Account and Organization Management

This section discusses the following topics:

Configuring SAML, OAuth2, or OpenID Login in the ETM Dashboard

Single Sign-On (SSO) provided by an Identity Provider (IdP) is an increasingly common, security-focused practice.

Single Sign-On (SSO) is common in Zero-Trust Network Access security policies because It enables the admin to:
  • Centralize control of user login policies and credentials.
  • Consolidate user accounts that require access to multiple cloud-based services.
  • Enforce stringent password policies and multi-factor authentication
  • Simplify user login to reduce password fatigue.
  • Reduce the threat of data breaches by moving authentication off-site.

The ETM Dashboard supports login using SAML, OAuth2, or OpenID federated accounts. To select these options, you must have an existing account with an Identity Provider (or IdP) such as Okta, Duo, or OneLogin.

Single Sign-on is configured in My Organization > SSO .

Who is Affected?

  • The account owner.
  • Anyone who has been invited to manage the account as a user.

Before you Begin

The Organization Name attribute identifies and initiates this specific SAML or OAuth2 login process; you can think of it as a username. It can include letters, numbers, or punctuation. You can use capital letters when configuring the Organization Name, but it is not case-sensitive at the login point. For example, you could enter "Example Company" as your organization and still log in with "example company."

Your Organization Name must be unique. You will receive an error message if a given name is not available for use.

This Organization Name is specific to this SSO option and does not need to match the name associated with your ETM Dashboard organization.

Configuring SAML Login

Set the Organization Login Type to "SAML."

Provider attributes

The attributes under the Configuration heading inform the ETM Dashboard about connecting to and authenticating against your SAML provider.

The Login URL, Entity Id, and Encryption Certificate fields are required. The Signing Certificate field is only used when the provider gives you a different certificate.

Testing SAML login

The Test SAML button will appear after you have saved your settings. This will validate that the ETM Dashboard can connect to your provider.

Downloading SP Metadata

The Download SP Metadata button will appear after you have saved your settings. The resulting data is uploaded to your Identity Provider to authorize ETM Dashboard to use their SSO login.

Removing SAML

Click the Delete button to remove this configuration. This option can change the SAML connection or switch to a different provider.

To disable this authentication method, set the Organization Login Type to "Disabled" instead.


Configuring OAuth2 / OpenID Login

Set the Organization Login Type to "OAuth2 / OpenID".

Provider Attributes

The attributes under the Configuration heading inform the ETM Dashboard about connecting to and authenticating against your Oauth2 or OpenID provider.

All fields are required.

Sign-in Redirect URI's

If your OAuth2 provider requires sign-in redirects, they can be found followingthe configuration fields. Those URIs are also provided here for your convenience:
  1. https://launchpad.edge.arista.com/account/sso
  2. https://launchpad.edge.arista.com/oauth2/signon/fc05796533944dff9e19b3c76621cda1

Testing OAuth2 or Open ID

The Test OAuth2 button becomes available afteryou save your OAuth2 / OpenID settings. This will validate that the ETM Dashboard can connect to your provider.

Removing OAuth2 / OpenID

Click the Delete button to remove this configuration. You can use this option to change to the OAuth2 / OpenID connection or switch to a different provider.

To disable this authentication method, set the Organization Login Type to "Disabled" instead.


Logging into the ETM Dashboard using Identity Provider SSO

  1. Go to the ETM Dashboard login page at https://launchpad.edge.arista.com.
  2. Enter your Organization Name.
  3. Click Continue.
  4. You are redirected to your IdP's login page to authenticate.
  5. You are redirected to your ETM Dashboard account when your login is complete.

ETM Dashboard Organization

Your ETM Dashboard account may be invited to other ETM Dashboard accounts and permitted to manage Edge Threat Management appliances or subscriptions owned by the inviting account. This additional account access is called an Organization.

Enabling or Disabling Automatic Sign-on to Appliances

The ETM Dashboard enables you to remotely connect to the administration GUI of your NG Firewall and Micro Edge deployments. This remote connection uses a secure proxy that does not require exposing any ports on your firewall. By default, this proxy connection authenticates you automatically, so you do not need to provide credentials to access the web administration.

Disabling Automatic Sign-On for Remote Access

Sometimes, you may prefer to authenticate using local firewall user database credentials.

To enforce authentication using the local firewall administration account:
  1. Log in to ETM Dashboard.
  2. Go to My Organization.
  3. Click Settings.
  4. Uncheck Enable Automatic Login For Remote Access. Click Save to apply the change.

Enabling and Disabling Dashboard Widgets on the ETM Dashboard

The ETM Dashboard gives you a high-level overview of your managed networks and appliances. This information is presented through a variety of small windows called Widgets. Based on your preference, you can modify the default set of Widgets you see on the main Dashboard and Appliances dashboard.

Note:Your Dashboard Widget layout is unique to each organization you belong to. This means you see the complete set of default Widgets when switching to another organization. Repeat the steps below for each organization based on your preference.

Managing Dashboard Widgets

To turn Widgets on or off:
  1. Go to My Account.
  2. Click Preferences.
  3. In the Dashboard Widgets section, select the Widgets you want to see on the Dashboard.
  4. Click Save.

Switching Themes on the ETM Dashboard

The ETM Dashboard supports different themes you can select based on your preference. A theme defines the color scheme of the ETM Dashboard, including buttons, grids, headings, and so on.

Switching Themes

To set a different theme:
  1. Go to My Organization > Settings .
  2. In the Choose Theme settings, select a different theme.
  3. Click Save.

You can also select themes directly in the Account menu:


Two-Factor Authentication on the ETM Dashboard

You can enable two-factor authentication to secure your ETM Dashboard account. If enabled, the system requires the user to enter a one-time-use verification code before logging onto the ETM Dashboard. The code allows you to access your account after you authenticate with your regular username and password.

If enabled, two-factor authentication requires PIN confirmation upon each login. If you frequently connect using the same system and browser, you can opt to "remember me" during PIN verification. This option uses a secure cookie to authenticate your browser after login. The cookie is valid for 30 days.

Enabling Two-Factor Authentication

  1. On the ETM Dashboard, click My Account in the menu along the left-hand side of the page.
  2. Click Preferences.
  3. In the Two-Factor Authentication section, select Enable Two-Factor Authentication.
  4. Select your preferred delivery method under the Verification Method. See the following for more information on delivery methods.
  5. Click Save to apply the change.

Delivery Method Options

ETM Dashboard provides two options to receive your one-time code.

  • Email will send the code to the account's primary email address.
  • A time-based one-time password (or "TOTP") will send the code to a TOTP application of your choice, such as Google Authenticator.

Pairing a TOTP application with ETM Dashboard

Selecting the Time-based One-Time Password delivery option will reveal the show QR code button. Click that button to display the QR code. On your mobile device, open the TOTP authentication app you want to pair with the ETM Dashboard and select its pair or scan feature. Scan the code on your screen to complete pairing.



After you have paired an app with the ETM Dashboard, that app is a necessary part of the login procedure. If you uninstall the app or remove the paired account and fail to disable two-factor authentication in the ETM Dashboard, you will lose access to your account. In that instance, contact Support for assistance.

Logging onto the ETM Dashboard

During the login process, after entering your email address and password, you will be prompted to enter your verification code. Open the paired TOTP app to retrieve the code.



On the Verification Code pop-up, you will have the option to remember the device from which you are logging in. Enable this option to postpone further verification requests for 30 days.

General Data Protection Regulation (GDPR)

We have recently made changes to comply with the EU's General Data Protection Regulation (GDPR). As per the GDPR, the following articles will help guide you through deleting your account and all associated data or requesting a copy of all data.

