StoneBlog.stonesoft.com

As you know there are multiple ways how to visualize the log data with StoneGate Management Client. You have probably noticed the “Statistics” shortcuts in the Log Browser’s toolbar already. Here is another convenient way to find more log statistics shortcuts:

Just right-click any column header in the Log Browser and select some of the log statistics shortcuts from the menu that opens. Note that these shortcuts are all related to the column you originally selected.

A picture is worth a thousand words! Log Statistics provide you efficient tools to drill in to the relevant pieces of log data.

written by Tero Jantunen - 1,223 views \\ tags: Log Statistics, logs, Shortcuts, SMC, Tips & Tricks

In SMC 5.0 there is one new shortcut that speeds up the daily administration tasks a bit. You can namely create new hosts wherever you see IP addresses. Just right-click that IP address and select “New Host” action from the menu that opens. This is a nice shortcut when you recognize some IP from the logs and you know you need to use a host element with that IP later e.g. in a security policy.

Continue reading »

written by Tero Jantunen - 1,411 views \\ tags: logs, New Host, Shortcuts, SMC, Tips & Tricks

You have probably noticed that there are lots of useful shortcut actions in engines’ right-click menu. You can e.g. view logs from that firewall or access the engine’s current policy by right-clicking the engine and selecting the actions from the menu that opens.

Since SMC 4.3 this right-click menu has also contained actions that open Overview of engine specific statistics. But did you know that you can customize which Overview templates are visible there?

Read for more instructions how do you do this… Continue reading »

written by Tero Jantunen - 1,092 views \\ tags: Monitoring, Overview, SMC, Tips & Tricks

You often need to unplug your laptop from the network e.g. when moving to the meeting rooms. Now from SMC 5.0.2 onwards there is a small enhancement in the Management Client that makes life easier for those administrators that need to move around.

When selecting Reconnect option from the File menu, the system pops up the login dialog. After inputting the login credentials, you can continue the work with the same windows and tabs you had opened when you lost the connectivity to Management Server.

written by Tero Jantunen - 893 views

Recently Stonesoft added a new feature to our SMC to allow you to “Search Rules”.   This feature allows to you search your rulebase based on any of the fields listed below.
✓    Source
✓    Destination
✓    Service
✓    Action
✓    Users
✓    QoS Class
✓    Time
✓    Comment
✓    Tag
✓    Source VPN
✓    Hits

So, with these fields to choose from you can use either one or many to help find a given rule in your rulebase.  This can be a very useful tool to help control your growing rulebase with all the change request you get.  I will provide two quick example’s of how to find the rules.   One is simply matching the elements in the rulebase and the other is matching alias elements.  Matching alias elements only takes one more step since they can have different values per firewall engines.

Continue reading »

written by SideKick - 1,297 views

I want to share a small cosmetic thing indicating how much we do care about details to constantly improve usability and user experience in our technology.

StoneGate Management Center (SMC) client can be started via a web link using Java Web Start technique, simplifying the effort of distributing the client in case of (for instance) SMC upgrade.

Starting from version 5.0, something cool happens when you try to do it from an operating system that since 1997… thinks different!

Continue reading »

written by RoarinPenguin - 2,395 views \\ tags: GUI, StoneGate Client, Think Different

How many times have you been asked to setup a VPN tunnel between your StoneGate firewalls and another 3rd party VPN endpoint that is sitting behind a NAT?   What’s the trick to getting this to work?  It’s very simple….. ‘Locations’….

Continue reading »

written by SideKick - 3,991 views

This article describes how to customize error message shown to user when he/she gives incorrect username and/or password when trying to authenticate to SSL VPN Application Portal.

1. Open /data/portwise/administration-service/files/access-point/built-in-files/codes.ewa for editing
2. Change following line and replace error message (between § and # characters) with your custom one:
1022308 Log on failed § Logon credentials not accepted # This occurs when a user fails to log on.
3. Copy customized codes.ewa file to /data/portwise/administration-service/files/access-point/custom-files/ directory
4. Publish latest configuration via Administrator Portal
5. Reboot the SSL VPN appliance(s)

Here is example how this is changed for user when mentioned error message is changed to This was changed! on codes.ewa file:

root@ssl132:~# less /data/portwise/administration-service/files/access-point/custom-files/other/codes.ewa | grep 1022308
1022308 Log on failed § This was changed! # This occurs when a user fails to log on.

And user now sees this:

written by terohy - 2,997 views

How many of you want to connect to your work using your Mac OS X desktops and laptops?  Well, there is some good news for you.   We have tested this using VPN Tracker 5.4.1 and successfully connected to StoneGate Firewall versions 4.2.8, 4.3.2 and 5.0.1 without issue.

It even gets a Virtual IP address via MODE CFG like the StoneGate Windows Client.  Still with Certificate authentication though (XAUTH works also, but not alone.  It still requires a cert in any case.)

NOTE — Don’t use static Username/Password (e.g. don’t set anything for username/password fields via Edit or you won’t be prompted for a username / password)

So, let’s break this into 3 sections,  The Mac OS X Steps, VPN Tracker Steps, & StoneGate Settings.

Continue reading »

written by SideKick - 5,246 views

I bet you have heard that Linux is the best OS in the world. And the most user-friendly. And the most secure as well… Yes, this is true. And this can be demonstrated by some abnormal program behavior under some “hardened” Linux distributions

Continue reading »

written by DR - 1,717 views