Driver Support Document
| SYSOID Mapping | ||
| SYSOID | MODEL | OS VERSION |
| SNMP is not supported | Cyberguard FS300 | 5.2.0 |
| N/A | Firewall FS600 | 5.2 |
| N/A | Firewall KS1000 | 6.2 |
| N/A | Firewall KS1500 | 6.2 |
| Driver Features | Access Methods | ||||||||||||||
| (X signifies feature support) | CLI | SNMP | TFTP | CLI+TFTP | SNMP+TFTP | FTP | CLI+FTP | SNMP+FTP | CLI+SFTP | SCP | CLI+SCP | SNMP+SCP | HTTP/HTTPS | ||
| X | Driver Discovery | X | |||||||||||||
| X |
General Access
release notes
(CLI protocols: ssh1, ssh2, console) |
X | |||||||||||||
| Configuration | |||||||||||||||
| X | Retrieve Running Configuration | X | |||||||||||||
| Retrieve Startup Configuration | |||||||||||||||
| Retrieve Binary Configuration | |||||||||||||||
| X | Device information parsing | ||||||||||||||
| X | Enhanced Layer2 Basic IP information parsing | ||||||||||||||
| Configuration Deployment to Running | |||||||||||||||
| Configuration Deployment to Startup | |||||||||||||||
| Binary Configuration Deployment | |||||||||||||||
| Diagnostics | |||||||||||||||
| X | Routing Table | X | |||||||||||||
| OSPF Neighbors | |||||||||||||||
| X | Interfaces | X | |||||||||||||
| Modules and Inventory | |||||||||||||||
| Flash Storage Space | |||||||||||||||
| X | File System | X | |||||||||||||
| X | Uptime | X | |||||||||||||
| X | ICMP Test | X | |||||||||||||
| X | Topology Parsing | X | |||||||||||||
| Duplex Parsing | |||||||||||||||
| Enhanced VLAN Parsing | |||||||||||||||
| Features | |||||||||||||||
| Software Center | |||||||||||||||
| Software Image Synchronization | |||||||||||||||
|
Password Management
|
|||||||||||||||
| Syslog Configuration and Change Detection | |||||||||||||||
| X |
Custom Scripts and Diagnostics
|
X | |||||||||||||
| ACL Parsing | |||||||||||||||
| ACL Provisioning | |||||||||||||||
| VLAN Provisioning | |||||||||||||||
| Configlet Parsing | |||||||||||||||
| QoS Parsing | |||||||||||||||
| VRF Parsing | |||||||||||||||
| Context Management | |||||||||||||||
Instructions for connecting to Cyberguard from NAS:
Cause: Some versions of SSH on the cyberguard [FSecure-SSH 2.0.x] have a bug in their key exchange that breaks ssh communication. There is a known workaround employed by many ssh clients, but the current version of NAS does not include it until its next patch.
Solution: Employ an ssh relay host [referred to as a 'bastion' host]; if the ssh client on the bastion contains the workaround, NAS can communicate with the cyberguard through this relay channel.
Bastion Host Requirements: Windows or Linux server running a recent version of openssh. A non-privileged account's username/password is required. NAS must be able to reach the bastion host via the network, and the bastion must be able to reach the Cyberguard.
Instructions:
- Setup device as normally in NAS w/ user&password and other settings
- Check the "Connect with bastion host" box in the "Edit Device" page
- Enter the hostname/IP of the bastion host, and the username/password of the un-privileged account
- Save device, and connect as with other devices.
Recommended setup: standard Linux box running a recent distribution with openssh packages installed.