PREV
NEXT

  • Software de detección de ataques DDoS

    Wanguard detecta ataques volumétricos DDoS mediante la utilización de un motor de detección de anomalías en el tráfico de gran rapidez y sumamente innovador que compara más de 130 parámetros relativos al tráfico con los umbrales definidos por el usuario, y describe el comportamiento online de los usuarios a fin de detectar picos de tráfico. Reacciona automáticamente ante las amenazas mediante la ejecución de módulos de acción prefijados que envían correos electrónicos de notificación, anuncian prefijos en BGP, generan traps (alarmas) SNMP, modifican listas ACL (listas de control de acceso) y ejecutan scripts personalizados con acceso a una API de fácil manejo que muestra más de 80 parámetros de tráfico. Los ataques DDoS se detectan a través de análisis de paquetes (packet sniffing), sondeo SNMP o la utilización de tecnologías basadas en flujos de diversos proveedores.

  • Software de mitigación de ataques DDoS

    El Filtro de Wanguard (Wanguard Filter) garantiza a clientes y servicios un funcionamiento ininterrumpido durante ataques distribuidos de denegación de servicio, de forma automática, sin necesidad de intervención por parte del operador. Está diseñado para ofrecer protección contra ataques DDoS mediante la eliminación de tráfico malicioso en la propia infraestructura local del cliente y el envío de notificaciones al proveedor de acceso a Internet del atacante. Reglas de filtrado inteligentes y dinámicas que se aplican en firewalls de hardware o software sin estado (stateless) o routers compatibles con BGP FlowSpec bloquean cada uno de los paquetes maliciosos. Puede realizar el filtrado en el lado del cliente mediante el uso del protocolo BGP para desviar el tráfico / volver a introducirlo en la red, o puede ejecutarse en servidores especializados en la normalización de paquetes implementados en la ruta de datos principal.

  • Visibilidad completa del tráfico en la red

    Wanguard y Wansight ofrecen visibilidad completa del tráfico en la red mediante el uso de sensores distribuidos ("sondas") capaces de capturar paquetes IP, realizar consultas a dispositivos SNMP y analizar registros de flujos exportados por Cisco NetFlow, Huawei Netstream, Juniper jFlow, cflowd, sFlow e IPFIX. Se puede acceder a todos los datos recopilados en una interfaz de usuario basada en web que ofrece panales personalizados, gráficas en tiempo real sobre el tráfico y principales estadísticas. Podrá generar con rapidez análisis complejos con datos agregados para hosts, departamentos, interfaces, aplicaciones, protocolos, sistemas autónomos y países; visualizar gráficas precisas de ancho de banda para miles de direcciones IP, así como inspeccionar paquetes y flujos.

  • Recopilador y analizador de flujos

    Wanguard y Wansight incluyen un Sensor de flujos (Flow Sensor). Se trata de un recopilador y analizador de flujos con plena funcionalidad compatible con las principales tecnologías de flujos (NetFlow versiones 5, 7 y 9; IETF IPFIX; sFlow versiones 4 y 5) y que contiene un motor de correlación de tráfico de gran escalabilidad capaz de monitorizar continuamente cientos de miles de rangos y direcciones IPv4 e IPv6. Los flujos pueden almacenarse durante el tiempo que requiera el cliente en formato binario comprimido. Es posible generar los principales listados, así como casi cualquier otro tipo de informe de agregación imaginable. La gran variedad de opciones de expresión de filtrado de flujos permiten consultar rápidamente flujos individuales para su uso en investigaciones forenses ad-hoc.

  • Analizador de paquetes

    Wanguard y Wansight incluyen un Sensor de paquetes (Packet Sensor), que inspecciona paquetes IP mediante el análisis a velocidad de cable de interfaces de 1/10/40 Gbps en línea o con puertos espejo conectados, y contiene un motor de análisis de tráfico IP totalmente escalable capaz de monitorizar en tiempo real decenas de miles de rangos y direcciones IPv4 e IPv6. Los usuarios pueden guardar volcados de paquetes para su uso en investigaciones forenses o para ayudar a resolver problemas que puedan surgir en la red. Los volcados de paquetes pueden descargarse o examinarse online en una interfaz parecida a la de Wireshark, que muestra información detallada sobre la capa de aplicación (nivel 7) o datos ASCI y hexadecimales sin procesar para su inclusión en expresiones regulares. Es compatible con Libpcap, PF_RING Vanilla, PF_RING ZC, Netmap y Sniffer 10G.

