Hiya! Merion Metrics our call stats (CDR) application for Asterisk, it shows the most important diagrams and call graphs as well as call history in an easy and convenient format. Showing call stats this way makes them easy to understand for everyone - from CEO to an office manager About Merion Metrics Short description of Merion Metrics: Full statistics - the most important info only: date, time, source and destination of a call, as well as it’s recording; Free trial - try the whole spectrum of these features - completely for free; Easy and quick installation - we are always here to help you; Cross-platform - developed in Java. Compatible with any UNIX platform; For supervisors - Got tired of heavy and awkward CDR interface in FreePBX? Or maybe you experienced something similar with CDR Viewer? we know that feeling; Easy to export in PDF and CSV - export all your calls into PDF and send it over to your colleagues in an easy readable format; Try Merion Metrics for free: Try Merion Metrics Merion Metrics Installation Attention! You should to have a license key from our support team at this point. You can get it by follow link: https://asterisk.merionet.ru/merionmetrics Of course for your convenience we have a step by step video guide. Enjoy :) Installation video - guide Installation guide by plain text System Requirements RAM: 256 MB min CPU: Pentium 2 266 ÌÃö + ìèíèìóì Java Runtime Environment (JRE): version 8+ Browser: Internet Explorer 9+ Preparation Firstly, connect to your Asterisk via SSH using user root. Directory creation for the app Run the following commands: mkdir /home/merionstat Upload app distro MerionMonitoring-*.*.*.jar into the directory you’ve just created: /home/merionstat. You can do that using WinSCP, for example. Important: App distro will have a certain version number. Here, in the installation guide, we always put version number as MerionMonitoring-*.*.*.jar. In your case it will be something like MerionMonitoring-1.1.9.jar. SQL user creation Follow the link that will generate an uncrackable password and right it down on save it somewhere. After that, execute the following command sequence: mysql CREATE USER 'interface'@'localhost' IDENTIFIED BY 'your_password'; GRANT SELECT, CREATE, INSERT ON asteriskcdrdb.* TO 'interface'@'localhost' IDENTIFIED BY 'your_password'; Where your_password - some freshly generated password from the link above ïàðîëü. For example: mysql CREATE USER 'interface'@'localhost' IDENTIFIED BY '6nzB0sOWzz'; GRANT SELECT, CREATE, INSERT ON asteriskcdrdb.