You can view Arista Edge Threat Management's Privacy Policy here:

https://www.arista.com/en/privacy-policy.

Request a Copy of your Data

You can select this process to request a copy of all data stored by your ETM Dashboard account. This excludes data from any NG Firewall or Micro Edge appliances associated with the account, such as settings or Reports data.

Requesting your Data

  1. Login to the ETM Dashboard.
  2. Click My Organization in the menu along the left-hand side.
  3. Select Settings.
  4. Click the blue Request Copy button at the bottom of the Settings page.
  5. You should then receive a message acknowledging the request. A copy of the data will be sent to the account owner's email address.

Deleting an ETM Dashboard Account

Follow the process outlined in this article to remove your ETM Dashboard account and all associated data altogether.

Important: Account deletion is permanent and cannot be undone! Arista Edge Threat Management cannot restore accounts deleted by accident.
Note: Removing a user under your account is not the process. CLICK HERE for those steps.

Deleting your ETM Dashboard Account

  1. Login to ETM Dashboard.
  2. Click My Organization in the menu at the left-hand side of the page.
  3. Click Settings.
  4. At the bottom of the Settings page is an option labeled Delete Account.
  5. Click the red Delete Account button.
  6. A confirmation dialogue will appear asking that the word DELETE be entered before proceeding.
  7. Click the Delete Account button.
  8. You will then be logged out of the ETM Dashboard, and your account will no longer exist.

Licensing and Subscriptions

 

This section discusses the following topics:

How to Assign a Subscription to an Appliance

Edge Threat Management appliances require a license for full functionality.

Prerequisites

Assigning a Subscription

You can assign a subscription from the appliance dashboard or the subscriptions area.

To assign a subscription from the appliance dashboard:
  1. Login to ETM Dashboard.
  2. Click Appliances.
  3. Select the appliance you want to license from the list on the left.
  4. Locate the Appliance Licenses widget and click Add license.
  5. Select the subscription to assign to this appliance.
  6. Click Add.

     



     

To assign a subscription from the subscriptions area:
  1. Login to ETM Dashboard.
  2. Click My Organization in the menu on the left.
  3. Select Subscriptions.
  4. Select the subscription you want to assign.
  5. Select the manage button.
  6. Choose Assign subscription to an appliance.
  7. Select an appliance and click Save.

     



     

Upgrading an Appliance Subscription

You can upgrade your software subscriptions from the ETM Dashboard. For example, if you need to add users or convert to an NG Complete subscription. Before upgrading your subscription, make sure your billing information is accurate. See How to Update Billing / Shipping Address for details.

To upgrade your subscriptions

  1. Login to ETM Dashboard.
  2. Click My Organization in the menu on the left.
  3. Select the Subscriptions.
  4. Check the box for each subscription(s) to upgrade.

     

    Note: you’ll only be able to update one Complete package subscription at a time.

     

  5. Click the Upgrade button.
  6. Fill in the relevant information to upgrade your subscription and click Review.

     



     

  7. Review the upgrade charges and payment method and click Upgrade.

     



     

  8. You’ll receive a message that the subscription has been successfully upgraded.

How to Remove/Unassign a Subscription from an Appliance

This section walks you through removing a subscription from an Edge Threat Management appliance.

Removing a Subscription

  1. Login to ETM Dashboard.
  2. Click My Organization in the menu on the left.
  3. Click Subscriptions.
  4. Check the box for each subscription(s) to be removed/unassigned.
  5. Click the Manage button.

     



     

  6. A pop-up will appear giving you three options - select the option to "Unassign subscription from [UID#]" button and click OK.

     

Now that you have unassigned the subscription, if you would like to assign it to another UID, here is how:

How to assign/transfer a subscription

How to allow users to manage subscriptions

How to Share a Subscription to a Different Account

You can share a subscription to a different ETM Dashboard user account. For example, user Bob purchases a subscription and needs to assign it to an appliance that belongs to Sally's account. In this case, Bob owns the subscription, and he can share it with Sally so that she can assign it to an appliance that belongs to her account.

 

Note: When sharing a subscription, the delegated user does not see the subscription price and cannot upgrade or renew the subscription. The shared subscription remains in the owner's account, and all billing aspects of the subscription are managed exclusively by the owner.

 

To Share a Subscription

  1. Login to ETM Dashboard.
  2. Click My Organization in the menu on the left.
  3. Click Subscriptions.
  4. Select the subscription you want to share.
  5. Click the Manage button.

     



     

  6. Choose Allow another user to view and assign/unassign this subscription and enter the email address of another account.

     



     

  7. Click Save.
  8. The other user receives an email confirming access to the subscription. The other user can assign the subscription to one of their appliances at that point.

     

How to Transfer a Subscription to Another Appliance

If you need to move a subscription to another appliance, you can do so at any time in the Subscriptions area of your account.

Reassigning a Subscription

First, you must unassign a license from the current appliance to reassign a license to a different one. To unassign a subscription:
  1. Login to the ETM Dashboard.
  2. Click My Organization in the menu on the left.
  3. Click Subscriptions.
  4. Select the subscription you want to unassign.
  5. Click the Manage button.

     



     

  6. Choose the option "Unassign subscription from ...".
  7. Click Save.

     


 

After unassigning the subscription, you can assign it to an appliance in your account or an appliance managed in a different ETM Dashboard account.

To assign a subscription to another account, see How to share a subscription to another account.

How to Renew a Subscription

You can renew a subscription using your ETM Dashboard account without making a new purchase or contacting the Sales team.

Renewing a Subscription

  1. Login to the ETM Dashboard.
  2. Click My Organization in the menu on the left.
  3. Click Subscriptions.
  4. Select the checkboxes for the subscriptions that are to be renewed.
  5. Click Renew Now.

     



     

  6. A dialog box will appear showing your current balance, if any.
  7. Upon clicking the "Renew" button, the subscription will renewed for an additional period (depending on the subscription, this could be monthly, yearly, or multi-year).

     

Notes regarding subscription renewal:
  • Only subscriptions within 30 days of expiration are eligible for renewal. If the subscription renewal is further away and you want to renew it, we recommend enabling auto-renewal on the subscription.CLICK HERE to learn how to toggle Auto Renewal.
  • After a subscription reaches the expired state, it is automatically unassigned from the appliance.
  • An expired subscription can be renewed for up to 14 days. After 14 days, a new subscription must be purchased.
  • The anniversary date of a subscription remains the same whether it is renewed before or after the expiration date.

     

Related topics:

How to assign a subscription to a server.

Redeeming a Voucher

A voucher is a transferable license that becomes an active subscription after you redeem the code and assign it to an instance of NG Firewall. A voucher is a "gift certificate" for a specific NG Firewall software package. The voucher key is a unique alphanumeric code that you redeem in the ETM Dashboard to create the subscription.

A voucher provides you a way to delay the activation of your subscription. If you are a Partner, purchasing a set of vouchers using one transaction and redeeming them as you deploy NG Firewalls is efficient. If you do not intend to install the NG Firewall yourself, you can simplify the installation process by sending the voucher to your customer.

 

Important: If you do not redeem the voucher for a subscription within 30 days, it will convert automatically to a subscription.

 

Redeeming a Voucher

To redeem a voucher:
  1. Log in to the Edge Threat Management Dashboard at https://launchpad.edge.arista.com/
  2. If you do not have an account, click Create an account on the login page.
  3. After logging in, click My Organization from the menu on the left-hand side of the page.
  4. Click Subscriptions.
  5. Click Redeem Voucher.

     



     

  6. Enter your voucher code and click Redeem.
  7. Review your list of subscriptions and confirm that a new subscription appears.

