Initial configuration and deployment of the Bandura Cyber ThreatBlockr will be performed utilizing the Bandura Cyber ThreatBlockr’s easy-to-use, intuitive, graphical user interface. Once the ThreatBlockr is initially configured and deployed, the cloud-based Global Management Center (GMC) will be used by organizations to interface, configure, and manage the Bandura Cyber ThreatBlockr platform. Additionally, Bandura Cyber offers a powerful suite of APIs for those organizations seeking more flexibility and control. For more information, see the Global Management Center (GMC) User Manual.
We suggest that prior to configuring your Bandura Cyber ThreatBlockr, that this manual is reviewed in its entirety, and that the security policies specific to your organization are considered.
YOUR BANDURA CYBER THREATBLOCKR ARRIVES WITH AN ‘ALLOW ALL’ POLICY CONFIGURATION
The Bandura Cyber ThreatBlockr provides several ports on the back of the device labelled according to the device type.
For initial configuration, locate the port labeled “Admin”, this port will be used to administer the Bandura Cyber ThreatBlockr. Note that the “Admin” port will also be used once deployed, to receive continued update information from the Bandura Cyber cloud-based Actionable Threat intelligence (ATI) servers.
Once your appliance is powered on, connect an ethernet cable to both the “Admin” port of the Bandura Cyber ThreatBlockr, and to a switch inside your local network. Connect the computer that you will be performing initial configuration to the same switch.
Configuring the Admin Interface to Access the Web UI
Via Command Line Interface (Recommended)
See instructions for connecting to the command line interface at the following page: https://helpdesk.banduracyber.com/hc/en-us/articles/360056104071-Connecting-to-the-Console
Once connected and logged in to the CLI:
- Select option 1 for Network Menu
- Select option 2 to Change admin interface settings
- Select option 1 to Configure with DHCP
- Select option 2 to Configure with static IP
Once the admin interface settings have been updated, you should be able to access the web UI from a browser located on the same subnet.
Initial Login to the ThreatBlockr Web UI
In the address bar of your browser, using https, enter the IP address assigned to the admin interface (e.g. https://192.168.1.199)
You should be directed to the Bandura Cyber ThreatBlockr login screen. The default credentials are:
- Username: admin
- Password: admin
Changing Your Password
Click on the profile icon in the top right corner and select Your Profile. Enter a new password and enter it again to confirm. Click Save to submit your changes.
By default, a new Bandura Cyber ThreatBlockr requires passwords to be at least eight characters in length. New passwords must also contain at least three character groups, or classes of characters.
There are four character groups:
- Upper case characters: A-Z
- Lower case characters: a-b
- Numbers: 0-9
- Symbols, such as: !@#$%^_
According to the default security settings on the Bandura Cyber ThreatBlockr, these are valid passwords:
- Ar43P5df (eight characters and three groups)
- 3RTy_22e8 (nine characters and four groups)
These are not valid passwords:
- A4_e (only four characters)
- REVLPQWDSG (only one character group)
Complete Configuration of the Admin Interface
For the ThreatBlockr device to access the internet, you will need to configure the DNS server address. To do this, navigate to the Network > Admin Interface page, then select the DNS tab and follow the prompts to add the DNS servers information specific to your network. You can add up to 3 DNS servers.
Setting the Date & Time
Navigate to Settings > Date & Time
We recommend using an NTP server so that the clock on your ThreatBlockr device is properly synchronized.
Configure clock synchronization on your ThreatBlockr by selecting “NTP Servers” and selecting the icon. Follow the prompts in the pop-up window to configure your NTP Server.
If you don't have your own NTP server, we recommend using a public NTP such as time.google.com or pool.ntp.org (for your region).
Confirming the ThreatBlockr Configuration
While there are many other configuration options, the steps outlined here are the minimum necessary to get your device connected, and ready to filter traffic.
To confirm that your device is correctly configured and connecting to the internet, navigate to https://gmc.banduracyber.com/assets. From here, you should see your newly configured ThreatBlockr appliance with a recent last connection time. The connection from the appliance to the GMC is refreshed once per minute.
If you have followed these steps, and your ThreatBlockr device is still unable to connect to the internet, here are some common causes:
- Your firewall is filtering the connection to the Bandura sites necessary for the service.
- Allow through the our following domains and/or IPs: https://helpdesk.banduracyber.com/hc/en-us/articles/360057222631
- The date & time on the device are skewed.
- Navigate to Logging > Internal Logs > System. Check the time stamp for the latest logs and validate that the date & time are correct.
- Try using a public NTP server such as time.google.com or pool.ntp.org
- The DNS server does not respond.
- Try using a public DNS server such as Google's 22.214.171.124 or Cloudflare's 126.96.36.199
Still having issues? Contact us at email@example.com.