Opinnate

                                                                                                                                                                                                                                              Blog  Support

Opinnate POC Guideline v1.3.0

System Requirements #

  1. This product is to be installed on a virtual server having system requirements as follows:
  1. On firewalls where POC is planned a user account having administrative rights needs to be created.
  1. Network access from the virtual server to the related firewalls and their related L3 switch components must also be given on the following service ports:
  1. Syslog traffic to the related syslog server needs to be configured and firewall access be given if required.
  1. SMTP reach to the related mail server needs to be configured and firewall access be given if required.
  1. LDAP access to internal directory server needs to be given on firewalls.
  1. Radius access to internal AAA server needs to be given on firewalls and necessary configuration be done if the preferred remote authentication is Radius.

POC Checklist #

Following list contains the items that will be tested during the POC process.

#Task NameTest Condition and Details
1New admin user creationA new local username will be created with one of the predefined admin profiles
2LDAP/Radius IntegrationLDAP credentials will be configured on the system and new LDAP user be created with one of the predefined admin profiles
3Admin Profiles Add/EditNew admin profile will be created having the RW right for firewall operation RO right for admin profiles and users
4Syslog server configurationSyslog server will be created to send system log messages.
5Device User Profile configurationNew device user profile to be created with the predefined information that is created on firewalls
6Device integrationNew device will be configured and added with necessary fields
7Device LDAP Integration additionNew LDAP integration to be added for user-based rule creation
8Device LDAP SSO Relation additionRelation between devices and domains to be defined to create a user-based rule on the related devices
9Environmental settings (DNS & Pci-Dss) configurationCorporate DNS server and PCI-DSS subnets be defined if exists.
10SMTP add(Notification)For mail integration SMTP server details will be configured
11Renew DataTo pull data on all firewalls and make necessary analysis data must be renewed. It may take half an hour
12Rule Viewer FilteringApply a filter based on source IP, destination IP and schedule information
13Object Viewer filteringSearch for any object and filter the related rules
14Rule CheckerUse one or two source and destination IP information to find if the rule exists or not
15Topology Find PathUsing the search field give source and destination IP information and click on Find Path
16Topology Rule CheckerOn the search field give service information in addition to IP and click on Rule Check
17Report ExportChoose PCI based reporting and choose the devices and click generate report button
18Disable PolicyDisable any chosen policy from rule viewer and using the edit function on rule viewer disable it
19Enable PolicyEnable any chosen disabled policy from rule viewer and using edit function on rule viewer enable it
20Delete PolicyDelete any chosen disabled policy from rule viewer and using edit function on rule viewer delete it
21Corporate Policy4 different network roles be defined and relations between this roles be defined on Security Policy matrix
22Add New Rule RequestCreate a new rule request using the source IP, destination IP and service information
23Add New Rule Path Free RequestCreate a new rule request using the source IP, destination IP and service information and also choose the device from the list that action be applied
24Add New Rule Request (User Based)Create a new rule request using the source IP, destination IP, domain, user and service information
25Add New Rule Path Free Request (User Based)Create a new rule request using the source IP, destination IP, domain, user and service information and also choose the device from the list that action be applied
26Server Cloning (Same Network)Create a new request for a new IP on the same subnet
27Server Cloning (Diff Network)Create a new request for a new IP ona different subnet
28Server Cloning Path-freeCreate a new request for a new IP on the same subnet
29Optimize – ShadowChoose the devices that shadow policies to be found and check the related rules
30Optimize Clean DisableChoose the devices that clean disable policies to be found and check the related rules
31Optimize DecommissionChoose IP/s to be removed from the firewalls and check the related rules
32Auto Renew EditAuto renewing must be enabled to refresh all firewall data
33Group Base New GroupCreate a new group and define its members
34Group Base New PolicyCreate a new group-based rule request with necessary source IP, destination IP and service fields
35Group Base Ip Add to GroupAdding a new IP address to a group request
36Group Rule ViewerFind all group-based rule information here. Apply a filter for a specific group

Powered by BetterDocs