* TO 'interface'@'localhost' IDENTIFIED BY '6nzB0sOWzz'; And yet another reminder – save your password somewhere else. Call recordings directory For sake of playing call recordings through our app, you have to do the following: Generate another password via our password generator and save it;. Execute the following commands: mkdir /var/www/html/generated_password chown asterisk:asterisk /var/www/html/generated_password chmod 775 /var/www/html/generated_password For example: mkdir /var/www/html/5v9MpbtUA8 chown asterisk:asterisk /var/www/html/5v9MpbtUA8 chmod 775 /var/www/html/5v9MpbtUA8 Open file /etc/fstab and add there the following sequence: /var/spool/asterisk/monitor/ /var/www/html/generated_password/ none rbind 0 0 For example: /var/spool/asterisk/monitor/ /var/www/html/5v9MpbtUA8/ none rbind 0 0 Save all the changes in fstab file. After that, execute the following command in CLI: mount -a Start Application launch Run the following commands: cd /home/merionstat nohup java -jar MerionMonitoring-*.*.*.jar & Right after command’s execution press Enter. Application setup The first connection After launching .jar archive, please open the following address in your web-browser: http://your_IP_address:7070/#!/config (You can use any browser, we recommend using Google Chrome). Once it opened, enter your license key – you can get it from our support engineer. Click “Check the license”. If you encounter any kind of a problem during that phase, please address it to our technical support team: helpdesk@merionet.ru. After that you have to pass the initial authorization, and to do that, you need to use the following credentials: admin/IEJu1uh32 On the next step you’ll need to configure database connection. If you are using Asterisk IP - PBX, just follow the guide: Database - mysql or mariadb; DB host: If your DB installed on the same server as our application - localhost; If your DB installed on some kind of external server - IP_address_of_your_database; DB port - is being set up automatically, so please change it only if your DB is listening for requests on another port; DB connection string - leave this without changes; Table name - In case of Asterisk it’s cdr; Scheme - that should be the name of database, for Asterisk it’s asteriskcdrdb; User - You created the user some time ago in “SQL user creation” part of this guide. If you copied all the commands without any changes – that would be interface; Password - the one you’ve probably generated using our password generator; Voice recordings host - link like http://your_ip_address/generated_password/, where generated_password is a sequence you created on a previous stage Call recordings directory. So, it’s gonna be something like http://192.168.1.7/5v9MpbtUA8/; Station type - Asterisk; After you finish all the above, click “Connect”. If something went wrong, address the issue to our support team helpdesk@merionet.ru. On the next step, you have to match field name in the table with it’s actual meaning. In case of Asterisk you can leave everything as it is. At the bottom of this page click the button “Set the matches” and “Launch the Application”. Our app will redirect you to the application’s initial page. By default, administrator’s login and password are: admin/admin Known issues Application is already launched If you can’t open the app using the default link http://IP_ADDRESS:7070/#!