4.1.5. Procedure – Configuring Management Server (MS)

Purpose: 

To configure Management Server, complete the following steps.

Steps: 

  1. Configure the site name.

    The hosts managed by MS are organized into sites. Use a descriptive name for the site, for example, the name of the company. This will help the administrator distinguish MSs from each other. Enter the site name.

    Configuring the site name

    Figure 4.18. Configuring the site name

  2. Configure the hostname of the MS Engine.

    It is recommended to enter the normal hostname, but do not use FQDN. The default value is VMS-Host.

    Warning

    Make sure to enter the correct hostname, because it is stored in the MS database and is complicated to modify later.

    Configuring the hostname of the MS Engine supervising the PNS firewall host

    Figure 4.19. Configuring the hostname of the MS Engine supervising the PNS firewall host

  3. Configure the initial password of the administrator user on MS.

    Enter the MS administrator password. This password is used to login to MS from the Management Console as an administrator, and configure the PNS firewalls. The username of the administrator by default is admin, which can be modified later. The password can be changed later at any time.

    Note

    Make sure to create a password that conforms to the secure password generation standards of your organization.

    Store the password in a secure way.

    Configuring the initial password of the administrator user on MS

    Figure 4.20. Configuring the initial password of the administrator user on MS

  4. Configure the Certificate Authority of MS.

    Enter a secure password for the Certificate Authority (CA) of MS. This password will be used as the passphrase of the initial CA certificate.

    Note

    Make sure to create a password that conforms to the secure password generation standards of your organization.

    Store the password in a secure way.

    Warning

    Make sure to enter the correct CA password. It is difficult to change the CA password later and requires regenerating the whole CA chain.

    Specifying the CA password of MS

    Figure 4.21. Specifying the CA password of MS

  5. Create the root Certificate Authority.

    MS includes public key infrastructure (PKI) management to ensure that each element of the firewall system (MS module, VPNs, users) can be authenticated with X.509 certificates. During this stage of the installation the root CA is created and configured. Provide the following parameters.

    Creating the root Certificate Authority

    Figure 4.22. Creating the root Certificate Authority

    Warning

    Do not use accented characters. They are not supported in the X400/X500 standard.

    • Country ID: two characters only. For example, US, DE, HU.

    • State: Optional. United States (US) only. For example, Nevada.

    • City: Optional. For example, Las Vegas.

    • Company name: Optional. For example, Example Ltd..

    • Department name: Optional. For example, IT department.