     

After you redeem your voucher,you can assign your new subscription to an appliance.

How to Create a Subscription Renewal Quote

You can use the ETM Dashboard to generate a renewal quote for a subscription without contacting the Edge Threat Management Sales team directly.

Generating your Quote

  1. Login to ETM Dashboard.
  2. Click My Organization.
  3. Select Subscriptions.
  4. Select the checkbox on the subscription where a renewal quote is needed.

     



     

  5. Click the Renewal Quote button. You’ll receive a message that the quote is ready. Click the View Quote button.

     



     

  6. The quote will open in a new tab. Select that tab to view the quote.
  7. You can save or print the quote using the browser’s print or save feature. To print using the Chrome browser, Select File > Print .

     

How to assign a subscription to a server.

Enabling or Disabling Auto-Renewal

 

This process lets you turn on or off the auto-renew feature on an appliance subscription.

Toggling Auto-Renew State

  1. Login to ETM Dashboard.
  2. Click My Organization from the menu on the left-hand side of the screen.
  3. Select Subscriptions.
  4. To change the auto-renew setting for a subscription, select the checkbox for the subscription and click the Toggle Auto Renewal button. Depending on the current state of that subscription, auto-renewal will be enabled or disabled.

     



     

Other Resources Relating to Subscription Management

Reports

This section discusses the following topic:
  • The ETM Dashboard Reports

    The ETM Dashboard lets you view consolidated reports from all networks managed through your account. The reporting data includes bandwidth usage and web activities.

The ETM Dashboard Reports

The ETM Dashboard lets you view consolidated reports from all networks managed through your account. The reporting data includes bandwidth usage and web activities.

Viewing Reports

To view reports:
  1. Log in to ETM Dashboard.
  2. Navigate to the Reports tab.
  3. Select the report you want to view.

Filtering and sorting data

You can refine the data in the grids below the charts. For example, if you want to view reporting data only from a specific appliance. To sort columns or filter the data, click the three horizontal lines at the right-hand side of the header to expose the menu.


Report Types

Bandwidth Control - Top Application (by bandwidth) provides you with the applications that are using the most bandwidth.



Hosts - Top Hostnames (by bandwidth) This report displays information about hosts that use the most bandwidth.



Network - Total Bandwidth - Last 30 Days provides a glance at the total bandwidth passing through this appliance over the last 30 days.



Web Filter - Top Domains (by request) provides the top requested domains, blocked categories, sites, and hostnames.


Policies

This section discusses the following topics:

Assigning or Synchronizing a Common Configuration to the NG Firewall Appliances

The ETM Dashboard Configuration Templates enable you to replicate a configuration across multiple NG Firewall appliances. This is useful, for example, if you want to have a standby failover system or manage multiple deployments that use an identical configuration. Configuration replication works in combination with Configuration Backup


NG Firewall configuration replication can include a complete configuration or specific sections. You can manage both options in the Appliances > NGFW > Policies area of the ETM Dashboard.

  • To push the complete configuration, select Templates. Note that the network configuration is excluded from the template.
  • To push specific types of configuration, such as Firewall rules or Captive Portal settings, use the application grouping options at the top of the Policies menu.

Prerequisites

Note: If you select Policy Manager to create custom policies, you must create the same policy names on each appliance. Otherwise, only the default policy synchronizes to each appliance.

Creating Templates

To create a template:
  1. Navigate to the Appliances > NGFW > > Policies tab in the ETM Dashboard.
  2. In the menu bar at the top of the table, click Template Configuration.
  3. Click Add Template to open the template configuration wizard.
  4. Choose an appliance you want to use as the configuration master and click Next.
  5. Choose a recent backup and click Next.
  6. Choose appliances to sync from the master.
  7. If you want the appliances to synchronize when you change to the master, enable Keep in Sync and set a schedule.

  8. Click Next.
  9. In the final step, click Create Template to apply the configuration template.

Managing Templates

Sorting and Filters

The Template Configuration grid displays your templates and relevant details in sortable and filterable columns. You can manage these options and show or hide columns by clicking the three horizontal lines to the right of any column header to access the menu.

Sync options

Sync Now - You can manually initiate a configuration sync by selecting one or more templates and clicking Sync Now. You can also configure appliances to synchronize automatically.

Keep in Sync-You can set a sync schedule as Immediate, Daily, or Weekly. You can configure the Keep in Sync option when creating a new configuration template or by selecting the template and clicking Manage Template afterward.

Notes regarding synchronization:
  • If a template is configured for immediate synchronization and the target appliance is offline, the target appliance retries every 12 hours for up to 7 days.
  • You can check the status of the synchronized appliances in the Event Log. Audit History.

Target Appliances

Target Appliances inherit the configuration of the Master Appliance based on the sync options. You configure target appliances when creating a new configuration template or afterward by selecting the template and clicking Manage Template.

Note: Each NG Firewall appliance must be on the same version. The configuration does not sync unless the version of the appliance matches the version of the master appliance.

Deleting Templates

To delete one or more templates, select the template and click Delete Templates.

Events and Alerts

This section discusses the following topics:

Managing Tasks in the ETM Dashboard

Centralized management through the ETM Dashboard allows the admin to push various configuration items to their appliances directly from the ETM Dashboard: backup configs, software-defined networks and VPN connections, application policies, and more. The Tasks feature enables the admin to view those pushes in one listing.



Viewing Tasks

This view displays information about pushes initiated from the ETM Dashboard.

Column Description
Date Updated The date and time the task was initiated.
Task A description of the task.
Status The current state of the task: queued, error, or completed.
Error Message If an error is encountered, the message will be displayed here.
Retry Count The number of times the task has automatically retried to complete.
Expiration Date The time at which ETM Dashboard will stop automatically retrying in the event of failures.
User Email Address The email address of the ETM Dashboard login that initiated the task.

Removing Tasks

To remove a task from the list, select it and click the Remove Task button.

Any task in "queued" or "error" status will be canceled, preventing attempts to complete the push. Completed tasks are only removed from the listing.

Viewing Events in the ETM Dashboard

You can view event logs in the Alerts section of the ETM Dashboard. The logs include:

  • Audits
  • Alerts
  • Notifications

Audit History

The Audit History reports ETM Dashboard activities such as logins or appliance configuration changes. This is useful, for example, if you allow other users to manage appliances in your account and you need to audit their activities.

Alerts Received

The Alerts Received log reports activities from Edge Threat Management appliances connected to your account. For example, when an appliance disconnected or upgraded automatically.

Alerts provide important information that may require immediate attention. Therefore, you can create rules to receive alerts to your email, Slack, or Arista Go app. More details are available in Managing Alert Rules.


Notification Log

The Notification Log reports when each alert message and via which notification profile. This is useful to confirm whether your account is sending alerts and if they are delivered successfully.

Managing Alert Rules

Your ETM Dashboard account includes several default alert rules to notify you about important events related to your appliances, subscriptions, and account. For example, an Alert Rule can trigger a notification when an appliance in your account goes offline or when an infected computer is discovered on the network.

Managing Alerts

  1. Log in to the ETM Dashboard.
  2. Click the Alerts tab at the top of the screen.
  3. Click Alert Rules from the menu on the left pane.

Enabling Default Rules

All default rules are disabled to prevent excessive email notifications from the ETM Dashboard. To enable a rule:
  1. Select a rule and click the Edit Alert Rule button.
  2. Set the rule status to Active.
  3. Confirm that your preferred notification profile is set and click Update.

Adding an Alert Rule

You can add alert rules by creating an alert rule from an event, or you can add an alert rule manually.