/config, please check if it wasn’t launched before. To do so, please run the command below: ps aux | grep Merion Analyze the command output: root 4919 0.1 13.1 2120384 801784 ? Sl Dec11 19:12 java -jar MerionMonitoring-*.*.*.jar If you see something similar, you have to kill the process using it’s PID (marked with orange in output example above). So execute the following command: kill -9 4919 Check the output again: ps aux | grep Merion If the one you’ve seen before is gone, then you can try to lauch it again: cd /home/merionstat nohup java -jar MerionMonitoring-*.*.*.jar & Database on the external server If you are connecting to an external data base, you need to add some additional configuration for MySQL settings, that you’ve done in “SQL user creation”. You might need it if you install call stats app on a different server, not the one you have Asterisk installed on. In this case you need to run the following commands on the server where you have your DB (usually it’s your Asterisk server): mysql GRANT SELECT, CREATE, INSERT ON asteriskcdrdb.* TO 'interface'@'IP_àäðåñ_èíòåðôåéñà' IDENTIFIED BY ''your_password'; Where: your_password - password generated with our our tool; Call_stats_app_IP_ADDRESS - IP-address of the server where you decided to install our Call Stats Application. For example: mysql GRANT SELECT, CREATE, INSERT ON asteriskcdrdb.* TO 'interface'@'192.168.1.78' IDENTIFIED BY '6nzB0sOWzz'; Also, please check that the following ports are open: 3306 - for MySQL and MariaDB; 5432 - for PostgreSQL. Slow data loading If you are experiencing some issues with data download – it might be related to the big size of your database. We recommend to launch our app (.jar file) with some additional keys. According to the “Application launch”, run the following command: cd /home/merionstat nohup java -jar MerionMonitoring-*.*.*.jar -Xms128m -Xmx256m & Where: -Xms128m - minimal amount of RAM available for the app. In our example – it’s 128 Megabytes. -Xmx256m - maximum amount of RAM available for the app. In our example – it’s 256 Megabytes; How to send a request to our support team? If you are experiencing any technical issues with configuration of our app – we will definitely help you. We’ll need the files from /home/merionstat directory – the one where you’ve put our distro MerionMonitoring-*.*.*.jar, according to step “Directory creation for the app”. Depending on the phase where you’ve encountered any technical issues, you might have the following files there: columns_mapping.cfg configuration.properties nohup.out Please send us those files and description of your issue – we’ll try to help you. Telegram - @merion_support_bot Email - helpdesk@merionet.ru