Andrisoft Wanguard
Principales Características:

Articles

 

WANGUARD and WANSIGHT can be installed from RPM packages built for 64 bit architectures (Intel or AMD CPUs). All packages were tested on Red Hat Enterprise Linux 7 and CentOS 7.

WANGUARD_5_4.pdf User Guide for WANGUARD 5.4.
WANSIGHT_5_4.pdf User Guide for WANSIGHT 5.4.
WANconsole-5.4-0.x86_64.rpm The Console is the web portal that provides single-point management and reporting for WANSIGHT and WANGUARD.
WANsensor-5.4-0.x86_64.rpm The Sensor is the WANSIGHT and WANGUARD component that does traffic accounting, monitoring and analysis.
WANfilter-5.4-0.x86_64.rpm The Filter is the WANGUARD component able to detect attackers and block malicious traffic.
WANsupervisor-5.4-0.x86_64.rpm The Supervisor provides a service that monitors, starts and stops WANSIGHT and WANGUARD components.
WANbgp-5.4-0.noarch.rpm The WANbgp package provides support for sending BGP routing announcements.

 

CONSOLE
INSTALLATION
STEPS:		 Step 1. Install the Console dependencies
First make sure that all the required dependencies are installed. On CentOS and Fedora use the yum package manager. On Red Hat Enterprise use the up2date package manager.
[root@localhost ~]# yum install mysql mariadb-server httpd php php-cli php-mysql perl-MailTools perl-DBD-MySQL perl-Net-Telnet quagga libart_lgpl php-snmp wget which tcpdump ruby gettext php-ldap cairo pango wireshark tcpdump openssl rrdtool rrdtool-perl ntp jwhois traceroute nano

Step 2. Configure the MariaDB service
MariaDB is a drop-in replacement for MySQL. Start MariaDB and set a password for the root database user. If you will deploy Sensors or Filters on remote systems, make sure that the MariaDB server is accessible by opening port TCP/3306 in the firewall.
[root@localhost ~]# nano /etc/my.cnf #set "max_allowed_packet=64M", "max_connections=300" and "skip-name-resolve" in the [mysqld] section
[root@localhost ~]# systemctl start mariadb
[root@localhost ~]# mysql_secure_installation
[root@localhost ~]# systemctl start mariadb
[root@localhost ~]# systemctl enable mariadb
[root@localhost ~]# firewall-cmd --permanent --add-service=mysql
[root@localhost ~]# systemctl restart firewalld

Step 3. Install the packages
Install the packages WANsupervisor, WANconsole, WANsensor and WANbgp.
[root@localhost ~]# wget http://www.andrisoft.com/files/redhat7/WANsupervisor-5.4-0.x86_64.rpm
[root@localhost ~]# wget http://www.andrisoft.com/files/redhat7/WANconsole-5.4-0.x86_64.rpm
[root@localhost ~]# rpm -Uvh ./WANsupervisor-5.4-0.x86_64.rpm ./WANconsole-5.4-0.x86_64.rpm
[root@localhost ~]# wget http://www.andrisoft.com/files/redhat7/WANsensor-5.4-0.x86_64.rpm
[root@localhost ~]# wget http://www.andrisoft.com/files/redhat7/WANbgp-5.4-0.noarch.rpm
[root@localhost ~]# rpm -Uvh ./WANsensor-5.4-0.x86_64.rpm ./WANbgp-5.4-0.noarch.rpm