To manually add an alert rule:
  1. Click Add Alert Rule.
  2. Enter a Name for the rule.
  3. Specify the Rule. This is the text string the Alert Rule will look for to trigger the Alert. You can view some example text strings under the Events report in the Command Center. Alternatively, entering "*" (without quotes) will trigger all events.
  4. Set the Status as Disabled or Active.
  5. Select your preferred notification profile and click Create.

Creating an Alert Rule from an Event

Alert rules are conditions based on events that trigger a notification. You can manually configure alert rules or create a rule from an event in the Audit History or Alerts Received.

Creating a Rule from an Event or Alert

  1. Log in to ETM Dashboard.
  2. Click the Alerts tab at the top of the screen.
  3. Click the Audit History or Alerts Received.
  4. Select an event from which you want to make a rule.
  5. Click Add Alert Rule.
  6. The view switches to the Create Alert Rule screen with the Rule populated by the event.
  7. Enter a Name for the rule.
  8. Confirm the Notification profile and click Create.

Managing Notification Profiles

The ETM Dashboard alert rules require a notification profile to send you alerts. The notification profile specifies how you want to receive alerts and how to present the information. You can manage notification profiles in Alerts > Notification Profiles .

Default Notification Profile

Your account in ETM Dashboard has a default notification profile that delivers alerts via email to the email address associated with your account. The default set of alert rules uses this profile to send you alerts.



If you want to change how you receive alerts, you can edit this profile by selecting the profile and clicking Edit Notification Profile.


Notification Types

ETM Dashboard supports the following delivery services:

Email Standard email delivery to the email address you specify.
Slack Delivery via a Slack webhook.
Pagerduty Delivery via a Pagerduty webhook.
VictorOps Delivery via a VictorOps webhook.
Webhook Delivery via a custom webhook.
Arista Go (Mobile) Delivery via Untangle Go mobile app.

Adding a Notification Profile

Depending on the alert, you can add notification profiles to receive alerts to other addresses or types of delivery services. After you add a notification profile, you can configure alert rules to select the new profile.

To add a notification profile:
  1. Click Add Notification Profile.
  2. Specify a name and description.
  3. Select an action to define how you want to receive the alert.
    • For an Email action:
      1. Specify a From address and the To, CC, and BCC addresses separated by commas. Note that only the From and To addresses are required.
      2. Enter a Subject and Body. The table above these values provides variables you can use in the message. Refer to the default notification profile as a formatting guide.
    • For a Slack action:
      1. Enter the endpoint URL of your app.
    • For a Pagerduty action:
      1. Enter the routing key you designed for ETM Dashboard notifications.
      2. Select a severity level.
    • For a VictorOps action:
      1. Enter the Endpoint URL you designate for ETM Dashboard notifications.
      2. Select a message type.
    • For a Webhook action:
      1. Enter the Endpoint URL you designate for ETM Dashboard notifications.
      2. Click Add Header and enter a name and value if your custom integration requires custom headers.
      3. Select an HTTP Method.
    • For a Mobile action:
      1. From the list under Mobile Configuration, select the Arista Go app in which you would like to receive notifications. You will see a list of all available devices if you have connected Arista Go from multiple mobile devices.
  4. Click Create.

Hosts

This section discusses the following topics:

Managing Hosts in the ETM Dashboard

The Hosts view in the ETM Dashboard lets you view the Internet activity of host devices on your networks. You can view additional details of hosts that Webroot Endpoint Protection or Malwarebytes protect.

To view additional host details, you must configure a connection with the Webroot or Malwarebytes Cloud Management system. See Managing Endpoints Via Malwarebytes Integration and Managing Endpoints via Webroot Integration for more details.

This information is queried and updated daily.

Viewing Hosts

To view activities and other details of host devices, click Hosts. The Hosts table in the left pane provides details about each host.



You can hide columns, sort, or filter any details by clicking the three stacked horizontal lines at the right-hand side of each column header and choosing an action.



The available columns for each host include:
  • Endpoint Security Association icon
  • Hostname
  • IP address
  • Mac Address
  • Mac Address vendor
  • Appliance
  • UID
  • Operating System
  • Quota and Quota usage
  • License entitlement
  • Date creation
  • Date updated

Click a specific host to view additional details.

Summary

By selecting a host, you can view a summary of the host in the Host Details panel at the bottom. The summary includes the same information as the details in the host's table.


Endpoint Security Details

The Endpoint Security tab shows details related to the endpoint security software, including the engine version and when it was last seen on the network.

You can click the link at the top of the screen to launch the web console for the corresponding endpoint management system for more details and actions.


Installed Software

You can see software installed on the endpoint using the Installed Software tab.


Sessions

You can click Sessions at the bottom of the Host Details panel to view all active sessions from that host.



The available details for each session include the following:
  • Timestamp
  • Protocol
  • Hostname
  • Client Port
  • Server
  • Server Port
  • Server Country
  • End Time
  • License entitlement
  • Bypass status
  • Tags

You can hide columns and sort any details by clicking the three stacked horizontal lines at the right-hand side of each column header and choosing an action.

Web Events

By clicking Web Events, you can view all URLs currently visited by the selected host.



The available details for each web event include:
  • Timestamp
  • Hostname
  • Client Port
  • Server
  • Server Port
  • Domain
  • Host
  • URI
  • Method
  • Category
  • Blocked
  • Flagged
  • Reason

You can hide columns and sort any details by clicking the three stacked horizontal lines at the right-hand side of each column header and choosing an action.



The available details for each application connection include:
  • Application - The detected application is based on the connection characteristics.
  • Server - The IP address of the remote server.
  • Server Country - The inferred location of the remote server is based on the IP address.
  • Category - The application category.
  • Confidence - A confidence level related to the accuracy of the detection.
  • Details - Identifiable metadata associated with the network traffic.
  • Sent - The amount of transferred data during the connection.
  • Received - The amount of received data during the connection.
  • Total - The total volume of transferred data during the connection.
  • Is Bypassed - Was the connection excluded from app management?
  • Is Blocked - Whether the connection was blocked.
  • Is Flagged - Was the connection flagged?
  • Tags - Any tags that may be associated with the connection.

Managing Endpoints via Bitdefender GravityZone Integration

The ETM Dashboard integrates with Bitdefender GravityZone to extend the host management capabilities in the ETM Dashboard. In the Hosts screen in the ETM Dashboard, you can see additional information about each host and perform specific actions.

Connecting your GravityZone Account

To connect your GravityZone account, you need the following details:
  • Access URL - The Access URL defines the region of your account.
  • API Key - An API Key allows the ETM Dashboard to authenticate to your account to retrieve information about the endpoints you manage.
To obtain an API key and the Access URL from your GravityZone account:
  1. Log in to GravityZone Control Center.
  2. Go to My Account.
  3. Under Control Center API, locate your Access URL.
  4. Under the API keys section, click Add.
  5. Choose Licensing API and Network API permissions.
  6. Click Save.
For easy reference, the Access URLs for US and EU regions are provided below:

Configuring your API Key in the ETM Dashboard

To select Bitdefender integration, connect your ETM Dashboard account to your GravityZone account.
  1. Log in to ETM Dashboard.
  2. Go to My Organization.
  3. Click Integrations > Bitdefender Endpoint Security .
  4. Enter your GravityZone Access URL.
  5. Enter your GravityZone API Key.
  6. Click Save.

After you connect your GravityZone account, you can manage endpoints from the Hosts screen. Hosts which have Bitdefender endpoint security software installed display the Bitdefender logo.


Managing Endpoints via Webroot Integration

The ETM Dashboard integrates with Webroot Endpoint Protection to extend the host management capabilities in the ETM Dashboard. In the Hosts screen in the ETM Dashboard, you can see additional information about each host and perform specific actions.

