Jump to:navigation, search
Wiki

USC - Unified Security Console

From Securepoint Wiki





notempty
Dieser Artikel bezieht sich auf eine nicht mehr aktuelle Version!

notempty
Der Artikel für die neueste Version steht hier

notempty
Zu diesem Artikel gibt es bereits eine neuere Version, die sich allerdings auf eine Beta-Version bezieht

















































































































Configure UTM via the Unified Security Console

Last adaptation to the version: 12.5.2

New:
notempty
This article refers to a Beta version
-


Requirements

  • At least version 12.2 is required
  • A user account from the Reseller Portal is required.
    In order to also be able to make changes, it is necessary to link the user access when logging into the Unified Security Portal for the first time.
  • The license must be clearly assignable to a UTM
  • The UTM must have access via https to the Unified Security infrastructure
  • The UTM does not have to, but can be reachable from outside
    (Exception: The functions Websession and Security Scan)
    No connection is established from outside to the UTM
    The UTM logs itself into the Unified Security Portal and retrieves configuration changes and commands.
    The settings in the portal are therefore not executed in real time, but with a small delay.
  • Currently not available for cluster licenses!
  • Currently not yet available for all Wortmann/Terra licenses!


    • Preparations

    Enabling the control via the Unified Security Console

    After updating to version ≥ 12.2, the UTM can be controlled via the Unified Security Console in the Securepoint Unified Security Portal.
    This function must first be enabled in the UTM itself in the new menu → USC .
    The UTM reports to the license server after the update. Here, the availability of the service is indicated and the menu is activated.

    notempty
    Attention: It usually takes a few minutes, in unfavorable cases up to an hour, before the menu is displayed for the first time.

    The process can be shortened by executing the command system restrictions update on the CLI after a few minutes of runtime (the UTM must have had the opportunity to report to the license server!).

    Caption Value Description
    Privacy Policy: Yes The privacy policy must be accepted
    Activated: Yes This activates the Unified Security Console - and thus the display, configuration and access via the Securepoint Unified Security portal.
    Authentication method: notempty
    New as of v12.5

    PIN (recommended)Login mask

    		 Authentication method for a web session
    PIN: notempty
    New as of v12.5
    		•••••••• As authentication for a web session, a 6-digit PIN can be selected instead of the login mask with access data.
    • The pin must not consist of equal numbers
    • The pin must not consist of series of numbers (123456, 876543 etc.)
    • Pins that resemble a date (230508) or contain very simple number combinations are marked as »very weak«.
    Displays the Websession PIN
    Creates a new PIN
    The entered PIN is incorrect After 5 incorrect entries in a row, access is blocked.
    The block is only lifted again after correct login directly at the admin interface.
    notempty
    New as of v12.5.2
    Actions that can only be executed with a PIN:
    •  Reboot
    •  Shut down
    •  Restore factory settings
    • Cloud Backup  Restore


    USC in the portal


    In dieser Seite werden die Variablen für unterschiedliche Sprachen definiert.
    Diese Seite wird auf folgenden Seiten eingebunden






















    In dieser Seite werden die Variablen für unterschiedliche Sprachen definiert.
    Diese Seite wird auf folgenden Seiten eingebunden












    Note on Two-Factor Authentication

    An information dialog with instructions on how to activate two-factor authentication.     notempty
    USP administrators are required to use two-factor authentication as an additional security measure.
    If two-factor authentication is ‘’‘not activated’‘’ in your user account, login to the USP is ‘’‘blocked’‘’ until two-factor authentication is activated.

    Activation of two-factor authentication

    The activation of two-factor authentication depends on the type of user account:

    • If the user account is linked to the reseller portal and the RSP label is visible on the user account, two-factor authentication is activated via the Resellerportal
    • If the user account only exists in the portal, it is activated via User options reset password
    • A redirection to the necessary 2FA activation takes place via the button  Enable 2FA in the information dialog















    Fig.1
    • The user receives the following e-mail
    • Click on the link here
    Fig.2
  • Enter a new password
  • Confirm the password with the Submit button
    • Fig.3
  • Enter the displayed TOTP code in an authenticator app or scan the displayed QR code with an authenticator app
  • The two-factor authentication activation process for the user is now completed
  • If two-factor authentication has already been set up, the corresponding QR code and the TOTP code will be displayed again. This window can be closed.
    •