Step 4. Configure the Apache service
Add the line "zend_extension=/opt/andrisoft/webroot/ixed/ixed.5.4.lin" to the [PHP] section of the php.ini file. Disable SELinux and configure the firewall to open port TCP/80 and TCP/443.
[root@localhost ~]# nano /etc/php.ini #add zend_extension=/opt/andrisoft/webroot/ixed/ixed.5.4.lin in the [PHP] section, set date.timezone in the [Date] section (see http://php.net/manual/en/timezones.php)
[root@localhost ~]# systemctl enable httpd
[root@localhost ~]# systemctl restart httpd
[root@localhost ~]# setenforce 0 ; nano /etc/selinux/config #set SELINUX=permissive
[root@localhost ~]# firewall-cmd --permanent --add-service=http
[root@localhost ~]# systemctl restart firewalld

Step 5. Install the Console database
Finish installing the Console by running the /opt/andrisoft/bin/install_console script. Enter the MySQL root password you set on step 2 and set a password for the Console database.
[root@localhost ~]# /opt/andrisoft/bin/install_console
[root@localhost ~]# systemctl restart httpd

Step 6. Configure and start the Supervisor service
The WANsupervisor service must be running on all systems, all the time. Execute the /opt/andrisoft/bin/install_supervisor  script to enter the Console server IP address and database password set on step 5. Even if the Supervisor and Console are installed on the same system, do not enter for the Console server IP address the loop-back address 127.0.0.1. Enter the public or private IP address of the server, not 127.0.0.1.
[root@localhost ~]# /opt/andrisoft/bin/install_supervisor
[root@localhost ~]# chkconfig --level 345 WANsupervisor on
[root@localhost ~]# service WANsupervisor restart

Step 7. Access the Console
The Console web interface is accessible by pointing your web browser to http://<hostname>/wanguard or http://<hostname>/wansight, where <hostname> is the name of the server running the Console. The default username is "admin" with the password "changeme".
Continue with the installation of the Sensor by following the steps below.

SENSOR
INSTALLATION 
STEPS:		 Step 1. Install the Sensor's dependencies
Install the required packages. Configure and start ntpd to prevent clock de-synchronization issues.
[root@localhost ~]# yum install wget mysql-libs ntp
[root@localhost ~]# systemctl start ntpd
[root@localhost ~]# systemctl enable ntpd

Step 2. Install, configure and start the Supervisor
This step is required if you haven't previously installed and configured WANsupervisor on the target system. In order to configure the Supervisor, you have to run the /opt/andrisoft/bin/install_supervisor script to enter the Console IP address and database password.
[root@localhost ~]# wget http://www.andrisoft.com/files/redhat7/WANsupervisor-5.4-0.x86_64.rpm
[root@localhost ~]# rpm -Uvh ./WANsupervisor-5.4-0.x86_64.rpm
[root@localhost ~]# /opt/andrisoft/bin/install_supervisor
[root@localhost ~]# service WANsupervisor start
[root@localhost ~]# chkconfig --level 345 WANsupervisor on

Step 3. Install the Sensor
Install the WANsensor package.
[root@localhost ~]# wget http://www.andrisoft.com/files/redhat7/WANsensor-5.4-0.x86_64.rpm
[root@localhost ~]# rpm -Uvh ./WANsensor-5.4-0.x86_64.rpm

Step 4. Setup the Sensor
Log into the Console to setup the Sensor(s). Sensors are started, monitored and stopped by the WANsupervisor daemon, so make sure the WANsupervisor service is always running.

FILTER
INSTALLATION
STEPS:		 Step 1. Install the Filter's dependencies
Install the required packages. Configure and start ntpd to prevent clock de-synchronization issues.
[root@localhost ~]# yum install wget mysql-libs ntp
[root@localhost ~]# systemctl start ntpd
[root@localhost ~]# systemctl enable ntpd

Step 2. Install, configure and start the Supervisor
This step is necessary if you haven't previously installed and configured WANsupervisor on the target system. In order to configure the Supervisor, you have to run the /opt/andrisoft/bin/install_supervisor script to enter the Console server IP address and Console database password.
[root@localhost ~]# wget http://www.andrisoft.com/files/redhat7/WANsupervisor-5.4-0.x86_64.rpm
[root@localhost ~]# rpm -Uvh ./WANsupervisor-5.4-0.x86_64.rpm
[root@localhost ~]# /opt/andrisoft/bin/install_supervisor
[root@localhost ~]# service WANsupervisor start
[root@localhost ~]# chkconfig --level 345 WANsupervisor on