Connecting your Webroot Account

Connect your ETM Dashboard account to your Webroot account to select Webroot integration. This requires a Parent keycode that you can locate in your Webroot account.

To obtain your Parent keycode:
  1. Log in to your Webroot account and select your site.
  2. Navigate to Settings > Account Information .
  3. Copy the Parent Keycode.

After you obtain the keycode, you can set up your Webroot account connection in the ETM Dashboard.

To configure your Webroot account connection:
  1. Log in to ETM Dashboard.
  2. Go to My Organization > Integrations .
  3. Enter your Webroot account credentials and the Parent keycode.
  4. Click Save.

After connecting your account, you can manage your Webroot endpoints in the Hosts screen.

Managing Endpoints via Malwarebytes Integration

The ETM Dashboard integrates with Malwarebytes to extend the host management capabilities in the ETM Dashboard. In the Hosts screen in ETM Dashboard, you can see additional information about each host and perform specific actions.

Connecting your Malwarebytes Account

To select Malwarebytes integration, you must connect your ETM Dashboard account to your Malwarebytes account.
  1. Log in to ETM Dashboard.
  2. Go to My Organization.
  3. Click Integrations.
  4. Enter your Malwarebytes account information.
  5. Click Save.

Managing Endpoints

After you connect your Malwarebytes account, you can manage endpoints from the Hosts screen. Hosts which have Malwarebytes endpoint security software installed display the Malwarebytes logo.


Appliances

This section discusses the following topics:

Managing Appliances in the ETM Dashboard

The ETM Dashboard is a cloud-based service for managing Edge Threat Management appliances. For example, you can perform the following appliance management tasks using the ETM Dashboard:

  • See the status of all your deployments in a single dashboard view.
  • Remotely connect to your appliances without logging in.
  • Push shared configuration profiles to multiple appliances.
  • Backup and restore configuration.
  • Apply or transfer a license subscription.
  • Set up notifications to your email, Arista Go mobile app, Slack, PagerDuty, or VictorOps accounts
  • Review consolidated alerts and reports.

Requirements:

To use ETM Dashboard with your Edge Threat Management deployments, you must meet the following requirements:
  • NG Firewall version 12.2 or higher. No minimum version of Micro Edge is required to connect to the ETM Dashboard.
  • Registered account in ETM Dashboard. You can create an account here.
  • Connect to ETM Dashboard option in NG Firewall must be enabled. You can find this option in Config > System > Support .

The ETM Dashboard is a free service. However, for full functionality, you must assign your appliance a subscription. Features that require an appliance subscription include Policies, Alerts, Reports, and Networks.

Adding an Appliance to your ETM Dashboard Account

You can add NG Firewall and Micro Edge appliances to ETM Dashboard: Adding Edge Threat Management appliances to ETM Dashboard.

Adding Edge Threat Management Appliances to the ETM Dashboard

You can remotely manage and access your NG Firewall and Micro Edge appliances by adding them to your ETM Dashboard account. If the appliance is online but not configured, you can add it based on its serial number by a process referred to as Zero Touch Provisioning. Alternatively, you can add the appliance using its UID if you do not know the serial number.

Upgrading Appliances via the ETM Dashboard

The ETM Dashboard enables the admin to upgrade multiple appliances simultaneously without connecting to each one. You can also configure schedules for automatic upgrades in the ETM Dashboard.

Upgrading Multiple Appliances

  1. Go to the Appliances page. The Appliances grid displays the software version of each device.
  2. Click the blue Update Software button at the top of the list.
  3. The list of appliances is filtered only to include those that can be upgraded.
  4. Select the appliances you want to upgrade and click the Update button.

The update process is initiated for all selected appliances.

Configuring Scheduled Automatic Upgrades

  1. Go to Appliances and select the appliance to set the scheduling policy.
  2. Click the Update Software button.

    Select the day and time you want the appliance updated in the menu that pops up.

  3. Click Set Schedule to apply the schedule.

Assigning a Location to Appliances in the ETM Dashboard

The ETM Dashboard and Appliance detail screens display a map showing the geographic location of your appliances. These detail screens help you identify which appliance you want to manage or see from a single view where all your appliances are geographically located. The ETM Dashboard uses IP-based geo-location technology to estimate the location of your appliances. You can assign a precise address in the appliance details if you prefer to define a precise address.

Updating an Appliance Location

Select an appliance to view the current assigned location data in the Appliances view. The appliance location appears in the Appliance Map widget.


To update the location of your appliance or network:
  1. Click Edit.
  2. Enter the new address.
  3. Click Save.

Managing Backup Configurations in ETM Dashboard

The ETM Dashboard enables you to automatically backup configuration data from appliances connected to your account. After an appliance performs at least one backup to the ETM Dashboard, you can select the backup file as a Configuration Template or restore it to the source appliance or any other appliance connected to this account.



Requirements

This functionality requires the Configuration Backup for the NG Firewall.

This feature operates automatically in Micro Edge: no special settings or configurations are required.

Notes Regarding Restoring Backups

A backup file can only be restored to the same version it was drawn from or one newer version. For example, an NG Firewall backup taken on 16.5 can be restored to 16.5 or 16.6. A backup taken on Micro Edge 4.2 can be restored to 4.2 or 4.3.

Backup files are not "backwards compatible," meaning that a backup file cannot be used on an older version of the software than the one it was taken on. For example, NG Firewall 16.5 cannot be restored to an NG Firewall running version 16.4 or older.

NG Firewall backups can only be restored to the NG Firewall. Micro Edge backups can only be restored to Micro Edge.

Restoring a Configuration Backup to the Source Appliance

Select this option to restore an appliance using its backup config settings.
  1. Go to the Appliances heading along the left-hand side of the page and select the Appliances tab.
  2. Select the appliance from the appliances list.
  3. Find the Cloud Backups Widget.
  4. Select a backup file by date and click Restore Backup.
  5. Click Yes to confirm.

Restoring a Backup to a Different Appliance

This option is useful when upgrading or replacing hardware or after a reinstall of the appliance.

Select to push common configurations that you would like shared amongst multiple appliances.
  1. Go to the Appliances heading along the left-hand side of the page and select the Backups tab.
  2. Select the backup configuration you would like to restore. The UID and Label columns identify the NG Firewall from which these settings were taken.
  3. Click the Restore Backup button.
  4. The Restore Backup menu opens, displaying all eligible NG Firewall appliances in your account. Select one or more appliances to push the config and click Restore Backup.
  5. A confirmation menu displays your chosen backup file and the appliances you will restore to. Verify your selections and click Confirm Restore to initiate the backup.

Creating a Backup File Manually

Click the Create Backup button in the Cloud Backups widget on the Appliances page to force an immediate backup of the selected appliance.

Downloading a Backup File

You can download a copy of the backup settings file to your local computer in two ways:
  • From the Cloud Backups widget on the Appliances page, click the link in the Name column.
  • From the Backups page, click the Download button on the right-hand side.

Configuration Backup

NG Firewall's Configuration Backup enables you to recover from hardware failures and disasters. Configuration backup is also used to replicate configuration across multiple deployments of NG Firewall. If installed and enabled, Configuration Backup automatically backs up your configuration on a daily basis to Dashboard and as a secondary option to Google Drive.

Prerequisites

Installing the Configuration Backup App

To enable automatic backup, you must first install the Configuration Backup app.
  1. In the NG Firewall administration, click Apps in the menu at the top of the screen.
  2. Verify if the Configuration Backup app is installed. If not, follow the steps below to install the app.
  3. Click Install Apps.
  4. Click the Configuration Backup app.
  5. Click Back to Apps and wait for the app to finish the installation.
Configuring automatic backup
  1. In the Apps screen, click the Configuration Backup app to configure backups.
  2. Toggle the Power switch to enable or disable automatic backups.

