Workflow for Configuring Security Groups

You can configure the Security Groups in Gaia Portal (see Configuring Security Groups in Gaia Portal), or Gaia Clish (see Configuring Security Groups in Gaia Clish).

In addition, see Summary of Configuration Options.

Step

Instructions

Create a new Security Group.

Note - Configure only one of the installed Quantum Maestro Orchestrators. The Quantum Maestro Orchestrators synchronize the configuration automatically with each other.

Best Practice - Configure the First Time Wizard settings in the new Security Group.

Assign the applicable Security Appliances to the Security Group.

Important:

You can assign only Security Appliances of the same model to the same Security Group.
Security Appliances assigned to the Security Group automatically reboot after you apply the configuration.

Best Practice for Dual Site - Assign the same number (as possible) of Security Appliances from each site to the Security Group. If a failover occurs between the sites, Security Appliances on the new Active site must be able to process all the traffic.

Assign the applicable Quantum Maestro Orchestrator ports to the Security Group (Uplink ports and a Management interface).

Verify and apply the configuration.

If you did not configure the First Time Wizard settings when you created a Security Group, you must run the Gaia First Time Configuration Wizard on every Security Appliance in the Security Group.

With a web browser, connect to the Gaia Portal of the Security Group:

https://<IP Address of Security Group>

Important - This connection goes through the Quantum Maestro Orchestrator's management interface you assigned to this Security Group.

The Gaia First Time Configuration Wizard starts.

Follow the instructions on the screen.