WANGUARD and WANSIGHT can be installed using RedHat-compatible packages built for i686 ( 32 bit Intel or AMD ) and x86_64 ( 64 bit Intel or AMD ) architectures. The installation instructions listed below contain references only for 64 bit packages. To install the packages on 32 bit CPUs, simply change the "x86_64" string with "i686". The packages were tested on RedHat Enterprise Linux 6.x and CentOS 6.x.
| WANGUARD_5_4.pdf | WANGUARD 5.4 - User Manual and Administrator Guide. |
| WANSIGHT_5_4.pdf | WANSIGHT 5.4 - User Manual and Administrator Guide. |
| WANconsole-5.4-0.i686.rpm | The Console is a web portal that provides single-point management and reporting for WANSIGHT and WANGUARD. |
| WANconsole-5.4-0.x86_64.rpm | |
| WANsensor-5.4-0.i686.rpm | The Sensor is the WANSIGHT and WANGUARD component that does traffic accounting, monitoring and analysis. |
| WANsensor-5.4-0.x86_64.rpm | |
| WANfilter-5.4-0.i686.rpm | The Filter is the WANGUARD component able to detect attackers and scrub malicious traffic. |
| WANfilter-5.4-0.x86_64.rpm | |
| WANsupervisor-5.4-0.i686.rpm | The Supervisor provides routines used to start, shutdown and monitor WANSIGHT and WANGUARD components. |
| WANsupervisor-5.4-0.x86_64.rpm | |
| WANbgp-5.4-0.noarch.rpm | The WANbgp package is used by WANGUARD for sending BGP routing announcements. |
| CONSOLE INSTALLATION STEPS: |
Step 1. Install the Console's dependencies First make sure that all the required packages are installed. On CentOS and Fedora you should use the yum package manager. On RedHat Enterprise systems you should use the up2date package manager. [root@localhost ~]# yum install mysql mysql-server httpd php php-cli php-mysql perl-MailTools perl-DBD-MySQL perl-Net-Telnet quagga libart_lgpl php-snmp wget which tcpdump ruby gettext php-ldap cairo pango wireshark tcpdump openssl rrdtool rrdtool-perl ntp
Step 2. Configure the MySQL server By default, the MySQL server does not have a password set. Start the MySQL server and set a password for the MySQL root user. If you deploy Sensors or Filters on remote systems, make sure that the MySQL server is accessible by opening port tcp/3306 in the firewall. [root@localhost ~]# nano /etc/my.cnf #set "max_allowed_packet=64M", "max_connections=300" and "skip-name-resolve" in the [mysqld] section
[root@localhost ~]# service mysqld start [root@localhost ~]# /usr/bin/mysqladmin -u root password 'new-password' [root@localhost ~]# service mysqld restart [root@localhost ~]# chkconfig --level 345 mysqld on Step 3. Install the packages Install the packages WANsupervisor, WANconsole and WANbgp. [root@localhost ~]# wget http://www.andrisoft.com/files/redhat6/WANsupervisor-5.4-0.x86_64.rpm
[root@localhost ~]# wget http://www.andrisoft.com/files/redhat6/WANconsole-5.4-0.x86_64.rpm [root@localhost ~]# rpm -Uvh ./WANsupervisor-5.4-0.x86_64.rpm ./WANconsole-5.4-0.x86_64.rpm [root@localhost ~]# wget http://www.andrisoft.com/files/redhat6/WANbgp-5.4-0.noarch.rpm [root@localhost ~]# rpm -Uvh ./WANbgp-5.3-0.noarch.rpm Step 4. Configure the Apache server Add the "zend_extension=/opt/andrisoft/webroot/ixed/ixed.5.3.lin" in php.ini, in the [PHP] section. Disable SeLinux. [root@localhost ~]# nano /etc/php.ini #add zend_extension=/opt/andrisoft/webroot/ixed/ixed.5.3.lin in the [PHP] section, set date.timezone in the [Date] section ( see http://php.net/manual/en/timezones.php )
[root@localhost ~]# service httpd restart [root@localhost ~]# setenforce 0 ; nano /etc/selinux/config #set SELINUX=permissive Step 5. Install the Console's database Finish installing the Console by running the /opt/andrisoft/bin/install_console script. Enter the MySQL root password you set on step 2, and provide a new password for the Console's database. [root@localhost ~]# /opt/andrisoft/bin/install_console
Step 6. Configure and start the Supervisor The WANsupervisor daemon must be installed and started on all systems. You have to run the /opt/andrisoft/bin/install_supervisor script to enter the Console's IP address and database password you set on step 5. If the Supervisor and Console are installed on the same system, don't use the loopback address 127.0.0.1 for the Console's IP address. Enter the IP address of the server. [root@localhost ~]# /opt/andrisoft/bin/install_supervisor
[root@localhost ~]# service WANsupervisor start [root@localhost ~]# chkconfig --level 345 WANsupervisor on Step 7. Access the Console The Console web interface is accessible by pointing your web browser to http://<hostname>/wanguard or http://<hostname>/wansight, where <hostname> is the name of the server running the Console. Continue with the installation of the Sensor by following the steps below. |
| SENSOR INSTALLATION STEPS: |
Step 1. Install the Sensor's dependencies Install the required packages. Configure and start ntpd to prevent clock de-synchronization issues. [root@localhost ~]# yum install wget mysql-libs ntp
[root@localhost ~]# service ntpd start Step 2. Install, configure and start the Supervisor This step is required if you haven't previously installed and configured WANsupervisor on the target system. In order to configure the Supervisor, you have to run the /opt/andrisoft/bin/install_supervisor script to enter the Console's IP address and database password. [root@localhost ~]# wget http://www.andrisoft.com/files/redhat6/WANsupervisor-5.4-0.x86_64.rpm
[root@localhost ~]# rpm -Uvh ./WANsupervisor-5.4-0.x86_64.rpm [root@localhost ~]# /opt/andrisoft/bin/install_supervisor [root@localhost ~]# service WANsupervisor start [root@localhost ~]# chkconfig --level 345 WANsupervisor on Step 3. Install the Sensor Install the WANsensor package. [root@localhost ~]# wget http://www.andrisoft.com/files/redhat6/WANsensor-5.4-0.x86_64.rpm
[root@localhost ~]# rpm -Uvh ./WANsensor-5.4-0.x86_64.rpm Step 4. Setup the Sensor Log into the Console to setup the Sensor(s). Sensors are started, monitored and stopped by the WANsupervisor daemon, so make sure the WANsupervisor service is always running. |
| FILTER INSTALLATION STEPS: |
Step 1. Install the Filter's dependencies Install the required packages. Configure and start ntpd to prevent clock de-synchronization issues. [root@localhost ~]# yum install wget mysql-libs ntp
[root@localhost ~]# service ntpd start Step 2. Install, configure and start the Supervisor This step is necessary if you haven't previously installed and configured WANsupervisor on the target system. In order to configure the Supervisor, you have to run the /opt/andrisoft/bin/install_supervisor script to enter the Console's IP address and database password. [root@localhost ~]# wget http://www.andrisoft.com/files/redhat6/WANsupervisor-5.4-0.x86_64.rpm
[root@localhost ~]# rpm -Uvh ./WANsupervisor-5.4-0.x86_64.rpm [root@localhost ~]# /opt/andrisoft/bin/install_supervisor [root@localhost ~]# service WANsupervisor start [root@localhost ~]# chkconfig --level 345 WANsupervisor on Step 3. Remove local firewall rules The iptables service overrules the Filter, and therefore has to be stopped. The Filter will manage the firewall rules from now on. [root@localhost ~]# chkconfig --level 2345 iptables off
[root@localhost ~]# service iptables stop Step 4. Install the Filter Install the packages WANsensor and WANfilter. [root@localhost ~]# wget http://www.andrisoft.com/files/redhat6/WANsensor-5.4-0.x86_64.rpm
[root@localhost ~]# wget http://www.andrisoft.com/files/redhat6/WANfilter-5.4-0.x86_64.rpm [root@localhost ~]# rpm -Uvh ./WANsensor-5.4-0.x86_64.rpm [root@localhost ~]# rpm -Uvh ./WANfilter-5.4-0.x86_64.rpm Step 5. Setup the Filter Log in to the Console to set up Filter(s). Filters are started, monitored and stopped by the WANsupervisor daemon, so make sure the WANsupervisor service is always running. |