Step 3. Remove local firewall rules
The iptables service overrules the Filter, and therefore has to be stopped. The Filter will manage the firewall rules from now on.
[root@localhost ~]# systemctl disable firewalld
[root@localhost ~]# systemctl stop firewalld

Step 4. Install the Filter
Install the WANsensor and WANfilter packages.
[root@localhost ~]# wget http://www.andrisoft.com/files/redhat7/WANsensor-5.4-0.x86_64.rpm
[root@localhost ~]# wget http://www.andrisoft.com/files/redhat7/WANfilter-5.4-0.x86_64.rpm
[root@localhost ~]# rpm -Uvh ./WANsensor-5.4-0.x86_64.rpm
[root@localhost ~]# rpm -Uvh ./WANfilter-5.4-0.x86_64.rpm

Step 5. Setup the Filter
Log in to the Console to set up Filter(s). Filters are started, monitored and stopped by the WANsupervisor daemon, so make sure the WANsupervisor service is always running.

WANGUARD and WANSIGHT can be installed using Debian-compatible packages built for i686 (32 bit Intel or AMD) and amd64 (64 bit Intel or AMD) architectures. The installation steps listed below contain references to packages built for 64 bit CPUs. To install the packages on 32 bit CPUs, simply change the "amd64" string with "i686". All packages were tested on Debian 7.x "Wheezy".  

WANGUARD_5_4.pdf WANGUARD 5.4 User Guide.
WANSIGHT_5_4.pdf WANSIGHT 5.4 User Guide.
WANconsole-5.4-0.i686.deb The Console is a web portal that provides single-point management and reporting for WANSIGHT and WANGUARD.
WANconsole-5.4-0.amd64.deb
WANsensor-5.4-0.i686.deb The Sensor is the WANSIGHT and WANGUARD component that does traffic accounting, monitoring and analysis.
WANsensor-5.4-0.amd64.deb
WANfilter-5.4-0.i686.deb The Filter is the WANGUARD component able to detect attackers and scrub malicious traffic.
WANfilter-5.4-0.amd64.deb
WANsupervisor-5.4-0.i686.deb The Supervisor provides routines used to start, shutdown and monitor WANSIGHT and WANGUARD components.
WANsupervisor-5.4-0.amd64.deb
WANbgp-5.4-0.all.deb The WANbgp package is used by WANGUARD for sending BGP routing announcements.

 

CONSOLE
INSTALLATION
STEPS: 		Step 1. Install the Console's dependencies
First make sure that all the required packages are installed. Use the apt-get command to install packages..
debian:~# apt-get install mysql-server apache2 php5 php5-snmp php5-cli php5-mysql php5-geoip libdbd-mysql-perl libnet-telnet-perl tshark quagga rrdtool wget php5-mcrypt tcpdump whois traceroute ntp libnuma1

Step 2. Configure the MySQL server
By default, MySQL is bound to the loopback interface so you must comment the bind-address parameter. If you deploy the Sensor or the Filter on remote systems, make sure that the MySQL server is accessible by opening port tcp/3306 in the firewall.
debian:~# nano /etc/mysql/my.cnf #comment any "bind-address" directive, enable "max_connections=300", edit "max_allowed_packet=64M" and add "skip-name-resolve", all in the [mysqld] section
debian:~# service mysql restart 

Step 3. Install the packages
Install the packages WANsupervisor, WANconsole, WANsensor and WANbgp.
debian:~# wget http://www.andrisoft.com/files/debian7/WANsupervisor-5.4-0.amd64.deb
debian:~# wget http://www.andrisoft.com/files/debian7/WANconsole-5.4-0.amd64.deb
debian:~# dpkg -i WANsupervisor-5.4-0.amd64.deb WANconsole-5.4-0.amd64.deb
debian:~# wget http://www.andrisoft.com/files/debian7/WANsensor-5.4-0.amd64.deb
debian:~# dpkg -i WANsensor-5.4-0.amd64.deb
debian:~# wget http://www.andrisoft.com/files/debian7/WANbgp-5.4-0.all.deb
debian:~# dpkg -i WANbgp-5.4-0.all.deb

Step 4. Configure the Apache server
Add the line "zend_extension=/opt/andrisoft/webroot/ixed/ixed.5.4.lin" for PHP 5.4 or "zend_extension=/opt/andrisoft/webroot/ixed/ixed.5.5.lin" for PHP 5.5 in php.ini, in the [PHP] section.
debian:~# nano /etc/php5/apache2/php.ini #add zend_extension=/opt/andrisoft/webroot/ixed/ixed.5.4.lin in the [PHP] section
debian:~# nano /etc/php5/cli/php.ini #add zend_extension=/opt/andrisoft/webroot/ixed/ixed.5.4.lin in the [PHP] section
debian:~# service apache2 restart

Step 5. Install the Console's database
Finish installing the Console by running the /opt/andrisoft/bin/install_console script. Enter the MySQL root password, and provide a new password for the Console's database.
debian:~# /opt/andrisoft/bin/install_console

Step 6. Configure and start the Supervisor
The WANsupervisor daemon must be installed and started on all systems. You have to run the /opt/andrisoft/bin/install_supervisor script to enter the Console's IP address and database password you set on step 5. If the Supervisor and Console are installed on the same system, don't use the loopback address 127.0.0.1 for the Console's IP address. Enter the IP address of the server.
debian:~# /opt/andrisoft/bin/install_supervisor
debian:~# service WANsupervisor start
debian:~# update-rc.d WANsupervisor defaults 99

Step 7. Access the Console
The Console web interface is accessible by pointing your web browser to http://<hostname>/wanguard or http://<hostname>/wansight, where <hostname> is the name of the server running the Console. The default username is "admin" with the password "changeme".
Continue with the installation of the Sensor by following the steps below.

SENSOR
INSTALLATION 
STEPS: 		Step 1. Install the Sensor's dependencies
Install the required packages. Configure and start ntpd to prevent clock de-synchronization issues.
debian:~# apt-get install wget ntp
debian:~# service ntp start

Step 2. Install, configure and start the Supervisor
This step is required if you haven't previously installed and configured WANsupervisor on the target system. In order to configure the Supervisor, you have to run the /opt/andrisoft/bin/install_supervisor script to enter the Console's IP address and database password.
debian:~# wget http://www.andrisoft.com/files/debian7/WANsupervisor-5.4-0.amd64.deb
debian:~# dpkg -i WANsupervisor-5.4-0.amd64.deb
debian:~# /opt/andrisoft/bin/install_supervisor
debian:~# service WANsupervisor start
debian:~# update-rc.d WANsupervisor defaults 99

Step 3. Install the Sensor
Install the WANsensor package.
debian:~# wget http://www.andrisoft.com/files/debian7/WANsensor-5.4-0.amd64.deb
debian:~# dpkg -i WANsensor-5.4-0.amd64.deb

Step 4. Setup the Sensor
Log into the Console to setup the Sensor(s). Sensors are started, monitored and stopped by the WANsupervisor daemon, so make sure the WANsupervisor service is always running.

FILTER
INSTALLATION
STEPS: 		Step 1. Install the Filter's dependencies
Install the required packages. Configure and start ntpd to prevent clock de-synchronization issues.
debian:~# apt-get install tcpdump iptables ntp
debian:~# service ntp start

Step 2. Install, configure and start the Supervisor
This step is necessary if you haven't previously installed and configured WANsupervisor on the target system. In order to configure the Supervisor, you have to run the /opt/andrisoft/bin/install_supervisor script to enter the Console's IP address and database password.
debian:~# /opt/andrisoft/bin/install_supervisor
debian:~# service WANsupervisor start
debian:~# update-rc.d WANsupervisor defaults 99

Step 3. Remove local firewall rules
The iptables service overrules the Filter, and therefore has to be stopped. The Filter will manage the firewall rules from now on.
debian:~# update-rc.d iptables stop
debian:~# service iptables stop

Step 4. Install the Filter
Install the packages WANsensor and WANfilter.
debian:~# wget http://www.andrisoft.com/files/debian7/WANsensor-5.4-0.amd64.deb
debian:~# wget http://www.andrisoft.com/files/debian7/WANfilter-5.4-0.amd64.deb
debian:~# dpkg -i WANsensor-5.4-0.amd64.deb WANfilter-5.4-0.amd64.deb

Step 5. Setup the Filter
Log in to the Console to set up Filter(s). Filters are started, monitored and stopped by the WANsupervisor daemon, so make sure the WANsupervisor service is always running.

WANGUARD and WANSIGHT can be installed using Debian-compatible packages built for i686 ( 32 bit Intel or AMD ) and amd64 ( 64 bit Intel or AMD ) architectures. The installation steps listed below contain references only to 64 bit packages. To install the packages on 32 bit CPUs, simply change the "amd64" string with "i686". All packages were tested on Debian 6.x.  

WANGUARD_5_4.pdf WANGUARD 5.4 User Guide.
WANSIGHT_5_4.pdf WANSIGHT 5.4 User Guide.
WANconsole-5.4-0.i686.deb The Console is a web portal that provides single-point management and reporting for WANSIGHT and WANGUARD.
WANconsole-5.4-0.amd64.deb
WANsensor-5.4-0.i686.deb The Sensor is the WANSIGHT and WANGUARD component that does traffic accounting, monitoring and analysis.
WANsensor-5.4-0.amd64.deb
WANfilter-5.4-0.i686.deb The Filter is the WANGUARD component able to detect attackers and scrub malicious traffic.
WANfilter-5.4-0.amd64.deb
WANsupervisor-5.4-0.i686.deb The Supervisor provides routines used to start, shutdown and monitor WANSIGHT and WANGUARD components.
WANsupervisor-5.4-0.amd64.deb
WANbgp-5.4-0.all.deb The WANbgp package is used by WANGUARD for sending BGP routing announcements.

 

CONSOLE
INSTALLATION
STEPS: 		Step 1. Install the Console's dependencies
First make sure that all the required packages are installed. Use the apt-get command, after you enabled the universe repository in /etc/apt/sources.list.
debian:~# apt-get install mysql-server apache2 php5 php5-snmp php5-cli php5-mysql php5-geoip libdbd-mysql-perl libnet-telnet-perl tshark quagga rrdtool wget php5-mcrypt tcpdump whois traceroute ntp libnuma1

Step 2. Configure the MySQL server
By default, the MySQL server does not have a password set. Start the MySQL server and set a password for the MySQL root user. By default MySQL is bound to the loopback interface, so you must comment the bind-address parameter. If you deploy the Sensor or the Filter on remote systems, make sure that the MySQL server is accessible by opening port tcp/3306 in the firewall.
debian:~# nano /etc/mysql/my.cnf #comment any "bind-address" directive, enable "max_connections=300", edit "max_allowed_packet=64M" and add "skip-name-resolve", all in the [mysqld] section
debian:~# service mysql start
debian:~# /usr/bin/mysqladmin -u root password 'new-password'
debian:~# service mysql restart 

Step 3. Install the packages
Install the packages WANsupervisor, WANconsole, WANsensor and WANbgp.
debian:~# wget http://www.andrisoft.com/files/debian6/WANsupervisor-5.4-0.amd64.deb
debian:~# wget http://www.andrisoft.com/files/debian6/WANconsole-5.4-0.amd64.deb
debian:~# dpkg -i WANsupervisor-5.4-0.amd64.deb WANconsole-5.4-0.amd64.deb
debian:~# wget http://www.andrisoft.com/files/debian6/WANbgp-5.4-0.all.deb
debian:~# wget http://www.andrisoft.com/files/debian6/WANsensor-5.4-0.amd64.deb
debian:~# dpkg -i WANbgp-5.4-0.all.deb WANsensor-5.4-0.amd64.deb

Step 4. Configure the Apache server
Please check that your distribution has PHP version 5.2 or above. Add the line "zend_extension=/opt/andrisoft/webroot/ixed/ixed.5.2.lin" for PHP 5.2 or "zend_extension=/opt/andrisoft/webroot/ixed/ixed.5.3.lin" for PHP 5.3 in php.ini, in the [PHP] section.
debian:~# nano /etc/php5/apache2/php.ini #add zend_extension=/opt/andrisoft/webroot/ixed/ixed.5.3.lin in the [PHP] section
debian:~# nano /etc/php5/cli/php.ini #add zend_extension=/opt/andrisoft/webroot/ixed/ixed.5.3.lin in the [PHP] section
debian:~# service apache2 restart

Step 5. Install the Console's database
Finish installing the Console by running the /opt/andrisoft/bin/install_console script. Enter the MySQL root password you set on step 2, and provide a new password for the Console's database.
debian:~# /opt/andrisoft/bin/install_console

Step 6. Configure and start the Supervisor
The WANsupervisor daemon must be installed and started on all systems. You have to run the /opt/andrisoft/bin/install_supervisor script to enter the Console's IP address and database password you set on step 5. If the Supervisor and Console are installed on the same system, don't use the loopback address 127.0.0.1 for the Console's IP address. Enter the IP address of the server.
debian:~# /opt/andrisoft/bin/install_supervisor
debian:~# service WANsupervisor start
debian:~# update-rc.d WANsupervisor defaults 99

Step 7. Access the Console
The Console web interface is accessible by pointing your web browser to http://<hostname>/wanguard or http://<hostname>/wansight, where <hostname> is the name of the server running the Console. The default username is "admin" with the password "changeme".
Continue with the installation of the Sensor by following the steps below.

SENSOR
INSTALLATION 
STEPS: 		Step 1. Install the Sensor's dependencies
Install the required packages. Configure and start ntpd to prevent clock de-synchronization issues.
debian:~# apt-get install wget ntp
debian:~# service ntp start

Step 2. Install, configure and start the Supervisor
This step is required if you haven't previously installed and configured WANsupervisor on the target system. In order to configure the Supervisor, you have to run the /opt/andrisoft/bin/install_supervisor script to enter the Console's IP address and database password.
debian:~# wget http://www.andrisoft.com/files/debian6/WANsupervisor-5.4-0.amd64.deb
debian:~# dpkg -i WANsupervisor-5.4-0.amd64.deb
debian:~# /opt/andrisoft/bin/install_supervisor
debian:~# service WANsupervisor start
debian:~# update-rc.d WANsupervisor defaults 99

Step 3. Install the Sensor
Install the WANsensor package.
debian:~# wget http://www.andrisoft.com/files/debian6/WANsensor-5.4-0.amd64.deb
debian:~# dpkg -i WANsensor-5.4-0.amd64.deb

Step 4. Setup the Sensor
Log into the Console to setup the Sensor(s). Sensors are started, monitored and stopped by the WANsupervisor daemon, so make sure the WANsupervisor service is always running.

FILTER
INSTALLATION
STEPS: 		Step 1. Install the Filter's dependencies
Install the required packages. Configure and start ntpd to prevent clock de-synchronization issues.
debian:~# apt-get install tcpdump iptables ntp
debian:~# service ntp start

Step 2. Install, configure and start the Supervisor
This step is necessary if you haven't previously installed and configured WANsupervisor on the target system. In order to configure the Supervisor, you have to run the /opt/andrisoft/bin/install_supervisor script to enter the Console's IP address and database password.
debian:~# /opt/andrisoft/bin/install_supervisor
debian:~# service WANsupervisor start
debian:~# update-rc.d WANsupervisor defaults 99

Step 3. Remove local firewall rules
The iptables service overrules the Filter, and therefore has to be stopped. The Filter will manage the firewall rules from now on.
debian:~# update-rc.d iptables stop
debian:~# service iptables stop

Step 4. Install the Filter
Install the packages WANsensor and WANfilter.
debian:~# wget http://www.andrisoft.com/files/debian6/WANsensor-5.4-0.amd64.deb
debian:~# wget http://www.andrisoft.com/files/debian6/WANfilter-5.4-0.amd64.deb
debian:~# dpkg -i WANsensor-5.4-0.amd64.deb WANfilter-5.4-0.amd64.deb

Step 5. Setup the Filter
Log in to the Console to set up Filter(s). Filters are started, monitored and stopped by the WANsupervisor daemon, so make sure the WANsupervisor service is always running.


Choose a Linux Distribution
Installation Instructions on Ubuntu 24.04 LTS
Installation Instructions on Ubuntu 22.04 LTS
Installation Instructions on Ubuntu 20.04 LTS
Installation Instructions on Ubuntu 18.04 LTS
Installation Instructions on Debian 12 "Bookworm"
Installation Instructions on Debian 11 "Bullseye"
Installation Instructions on Debian 10 "Buster"
Installation Instructions on Rocky/Alma/RHEL 9
Installation Instructions on Rocky/Alma/RHEL 8
Installation Instructions on CentOS 8
Installation Instructions on CentOS 7



Company News

SOLUCIONES PARA PREVENIR ATAQUES DDOS Y MONITORIZACIÓN

Andrisoft ha desarrollado dos aplicaciones basadas en Linux de gran innovación y precio asequible que resultan imprescindibles para administradores de redes y expertos en seguridad de organizaciones que manejan grandes redes IP, como Telecos, proveedores de acceso a Internet, centros de datos en la nube, redes de distribución de contenido o servicios de mitigación de ataques DDoS:

Wansight ofrece monitorización de ancho de banda, contabilidad IP y análisis exhaustivos del tráfico. Incluye un Sensor de flujos (Flow Sensor) que analiza los registros de flujo exportados por Cisco NetFlow, IPFIX, y sFlow así como un Sensor de paquetes Packet Sensor que analiza el tráfico entre dispositivos, los TAP o las configuraciones de puertos espejo. Una Console independiente del SO y basada en web ofrece gestión y elaboración de informes desde un único punto.

Wanguard amplía las funciones de Wansight con la integración de funciones avanzadas de detección y mitigación de ataques DDoS. Está concebido para proteger redes y servicios imprescindibles contra ataques volumétricos de denegación de servicio distribuido mediante la normalización (scrubbing) de paquetes maliciosos con reglas de filtrado dinámicas aplicadas a firewalls de hardware o software ubicados en el perímetro de la red. Es compatible con herramientas de reacción automatizadas, RTBH, BGP FlowSpec, desviación del tráfico, creación de scripts y agrupamiento de servidores.

PROTECCIÓN CONTRA DDOS EN 5 PASOS

alt Conozca Wanguard, nuestra solución de software para monitorizar redes de gran tamaño y protegerlas contra ataques DDoS.

alt Rellene el formulario de solicitud de evaluación de software para utilizar gratuitamente durante 30 días la versión de prueba de nuestro software.

alt Construya su propio dispositivo de mitigación de ataques DDoS mediante la instalación del software en un servidor Linux libre.

alt Utilice durante 30 días la versión de prueba completa. Nuestros ingenieros lo asistirán durante este periodo gratuitamente.

alt Adquiera en cualquier momento licencias anuales de software rentables a través de nuestra tienda online. Asistencia técnica es gratuito.

Wanguard 8.4 was released! Changelog and upgrade instructions at: https://t.co/4UIyox14bQ.
Follow Andrisoft on Twitter (X)
Join our Newsletter to receive the latest news from us!

  OUR CLIENTS  

  • Telecom Operators: HUAWEI | VODAFONE | ORANGE | JT GLOBAL | BITE LITHUANIA | MOLDTELECOM | JUPITER TELECOMMUNICATIONS

  • Internet Service Providers: GOOGLE FIBER | YELLOWFIBER | SKYLOGIC EUTELSAT | 1&1 VERSATEL | NETCOLOGNE | SOLCON NETHERLANDS

  • Cloud / VPS Hosting Providers: DIGITALOCEAN | LEASEWEB | FLEXENTIAL | WEEBLY | VPS.NET | EAPPS | SERVERPOINT

  • Software & Services: IBM CORPORATION | MOZILLA CORPORATION | NAMECHEAP | GANDI SAS | ALLEGRO | MBANK | TF1 FRANCE

  • Security / Anti-DDoS Services: GIGENET | BLACKLOTUS | KODDOS | ROKASECURITY | DOSARREST | SERVERIUS

  • Data Centers: EQUINIX | PHOENIXNAP | CORE-BACKBONE | BSO NETWORK | ASCENTY | PLUSSERVER | MYLOC MANAGED IT