mirror of
https://github.com/opnsense/docs
synced 2024-11-10 19:10:55 +00:00
18b58b320a
commit 4fc58db7f361fca140119665107f562333ec416c
Author: Ad Schellevis <ad@opnsense.org>
Date: Fri Apr 7 18:52:35 2023 +0200
minor compile issue in https://github.com/opnsense/docs/pull/465
commit 5859bb84be40f20358549ec014f571e9c70858da
Author: Ad Schellevis <ad@opnsense.org>
Date: Tue Apr 4 17:08:55 2023 +0200
troubleshooting : add webgui recovery help, ipsec: explain async crypto a bit better
commit b2189c500314e67607952fd8eae68ccea72a3e17
Author: Ad Schellevis <ad@opnsense.org>
Date: Wed Mar 29 16:27:46 2023 +0200
VPN/IPsec/Examples - add a note about connecting childre. closes https://github.com/opnsense/core/issues/6451
commit e0bb5a46fe8cd46334b3849503b29aa4c28a4ff2
Author: Ad Schellevis <ad@opnsense.org>
Date: Wed Mar 29 14:26:56 2023 +0200
changelogs
commit b002a92e8e2cbd202e23d823079a5c69aa8e4d5c
Author: Ad Schellevis <ad@opnsense.org>
Date: Tue Mar 28 17:03:30 2023 +0200
System/Settings/Administration - minor fixes
commit e6c02aa1864c1f229e33f2046272351f4a25ef8a
Author: Ad Schellevis <ad@opnsense.org>
Date: Tue Mar 28 16:48:45 2023 +0200
System/Settings/Administration - reorganise settings a bit and add missing options. Also explain the risks of using "listen interfaces" and how to properly use them. Loopbacks are intended to create the environment needed to reliably bind a service in a changing world.
commit 1fae5cc8a81fda2ba790c2e3cfc357f46f2c6d8b
Author: Stephan <stephan.de.wit@deciso.com>
Date: Tue Mar 28 16:24:13 2023 +0200
unbound: update reporting/advanced/blocklist documentation
commit 8ffa3e1565bff8b8ffb986d7dd447e7f5371805f
Author: Ad Schellevis <ad@opnsense.org>
Date: Tue Mar 28 08:58:44 2023 +0200
update api endpoints
commit 07f9f614b6fa49847bd78b013d8c664c3ac50940
Author: Ad Schellevis <ad@opnsense.org>
Date: Tue Mar 28 08:56:00 2023 +0200
changelogs
commit f234f235b404a25e7b9af8ca27796369b53a0277
Author: Ad Schellevis <ad@opnsense.org>
Date: Mon Mar 27 17:38:49 2023 +0200
Access / Servers / Radius - add mnissing options
commit f6fc23f09ea2ec3b626f07ab92bac7b2e04e0001
Author: Ad Schellevis <ad@opnsense.org>
Date: Tue Mar 21 16:57:03 2023 +0100
changelogs
commit 831b0d54a209b13c54e9f4272a705d198cab86b2
Author: Ad Schellevis <ad@opnsense.org>
Date: Tue Mar 21 16:36:02 2023 +0100
IPS: change Emerging Threats documentation links
commit 1ed441a7fcce20a33d5c9eaccc0d63af663b9332
Author: Ad Schellevis <ad@opnsense.org>
Date: Fri Mar 17 15:30:16 2023 +0100
Interfaces: Diagnostics: Ping - update documentation, closes https://github.com/opnsense/core/issues/6378
commit f7e4ee76c158f2a0b73ae5a74c77ecb451b5dbd7
Author: Ad Schellevis <ad@opnsense.org>
Date: Thu Mar 16 21:59:34 2023 +0100
Interfaces: Diagnostics: Ping - documentation for https://github.com/opnsense/core/issues/6378
commit 82e2801b67
Author: zenarmor <117448597+zenarmor@users.noreply.github.com>
Date: Fri Apr 7 00:21:10 2023 +0300
Update zenarmor_hardwarerequirements.rst
Hardware Requirements content updated
commit 72e65f07e3
Author: zenarmor <117448597+zenarmor@users.noreply.github.com>
Date: Thu Apr 6 15:51:35 2023 +0300
Update zenarmor_hardwarerequirements.rst
HW req. Table Updated
commit 2d8e780e62
Author: zenarmor <117448597+zenarmor@users.noreply.github.com>
Date: Tue Mar 14 14:49:39 2023 +0300
Update zenarmor.rst
commit 59cde54661
Author: zenarmor <117448597+zenarmor@users.noreply.github.com>
Date: Tue Mar 14 14:43:18 2023 +0300