  3. Click the Cloud tab.
  4. Review the Daily Backup setting and modify the Hour and Minute if necessary based on when you want the daily backup to occur.
  5. Click Backup now if you want to initiate an immediate backup.

Configuring a Secondary Backup using Google Drive

You can use Google Drive as a secondary backup option. Before configuring backups to Google drive, you must connect Google your account to the NG Firewall. To configure backup to Google Drive:
  1. Go to the Google Connector tab.
  2. Check Enable upload to Google Drive:
  3. Confirm the name of your Google Drive Directory.
  4. Click Save.

Viewing Backup Activity

To view backup activities such as the most recent backup or potential failures, click Reports in the top menu or click one of the predefined reports in the Status screen.

Reports

The Configuration Backup reports summarize the backup activities, including successful or failed backups.


Table 1. Pre-Defined Report Queries
Report Entry Description
Configuration Backup Summary A summary of configuration backup actions.
Backup Usage (all) The amount of successes and failures of configuration backup over time.
Backup Usage (success) The amount of successful configuration backups over time.
Backup Usage (failed) The amount of failed configuration backups over time.
Backup Events All Configuration Backup events.

Restoring a backup using ETM Dashboard

To restore a backup from ETM Dashboard:
  1. Log in to Dashboard with your account.
  2. Click Appliances in the top menu.
  3. Select an appliance from the Appliances list.
  4. Locate the Cloud Backups panel and select a backup based on the timestamp.
  5. Click Download.
  6. Click Yes to confirm.

Restoring a Backup in Google Drive


To restore a backup from Google Drive:
  1. Log in to your Google account.
  2. Go to your Google Drive and locate the directory used by NG Firewall (e.g. Configuration Backups).
  3. Select the backup file and click Download from the menu.
  4. Log in to your NG Firewall.
  5. Go to config > System > Restore .
  6. Choose a Restore Option.
  7. Click Restore from File and select your backup file.

Related Topics

Restore

Dashboard

The Dashboard provides an overview of the state of your NG Firewall. It is useful for quickly viewing or monitoring what is happening on the network and the current status of the NG Firewall server.


By default, the Dashboard will show several widgets with varying information. However, the Dashboard is completely customizable. Widgets can be removed and added so the administrator sees exactly the information that is important to them on the Dashboard.

There are many different types of widgets available:

Information Shows some information about the NG Firewall, like name, model, version, etc.
Resources Shows an overview of current memory swap and disk usage.
CPU Load Shows a graph of recent CPU load.
Network Information Shows an overview of the network information, such as session count and device/host count.
Network Layout Shows an overview of the network layout based on the interface configuration.
Map Distribution Shows the current sessions' mapped geolocation on a world map, sized by throughput.
Report Shows any Report Entry.

To change what is displayed on the dashboard, click Manage Widgets at the top. From here, you can show or hide the built-in widgets or add new widgets from Reports by clicking on the Add button.

When adding a Report widget, specify a time frame (the number of hours worth of data to display) and a refresh interval (how often the widget refreshes on the dashboard).

When viewing a Report Entry in Reports, you can easily add it to your Dashboard by clicking the Add to Dashboard button.

If you see an alert icon near the top of the dashboard, hover over it for more information. These are Administrative Alerts designed to help you keep your NG Firewall healthy.

Configuration Backup Reports

The Reports tab provides a view of all reports and events for Configuration Backup.

Reports

This applications reports can be accessed via the Reports tab at the top or the Reports tab within the settings. All pre-defined reports will be listed along with any custom reports that have been created.

Reports can be searched and further defined using the time selectors and the Conditions window at the bottom of the page. The data used in the report can be obtained on the Current Data window on the right.
Table 2. Pre-Defined Report Queries
Report Entry Description
Configuration Backup Summary A summary of configuration backup actions.
Backup Usage (all) The amount of successes and failures of configuration backup over time.
Backup Usage (success) The amount of successful configuration backups over time.
Backup Usage (failed) The amount of failed configuration backups over time.
Backup Events All Configuration Backup events.

Restore

Restore allows restoring settings from backups created in Config > System > Backup or the Configuration Backup application.


Restore from File

This allows you to upload the restored file.

First, select the Restore Options appropriate for your case.
  • Restore all Settings will restore all the settings in the backup file.
  • Restore all except keeping current network settings will restore all the settings in the backup file except the network settings. The current network settings will be maintained.

The first option is typically used to restore to a previous backup or recover from a failure.

The second option is useful if you maintain a 'standard configuration' and you want to maintain this standard configuration across multiple servers. In this case, all the servers maintain the same settings, but each has unique network settings.

After selecting the Restore Options, click Browse and select the backup file you want to restore. After selecting the backup file, click Restore from File to begin the restore process.

Restore Process

After starting the restore process, the backup file is unpacked and checked.

If the backup file requires certain applications that are not currently on the NG Firewall server, it will ask to download these applications first. After downloading those applications, the restore process is run again.

If the backup file is from an unsupported version, it will show an error. It is also suggested that a backup file from the same version that the file was created with be restored. For example, if the backup file was created with NG Firewall 16.2, restoring it on an NG Firewall running 16.2 is suggested.

Typically, the restored process's only supported versions will be the current version of NG Firewall and the immediately prior major version. For example, 16.2 will restore 16.2 and 16.1 backups, not 16.0. (Trivial versions are considered identical to the minor version for restore purposes. For example, 15.1.0, 15.1.1, and 15.1.2 are all considered 15.1 when restoring backups.)

After the restore process begins, the NG Firewall processes will reboot, and you will lose connection to the server. After reconnecting to the server, the settings and configuration are restored from the backup file.

Labeling Appliances in the ETM Dashboard

You can assign a label to appliances in the ETM Dashboard to help you identify them in a list. By default, the appliance displays its hostname first, then its label. In the following screenshot, the label is Demo: z4, in grey.


To Assign a Label:

  1. Click the Appliances option in the top bar.
  2. Select the appliance from the list.
  3. Click the Set Label button.

  4. Enter your label and click Save.
Note: A label is required when adding new appliances to the ETM Dashboard.

How to Remove an Appliance from the ETM Dashboard

In some situations, you may need to remove an appliance from your ETM Dashboard account. For example, you want to move your appliance to another account, or you reinstalled the NG Firewall, and the appliance has a new UID.

Important: removing an appliance from the ETM Dashboard will permanently delete any cloud backups for that appliance.

It is also removed if the appliance is part of an SD Network. However, tunnel configurations created on the appliance will remain and should be removed manually.

Removing an Appliance

To remove an appliance from your account:

  1. Navigate to Appliances.
  2. Select the appliance to be removed.
  3. Click the Remove Appliance button.
  4. Confirm that you want to remove the appliance from your account.

Networks

This section discusses the following topics:

Managing Networks in ETM Dashboard

ETM Dashboard enables you to group Edge Threat Management NG Firewall and Micro Edge appliances into a network. By grouping appliances, you can obtain information specific to the collection of appliances in the Network. You can also apply a standard set of WAN Routing Rules to all Micro Edge appliances that belong to the same Network.

Note: NG Firewall appliances require a complete subscription to add to a network.

Creating a Network

To create a Network:
  1. Click the Networks tab. The Networks screen shows a list of your Networks.
  2. Click Create Network.
  3. Select the NG Firewall and Micro Edge appliances to add to your Network.
  4. Click Next to review the summary of your Network.
  5. Click Create.

