Forcepoint Sidewinder,Virtual ApplianceEvaluation for DesktopInstallation Guide8.xRevision A

2

Table of contents1 Overview................................................................................................................................................................3

2 Verify system requirements................................................................................................................................4Virtualization requirements.............................................................................................................................4Admin Console requirements.........................................................................................................................5

3 Download and install VMware Workstation Player.......................................................................................... 6

4 Set up the firewall................................................................................................................................................7Load the firewall.............................................................................................................................................7Install the Admin Console..............................................................................................................................7Configure the firewall..................................................................................................................................... 8Connect to the firewall................................................................................................................................. 11

5 License the firewall............................................................................................................................................12Verify license activation............................................................................................................................... 12Manually activate the license.......................................................................................................................12

Overview | 3

OverviewThis document provides instructions for setting up the Forcepoint Sidewinder, Virtual Appliance evaluation.

You can find additional information by using the resources listed in the following table.

Table 1: Product Resources

Resource Location

Online Help Online Help is built into Sidewinder, Virtual Appliance.Click Help on the toolbar or from a specific window.

Support Visit https://support.mcafee.com to find:

• Product documentation• KnowledgeBase• Product announcements• Technical support

Product updates Visit https://go.mcafee.com/goto/updates to downloadthe latest Sidewinder, Virtual Appliance patches.

Product installation files 1. Visit http://www.mcafee.com/us/downloads/downloads.aspx.

2. Provide your grant number, then navigate to theappropriate product and version.

Verify system requirements | 4

Verify system requirementsThe computer you use to host the Sidewinder, Virtual Appliance must meet several requirements.

Virtualization requirementsThere are several requirements that must be met to host Sidewinder, Virtual Appliance. These requirementsapply to the evaluation for desktop version only.

Virtualization softwareThe Sidewinder, Virtual Appliance requires VMware virtualization software to run.

The desktop evaluation version of the firewall supports these virtualization platforms:

• VMware Workstation Player• VMware Workstation Pro• VMware Server

This document provides instructions for installing and using VMware Player, a free virtualization software solutionavailable on supported Microsoft Windows platforms. The steps are similar for VMware Workstation Pro andVMware Server. For a complete list of operating systems supported by VMware Workstation Player, or to obtaininformation about other virtualization products provided by VMware, Inc., visit http://www.vmware.com/support.

Note: A Windows-based operating system is required to run the Sidewinder Admin Console.

HardwareYour computer must meet or exceed virtualization requirements.

• Processor — 2 GHz dual-core• Memory — 2 GB minimum, 4 GB recommended• Disk space — 28 GB of free disk space

Note: The Sidewinder, Virtual Appliance is installed in 64-bit mode by default. Your system mustsupport Intel VT technology (or equivalent) for it to run properly in a virtual environment. Beforestarting the virtual appliance, verify that VT is enabled in your computer BIOS.

Internet connectivityThe firewall requires an Internet connection to perform automatic weekly license activation and maintain fullfunctionality.

If the firewall attempts to reactivate its license while your host computer is not connected to the Internet, licenseactivation will fail. To restore full functionality, manually activate the license after your Internet connectionbecomes available.

Verify system requirements | 5

Admin Console requirementsThe computer that hosts the Admin Console must meet these requirements.

Table 2: Admin Console minimum requirements

Component Requirements

Operating system One of the following Microsoft operating systems:

• Windows Server 2008• Windows 7• Windows 8• Windows 10

Note: Windows 8 and Windows 10are supported in traditional desktopmode. Tablet mode is not supported.Touchscreen is not supported.

Compatible legacy Microsoft operating systems:

• Windows XP Professional• Windows Vista

Web browser One of the following:

• Microsoft Internet Explorer, version 7 or later• Mozilla Firefox, version 3.0 or later

Hardware • 2 GHz x86-compatible processor• 2 GB of system memory• 300 MB of available disk space• CD-ROM drive• 1024 x 768 display• Network card (to connect to your firewall)• USB port

Download and install VMware Workstation Player | 6

Download and install VMwareWorkstation Player

Download the free VMware Workstation Player software and install it on your Windows-based computer.

1. In a web browser, go to http://www.vmware.com/products/player.2. Follow the on-screen instructions to download VMware Workstation Player.3. Install VMware Workstation Player by opening the downloaded file. If you are prompted to restart your

computer when the installation is finished, click Yes.

Set up the firewall | 7

Set up the firewallTo set up the firewall, you must perform several tasks.

Load the firewallLoad the firewall in VMware Workstation Player.

After you have requested the evaluation, a confirmation email, that includes your serial number and a link todownload the software, will be sent to you. If you have any questions about your request, contact CustomerService.