Update zenarmor_install.rst
commit 13a60a4564
Author: zenarmor <117448597+zenarmor@users.noreply.github.com>
Date: Tue Mar 14 14:38:36 2023 +0300
Update zenarmor.rst
commit 9fd1a80b34
Author: zenarmor <117448597+zenarmor@users.noreply.github.com>
Date: Tue Mar 14 14:35:54 2023 +0300
Update zenarmor.rst
commit 5f08f24b5f
Author: zenarmor <117448597+zenarmor@users.noreply.github.com>
Date: Tue Mar 14 14:28:47 2023 +0300
Update zenarmor.rst
commit 29e34ff9c2
Author: zenarmor <117448597+zenarmor@users.noreply.github.com>
Date: Tue Mar 14 02:33:23 2023 +0300
Update zenarmor_install.rst
commit b4e97197f1
Author: zenarmor <117448597+zenarmor@users.noreply.github.com>
Date: Tue Mar 14 02:28:16 2023 +0300
Update zenarmor.rst
commit 4b36e1f03e
Author: zenarmor <117448597+zenarmor@users.noreply.github.com>
Date: Tue Mar 14 02:21:25 2023 +0300
Update zenarmor.rst
commit a20fd312d0
Author: zenarmor <117448597+zenarmor@users.noreply.github.com>
Date: Tue Mar 14 02:16:38 2023 +0300
Update zenarmor.rst
commit 647a134479
Author: zenarmor <117448597+zenarmor@users.noreply.github.com>
Date: Tue Mar 14 02:16:11 2023 +0300
Update zenarmor.rst
Feature list is updated
commit b573a10a2d
Author: zenarmor <117448597+zenarmor@users.noreply.github.com>
Date: Tue Mar 14 02:12:12 2023 +0300
Update zenarmor.rst
Youtube URL Updated
commit e9d2a63c00
Merge: e132115 f3c6e5b
Author: zenarmor <117448597+zenarmor@users.noreply.github.com>
Date: Tue Mar 14 02:10:46 2023 +0300
Merge branch 'opnsense:master' into master
commit e132115879
Author: zenarmor <117448597+zenarmor@users.noreply.github.com>
Date: Mon Nov 7 15:32:39 2022 +0300
Update zenarmor_install.rst
commit e348b92a5b
Author: zenarmor <117448597+zenarmor@users.noreply.github.com>
Date: Mon Nov 7 15:25:03 2022 +0300
Update zenarmor_install.rst
commit 0709b7a09a
Author: zenarmor <117448597+zenarmor@users.noreply.github.com>
Date: Fri Nov 4 15:41:44 2022 +0300
Update zenarmor_install.rst
commit b64a2e497b
Author: zenarmor <117448597+zenarmor@users.noreply.github.com>
Date: Fri Nov 4 15:38:05 2022 +0300
Update zenarmor_install.rst
commit 3f660a01e8
Author: zenarmor <117448597+zenarmor@users.noreply.github.com>
Date: Fri Nov 4 15:16:46 2022 +0300
Update zenarmor_hardwarerequirements.rst
commit 2d3883035d
Author: zenarmor <117448597+zenarmor@users.noreply.github.com>
Date: Fri Nov 4 15:04:34 2022 +0300
Update zenarmor_hardwarerequirements.rst
204 lines
8.8 KiB
ReStructuredText
204 lines
8.8 KiB
ReStructuredText
==================================================
|
||
Zenarmor (Sensei): Installing via Web Interface
|
||
==================================================
|
||
|
||
|
||
|
||
|
||
**Note**
|
||
|
||
Zenarmor Free Edition is **forever free-of-charge**. We strongly recommend you register to keep in touch with updates and new features. You can register at `https://www.sunnyvalley.io/open-source-firewalls <https://www.sunnyvalley.io/open-source-firewalls>`_
|
||
|
||
|
||
Zenarmor may be installed using the web interface in OPNsense or using the command line interface via SSH or local system access (see :doc:`zenarmor_cmd_install`). The preferred method is the web interface because the process of installing plugins in OPNsense is simple and Zenarmor requires the use of the web interface to complete the initial configuration after installation.
|
||
|
||
To install plugins in OPNsense, you must use an account with administrative access.