Managing Appliances in your Network

Your Networks appear in the Networks panel of the Networks screen. Select a Network to manage its associated appliances.

Appliances Widget

The Appliances widget shows the status, software version, location, IP address, and other relevant details of each appliance in your Network. You can add or remove appliances from your Network using the Add Appliance and Remove Appliance buttons at the bottom of the widget.


Select the filter options to locate an appliance in the list by clicking the three horizontal lines in any column header.


The grid menu provides additional options, including sorting and choosing columns to show or hide appliance properties.

Map Widget

The Network Map widget displays the physical location of each appliance in your network. Hover over a marker to view additional details about the appliance, or click the marker to open the dashboard. If you enable appliances in Software-defined Networks, the map draws green or red lines between the markers to indicate the link status between each location.

Software-defined Networks Widget

The Software-defined Networks widget enables you to configure a Virtual Private Network for appliances in the network. For more information on this widget, see Setting up Software-defined Networks in ETM Dashboard.

Network Performance Widget

The Network Performance widget displays the average jitter, latency, and packet loss across all Micro Edge appliances in your Network. Click any of the performance metrics in the legend to show or hide its view in the line chart.

WAN Rules Widget

The WAN Rules widget establishes a common WAN Routing strategy for all Micro Edge appliances in your Network; for more information, see Configuring WAN Rules for Micro Edge in the ETM Dashboard.

Setting up Software-defined Networks in the ETM Dashboard

You can automatically set up one or more software-defined networks to connect remote office networks managed by Micro Edge and NG Firewall. The ETM dashboard controls each software-defined network and uses WireGuard VPN tunnels to route traffic between each network in a site-to-site mesh topology. Managing your software-defined networks via ETM Dashboard reduces the complexity of manually configuring VPN tunnels.


Prerequisites

Before configuring your Software-defined network, confirm that your appliances meet the following requirements:

Micro Edge
  • Version 3.1 or newer
NG Firewall
  • Version 16.1 or newer.
  • IPsec and OpenVPN must be disabled or uninstalled.
  • NG Firewall Complete or Trial License.
  • You must install the WireGuard app.

Setting up the Software-defined Network

To set up your software-defined network, you must first create one. See Managing Software-defined Networks in ETM Dashboard for steps to create your Software-defined Network.

After your Software-defined Network is set up with at least two appliances, you can configure the Software-defined Network.
  1. From the Networks list, select your network.
  2. Locate the Software Defined Network widget containing the appliances in your network.
  3. Select each appliance and click Configuration.
  4. Turn on the Enable option to activate VPN access for this appliance and the networks behind it.
  5. After enabling access, choose the local subnets you want to make accessible to other appliances in this network.
  6. You can also specify a new Endpoint Address if you would like to choose the WAN IP address used when other appliances connect to this appliance. You can enable the 'Automatic' option to allow the ETM Dashboard to determine the appropriate endpoint address.
Notes regarding shared subnets:
  • Selecting shared subnets is optional. If no local subnets are enabled, this appliance network acts in client mode and can access resources of remote networks but not vice versa.
  • If a local subnet conflicts with a shared subnet from a different appliance, you cannot enable VPN access, which may result in routing issues.

Synchronizing the Software-defined Network

After you enable access to your appliances and specify shared subnets, you must synchronize your changes. This action adds, removes, or updates VPN tunnels for each appliance in the network.

By clicking Sync VPN Settings, the ETM Dashboard queues the request for processing, which may take several minutes. You can review the Audit History to check the status of your sync request.



After synchronization, you can review the tunnels and their status by logging into each appliance.

Note: For NG Firewall appliances, the ETM Dashboard creates a tunnel for each remote appliance in the network. The ETM Dashboard only has a single tunnel interface for Micro Edge appliances. However, all remote networks are serviced via this tunnel interface.
Important: You may view the tunnels managed by the ETM Dashboard for status information and other relevant details. However, it would help if you did not edit these tunnels, as the ETM Dashboard will overwrite the changes during the next synchronization.

Troubleshooting

You confirm that the VPN tunnels are synchronized to an NG Firewall appliance; you can view the Enabled Tunnels grid on the WireGuard VPN Status page. The Last Handshake confirms the most recent successful transfer, and the Bytes In and Bytes Out ensure that data flows in both directions.


You can view the Interfaces screen to confirm that VPN tunnels are synchronized to a Micro Edge appliance. The Connected and Online statuses confirm that the tunnel is up, and the arrows confirm that data flows in both directions.


You can check the status of your Centrally Managed Network tunnels from the Network Dashboard. The Network Map shows the links between each peer in the network.


If there is a specific reason that an appliance cannot sync, the Software Defined Network widget provides information in the Notes column next to the associated appliance.

WireGuard VPN

The WireGuard VPN service provides virtual private networking via Wireguard VPN, an open-source lightweight VPN application and protocol designed to be fast, secure, and easy to configure.

Settings

This section reviews the different settings and configuration options available for WireGuard VPN.

Status

The Status tab shows the status of the WireGuard VPN service

  • Local Service Information

This section displays information about the local WireGuard service, such as the public key, endpoint address and port, peer address, and the list of local networks.

  • Enabled Tunnels

This section shows a list of active WireGuard tunnels.


Settings
  • Listen port
Sets the port where the WireGuard server will listen for inbound tunnel connections from peers.
  • Keepalive interval
Sets the passive keepalive interval, which ensures that sessions stay active and allows both peers to determine if a connection has failed or been disconnected passively.
  • MTU
Sets the MTU size for WireGuard tunnels.

Remote Client Configuration

These fields are used when generating the Remote Client configuration.

  • DNS Server
The IP address of the local DNS server will be added to the client configuration. It is initially populated using the first defined DHCP DNS Server Override address is used it found. If not, the IP address of your first non-WAN interface is used.
  • Networks
These are networks added to the client's allowed IP list. It is initially populated with all known local networks discovered from non-WAN interfaces (and their aliases) and static routes.
Peer IP Address Pool
  • Assignment
They were used to select the method for address pool assignment. It can be set automatically to allow the system to select an unused network space or be self-assigned to configure a user-entered network space.
  • Network Space
Shows the automatically assigned networks space or allows editing the self-assigned network space.
  • New Network Space
Click when using Automatic Assignment to select a new random network space.

Tunnels

The Tunnels tab is where you create and manage WireGuard VPN tunnels. Each tunnel in the table can view the client configuration or edit the tunnel.

For a step-by-step guide to setting up WireGuard VPN tunnels, see Setting up WireGuard VPN site-to-site connections in NG Firewall.
  • Remote Client
Clicking this icon will display a window showing the recommended client configuration in both Quick Reference (QR) Code, which many WireGuard mobile apps can scan with the device's camera, and import a text file suitable for copying and pasting into the remote client.
  • Tunnel Editor
When you add a tunnel or edit and existing tunnel, the tunnel editor screen will appear with the following configurable settings:
Note: You can copy the configuration from a remote NG Firewall peer and paste it into any configurable field. The screen automatically populates all of the relevant fields from the remote side. This simplifies the configuration of tunnels and is recommended to avoid misconfiguration.
Name Description
Enabled This checkbox allows you to set a tunnel to enabled or disabled.
Description This field should contain a short name or description.
Remote Public Key This field is for the public key of the tunnel peer.
Remote Endpoint Type This field controls the endpoint type for the peer.
  • Select Roaming if the remote endpoint is a mobile device using the WireGuard app or if the remote network is used for client access only and does not host any resources.
  • Select Static for a traditional site-to-site tunnel configuration where each network hosts resources that must be accessible through the virtual private network.
Remote Endpoint IP Address Sets the IP address for a static endpoint.
Remote Endpoint Port Sets the port for a static endpoint.
Remote Peer IP Address This field sets the IP address that will be used by the remote peer.
Remote Networks This field configures the list of remote networks that should be routed across this WireGuard tunnel. Networks should be entered per line in CIDR (192.168.123.0/24) format.
Monitor Ping IP Address The IP address of a host on the remote network to ping for verifying that the tunnel is connected. Leave blank to disable.
Monitor Ping Interval The time in seconds between attempts to ping the configured ping monitor address.
Monitor Alert on Tunnel Up/Down When enabled, CONNECT and DISCONNECT alerts will be generated when the configured ping monitor transitions from reachable to unreachable and unreachable to reachable.
Monitor Alert on Ping Unreachable When enabled, UNREACHABLE alerts will be generated for each monitor ping that fails when the target is unreachable.
Local Service Information This section includes information from the Status tab useful when copying/pasting configurations between peers.

WireGuard VPN client

The WireGuard Virtual Private Network client app is available for download on various mobile devices and desktop operating systems, including iOS, macOS, Android, Windows, and Linux. The download links for each supported OS are available from the WireGuard Website.

For a step-by-step setup guide, refer to the KB article Setting up WireGuard VPN on mobile devices and desktops

Getting Started

This section discusses the following topics:

Which Option to Use when Downloading NG Firewall Software

The NG Firewall software is free to download and works on multiple platforms. But how do I know which download I need?

Your choice of download format depends on the method you intend to use to install the software:
  • Select the Serial Installer version if you intend to install using a serial console connection. Here are more details on the serial console: Managing wSeries and eSeries appliances via Serial Console.
  • Select the ISO Installer version for all other install types (hardware or virtual environment).

Edge Threat Management Dashboard Overview

Arista's Edge Threat Management (ETM) Dashboard is a cloud-based central management platform that lets you centrally manage your Micro Edge and NG Firewall deployments from a browser. All features of ETM Dashboard are available to licensed Micro Edge and NG Firewall deployments.

Critical features of the ETM Dashboard include:
  • Slack, PagerDuty, VictorOps, or email notifications based on essential activities.
  • Mobile app to manage appliances and subscriptions from a mobile device.
  • Central reporting of Micro Edge and NG Firewall deployments.
  • Secure remote access via Single Sign-On to any of your Edge Threat Management appliances.
  • License management of your Edge Threat Management appliances.
  • Automatic daily backup and optional configuration restore.
  • Configuration templates with real-time sync.
  • Host and device management with integration to Bitdefender, Malwarebytes, and Webroot.

To log in or to create a free ETM Dashboard account, navigate to https://edge.arista.com/cmd.

Logging into the Arista Edge Threat Management Dashboard

You can manage all of your networks using Arista's cloud-based ETM Dashboard.

Creating an Account

To log into the ETM Dashboard, you must have a login account. If you do not have an account yet, click Create an Account at the bottom of the page to set one up.

Logging into the ETM Dashboard

To log into your account:
  1. Go to https://launchpad.edge.arista.com.
  2. Enter your email address in the Email Address field and click Continue to log in with an ETM Dashboard account.
  3. A Password field appears on the page. Enter your password and click Log In to enter your account.
Note: If you do not know your account password, click Forgot your Password? to send an email containing a password. reset link.

Logging into ETM Dashboard using Single Sign-On with Google or Microsoft Accounts

If you have an existing Google or Microsoft account and want to Single Sign-On (SSO) to log into your ETM Dashboard account, you can do so by clicking the appropriate button (below the Log In button). This redirects you to the service provider's login page. If your SSO account requires multi-factor authentication (MFA), you will receive the code via your usual method and complete the MFA through the SSO login page.

Once logged into that service, you are logged into your ETM Dashboard account.

You can also require SSO to access your ETM Dashboard account. This option is located in My Organization > Settings :


Not required SSO is available, but it is not required to log into this ETM Dashboard account.
Any provider You must use SSO to access this ETM Dashboard account, but either Google or Microsoft SSO is allowed.
Google You must select Google SSO to log into this ETM Dashboard account.
Microsoft You must select Microsoft SSO to log into this ETM Dashboard account.

Logging into ETM Dashboard using SAML, OAuth2, or OpenID Single Sign-On Accounts

Refer to this article to configure these Identity Provider connections: Configuring SAML, OAuth2, or OpenID Login in the ETM Dashboard.

Enter your Organization Name in the Email or Organization field to log into your account.

Click Continue to be redirected to your Identity Provider's SSO login page, where you will complete your login. When you successfully log into your IdP's system, you will be logged in and redirected to your ETM Dashboard account.

The Edge Threat Management Dashboard

The Edge Threat Management (ETM) Dashboard is a high-level view of all networks and appliances associated with your Arista ETM Dashboard account.


Viewing the Dashboard

When logging into the ETM Dashboard, you are directed to the Dashboard. From the Dashboard, you can see the status and locations of your managed networks. You can also view reports, audit histories, recent threats, and more via the Dashboard Widgets.

By default, the ETM Dashboard shows all Dashboard Widgets. You can configure which Widgets to see in your Preferences. See Enabling and Disabling Dashboard Widgets for more details.

Getting Started with Edge Threat Management Mobile App

Arista Go is a mobile app for Android and iOS-based devices that extends ETM Dashboard functionality to your mobile device, enabling you to manage your networks and Edge Threat Management appliances from anywhere.

Arista Go enables you to:
  • Review recent alerts related to your Edge Threat Management appliances and managed networks.
  • Review the connection status and details of your Edge Threat Management appliances.
  • Review the subscriptions associated with your Edge Threat Management appliances.

Installing Arista Go

Arista Go is accessible through the Google Play and Apple app stores. To install the app:
  1. On your mobile device, open the browser and navigate to https://play.google.com/store/apps/details?id=com.untangle.go (Android) or https://apps.apple.com/us/app/untangle-go/id1561237778 (Apple iOS). Alternatively, open your Google Play or Apple App Store app and search for "Untangle Go."
  2. Review the app details to ensure they meet your device's requirements.
  3. Click Install or Get, depending on your device.

Pairing the app to your ETM Dashboard Account

  1. After Arista Go installs, launch the app.
  2. If you want to receive ETM Dashboard alerts, allow notifications when prompted.
  3. On the next screen, choose how to pair your device. If you decide to Scan the QR code, the app asks permission to use your phone’s camera. If you prefer not to consent to your camera, choose Type QR code.
  4. To obtain your QR code, log into your ETM Dashboard account and navigate to My Account > Arista Go .
  5. Click Pair Device.
  6. Direct your phone’s camera at the QR image, or type the QR code below the image if you prefer not to use the camera.
  7. After your account is paired, you can manage your appliances using the app.

Unpairing your Device

To disconnect the app from your account:
  1. Open the app and navigate to Settings.
  2. Click Unpair device.

Edge Threat Management
Dashboard User Guide
Arista Networks

www.arista.com

DOC-06726-02

 

Headquarters
5453 Great America Parkway
Santa Clara, CA 95054, USA
+1-408 547-5500
www.arista.com
Support
+1-408 547-5502
+1-866 476-0000
This email address is being protected from spambots. You need JavaScript enabled to view it.
Sales
+1-408 547-5501
+1-866 497-0000
This email address is being protected from spambots. You need JavaScript enabled to view it.
© Copyright 2024 Arista Networks, Inc. The information contained herein is subject to change without notice. Arista Networks and the Arista logo are trademarks of Arista Networks, Inc., in the United States and other countries. Other product or service names may be trademarks or service marks of others.