IP-ÀÒÑ Yeastar ïîääåðæèâàþò àâòîìàòè÷åñêóþ íàñòðîéêó ðàçëè÷íûõ ìîäåëåé êîíå÷íîãî IP-îáîðóäîâàíèÿ îò ðàçëè÷íûõ ïðîèçâîäèòåëåé. Ïîñëå íåäàâíåãî îáíîâëåíèÿ â ïðèëîæåíèå auto-provisioning áûëà äîáàâëåíà ïîääåðæêà Gigaset DECT IP PRO. Ïîääåðæèâàåìîå îáîðóäîâàíèå Gigaset: DECT áàçû Gigaset: Gigaset N870 IP PRO Gigaset N670 IP PRO Òåëåôîíû Gigaset: Gigaset Maxwell C Gigaset S650H Pro Gigaset SL750H Pro Gigaset R650H Pro $dbName_ecom = "to-www_ecom"; $GoodID = "5019000350"; mysql_connect($hostname,$username,$password) OR DIE("Íå ìîãó ñîçäàòü ñîåäèíåíèå "); mysql_select_db($dbName_ecom) or die(mysql_error()); $query_ecom = "SELECT `model`, `itemimage1`, `price`, `discount`, `url`, `preview115`, `vendor`, `vendorCode` FROM `items` WHERE itemid = '$GoodID';"; $res_ecom=mysql_query($query_ecom) or die(mysql_error()); $row_ecom = mysql_fetch_array($res_ecom); echo 'Êñòàòè, êóïèòü '.$row_ecom['vendor'].' '.$row_ecom['vendorCode'].' ìîæíî â íàøåì ìàãàçèíå Merion Shop ïî ññûëêå íèæå. Ñ íàñòðîéêîé ïîìîæåì 🔧 Êóïèòü '.$row_ecom['model'].''.number_format(intval($row_ecom['price']) * (1 - (intval($row_ecom['discount'])) / 100), 0, ',', ' ').' ₽'; $dbName = "to-www_02"; mysql_connect($hostname,$username,$password) OR DIE("Íå ìîãó ñîçäàòü ñîåäèíåíèå "); mysql_select_db($dbName) or die(mysql_error()); Äëÿ àâòîìàòè÷åñêîé íàñòðîéêè Gigaset DECT IP PRO íåîáõîäèìî óáåäèòüñÿ, ÷òî îáîðóäîâàíèå ñîîòâåòñòâóåò ìèíèìàëüíûì òðåáîâàíèÿì: ïðîøèâêà íå íèæå 30.12.0.9 äëÿ IP ÀÒÑ Yeastar ñåðèè S âåðñèÿ ïðèëîæåíèÿ auto-provisioning íå íèæå 1.8.22 âåðñèÿ DECT áàç Nx70 ñåðèè íå íèæå 2.29.0 Øàã 1. Ñáðîñèòü DECT áàçó Gigaset äî çàâîäñêèõ íàñòðîåê Øàã 2. Äîæäàòüñÿ ïîÿâëåíèÿ áàçû Gigaset â ïàíåëè ïðèëîæåíèÿ auto-provisioning Âî âðåìÿ çàãðóçêè DECT áàçà Gigaset ðàññûëàåò ìóëüòèêàñò SIP ñîîáùåíèå. Ýòî ñîîáùåíèå ïîäõâàòûâàåò IP ÀÒÑ Yeastar ñåðèè S è áàçà ïîÿâëÿåòñÿ â îêíå ïðèëîæåíèÿ. Øàã 3. Îòêðîéòå ïàðàìåòðû áàçû è íàñòðîéòå òàê, êàê ýòî Âàì íåîáõîäèìî Øàã 4. Ïåðåçàãðóçèòå DECT áàçó Gigaset Ïîñëå íàñòðîéêè íàæìèòå Ñîõðàíèòü. Ïîÿâèòñÿ çàïðîñ íà ïåðåçàãðóçêó DECT áàçû Gigaset. Íåîáõîäèìî âðó÷íóþ èëè ÷åðåç web-èíòåðôåéñ DECT áàçû Gigaset ïåðåçàãðóçèòü å¸. Ñäåëàòü ýòî íåîáõîäèìî òîëüêî â ïåðâûé ðàç.  äàëüíåéøåì, íå ñìîòðÿ íà çàïðîñû íà ïåðåçàãðóçêó ñî ñòîðîíû IP ÀÒÑ Yeastar, DECT áàçó Gigaset IP PRO ïåðåçàãðóæàòü íåò íåîáõîäèìîñòè. Âñå íàñòðîéêè áóäóò óñïåøíî ïðèìåíÿòüñÿ áåç ïåðåçàãðóçêè. Ïîääåðæèâàåìûé ôóíêöèîíàë, êîòîðûé ìîæíî íàñòðîèòü ñ ïîìîùüþ àâòîìàòè÷åñêîé íàñòðîéêè: N670 äî 20 òåëåôîíîâ N870 äî 50 òåëåôîíîâ Òåëåôîííàÿ êíèãà LDAP Îæèäàíèå âûçîâà Ãîëîñîâàÿ ïî÷òà ßçûê Ïàðîëü àäìèíèñòðàòîðà Òîíàëüíàÿ ñõåìà ×àñîâîé ïîÿñ Ñåðâåð NTP Êîäåêè Íàñòðîéêà òðóáîê/àêêàóíòîâ: Âû ìîæåòå íàñòðîèòü ñâîè òåëåôîíû, âûáðàâ òðóáêó, íîìåð è óêàçàâ LDAP. ×òîáû çàðåãèñòðèðîâàòü òðóáêó, Âàì íåîáõîäèìî îòêðûòü âåá-èíòåðôåéñ DECT áàçû Gigaset è íà÷àòü ðåãèñòðàöèþ. Õàðàêòåðèñòèêè Íà äàííîé âêëàäêå ìîæíî âêëþ÷èòü/âûêëþ÷èòü îæèäàíèå âûçîâà, ãîëîñîâóþ ïî÷òó è íàñòðîèòü óäàëåííóþ òåëåôîííóþ êíèãó. Íàñòðîéêè Íà âêëàäêå Ïðåäïî÷òåíèÿ Âû ìîæåòå íàñòðîèòü ÿçûê, óêàçàòü ïàðîëü àäìèíèñòðàòîðà, âûáðàòü ñõåìó òîíîâ, óêàçàòü âðåìåííóþ çîíó è ñåðâåð NTP. Ïàðîëü àäìèíèñòðàòîðà: â ýòîì ïîëå íàñòðîéòå ñâîé ïàðîëü àäìèíèñòðàòîðà. Åñëè ïîëå ïóñòîå, òî Âàø ïàðîëü, ââåäåííûé âî âðåìÿ óñòàíîâêè Nx70, íå áóäåò ïåðåçàïèñàí. Íàñòðîéêà êîäåêîâ Íà âêëàäêå Êîäåê Âû ìîæåòå íàñòðîèòü èñïîëüçóåìûå êîäåêè. Ïðèìå÷àíèå: Åñëè îòêëþ÷èòü êîäåê G.729, òî DECT áàçà Gigaset ñìîæåò ðàáîòàòü ñ 10 îäíîâðåìåííûìè âûçîâàìè, âìåñòî 8. Íàñòðîéêà ïðîôèëåé LDAP Íà âêëàäêå LDAP Âû ìîæåòå íàñòðîèòü äî 10 ïðîôèëåé LDAP ñåðâåðà. Äîñòóïíûå äëÿ íàñòðîéêè ïàðàìåòðû: Directory name: íàçâàíèå òåëåôîííîé êíèãè, êîòîðîå áóäåò îòîáðàæàòüñÿ íà òåëåôîííûõ òðóáêàõ Server Address: IP àäðåñ ñåðâåðà LDAP (íàïðèìåð, IP ÀÒÑ Yeastar ñåðèè S) Server Port: ïîðò ñåðâåðà LDAP (íàïðèìåð, 389) LDAP Search base (Base DN): dc=pbx, dc=com Username: cn=admin, dc=pbx, dc=com Password: ïàðîëü Äëÿ âêëþ÷åíèÿ óêàçàííîé íàñòðîéêè LDAP, íåîáõîäèìî óñòàíîâèòü ãàëî÷êó Enable directory.

 îäíîé èç ïðåäûäóùèõ ñòàòåé ìû ðàññìàòðèâàëè ìåæñåòåâîé ýêðàí ASA è ïîðÿäîê åãî ïåðâîíà÷àëüíîé íàñòðîéêè. Íî íè÷åãî íå ñòîèò íà ìåñòå è â êàêîé-òî ìîìåíò Cisco êóïèëà êîìïàíèþ Sourcefire çà áàñíîñëîâíûå ìèëëèàðäû "Äàëàðîâ". Çà÷åì? Íó, âî-ïåðâûõ, ó Sourcefire áûë îäèí èç ëó÷øèõ â òî âðåìÿ íà ðûíêå IPS-îâ è åùå áûë ðÿä èíòåðåñíûõ ïðîäóêòîâ, êîòîðûå Cisco óñïåøíî çàáðàëà ñåáå â ïîðòôîëèî, íàïðèìåð – Advanced Malware Protection, êîòîðûé ïî ñóòè ñâîåé ÿâëÿåòñÿ End Point Detection & Response ðåøåíèåì. Çà÷åì? À ÷òîáû ìîæíî áûëî âîâðåìÿ ðåàãèðîâàòü íà óãðîçû è ïðîâîäèòü ðàññëåäîâàíèÿ. Íó äà ëàäíî, ìû òàêè FirePower íàñòðàèâàòü ñîáðàëèñü. Ïåðâîíà÷àëüíî Firepower âûñòóïàë â êà÷åñòâå äîïîëíèòåëüíîãî ìîäóëÿ (âèðòóàëüíîãî â ñëó÷àå 5506-5555 è ôèçè÷åñêîãî â ñëó÷àå 5585) ê ASA. ×òî åñòü ýòîò ìîäóëü? Ýòîò ìîäóëü – îòäåëüíûé è ñàìîáûòíûé êóñîê ÏÎ, äîñòàâøèéñÿ îò Sourcefire. Îòñþäà ñëåäóåò çàáàâíûé âûâîä: äëÿ óïðàâëåíèÿ ýòèì ìîäóëåì òðåáîâàëàñü îòäåëüíàÿ êîíñîëü óïðàâëåíèÿ (â èäåàëå). À åùå, ëîãèêà îáðàáîòêè ïàêåòîâ áûëà äîâîëüíîé íåîáû÷íîé, íî òàê êàê ýêðàí ðàáîòàë ñ îòíîñèòåëüíî íåáîëüøèìè ñêîðîñòÿìè, áûëî ïðèíÿòî ðåøåíèå î âûíîñå ìîäóëÿ FirePower â êà÷åñòâå îòäåëüíîãî, óæå íå îòíîñÿùåãîñÿ ê ìåæñåòåâîìó ýêðàíó ASA è íàçâàëè ýòî ÷óäî FirePower Threat Defense – ãäå â áàçå èñïîëüçóåòñÿ ASA, à ñâåðõó ïðèëåïëåí NGFW ôóíêöèîíàë. Íîâûå FirePower-û èìåþò îãðîìíóþ ïðîèçâîäèòåëüíîñòü – ïîäðîáíåå ñìîòðèòå â äàòàøèòàõ. Êðàòêî î íàøèõ áàðàíàõ èëè îáùèå ðåêîìåíäàöèè Âàðèàöèè íàñòðîéêè ïëàòôîðìû Firepower Threat