1. Go to the link provided in your confirmation email.2. Download the evaluation with your serial number.3. Unzip the Sidewinder, Virtual Appliance file that you downloaded.4. Select Start > All Programs > VMware > VMware Player to start VMware Workstation Player.5. If a license agreement appears, accept it to proceed. The VMware Workstation Player welcome window

appears.6. In VMware Workstation Player, open the virtual appliance file.

1. Click Open a Virtual Machine.2. Navigate to the folder where you unzipped the firewall file in step 1.3. Select the .vmx file, then click Open. The firewall is added to the list of virtual machines.

7. Start the firewall.1. In the left pane, select the firewall.2. In the right pane, click Play virtual machine.

The firewall starts. After startup is complete, the Quick Start Program appears.

Install the Admin ConsoleTo manage the firewall, install the Sidewinder Admin Console.

1. Navigate to the folder where you unzipped the firewall file in step 1 of Load the firewall.2. Double-click the .exe file to install the Sidewinder Admin Console.3. Follow the on-screen instructions to complete the setup program.

Note: We recommend using the default settings.

The Sidewinder Admin Console is now installed.Related tasksLoad the firewall on page 7

Set up the firewall | 8

Load the firewall in VMware Workstation Player.

Configure the firewallDetermine a method for creating the initial configuration — the Quick Start Program in the VMware vSphereClient or the Admin Console using the default factory settings.

Use the Quick Start ProgramYou can complete the initial configuration by accessing the command line in the VMware vSphere Client.

1. Click inside the firewall console window and press Enter. The software license agreement appears2. Read the software license agreement.

Press C, then Enter to advance the page. Continue until the text, Type Y to accept the license, N todecline the license, or R to redisplay the License, appears.

3. Press Y, then Enter to accept the license. The serial number prompt appears.4. Complete the Quick Start Program using the information in the table.

Press Enter after each entry.

Table 3: Quick Start Program responses

Prompt Entry

Serial number Type the serial number that was emailed to you.

First Name through License Comments Specify your registration information.

Do you want the system to be managed by a ControlCenter server and use Rapid Deployment?

Press N.

Do you want the system to have a standard interfacesetup or a transparent (bridged) interface setup?

Press S for standard interface setup.

Note: Sidewinder, Virtual Appliancedoes not support transparent (bridged)interfaces.

Do you want the system to initially allowadministrative services only or administrative plusbasic Internet services?

• To allow administrative services only, press A.• To allow administrative services and basic

Internet services, press I.

Hostname Type a host name for the firewall. Example:vfirewall.example.com

Use DHCP for external interface? Press N.

Note: Sidewinder, Virtual Appliancedoes not support DHCP on the externalinterface at this time.

external IP To determine which IP address to use:

1. Press Ctrl+Alt to release the cursor from thefirewall console.

Set up the firewall | 9

Prompt Entry2. Select Start > Control Panel > Network

Connections.3. Right-click VMware Network Adapter VMnet8,

then select Status.4. Click the Support tab.5. Record the IP address listed in the Connection

status area. The IP address should be192.168.x.1, where x is a value between 0–255.

6. Close the status window.7. Click inside the firewall console window, then

type 192.168.x.10, where x is the value yourecorded in step 5.

external netmask Type 255.255.255.0.

internal IP To determine which IP address to use:

1. Press Ctrl+Alt to release the cursor from thefirewall console.

2. Select Start > Control Panel > NetworkConnections.

3. Right-click VMware Network Adapter VMnet1,then select Status.

4. Click the Support tab.5. Record the IP address listed in the Connection

status area. The IP address should be192.168.y.1, where y is a value between 0–255.

6. Close the status window.7. Click inside the firewall console window, then

type 192.168.y.10, where y is the value yourecorded in step 5.

internal netmask Type 255.255.255.0.

external (internet) zone name • To use the default name (external), press Enter.• To specify a custom name, type the name.

internal zone name • To use the default name (internal), press Enter.• To specify a custom name, type the name.

Primary DNS IP Type 192.168.x.2, where x is the value yourecorded when you configured the firewall’s externalIP address.

Secondary DNS IP Press Enter.

Default route Type 192.168.x.2, where x is the value yourecorded when you configured the firewall’s externalIP address.

Note: The default route you specifymust provide Internet connectivity.

Internal mail host Type a host name for an internal email server.Example: smtp.example.com

Set up the firewall | 10

Prompt Entry

Do you need an additional route for administrative orControl Center access?

Press N.

Username Type a user name to create an administrative user.

Password Type a password for the administrative user.

