Related Topics
Get Started with WatchGuard Dimension
WatchGuard Dimension™ integrates with your Fireboxes and WatchGuard servers to provide a flexible, cloud-ready logging, reporting, and management solution. From Dimension, you can manage your Fireboxes, review the log messages for all your connected Fireboxes and WatchGuard servers, and schedule, view, and run reports from the log messages collected by Dimension.
If you plan to deploy your instance of Dimension behind a Firebox, you must make sure the configuration settings on the Firebox are correct. For more information, see Deploy Dimension Behind a Firebox.
Before you begin the process to install Dimension, make sure to read the Determine System Memory Allocation section in the Install WatchGuard Dimension topic. This section includes important information about how to determine the correct size settings for your instance of Dimension.
To get started with WatchGuard Dimension, you must complete these steps:
You can install WatchGuard Dimension in a VMWare or in a Hyper-V environment, on a virtual machine with a 64-bit OS. Dimension is distributed as an .OVA file for installation on VMWare ESXi 5.x and as a .VHD file for installation on Hyper-V.
Before you install Dimension, see Install WatchGuard Dimension and read the Determine System Memory Allocation section.
For installation instructions for VMware and Hyper-V, see:
After you install and start the WatchGuard Dimension VM, connect to Dimension and run the WatchGuard Dimension Setup Wizard to configure the initial settings for Dimension.
Before you start the wizard, make sure you have this information for your Dimension system, which you will add as you run the Setup Wizard:
- Host name
- IPv4 address and settings for the Eth0 interface
- Administrator passphrase
- Logging Authentication Key Tip!The allowed range for the logging Authentication Key is 8–32 characters. You can use all characters except spaces and slashes (/ or \).
- (Optional) External log database location
- (Optional) Public FQDNs or IP addresses
To start the wizard:
- Open a web browser and type https://<IP address of Dimension>.
The WatchGuard Dimension login page appears. - In the User Name text box, type admin.
- In the Passphrase text box, type readwrite.
- Click Log In.
The WatchGuard Dimension Setup Wizard appears.
After you start the Setup Wizard, make sure you do not power off your Dimension system before the wizard completes.
To add your Fireboxes to Dimension for management:
- Log in to Dimension.
The Devices page appears. - Click Add.
The Add Managed Device wizard appears. - Complete the wizard and download the management settings file (.WGD file) for your Firebox.
- Log in to Fireware Web UI for the Firebox.
- Select System > Managed Device.
The Managed Device page appears. - Select the Enable Centralized Management check box.
- From the Manage Device with drop-down list, select Dimension Command.
- Import the .WGD file to the Firebox.
After you import the .WGD file to the Firebox, Dimension establishes a management connection to your Firebox.
For more information about how to add your Fireboxes to Dimension, see Add a Firebox to Dimension for Management.
To configure your Fireboxes to send log messages to Dimension:
- Connect to your Firebox with Fireware Web UI or Policy Manager.
- In the Web UI, select System > Logging.
In Policy Manager, select Setup > Logging.
The logging settings appear. - Add the IP address for this instance of Dimension, and the Log Server Authentication Key you specified in the Setup Wizard, to the WatchGuard Log Server list.
- Make sure the Dimension IP address is the first address in the list.
For more information about how to configure your Fireboxes to send log messages to Dimension, see:
- Fireware Web UI — Send Log Messages to a WatchGuard Log Server
- Policy Manager — Define Where the Device Sends Log Messages (WSM), Add a Log Server, and Set Log Server Priority
After you configure your Firebox to send log messages to Dimension, you must enable logging in your policies to generate log messages from your Firebox. If your Firebox runs Fireware OS v11.10.5 or higher, for a packet filter policy that allows traffic, you must select two options to generate log messages that appear in Traffic Monitor and log messages that are used to generate reports.
From Fireware Web UI:
- Add or edit a policy.
- On the Settings tab, select the Send log messages check box.
- For a packet filter policy that allows traffic, to generate a log message that is used for reports, select the Send a log message for reports check box.
- Click Save.
For more information, see Configure Logging and Notification for a Policy.
From Policy Manager:
- Add or edit a policy.
- Select the Properties tab.
- Click Logging.
- Select the Send log messages check box.
- For a packet filter policy that allows traffic, to generate a log message that is used for reports, select the Send a log message for reports (Fireware OS v11.10.5 or higher) check box.
- Save the configuration file to the Firebox.
For more information, see Configure Logging and Notification for a Policy.
You must independently configure each WatchGuard server to send log messages to Dimension.
- Open WatchGuard Server Center on the computer where you installed the WatchGuard server.
- From the Servers tree, select the server.
- Select the Logging tab.
- Select the Send log messages to WatchGuard Log Server(s) check box.
- Add the IP address for this instance of Dimension and the Log Server Authentication Key you specified in the Setup Wizard, to the WatchGuard Log Server list.
- Make sure the Dimension IP address is the first address in the list.
For more information, see Configure Logging Settings for Your WatchGuard Servers.
After you have installed Dimension and enabled your Fireboxes and WatchGuard servers to send log messages to Dimension, you can view the log messages in Dimension. You can also view the reports that Dimension automatically generates from the log messages, or schedule reports to send as a .PDF to a specific location.
For more information, see these topics: