Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            Configuration Guide: Enterprise One

            Introduction

            This article provides a detailed outline for deploying our Enterprise One appliance in either the port mirrored or inline configuration, complete with appliance-specific images.


            For more high-level content about our physical network appliances, see  Physical Network Appliances: Overview and Specs.


            Table of contents


            Notes for Enterprise On Appliance Deployments

            • If your organization has restrictive firewall policies, you may need to make exceptions in your firewall that allows for outbound connections to Field Effect’s specific domains and ports. Our Customer Success team will reach out to you if this is required. To learn more, visit Firewall Exceptions for Network Appliances and Endpoint Agents.
            • Every appliance ships with a USB YubiKey; a security device that provides a physical form of multi-factor authentication (MFA). The appliance will not power on unless the YubiKey is plugged into a USB port
            • If standard DHCPs are provided, you can connect the appliance directly to the internal network device via the green management port green.
              • If you can’t provide a DHCP lease, a static IP can be assigned, and the steps are included in the appendix of this article.
            • The appliance must be installed at the pre-Network Access Translation (pre-NAT) level for full visibility into all network traffic. 
            • When installing the appliance physically, ensure to place it in the proper orientation as shown in this guide. If it's positioned in a way that restricts airflow, it may create performance and/or hardware issues.


            Procedure: Port Mirrored Configuration



            The port mirrored configuration was formerly referred to as the passive configuration. But since both appliances can be "passive", we have updated the terminology from "passive" to "port mirrored".


            When using the port mirrored configuration, internet traffic from your network's primary switch is mirrored and sent to the appliance for analysis. The illustration below shows the appliance deployed with a port mirrored configuration, which requires the following connections:

            • Yellow: a 1Gbps inbound connection that sends traffic from the mirrored port to the appliance.
            • Green: an outbound VPN connection used to connect to Field Effect’s data center(s).



            Making the Yellow Connection

            If applicable: repeat this process as many times as necessary by configuring SPAN ports on any remaining switches/firewalls and connecting them to yellow ports.


            If your organization uses a fiber connection, do not make the yellow connection described above. Instead, connect the fiber cable from your newly configured SPAN port to the red fiber port on the appliance.


            On the device you wish to use for port mirroring (firewall or switch), configure a Switched Port Analyzer (SPAN) port and mirror all traffic to it. Plug the provided yellow cable into this newly configured SPAN port.



            Plug the other end of the yellow cable into the yellow port on your appliance.



            Making the Green Connection with a DHCP Lease (preferred)

            If you can’t provide a DHCP lease, see the appendix at the end of this article.


            If you can provide a DHCP lease, plug one end of the green cable into any network port on your core switch with internet access. 



            Then connect the other end of the green cable into the green port on your appliance.



            Powering the Appliance

            Now that the appliance is properly connected, you can power it on. Ensure the power cable is plugged in, and once powered on, it will receive an IP address and connect to our data center. The IP address should be reserved on your DHCP server.



            Every physical appliance is shipped with a unique YubiKey, which is provides a physical form of multi-factor authentication (MFA). The appliance will not power on unless the YubiKey is plugged into a USB port. Ensure that the YubiKey is properly connected before powering on your appliance.


            To confirm connectivity, browse to the appliance status page or connect to the appliance console.



            Procedure: Inline Configuration


            When using the inline configuration, the appliance sits in between your network's primary switch and the firewall. All network traffic is directly passed from the switch, through the appliance, and then out through the firewall.


            The illustration below shows the connections required for an inline configuration:

            • Yellow: a 1Gbps inbound connection that sends traffic from the mirrored port to the appliance.
            • Blue: an 1Gbps outbound connection from the appliance to the internal network device.
            • Green:  an outbound VPN connection used to connect to Field Effect’s data center(s).



            Making the Yellow Connection

            If your organization uses a fiber connection, do not make the yellow connection described above. Instead, connect the fiber cable from your newly configured SPAN port to the red fiber port on the appliance.


            Begin by unplugging both ends of the network cable that connects the LAN port on your firewall and the WAN port on your core switch. This will disable your Internet connection. Plug the provided yellow cable into the LAN port you just unplugged on your firewall.



            Plug the other end of the yellow cable into the yellow port on your appliance.



            Making the Blue Connection

            If applicable: using the additional blue and yellow cables, repeat this process to connect any additional links you wish to monitor.


            After making the yellow connection above (either the yellow or fiber connection, depending on your network), plug the blue cable into the blue port on your appliance.



            Plug the other end of the blue cable into the WAN port you disconnected on your core switch. This will restore your Internet connection. To confirm an internet connection has been reestablished, navigate to a website using a computer connected to this core switch.



            Making the Green Connection with a DHCP Lease (preferred)

            If you can’t provide a DHCP lease, see the appendix at the end of this article.


            Once network connectivity is restored, plug one end of the green cable into any network port on any switch with internet access.



            Then connect the other end of the green cable into the green port on your appliance.



            From your router's management interface, create a DHCP Reservation. This allows you to assign a specific IP address to a device - based on its MAC address. Reserving an IP for the appliance will boost reliability and connectivity. The process of reserving an IP will vary based your environment, but the benefits include:

            • If the appliances reboots, it will quickly reestablish a connection with Field Effect.
            • You can leverage firewall rules to maintain a more reliable connection.
            • It helps ensure that syslogs are being sent correctly.


            To find the MAC address for the green connection (aka interface) on your appliance, navigate to your Appliance Status Page and reserve the MAC address for the green interface.


            Powering the Appliance

            Now that the appliance is properly connected, you can power on the appliance. Ensure the power cable is plugged in, and power it on.


            Once powered on, it will receive an IP address and connect to our data center. The IP address should be reserved on your DHCP server.



            Every physical appliance is shipped with a unique YubiKey that provides a physical form of multi-factor authentication (MFA). The appliance will not power on unless the YubiKey is plugged into a USB port. While they are inserted prior to shipping, ensure that the YubiKey is properly connected before powering on your appliance.


            To confirm connectivity, browse to the appliance status page or connect to the appliance console.



            Appendix: Static IP Addresses

            If you can’t provide a DHCP lease, plug one end of the green cable into any network port on the core switch.



            Then plug the other end of the green cable into the red port on your Enterprise 1 appliance.



            After making the connection above (green cable into red port), connect a monitor and keyboard to the appliance and contact support@fieldeffect.com for your login credentials. After logging in to the appliance, you’ll be presented with a console where you can configure a static IP.


            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select at least one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0