|
||
|
||
.. Note::
|
||
|
||
Before installing Zenarmor, you should ensure you meet the minimum system requirements in order to run Zenarmor or to have the best user experience. See :doc:`zenarmor_hardwarerequirements` for more information.
|
||
|
||
----------------------------
|
||
Web Interface Installation
|
||
----------------------------
|
||
|
||
To install Zenarmor, you must first install the Sunny Valley Networks vendor repository plugin. Go to the :menuselection:`System --> Firmware --> Plugins` page. Click on the “+” icon next to os-sunnyvalley to install the plugin.
|
||
|
||
Once the vendor plugin is installed, you should see the Zenarmor plugin available in the list of plugins as os-sensei. If you do not see the Zenarmor plugin, you may need to refresh the “Plugins” page. Click the “+” icon next to os-sensei to install the plugin.
|
||
|
||
After installing Zenarmor, you should see the Zenarmor menu in the left sidebar of the OPNsense web interface. If you do not see the new, top-level menu, you may need to refresh the page.
|
||
|
||
.. image:: images/zenarmor-install-complete.png
|
||
:width: 100%
|
||
|
||
Next, you will need to complete the “Initial Configuration Wizard” for Zenarmor to be fully operational.
|
||
|
||
.. _Sensei_Initial_Configuration_Wizard:
|
||
|
||
------------------------------
|
||
Initial Configuration Wizard
|
||
------------------------------
|
||
Regardless of the installation method you used, you will need to complete the initial configuration wizard before you may start using Zenarmor.
|
||
|
||
To start the "Initial Configuration Wizard":
|
||
|
||
* Log in to your OPNsense web interface
|
||
* Click Zenarmor from the left menu
|
||
* Click on the Dashboard sub-menu to open the configuration wizard
|
||
|
||
....................
|
||
1- Welcome
|
||
....................
|
||
|
||
* Accept the Terms of Service and Privacy Policy by clicking on the checkbox.
|
||
|
||
.. image:: images/zenarmor-wizard-welcome.png
|
||
:width: 100%
|
||
|
||
* Click the :menuselection:`Proceed` button to continue to the :menuselection:`Hardware Check` section.
|
||
|
||
....................
|
||
2- Hardware Check
|
||
....................
|
||
|
||
Your hardware will be analyzed to ensure it meets the minimum requirements. You will receive one of following responses: compatible hardware, low-end hardware, incompatible hardware. The setup will not continue if you have incompatible hardware.
|
||
|
||
.. image:: images/zenarmor-wizard-hardware-high-end.png
|
||
:width: 100%
|
||
|
||
*Compatible*
|
||
|
||
.. image:: images/zenarmor-wizard-hardware-low-end.png
|
||
:width: 100%
|
||
|
||
*Low-end*
|
||
|
||
.. image:: images/zenarmor-wizard-hardware-incompatible.png
|
||
:width: 100%
|
||
|
||
*Incompatible*
|
||
|
||
* Click :menuselection:`Next` to continue to the :menuselection:`Reporting Database` section.
|
||
|
||
......................
|
||
3- Reporting Database
|
||
......................
|
||
|
||
* Select the database you wish to use for reporting. High end systems will have 3 options, while low end systems only have 2 options.
|
||
|
||
.. Warning::
|
||
|
||
If you wish to use a remote ElasticSearch database, you must choose it now since you cannot change this after the initial configuration wizard has been completed.
|
||
|
||
.. image:: images/zenarmor-wizard-reporting-database-high-end.png
|
||
:width: 100%
|
||
|
||
*High-end*
|
||
|
||
.. image:: images/zenarmor-wizard-reporting-database-low-end.png
|
||
:width: 100%
|
||
|
||
*Low-end*
|
||
|
||
* If you select “Use a Remote Elasticsearch Database”, you will be prompted to enter the URL, username, and password.
|
||
|
||
.. Note::
|
||
|
||
If you have SOHO or higher Zenarmor paid subscription, we recommend that you install your license key before proceeding with the initial configuration wizard since this will activate a feature that will enable you to have central reporting for many firewalls from a single Elasticsearch instance. Otherwise, only a single remote ES instance can be used with a single firewall.
|
||
|
||
.. image:: images/zenarmor-wizard-reporting-database-remote.png
|
||
:width: 100%
|
||
|
||
* Click the :menuselection:`Install Database & Proceed` button to install the local database if one is chosen and continue to the :menuselection:`Interface Selection` section.
|
||
|
||
.......................
|
||
4- Interface Selection
|
||
.......................
|
||
|
||
* Select the Ethernet Interface(s) to protect. To do so, click on an interface and use the right/left arrow buttons to move it to protected/unprotected interfaces combo box.
|
||
|
||
For detailed information on "Deployment Modes", see `here <https://www.zenarmor.com/docs/guides/deployment-modes>`_.
|
||
|
||
.. image:: images/zenarmor-wizard-interface-selection-available.png
|
||
:width: 100%
|
||
|
||
.. image:: images/zenarmor-wizard-interface-selection-protected.png
|
||
:width: 100%
|
||
|
||
* Click :menuselection:`Next` to continue to the :menuselection:`Cloud Reputation` section.
|
||
|
||
....................
|
||
5- Cloud Reputation
|
||
....................
|
||
|
||
The Cloud Threat Intelligence data is queried in real-time when any connections are made through your network. This capability enables Zenarmor to respond to malware and wireless outbreaks in real-time and very quickly.
|
||
|
||
The engine processes the request, queries the **“Sunny Valley Network (SVN) Cloud”** in real-time, and decides whether it will be blocked or allowed. Zenarmor checks against 300+ million websites under 120+ categories in milliseconds.
|
||
|
||
Cloud Threat Intel settings let you:
|
||
|
||
* Enable/Disable the “Cloud Reputation & Web Categorization” engine
|
||
* Set local domain name you wish to be excluded from cloud queries
|
||
* Select the fastest Cloud Reputation Servers which are used for queries
|
||
|
||
.. image:: images/zenarmor-wizard-cloud-reputation.png
|
||
:width: 100%
|
||
|
||
* Click :menuselection:`Next` to continue to the :menuselection:`Updates & Health Check section` section.
|
||
|
||
|
||
..........................
|
||
6- Updates & Health Check
|
||
..........................
|
||
|
||
.. Note::
|
||
|
||
Zenarmor uses the OPNsense package system to deliver its updates. You may configure how you prefer to receive your Zenarmor updates.
|
||
|
||
* **Check for Updates Automatically:** Checks automatically for the updates and creates a notification on the Zenarmor “Status” page.
|
||
* **Automatically Update Databases and Threat Intelligence Data:** Checks automatically for the updates and creates a notification on the Zenarmor “Status” page.
|
||
* **Enable Generation of Support Data:** If enabled, Zenarmor collects supporting data during unusual events and crashes. You can share this data when opening a ticket with us.
|
||
* **Max Swap Utilization:** You may specify how much swap space Zenarmor may utilize when the system is low on memory. It is recommended that you do not set this value too high. Otherwise, system performance may suffer.
|
||
* **Health Check:** If enabled, "Health Check" monitors the system's memory, CPU, disk usage and core services if they're working correctly, and raises alerts if anything goes wrong. "Health Check" also stops the appropriate services if they're consuming excessive system resources.
|
||
* **Help Sunny Valley Improve Its Products and Services:** If enabled, general system information is submitted to Sunny Valley to help improve the future development of Zenarmor.
|
||
|
||
.. image:: images/zenarmor-wizard-updates-health-check.png
|
||
:width: 100%
|
||
|
||
* Click :menuselection:`Next` to continue to the :menuselection:`Deployment Size` section.
|
||
|
||
....................
|
||
7- Deployment Size
|
||
....................
|
||
|
||
Zenarmor may support up to 1,000 concurrent users on an average PC. You can set your Zenarmor installation’s capacity in this section.
|
||
|
||
.. Note::
|
||
|
||
You may see detailed information about suggested hardware at :doc:`zenarmor_hardwarerequirements`
|
||
|
||
.. image:: images/zenarmor-wizard-deployment-size.png
|
||
:width: 100%
|
||
|
||
* Click :menuselection:`Next` to continue to the :menuselection:`Finish` section.
|
||
|
||
....................
|
||
8- Finish
|
||
....................
|
||
|
||
* You may enter your email address if you wish to subscribe to the Sunny Valley email list to stay up to date on the latest news.
|
||
|
||
.. image:: images/zenarmor-wizard-finish.png
|
||
:width: 100%
|
||
|
||
* Click the :menuselection:`Finish` button to save your initial configuration data and start using Zenarmor.
|
||
|
||
-------------------
|
||
**Hands-on Video**
|
||
-------------------
|
||
|
||
.. raw:: html
|
||
|
||
<iframe width="560" height="315" src="https://www.youtube.com/watch?v=Hvz1qhNBZdo" frameborder="0" allowfullscreen></iframe>
|
||
|