    Login to the portal

    Sign up with a reseller account
    Using the  Login button, you can log in to the Unified Security Portal USP with a reseller portal account.
    • You will be redirected to the reseller portal login portal.
    • Enter Username, Password, and One-Time Password from your reseller account
    • Clicking  Login will log you in to the reseller portal and the USP and redirect you to the USP.
    If the registered RSP account does not yet exist as a user in the USP, a dialog window opens in which you can add the RSP user as a user in the USP. notempty
    For RSP users with the roles Reseller and End customer notempty
    : 2.10
    • With  Link now the logged in RSP user is linked to a newly created USP user, which has the

    role USC Administrator

    • With  Close the dialog window is closed and displayed again the next time you log in with this unlinked RSP user
    • If  Do not show these messages again is confirmed this dialog window will not be displayed for the next 45 days if it is closed via  Close
    Log in with Securepoint Unified Security account
    Only a few steps are necessary for end customers to log into the portal:
    • Assign the × admin role to an user in the customer's tenant.
      The permissions will then be assigned automatically.
      If necessary, create a new user as described in User Management.
    • Call up the login page for the Securepoint Mobile Security Portal.
    • Selection of the option Login with Securepoint Unified Security account
    • Login with
    Tenant Domain can be found as part of the URL behind the word tenant. https://portal.securepoint.cloud/…-tenant-123456.sms-…123456.sms
    Username
    Password
    Password forgotten? This link opens a dialog that allows you to reset the password. A password reset email will be sent to the user.
  • The registration now takes place exclusively in the tenant of the assigned customer.
    No information about other customers of the reseller can be viewed.
    • Two-factor authentication
    After successfully entering the login data, an input dialog for the TOTP of the two-factor authentication appears.
    Once the TOTP has been entered correctly, the login to the portal takes place automatically.
    Dialog for entering the TOTP



    Call USC

    The Unified Security Console is accessed via the Securepoint Unified Security Portal at https://portal.securepoint.cloud

    Clicking on the device tile opens the device details.

  • The button should be used to change the default name in the device tile.
    Securepoint recommends assigning a unique name according to a clear structure.


    • Status Overview

    Show status in tile overview:

    Status Description
    Connected The UTM can reach the USC portal
    Disconnected The portal does not receive a message from the UTM
    USC active Is active if the Unified Security Console service is enabled    on the UTM in the  Unified Security Console menu.
    USR active Unified Security Report is configured and is sent out
    Update available There is an update on the UTM that can be installed
    Update highly recommended There is a security update that should be installed immediately!


    Detail display

    The detail display provides an overview of the most important states and messages for the UTM:

    • Hardware and software of the UTM
    • Messages from the Unified Security Report (if this option has been booked in the Reseller Portal)
    • An overview with information about the hardware status:
      • Memory usage
      • CPU utilization
      • Hard disk space used
    • Details on upgrade / rollback options
    • Display of the device location on a map (manual collection, no tracking)
    • License information
    • Information from the reseller portal about the company assigned to the license

    Operations

    Operations

    UTM Upgrade

    Action Description

    1. After clicking on the button Dryrun xy you have to confirm a security prompt  Confirm
    2. The update is started
    3. Notification: Update could be finalized (is displayed briefly or call via in the title bar)
    4. After a successful reboot, the new version can be finalized and thus also set as the future boot version
    5. After clicking the button Finalize the new version xy another security prompt appears
    6. Notification: Rollback finalized (is displayed briefly or call via in the title bar)
    The update is now complete



    notempty
    new in wiki


    1. After clicking the button Rollback to xy a security prompt appears
    2. The process is started
    3. After a successful reboot, the rollback version can be finalized and thus also set as the future boot version
    4. After clicking the button Finalize the new version xy another security prompt appears
    5. Notification: Rollback finalized (is displayed briefly or call via in the title bar)
    notempty
    new in wiki

     Accept privacy policy Before an update or rollback is possible, the privacy policy must be accepted
     Dryrun of the new version 12.x.2 The new version is first activated in the test run
    If this is not successful, the old version can be reactivated or a restart of the device can be triggered.
  • Without finalization, the UTM reboots with the previous version after a restart.
    •  Finalize the new version 12.x.2 The new version is also used during a restart
     Rollback to version 12.x.1 Performs a rollback to the previously installed version
    UTM System
     Reboot
    PIN recommended    		 Performs a restart of the UTM
     Shut down
    PIN recommended    		 Shuts down the UTM
  • Starting the UTM via the USC when powered off is not possible! This requires physical access to the unit.
    •  Restore factory settings
    PIN recommended    		 Restores the factory settings
  • Attention, the UTM will not contact the USC by itself afterwards


    • In dieser Seite werden die Variablen für unterschiedliche Sprachen definiert.
    Diese Seite wird auf folgenden Seiten eingebunden


































































































    In dieser Seite werden die Variablen für unterschiedliche Sprachen definiert.
    Diese Seite wird auf folgenden Seiten eingebunden






