Note: We recommend a minimumof eight total characters and a mix ofuppercase, lowercase, numeric, andspecial characters.

Administrator email address • If you do not want to specify an email address forthe administrative account, press Enter.

• To specify an email address for theadministrative account, type the address.

A summary of your input appears.

5. Press Enter. The text Press ‘E’ to edit or ‘A’ to apply the configuration appears.6. Do one of the following:

• If you would like to make changes to the configuration, press E, then press Enter.• If you are satisfied with the configuration summary, press A, then press Enter.

When you apply the configuration, the firewall uses your responses to perform its initial configuration. When initialconfiguration is complete, the logon prompt appears.

Use the Admin Console default settingsSidewinder, Virtual Appliance includes default configuration settings that allow you to complete the configurationfrom the Admin Console.

Note: Default configuration settings are available only for version 8.3.0 and later.

1. In VMware vSphere Client, select the firewall to configure.2. In the Getting Started tab, click Power on this virtual machine to start Sidewinder, Virtual Appliance.

Note: When the appliance does not find a configuration file and there is no response at thecommand line, the appliance loads the default settings.

3. If you want to designate the IP address and netmask of the internal interface, you must access the appliancethrough the console.

• Press Enter when the appliance searches for the configuration.• Press M for minimal configuration and follow the prompts.

4. Connect the management computer to the same network as the firewall internal network.5. Start the Admin Console by selecting Start > All Programs > Forcepoint > Sidewinder v8 Admin

Console > Admin Console.Connect to the firewall internal IP address using these default settings:

• Host name — <MACaddress>_fwlocal.com, where <MACaddress> is the MAC address of the firstinterface

• IP address — 192.168.1.250 (internal) or the IP address you specified for a minimal configuration,192.168.2.250 (external)

• Username — admin

Set up the firewall | 11

• Password — admin

Note: For complete information about all default settings, see the Forcepoint SidewinderProduct Guide.

6. Follow the prompts to change your password.

Note: Passwords must be at least eight alphanumeric characters long. We recommend usinga mix of uppercase, lowercase, numeric, and special characters.

Connect to the firewallUse the Admin Console to connect to the firewall.

1. Select Start > All Programs > Forcepoint > Sidewinder v8 Admin Console > Admin Console.2. Add the firewall to the Admin Console tree.

1. From the File menu, select New Firewall. The Add Firewall window appears.2. In the Firewall Name field, type a name for the firewall.3. In the Firewall IP Address field, type the internal IP address of the firewall.

The internal IP of the firewall should be 192.168.y.10, where y corresponds to the network assignedto VMware Network Adapter VMnet1.

4. Click Add. An entry for the firewall is added to the tree.3. Select the entry for the firewall in the left pane, then click Connect in the right pane. The Accept Certificate

window appears.4. Click Yes. The logon prompt appears.5. Type the administrator user name, then click OK.6. Type the password, then click Enter. The Dashboard appears.

License the firewall | 12

License the firewallThe firewall license automatically activates after the configuration is applied. If your license did not auto-activate,the firewall will operate for 30 days with a trial license.

Note: Your firewall must have Internet access to activate the license.

Verify license activationVerify that the firewall license automatically activated.

1. In the Admin Console, select Maintenance > License. The License window appears.2. Click the Firewall tab.3. Examine the Activation Key field to determine if the firewall license activated.

• If the field is populated with a key, the firewall license is active.• If the field is blank, the firewall license did not automatically activate. Manually activate the firewall license

to prevent it from expiring after the trial period ends.

Manually activate the licenseIf the firewall license did not automatically activate, manually activate the license.

1. Locate the serial number for your firewall. The serial number is on your grant letter.2. In the Admin Console, select Maintenance > License. The License window appears.3. Click the Contact tab, then specify your company contact information.4. Click the Company tab, then specify your company information.5. Click the Firewall tab, then specify the firewall information.

1. In the Serial Number field, type the 16-digit alphanumeric serial number for this firewall.2. In the System ID field, accept the default.

Note: Do not change the System ID unless instructed by Forcepoint support.

6. Click Activate firewall. The firewall uses an encrypted HTTPS session to send the license information to thelicensing website.If the data is complete, the request is granted and a new activation key appears in the Activation Key field.The Current Features list updates with the new license information.

Your firewall software and any features you licensed are activated.

Copyright © 1996 - 2016 Forcepoint LLC Forcepoint™ is a trademark of Forcepoint LLC.

SureView®, ThreatSeeker®, TRITON®, Sidewinder® and Stonesoft® are registered trademarks of Forcepoint LLC. Raytheon is a registered trademark of Raytheon Company.

All other trademarks and registered trademarks are property of their respective owners.