AVG Managed Workplace Integration Guide

Deployment Overview

AVG Managed Workplace® is a web-based, unified dashboard that provides access to a simplified and centrally planned service delivery platform.

This document describes how to use AVG Managed Workplace to discover and monitor a WatchGuard Firebox through SNMP.

Platform and Software

The hardware and software used to complete the steps outlined in this document include:

  • Firebox or WatchGuard XTM device installed with Fireware v12.3.
  • AVG Managed Workplace 11.4.1.97088.
  • Onsite Manager downloaded from AVG Managed Workplace and installed on Microsoft Windows 10 Enterprise.

Test Topology

This diagram shows the test topology for this integration.

Set Up the Firebox

You must configure the SNMP settings on the WatchGuard Firebox before you use AVG Managed Workplace to discover it.

  1. Log in to Fireware Web UI (https://<your firebox IP address>:8080).
  2. From the navigation menu, select System > SNMP.
  3. In the User Name text box, type WatchGuard.
  4. From the Version drop-down list, select v3.
  5. From the Authentication Protocol drop-down list, select SHA1.
  6. In the Password and Confirm text boxes, type the encryption password.
  7. From the Privacy Protocol drop-down list, select DES.
  8. In the Password and Confirm text boxes, type the encryption password.

Screen shot of the SNMP Settings dialog box

  1. Click Save.
  2. Select Firewall > Firewall Policies.
  3. Click Add Policy.
  4. From the Packet Filter drop-down list, select SNMP.
  5. Click Add Policy.

  1. Add an SNMP packet filter policy for traffic from Any-Trusted to Firebox.
    If you connect to an optional interface, specify Any-Optional instead of Any-Trusted.

  1. Use the default settings for the other options.
  2. Click Save.

Set Up AVG Managed Workplace

Create a Site

  1. Log in to AVG Managed Workplace.

Screenshot of the AVG Welcome to Service Center dialog box

  1. From the navigation menu, select Site Management > Create Site.
  2. Type the Site Name. In our example, the site name is WatchGuardECO
  3. Select Apply a single Service Plan to all devices in this Site. Click Next.

  1. From the Service Plan Applications drop-down list, select Reactive.Click Next.

  1. Select Typical Deployment (Recommended). Click Next.

  1. Click Create.

Screenshot of AVG Business Site Management, Typical Deployment, step 4 dialog box

  1. Download the Onsite Manager. Click Finish.

Screenshot of AVG Business Site Management, Typical Deployment, Create Site Step 5 dialog box

Install Onsite Manager

Install Onsite Manager on the computer you want to use to discover other devices.

Configure SNMPv3 Settings

  1. From the navigation menu, select Site Management > Sites.
  2. Click the site name. In our example, the site name is WatchGuardECO.

Screenshot of AVG Business Site Management, Sites dialog box

  1. Select the Credentials tab.
  2. Click Add.
  3. From the Credential Type drop-down list, select SNMPv3.
  4. In the User Name text box, type WatchGuard.
  5. From the Authentication Protocol drop-down list, select SHA.
  6. In the Authentication and Confirm Password text boxes, type the encryption password.
  7. From the Privacy Protocol drop-down list, select DES.
  8. In the Privacy and Confirm Password text boxes, type the encryption password.
  9. Click Save.
    The new SNMPv3 credential appears on the Credential Sets page.

Screenshot of AVG Business Site Management, Create Credential Set dialog box

Screenshot of AVG Business Site Management, Create Credential Sets Add dialog box

Add a New OID

  1. From the navigation menu, select Configuration > System Settings.
  2. Select the Network Objects tab.
  3. In the SNMP OIDs section, click Add.

Screenshot of AVG Business Site Management, Configuration tab, Add dialog box

  1. In the Object Name text box, type XTM Device Version.
  2. In the OID text box, type 1.3.6.1.4.1.3097.6.3.1.0.
  3. From the Type drop-down list, select Text. Click OK.