Defense âñåãî äâà (à åñëè ðàññìàòðèâàòü ASA + FirePower ñåðâèñû, òî àæ òðè, èëè äàæå ÷åòûðå – òàêîé âîò êîëåíêîð): FirePower Management Center (FMC) – öåíòðàëèçîâàííîå óïðàâëåíèÿ ïîëèòèêàìè, óñòðîéñòâàìè è ñîáûòèÿìè. Îáëàäàåò àâòîìàòèçàöèåé, ÷òî óïðîùàåò íàñòðîéêó. FirePower Device Manager (FDM) – ÿâëÿåòñÿ ïðîñòûì àâòîíîìíûì ðåøåíèåì äëÿ ñòàíäàðòíûõ íàñòðîåê ïðàâèë îáåñïå÷åíèÿ áåçîïàñíîñòè. Ìû æå ðàññìîòðèì ñàìóþ ìåäëåííóþ, íî ñàìóþ áîãàòóþ (ïî ôóíêöèîíàëó) âàðèàöèþ – ñðåäñòâî öåíòðàëèçîâàííîãî óïðàâëåíèÿ FMC. Îíà îáëàäàåò ìíîãîïîëüçîâàòåëüñêîé íàñòðîéêîé, áîëåå ïðîäâèíóòûì ðåàãèðîâàíèåì íà óãðîçû, òàêîé ïðÿì ìèíè-SIEM. Òàêæå ïðåäóñìîòðåíî íàñëåäîâàíèå ïîëèòèê (öåíòðàëèçîâàííûé ïóø êîíôèãóðàöèè íà óñòðîéñòâà), ÷òî óïðîùàåò íàñòðîéêó. Ïåðåéäåì íåïîñðåäñòâåííî ê ïåðâîíà÷àëüíîé íàñòðîéêå FMC. Íàñòðîéêè áóäåì ðàññìàòðèâàòü äëÿ IPS/IDS (êîìïëåêñû ñðåäñòâ äëÿ ïðåäîòâðàùåíèÿ è îáíàðóæåíèÿ óãðîç â ëîêàëüíóþ ñåòü). ×òîáû ìàêñèìàëüíî ýôôåêòèâíî èñïîëüçîâàòü IDS/IPS, íóæíî ïðèäåðæèâàòüñÿ ñëåäóþùèõ ðåêîìåíäàöèé: Ñèñòåìó íåîáõîäèìî ðàçâîðà÷èâàòü íà âõîäå çàùèùàåìîé ñåòè èëè ïîäñåòè è îáû÷íî çà ìåæñåòåâûì ýêðàíîì (íåò ñìûñëà êîíòðîëèðîâàòü òðàôèê, êîòîðûé áóäåò áëîêèðîâàí) — òàê ìû ñíèçèì íàãðóçêó.  íåêîòîðûõ ñëó÷àÿõ äàò÷èêè óñòàíàâëèâàþò è âíóòðè ñåãìåíòà. Ïåðåä àêòèâàöèåé ôóíêöèè IPS ñëåäóåò íåêîòîðîå âðåìÿ ïîãîíÿòü ñèñòåìó â ðåæèìå, íå áëîêèðóþùåì (IDS).  äàëüíåéøåì ïîòðåáóåòñÿ ïåðèîäè÷åñêè òþíèíãîâàòü ïðàâèëà. Áîëüøèíñòâî íàñòðîåê IPS óñòàíîâëåíû ñ ðàñ÷åòîì íà òèïè÷íûå ñåòè.  îïðåäåë¸ííûõ ñëó÷àÿõ îíè ìîãóò îêàçàòüñÿ íåýôôåêòèâíûìè, ïîýòîìó íåîáõîäèìî îáÿçàòåëüíî óêàçàòü IP âíóòðåííèõ ïîäñåòåé è èñïîëüçóåìûå ïðèëîæåíèÿ (ïîðòû). Ýòî ïîìîæåò æåëåçêå ëó÷øå ïîíÿòü, ñ ÷åì îíà èìååò äåëî. Íî òóò åñòü òàêàÿ øòóêà êàê NGIPS – ñèñòåìà ñíèìàåò ïðîôèëü òðàôèêà è ìîæåò ñàìà ïîä íåãî ïîäñòðàèâàòüñÿ, âêëþ÷àÿ íóæíûå ïðàâèëà è îòêëþ÷àÿ íåíóæíûå. Åñëè IPS-ñèñòåìà óñòàíàâëèâàåòñÿ «â ðàçðûâ», íåîáõîäèìî êîíòðîëèðîâàòü åå ðàáîòîñïîñîáíîñòü, èíà÷å âûõîä óñòðîéñòâà èç ñòðîÿ ìîæåò çàïðîñòî ïàðàëèçîâàòü âñþ ñåòü. Íàñòðîéòå âû åãî óæå íàêîíåö – ÷àñòü 1 Èòàê, ïðèñòóïèì ê íàñòðîéêå ïëàòôîðìû Ñisco FirePower: Óñòàíàâëèâàåì Íåîáõîäèìîå ÏÎ: Åãî ìîæíî íàéòè â âàøåì êîìïëåêòå ïîñòàâêè, ëèáî ìîæåòå ñêà÷àòü ñ îôèöèàëüíîãî ñàéòà cisco.com (ïðè íàëè÷èè ó âàñ ñåðâèñíîãî êîíòðàêòà). ÏÎ ïîíàäîáèòñÿ ñëåäóþùåå: FirePower Management Center (ïîääåðæèâàåò ESXi è KVM) è îáðàç äëÿ âàøåé æåëåçÿêè èëè æå îáðàç âèðòóàëüíîãî Firepower-à, êîòîðûé àìåðèêàíöû ïðîçâàëè NGFWv. Ïîäêëþ÷àåì êàáåëè (ñîãëàñíî óêàçàííîé íèæå ñõåìå è ÷òî íåïðèìåíèìî ê âèðòóàëêå). Console port – êîíñîëüíûé ïîðò Management port – äëÿ ïîäêëþ÷åíèÿ è íàñòðîéêè ñåòè Logical Device Management – äëÿ íàñòðîéêè ëîãè÷åñêèõ óñòðîéñòâ (ìîæíî íàñòðàèâàòü êàê 1, òàê è âñå èíòåðôåéñû ñðàçó) Ïîìåñòèòå FMC â ñåòü óïðàâëåíèÿ ëîãè÷åñêèìè óñòðîéñòâàìè. Äëÿ îáíîâëåíèé FTD è FMC òðåáóåòñÿ ïîäêëþ÷åíèå ê èíòåðíåòó. Åñëè îáîðóäîâàíèå íå íîâîå (áûëî êåì-òî èñïîëüçîâàíî), íåîáõîäèìî ñòåðåòü òåêóùóþ êîíôèãóðàöèþ ñëåäóþùèìè êîìàíäàìè (âûäåëåíû «æèðíûì»): Firepower-chass Firepower-chassis # connect local-mgmt Firepower-chassis(local-mgmt)# erase configuration Ïîäêëþ÷èòåñü ê ïîñëåäîâàòåëüíîìó êîíñîëüíîìó ïîðòó, èñïîëüçóÿ ýìóëÿòîð òåðìèíàëà. Firepower 9300 âêëþ÷àåò ïîñëåäîâàòåëüíûé êîíñîëüíûé êàáåëü RS-232 – RJ-45. Âàì ìîæåò ïîíàäîáèòüñÿ èñïîëüçîâàòü êàáåëü ïîñëåäîâàòåëüíîãî èíòåðôåéñà USB îò ñòîðîííåãî ïðîèçâîäèòåëÿ äëÿ ïîäêëþ÷åíèÿ. Èñïîëüçóéòå ñëåäóþùèå ñåðèéíûå ïàðàìåòðû: 9600 baud 8 data bits No parity 1 stop bit Ïðè ïîÿâëåíèè çàïðîñà âîéäèòå â ñèñòåìó ñ èìåíåì ïîëüçîâàòåëÿ admin è ïàðîëåì cisco123. Ââîäèì òîëüêî òî, ÷òî âûäåëåíî «æèðíûì». Êîãäà ïîÿâèòñÿ çàïðîñ î ïîäòâåðæäåíèè êîíôèãóðàöèè, ïîäòâåðæäàåòå – ïðîñòî íàáåðèòå yes. Íàñòðîéòå âû åãî óæå íàêîíåö – ÷àñòü 2 Äàëåå íàì íåîáõîäèìî ïðîèçâåñòè íàñòðîéêè, èñïîëüçóÿ áðàóçåð. Îáðàùàþ âíèìàíèå, ÷òî íå êàæäûé áðàóçåð ïîäîéäåò! Íàñòðàèâàòü ìîæíî òîëüêî ñ óïðàâëÿþùåãî êîìïüþòåðà, IP-àäðåñ êîòîðîãî ïîïàäàåì â äèàïàçîí, êîòîðûé óêàçûâàëè â êîíôèãóðàöèè. Çàõîäèì â áðàóçåð è â ïîèñêîâóþ ñòðîêó (ñòðîêó ââîäà URL) ââîäèì ñëåäóþùåå: https://àäðåñ_æåëåçêè Ââîäèì èìÿ ïîëüçîâàòåëÿ admin è íîâûé ïàðîëü äëÿ âõîäà â äàëüíåéøåì. Îñóùåñòâëÿåì ïðîöåäóðó âõîäà â ñèñòåìó. Íàñòðàèâàåì NTP ñîåäèíåíèå. Îíî íóæíî íàì äëÿ ñèíõðîíèçàöèè âðåìåíè íà âñåõ óñòðîéñòâàõ. Îò ýòîãî çàâèñèò êàê ñòàáèëüíîñòü, òàê è ñàìà ðàáîòà â ïðèíöèïå. Çàõîäèì íåïîñðåäñòâåííî â íàñòðîéêè è âûáèðàåì ïàðàìåòð èñïîëüçîâàíèÿ NTP-ñåðâåðà.  ïðàâîì íèæíåì óãëó âûáåðèòå «Add» NTP Server (îáÿçàòåëüíîå ïîëå äëÿ çàïîëíåíèÿ) äîëæåí âêëþ÷àòü IP-àäðåñ èëè èìÿ host-ñåðâåðà, Authentication Key – èäåíòèôèêàòîð îò NTP-ñåðâåðà. Åñëè íå çíàåòå ýòîò êëþ÷, ìîæåòå íàéòè åãî ïîèñêàâ ÷åðåç ïîèñêîâèê (ntp.keys). Òàêæå ìîæíî ïîëó÷èòü åãî (ïðè óñëîâèè, ÷òî ôàéëà ntp.keys íåò), ïðîïèñàâ êîìàíäó â êîíñîëè óïðàâëåíèÿ ntp-keygen -M, çàòåì ïîèñêàâ òîò æå ñàìûé ôàéë, âû íàéäåòå åãî â äèðåêòîðèè. Íàæèìàåì «Add» è äîáàâëÿåì íàø NTP-ñåðâåð. Ñîõðàíÿåì èçìåíåíèÿ. Çàõîäèì âî âêëàäêó «Current Time», çàòåì «Time Zone» è âûáèðàåì ñâîé ÷àñîâîé ïîÿñ èç ñïèñêà è ïîñëå ñîõðàíÿåì íàñòðîéêè. Íàñòðîéòå âû åãî óæå íàêîíåö – ÷àñòü 3. Íàñòðîéêà áàçîâîãî ôóíêöèîíàëà. Íàñòðîèì èíòåðôåéñû. Äëÿ ýòîãî ïåðåõîäèì â ñàìó âêëàäêó «Interfaces», ðàñïîëîæåííóþ ó ðàìêè îêíà â ÷åðíîé ïîëîñå. Íàæèìàåì «Edit» äëÿ èíòåðôåéñà, êîòîðûé ñîáèðàåìñÿ íàñòðîèòü. Îòêðûâàåì ïîðò äëÿ ðàáîòû ãàëî÷êîé íàïðîòèâ «Enable».  ñòðîêå «Type» âûáèðàåì íàçíà÷åíèå èíòåðôåéñà (ìû áóäåì ïåðåäàâàòü äàííûå, ïîýòîìó âûáèðàåì ïóíêò «data-sharing». Îñòàëüíûå äàííûå çàïîëíÿòü íå îáÿçàòåëüíî. Ñêàæó, ÷òî òàì íàñòðàèâàåòñÿ Ñêîðîñòü ïåðåäà÷è, àâòî ñîãëàñîâàíèå è ðåæèì äóïëåêñà ñîîòâåòñòâåííî. Ëó÷øå îñòàâèòü äàííûå ïàðàìåòðû íå íàñòðîåííûìè, ñèñòåìà ñàìà ïåðåñòðîèòñÿ äëÿ ðàáîòû. Ïåðåéäåì íåïîñðåäñòâåííî ê íàñòðîéêå IPS (ïîëèòèêà îáíàðóæåíèÿ âòîðæåíèé). Âûáèðàåì ïóíêò Policies > Access Control > Intrusion Äàëåå æìåì Ñreate Policy (ñïðàâà êíîïêà) È â ïîÿâèâøåìñÿ îêíå çàïîëíÿåì èìÿ (Name) (îáÿçàòåëüíûé ïàðàìåòð). Åñëè âû íå îáëàäàåòå äîñòàòî÷íûìè çíàíèÿìè äëÿ äåòàëüíîé íàñòðîéêè IPS, âîñïîëüçóéòåñü ðåêîìåíäóåìûìè ôèëüòðàìè. Ïóíêò Base Policy, â íåì âûáèðàåì Maximum Detection (ìàêñèìàëüíàÿ çàùèòà). Ñîçäàåì è ïðèìåíÿåì èçìåíåíèÿ ñ ïîìîùüþ êíîïêè Create and Edit Policy. IPS òóò óìåí, ãîðàçäî óìíåå àâòîðà ýòîé ñòàòüè.  õîäå ýêñïëóàòàöèè âû ýòî çàìåòèòå. À èìåííî, ÷òî ïðè èñïîëüçîâàíèè ìàêñèìàëüíîé ñòåïåíè çàùèòû (Maximum Detection) ïðîãðàììíîå îáåñïå÷åíèå ïðåäëîæèò âàì èñêëþ÷èòü ïðàâèëà, êîòîðûå íå íóæíû è ïðîñòî íà «õîëîñòóþ» òðàòÿò ðåñóðñû âàøåãî óñòðîéñòâà çàùèòû. Òàêèå ðåêîìåíäàöèè îíà äåëàåò ïî ðåçóëüòàòàì ñòàòèñòèêè. Îíà õðàíèòñÿ â Policies > Access Control > Intrusion > Firepower Recommendations > Generate Recommendations Òàêèì îáðàçîì, ñèñòåìà àäàïòèðóåòñÿ èíäèâèäóàëüíî äëÿ âàøåé ñåòè. Íàñòðîèì îáíàðóæåíèå âèðóñîâ è çàðàæåííûõ ôàéëîâ. Íî äëÿ áîëåå àäåêâàòíîé ðàáîòû ñåòè, ðåêîìåíäóåòñÿ ñîçäàòü DNS «ëîâóøêó» (ñëåäóþùèé ïóíêò), êîòîðàÿ ïîêàæåò, íà êàêîå èìåííî óñòðîéñòâî ïðèøåë âðåäîíîñíûé ôàéë. Åñëè «ëîâóøêó» íå ñîçäàâàòü, òî èíôîðìàöèÿ î çàðàæåííîì ôàéëå ïîÿâèòñÿ â îáùåì õðàíèëèùå è îïðåäåëèòü, êàêîå èç óñòðîéñòâ ïîëó÷èëî ýòîò âðåäîíîñíûé ôàéë (êîä), íå ïðåäñòàâèòñÿ âîçìîæíûì. Ïåðåõîäèì ïî ïóòè: Policies > Access Control > Malware & File. Ñîçäàåì íîâóþ ïîëèòèêó, äàåì åé íàçâàíèå. Çàòåì äîáàâëÿåì ïðàâèëî (Add Rule). Çàïîëíèòü ðåêîìåíäóåòñÿ òàê, êàê óêàçàíî íà èçîáðàæåíèè. Ýòî îáùåïðèíÿòîå ïðàâèëî ñ ìàêñèìàëüíîé ñòåïåíüþ çàùèòû. Íàæèìàåì Save. Òåïåðü íàñòðîèì DNS «ëîâóøêó». Objects > Object Management. Îòûñêèâàåì â ëåâîé êîëîíêå Sinkhole. Äàëåå íàæèìàåì Add Sinkhole Çàïîëíÿåì òàáëèöó. Ïðè çàïîëíåíèè îáðàòèòå âíèìàíèå íà òî, ÷òî äàííûå, óêàçàííûå â IPv4/6 íå äîëæíû áûòü â âàøåé ñåòè. Ïîñëå íàñòðîéêè íàæèìàåì Save. Äàëåå ïåðåõîäèì â íàñòðîéêó DNS ïîëèòèêè (Policies > Access Control > DNS). Âûáèðàåì Add DNS Policy, äîáàâëÿåì íàçâàíèå è ñîõðàíÿåì. Íàñ àâòîìàòè÷åñêè ïåðåâîäèò â ýòî ïðàâèëî. Ìû âèäèì, 2 ðàçäåëà (áåëûé è ÷åðíûé ëèñòû. Íàì íåîáõîäèìî ñîçäàòü è íàñòðîèòü ñâî¸ ïðàâèëî. Äëÿ ýòîãî íàæèìàåì Add DNS Rule è ïîÿâëÿåòñÿ íîâîå îêíî. Çàïîëíÿåì åãî êàê íà èçîáðàæåíèè.  íåì ìû äîáàâëÿåì âñå âîçìîæíûå ïðàâèëà, ðåêîìåíäóåìûå êîìïàíèåé Cisco. Âûáèðàåì âñå ôàéëû è íàæèìàåì Add to Rule. È íåïîñðåäñòâåííî çäåñü ìû ìîæåì ïðèìåíèòü ñâîþ DNS «ëîâóøêó». Äëÿ ýòîãî â ïóíêòå Action âûáèðàåì Sinkhole. Íàïðîòèâ îòêðîåòñÿ íîâûé ïóíêò, â êîòîðîì ìû âûáèðàåì íàø DNS «ëîâóøêó». Òåïåðü ìû ñìîæåì âèäåòü, íà êàêîå óñòðîéñòâà ïðèøåë âðåäîíîñíûé ôàéë (êîä). Íà ýòîì ïåðâîíà÷àëüíûå íàñòðîéêè ïðîèçâåäåíû. Äàëåå ïðîèçâîäèòñÿ áîëåå äåòàëüíàÿ íàñòðîéêà èñõîäÿ èç âàøèõ ïîòðåáíîñòåé.