to the total traffic which has passed through the Mako device. These reports therefore give you the sum total of your networks Internet usage, broken down into the listed time periods. You can drill down by day hour or PC by clicking on the appropriate parts of the graphs.
Usage cycle time periods commence at the Billing Cycle Start Date set in the Internet configuration section.
Mako Networks Mako 7550-E Product Handbook v.1.1
Page 14
Usage Reports are displayed as a column graph in a pop-up window. The columns show incoming and outgoing traffic for each day in the selected time period.
Cumulative usage reports are displayed as a line graph in a pop-up window. A line shows the sum of the accumulated incoming and outgoing traffic over the selected cycle.
In regions where traffic is billed on a usage/plan basis there are options available to set various thresholds. In the event that these are set up, up to three horizontal threshold limit lines can be displayed. The first shows the Traffic Warning Threshold value where you and your reseller will be emailed on the limit being reached. A second line shows the total amount of free traffic your ISP Connection Plan provides. The third shows the optional absolute threshold value where your firewall will disallow all incoming and outgoing traffic other than access to the Mako Networks Web Site where it can be re-allocated.
Please contact your reseller or ISP if you have any queries regarding your ISP charging structure.
Mako Report, Last Five Days
Mako Report, Last Cycle Usage
Mako Networks Mako 7550-E Product Handbook v.1.1
Page 15
Mako Report, Last Billing Cycle
PC Usage
The PC Usage Reports focus on the composition of your traffic volume.
The entry screen to this section is shown below.
Reports, PC Usage
Mako Networks Mako 7550-E Product Handbook v.1.1
Page 16
MAC Address & Naming PCs
Each PC on your network is assigned an IP Address to identify its communications. In many networks the network configuration allows the IP address to change from time to time. The IP address is thus not useful as a unique and unambiguous identifier over time for any particular PC.
Since reports show traffic over time, Mako uses the PC’s MAC Address as a unique identifier. The MAC Address is rather cryptic, so to make reports more intelligible you can assign a name to each machine. This name will henceforth be displayed in your reports in place of the MAC Address.
If you click on ‘edit’ in a report a small pop-up window will be displayed. Enter the desired name in the box next to Machine Name and click on Update to save the name. Where PCs have been assigned static IP addresses via the Mako DHCP Server, a PC name can also be entered via the DHCP screen.
PC Traffic
PC Traffic reports let you analyse the network Internet activity to see the elements of traffic in relation to the individual PCs in the office. This is the place to look if you wish to see why a user has an exceptional load pattern for a given period.
Reports can be obtained for Today, Yesterday, the Last Five Days, the Current Billing Period, and the Last Billing Period. These reports are broadly similar, changing only by the amount of traffic that is analysed.
PC Usage, Last Five Days
Mako Networks Mako 7550-E Product Handbook v.1.1
Page 17
The above screen shows an example PC Traffic report. Each device on the local network which has contributed to traffic flow in the selected period is listed under Identification. Alongside each entry is the volume of traffic Downloaded from (inbound) the Internet or Uploaded to (outbound) the Internet.
Note the ‘edit’ tab next to each name to permit the device to be given a more relevant name. Where a device has not been named the MAC Address will be shown. Clicking on ‘edit’ will pop-up the small window shown, which allows the name to be updated.
Clicking on the device name itself produces a new report, shown below. This report breaks down the total traffic for a device into the different services which contribute to the total. Each service is listed in the first column, headed Port/Type. Services are listed in descending order based on greatest volume first.
Services
PC Usage by Services
A further analysis can be performed by clicking on one of the service protocols listed. In this example we will analyse the HTTP traffic (web browsing).
Mako Networks Mako 7550-E Product Handbook v.1.1
Page 18
PC Usage, Service, HTTP
This breaks down the service by Destination IP address, that is, the Internet location with which the particular traffic was exchanged.
In our example the web browser traffic has been listed under all the web sites which were contacted during the selected report period, and the amount of traffic associated with each.
Each IP address in the list can be clicked on to bring up a small pop-up window. This details everything that the Mako appliance knows about the Destination.
If you click on the IP address in this small window a new window will be opened to the actual web site concerned.
Using this functionality you can drill down into the reports to determine exactly which web site a PC user connected to, to generate an item of download traffic.
The reports incorporate hyperlinks to the Destination IP address, a convenient way to check on the type of downloaded information by simply opening a window at the web site. Detailed data on the amount and type of traffic relating to that web site is shown in the pop-up box.
Click on the Destination IP address in the main report table to show the pop-up box.
Click on either the IP Address or the Host Name in the pop-up box to open a window to the destination web site.
Mako Traffic
Mako Traffic reports let you see how a specific PC’s Internet activity relates to other PCs on your network. This is the place to look to get a breakdown of the traffic by service (protocol, port) over a given period.
Reports can be obtained for Today, Yesterday, the Last Five Days, the Current Billing Period, and the Last Billing Period. These reports are broadly similar, changing only by the amount of traffic that is analysed.
Mako Networks Mako 7550-E Product Handbook v.1.1
Page 19
PC Traffic, Mako Traffic
The screen above shows a comprehensive example of a Mako Traffic report, which is displayed in the pop-up window. A large number of services are permitted through this Mako device, each one of which is monitored.
Uploaded (outbound) and Downloaded (inbound) traffic volumes are shown by each of the services available, under Identification.
If you click on a service the pop-up window shows the PCs, which contributed to that service’s traffic volume.
Remote Access
Remote access reporting gives you visibility over the PPTP Remote VPN users who connect to your Mako.
Remote Access Reports
Click on a period for which you would like to view details about PPTP connections. A popup window will display like the one below.
Mako Networks Mako 7550-E Product Handbook v.1.1
Page 20
Remote Access Report
The Remote Access Report above shows which user(s) connected to your Mako protected network during the selected period. It also shows when they connected, for how long, how much data they transferred and where they came from.
Mako Guardian Usage
Mako Guardian Usage is only visible if you subscribe to the Mako Guardian service. The Mako Guardian Usage reports display traffic volume by website visited.
Mako Guardian Usage Screen
By clicking on a period to view you will be shown the websites visited by computers on your network displayed by volume of traffic each site has contributed to your overall data throughput for the period.
Mako Networks Mako 7550-E Product Handbook v.1.1
Page 21
Loading...
+ 49 hidden pages
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use