PacketViper Post Configuration Tips
If I change the IP address of PV, Do I need to re-validate license?
It's ok to use with a different IP. The key is registered to a unique host identifier, not the IP.Save
After you install your PacketViper follow this checklist
1. CHANGE PASSWORD: Admin Password is Changed: GO TO SETUP -> USERS
2. DNS RECORDS (Optional): Make sure your hostname and your DNS records are properly set: You should creative a A record within your DNS which points back to your PacketVIper. Once you have the record created, do this; GO TO SETUP -> NETWORK INTERFACES -> UPDATE NETWORK SETTINGS. Change the hostname to match your record. example "mypv.mydomain.com"
3. UPDATE SCHEDULE: Set your Update Schedule: PacketViper receives updates each evening. Setup the schedule which best fits your environment. GO TO SETUP - > SYSTEM -> configure the UPDATE SCHEDULE area.
4. TRAFFIC CONTROL: Configure Traffic Control to your PacketViper: You should configure how traffic to your PacketViper is handled. Such as pings, Multicast, Private Addresses, etc. You can do this in the; GO TO SETUP -> TRAFFIC CONTROL. Place check marks next to which is most concerning to you.
5. MAIL SERVER: Set your mail server or alert email for log in notifications: PacketViper allows you to use a relay mail server or you may use it's own. You should configure the sending address and an email address of the group or person which needs to be alerted if any logins occur. GO TO SETUP -> ALERTS
6. NIC TRUST: NIC Security/Trust Management Port: Once you have your PV in place be sure to trust your management port. If you do not you will see lots of unnecessary UDP traffic and may cause confusion. It's real simple to do. GO TO SETUP--> SECURITY--> TRUSTED NIC PORTS, and place a check mark next to your management NIC. This will stop showing the management port traffic in your real time logs
7. DNS CUSTOM RULE: Add DNS outbound/Inbound to custom rules: Once you start filtering countries and GNL(s) you do not want to impede DNS operations, you should make sure that DNS operations are fully functional by adding a custom rule. We recommend that you add a rule with a priority of 0, SRC could be the IP where DNS requests will be coming from your network, and the DST could be where you are sending them too if you are using forwarders, or you can leave this blank, select UDP Protocol and Port 53. Place a useful description, and save the rule. It could look like this
Description: DNS Operations
On PacketViper GO TO TRAFFIC CONTROL -- > CUSTOM RULES --> ADD RULE
8: Setup triggers: You should now consider a basic set of triggers to alert you on specific traffic patterns. Here is an example from the "Setup Triggers" thread on this board.
SMTP - Create triggers which looks for SMTP connections to your mail server which when an IP exceeds 30 or more connections within 30 Sec's. Create the trigger to alert you only at first, then once you get a good understand what shouldn't be happening at your mail server, tweak the number to fit, then add an auto block rule.
MOST IMPORTANT: BACK UP YOUR SYSTEM: Once you have configured your system, you should make a backup. GO TO SETUP -> SYSTEM - BACKUP AND RESTORE
Once PacketViper is installed and configured, Go to SETUP - > SCHEDULE TASKS and create a back-up schedule to automatically back-up your configuration periodically.