    Websession

    Websession
     Start new websession Opens the dialog to start the administrative web interface of the UTM
    Websession with PIN
    notempty
    Websession with PIN (UTM from v12.5.1)
         The connection is established via the interface on which the default route of the UTM is set up.
    admin If there is no user with the name admin, a user with admin rights can be selected here with whom the Websession connection is to be started.
    Websession with PIN (UTM as of v12.5.1)
    _ _ _ _ _ _ Websession PIN (Configured on the UTM in the USC menu in the Unified Security Console section
    After entering the PIN, the Websession can be started directly using ↵ Enter.
    notempty
    New as of: 1.27
     Displays the Websession PIN
       Remember PIN for the current session notempty
    New as of 1.30
    		 In this dialogue window it is possible to remember the PIN for this session.
    If this is activated   , the PIN is automatically entered in other dialogues and the slider is no longer displayed. If the PIN is entered incorrectly, it will not be saved.
    The entered PIN is incorrect After 5 incorrect entries in a row, access is blocked.
    The block is only lifted again after correct login directly at the admin interface.
     Start new websession Opens the admin interface of the UTM in a new tab of the used browser
  • Pop-ups may need to be allowed for portal.securepoint.cloud in the browser used!
    • Websession with login screen
    notempty
    Websession with login screen (UTM from v12.5.1)
    The connection is established via the interface on which the default route of the UTM is set up.
    Websession with login screen (as of UTM v12.5.1)
    As the Websession PIN is deactivated, no automatic login can take place. Access data (user name and password) are required.
     Start new websession Opens the admin interface of the UTM in a new tab of the used browser
  • Pop-ups may need to be allowed for portal.securepoint.cloud in the browser used!
    • Websession with UTM up to v12.5.0

    notempty

    An update to the latest version is recommended

    IP address All interfaces with IP addresses on the UTM are offered in the drop-down menu.
    It is also indicated whether the IP addresses are public or local.

    Interface with a public IP address

    203.0.113.203 (A0) [Public]

  • A Websession PIN is required (see below)
  • If the first login 'after the first update of the UTM to a version 12.5.x via a Websession, the initial PIN 000000 is valid.
    The PIN must be changed at the first login.

    • Interface with private IP address

    192.168.12.50 (A1) [Local]

    • A link to the local administration web interface will be provided
  • User credentials with administrator rights for the UTM are required
  • The own IP must be registered as manager IP on the UTM
  • A connection in the local network to the UTM is required
    		•
    Websession with PIN (UTM up to v12.5.0)
    Port 11115
    Port through which the admin interface of the UTM can be reached (is read from the settings of the UTM under Network Server Settings )
    PIN: ••••••••
    Websession PIN (Configured on the UTM in the USC menu in the Unified Security Console section
    The entered PIN is incorrect
    After 5 incorrect entries in a row, access is blocked.
    The block is only lifted again after correct login directly at the admin interface.
    Version Version
    Currently used firmware version
     Start new websession PIN Opens the admin interface of the UTM in a new tab of the used browser
  • Pop-ups may need to be allowed for portal.securepoint.cloud in the browser used!
    •

    Cloud backup

    Cloud backup
    Indication of the following values:
    • Time of regular backup creation.
    • Exact time of the saved backups
    • Name of the saved backups
    • UTM version of the saved backups
     Download Downloads the backup locally
     Restore
    PIN recommended    		 Restores the selected configuration.
    In the configuration management in the admin interface of the UTM, this can then be set as the active or start configuration.
     Delete Deletes the configuration backup
    Operations
     Set new password Opens a dialog for creating a new password
  • Existing configuration backups remain encrypted with the old password!
    •  Create a new backup Creates a configuration backup

    Applications

    Applications

    Shows the status of the applications on the UTM with possible actions.
    The chart can be sorted by application name or status by clicking on the respective column.
    Status DOWN The application is not active
    Status UP The application is active
    Status N/A The application is not available on this UTM
     Start Starts the application
     Restart Stops the application and performs a restart
     Stop Stops the application

    Status

    Status
    Shows utilization and consumption in the course of time for
    • CPU
    • Load
    • Memory
    • Data Disk

    Operations log

    Operations log
    Log of the communication between UTM and the Unified Security infrastructure
  • The Unified Security Console and UTM commands are stored with user data in the Unified Security Portal audit log:  Auditlog
    		•

    Security Scan

    Security Scan
  • For this function, the UTM must be accessible from outside by a public IP!
    •  Start new scan Starts the port scan dialog

    IP address 192.0.2.192
    Public IP address to be scanned.
    If multiple interfaces with public IP addresses that can be reached from outside are identified, a separate result can be displayed for each interface.
    Profile
      Securepoint TOP 100 (TCP)    		 Clicking on the profile entry shows the list of ports that are scanned with applications and services that usually use that port.
     Show details Displays open ports and applications and services that usually use them.

    Inventory

    Inventory
    Here you can save information about the device and (for devices with SIM card) the contract:
    • Inventory:
      • Bill number
      • Bill date
      • Warranty starts on
      • Warranty ends on
      • External inventory link
      • Description
    • Contract:
      • Provider
      • Tariff
      • Customer number
      • Contract number
      • Start of contract
      • Contract term
      • Handover date
    Retrieved from "https://wiki.securepoint.de/index.php?title=USC/UTM_v12.5.2&oldid=89172"