Screenshot of AVG Business Site Management, Configuration tab, Add SNMP OID dialog box

  1. In the SNMP OIDs list, confirm the XTM Device Version OID exists.

Screenshot of AVG Business Site Management, Configuration tab, Add dialog box

Test the Integration

  1. From the navigation menu, select Site Management > Sites.
  2. Click the site name. In our example, the site name is WatchGuardECO.

Screenshot of AVG Business Site Management, Sites dialog box

  1. Select the Network Discovery tab.
  2. Click Modify to modify the Scan Settings.
  3. Click Add.
  4. In the Scan Settings page, type the IP subnet (your target device IP subnet).

Screenshot of AVG Business Site Management, Network Discovery, Scan Now dialog box

  1. Click Save to add the Scan Settings.
  2. Click Save to save the settings.
  3. Click Scan Now.

Screenshot of AVG Business Site Management, Network Discovery, Scan Now dialog box

  1. When the scan is complete, from the navigation menu, select Status > Devices.
    The discovered Firebox appears in the Displaying section.

Screenshot of AVG Business Site Management, Status, Devices dialog box

  1. Click the device name WatchGuard-XTM.
    Basic information about the WatchGuard device appears.

Screenshot of AVG Business Site Management, Status, Devices dialog box

  1. Select Monitors under Management.
  2. Click Add Monitor.
  3. From the drop-down list, select SNMP. Click Add Monitor.

Screenshot of AVG Business Site Management, Status, Devices, Monitor Add dialog box

  1. In the Title text box, type XTM Device Version.
  2. Select the Enabled check box.
  3. For SNMP Counter Selection, select Existing SNMP OID.
  4. From the Object Name drop-down list, select XTM Device Version. This is the OID that you added previously.
  5. From the Polling Interval drop-down list, select 2 minute.
  6. From the Schedule drop-down list, select Run Always.
  7. Click Save.

Screenshot of AVG Business Site Management, Monitors, Add New SNMP Monitor dialog box

  1. Repeat steps 11–20 to add two additional monitors. Add a monitor titled XTM Device Model with the Object Name sysDescr.0 and a monitor titled XTM Device Name with the Object Name sysName.0.
    The added monitors appear in the Monitors section.

Screenshot of AVG Business Monitoring Rule dialog box

Screenshot of AVG Business Monitoring Rule dialog box

Screenshot of AVG Business Monitors Summary dialog box

  1. Wait several minutes. From the Monitoring menu, select SNMP.
    The SNMP Monitor values appears.

Screenshot of AVG Business, Monitoring, SNMP Text OID Values, dialog box

Appendix

About SNMP OIDs and MIBs

SNMP queries are typically formatted as a numeric expression. This is referred to as an Object Identifier (OID). An OID is a numeric reference to a unique object or piece of data.

A Management Information Base (MIB) is a database of OIDs that maps object names to a specific OID.

There are two types of MIBs: standard and enterprise. Standard MIBs are definitions of network and hardware events used by many different devices. Enterprise MIBs provide information about events that are specific to a single manufacturer.

The Firebox supports eight standard MIBs: IP-MIB, IF-MIB, TCP-MIB, UDP-MIB, SNMPv2-MIB, SNMPv2-SMI, RFC1213-MIB, and RFC1155 SMI-MIB.

For more information about Firebox Enterprise MIBs, see Enterprise MIB File Details.

Find OIDs

To get information through SNMP, you must know the OID of the object. An MIB browser is a good way to see the available MIB and OIDs. There are several free MIB browsers.

As an example, these steps describe how to use the iReasoning MIB browser:

  1. Install and open iReasoning.
  2. In the Address text box, type the IP address of your Firebox.
  3. Click Advanced.

  1. To read the MIB information for monitoring, in the Read Community text box, type public.
  2. From the SNMP Version drop-down list, select the SNMP version.
  3. From the Operations drop-down list, select Walk.
    All Firebox MIBs appear in a list.