Configure general settings for the NGFW Engine

General settings include high-level properties of the NGFW Engine, and settings for NTP and DNS.

Steps

  1. Browse to NGFW > Properties > General.
  2. Configure the settings, then click Save.
  3. Publish the changes.

Example

Fields marked with an asterisk in the user interface are mandatory.

Table 1. NGFW Engine Properties - General
Option Definition
NTP Server Specifies the NTP Server element that the NGFW Engine uses.
DNS Servers Specifies the DNS Server elements or IP addresses of the DNS servers that the NGFW Engine uses. The NGFW Engine uses the DNS servers in the order that they are listed. If the first DNS server is not available, the NGFW Engine uses the next DNS server in the list.
SSH Server Enabled When selected, SSH access to the command line of the NGFW Engine is enabled. You must separately specify the IP addresses that are allowed to connect to the NGFW Engine using SSH.
Keyboard Layout This option is not yet supported.
Timezone This option is not yet supported.
Main Physical Interface This option is not yet supported.
Diagnostics Select from the following:
  • Authentication — When selected, authentication diagnostic information is included in log data.
  • IPsec — When selected, IPsec VPN diagnostic information is included in log data.
  • Latency Measurements — When selected, information about latency measurements is included in log data.
Log Forwarder This option is not yet supported.
Tester Parameters

When selected, you can configure the global settings for the NGFW Engine tester.

  • Alert IntervalSpecify the time in minutes the NGFW Engine waits before sending a new alert when the same test keeps failing repeatedly. The default value is 60 minutes. If the interval is too short, the alerts can overload the system or the alert recipient.
  • Delay After Boot — The time in seconds that the NGFW Engine waits before it resumes running the tests after it starts up. The default is 30 seconds.
  • Delay After Reconfiguration — The time in seconds that the NGFW Engine waits before it resumes running the tests after a configuration change. The default is 5 seconds.
  • Delay After Status Change — The time in seconds that the NGFW Engine waits before it resumes running the tests after the status of the NGFW Engine changes. The default is 5 seconds.
  • Is Auto RecoveryWhen selected, the NGFW Engine automatically goes back online when a previously failed test completes successfully. Run the test in both online and offline states if you activate this option.
  • Is Boot RecoveryWhen selected, the NGFW Engine automatically goes back online after restarting if all offline tests report a success.
Tests Shows the configured NGFW Engine tests. To add a row to the list, click .
Health Responders Shows the configured health responders that respond to Amazon Route 53 health checkers.
Note: You must configure health checkers in AWS before you configure the settings in the NGFW Manager.
Adds a health responder of the selected type:
  • TCP
  • HTTP

Select the same protocol that is configured in AWS.
Listen on IP Addresses

Enter or select the IP address of the health checkers that the NGFW Engine responds to. Entering 0.0.0.0 as the IP address means that the NGFW Engine responds to all health checkers.
Port

Enter the port number used for communication with the health checkers. Enter the same port that is configured in AWS.
Configuration Version This option is not yet supported.