Opinnate

                                                                                                                                                                                                                                              Blog  Support

Opinnate POC Guideline v1.1.0

Table of Contents

System Requirements #

  1. This product is to be installed on a virtual server having system requirements as follows:
  1. On firewalls where POC is planned a user account having administrative rights needs to be created.
  1. Network access from the virtual server to the related firewalls and their related L3 switch components must also be given on the following service ports:
  1. Syslog traffic to the related syslog server needs to be configured and firewall access be given if required.
  1. SMTP reach to the related mail server needs to be configured and firewall access be given if required.
  1. LDAP access to internal directory server needs to be given on firewalls.
  1. Radius access to internal AAA server needs to be given on firewalls and necessary configuration be done if the preferred remote authentication is Radius.

POC Checklist

Following list contains the items that will be tested during the POC process.

#Task NameTest Condition and Details
1New admin user creationA new local username will be created with one of the predefined admin profiles
2LDAP/Radius IntegrationLDAP credentials will be configured on the system and new LDAP user be created with one of the predefined admin profiles
3Admin Profiles Add/EditNew admin profile will be created having the RW right for firewall operation RO right for admin profiles and users
4Syslog server configurationSyslog server will be created to send system log messages.
5Device User Profile configurationNew device user profile to be created with the predefined information that is created on firewalls
6Device integrationNew device will be configured and added with necessary fields
7Device LDAP Integration additionNew LDAP integration to be added for user based rule creation
8Device LDAP SSO Relation additionRelation between devices and domains to be defined to create a user based rule on the related devices
9Enviromental settings (DNS & Pci Dss) configurationCorporate DNS server and PCI-DSS subnets be defined if exists.
10SMTP add(Notification)For mail integration SMTP server details will be configured
11Renew DataTo pull data on all firewalls and make necesary analysis data must be renewed. It may take half an hour
12Rule Viewer FilteringApply a filter based on source IP, destination IP and schedule information
13Rule CheckerUse one or two source and destination IP information to find if the rule exists or not
14Topology Find PathUsing the search field give source and destination IP information and click on Find Path
15Topology Rule CheckerOn the search field give service information in addition to IP and click on Rule Check
16Report ExportChoose PCI based reporting and choose the devices and click generate report button
17Corporate Policy4 different network roles be defined and relations between this roles be defined on Security Policy matrix
18Add New Rule RequestCreate a new rule request using the source IP, destination IP and service information
19Add New Rule Path Free RequestCreate a new rule request using the source IP, destination IP and service information and also choose the device from the list that action be applied
20Add New Rule Request (User Based)Create a new rule request using the source IP, destination IP, domain, user and service information
21Add New Rule Path Free Request (User Based)Create a new rule request using the source IP, destination IP, domain, user and service information and also choose the device from the list that action be applied
22Server Cloning(Same Network)Create a new request for a new IP on the same subnet
23Server Cloning(Diff Network)Create a new request for a new IP on a different subnet
24Optimize – ShadowChoose the devices that shadow policies to be found and check the related rules
25Optimize Clean DisableChoose the devices that clean disable policies to be found and check the related rules
26Optimize DecommissionChoose IP/s to be removed from the firewalls and check the related rules
27Auto Renew EditAuto renewing must be enabled to refresh all firewall data
28Group Base New GroupCreate a new group and define its members
29Group Base New PolicyCreate a new group based rule request with necessary source IP, destination IP and service fields
30Group Base Ip Add to GroupAdding a new IP address to a group request
31Group Rule ViewerFind all groups based rule information here. Apply a filter for a specific group

Powered by BetterDocs