3. Prerequisites

3.1. TAP

The main function of the TAP or Test Access Port is to isolate networks. The TAP will passively integrate into a network segment and allow the duplication of the network signal (wired or fiber) on additional ports or links.

TAPs are equipment that is part of the collection network allowing the retrieval of information. Their main goal is to get maximum network visibility and optimize the use of GCap probes.

3.2. Connecting the GCap

A minimum number of three links, of the copper or fiber type, is required to interconnect the equipment of the TRACKWATCH solution to each other and to the network to start detection:

  • An administration interface in order to be able to administer and connect to the WEB interface [HTTP/HTTPS] of the GCenter

  • An administration interface in order to be able to administer and connect to the configuration setup [SSH] of the detection probe GCap

  • A monitoring/capture interface to capture the network at least on the detection probe GCap

The GCap detection probe has an IDRAC interface denoted on the diagram [KVM/IDRAC]GCap, an SSH management interface denoted [GCP1] and a VPN interface denoted [GCP0] used within the framework of the military programming law. In addition, there are capture/monitoring ports receiving streams from the TAPs on the indicated interfaces [MON0], [MON1], [MON2] and [MON3]. The number of capture interfaces on the GCap probe can be adjusted according to the specificities of the product range. Regardless of the range, the equipment has two power supplies.

_images/BranchementGCAP.png

3.3. USB key

A USB key will be plugged into each of the equipment in the GATEWATCHER solution. Note that the root file system (/) as well as the entire system (excluding /boot) and user data storage spaces are encrypted with LUKS (Linux Unified Key Setup).

The encryption key of a GCap or a GCenter is randomly generated during the installation of the machine. This key is necessary to start the equipment.

3.4. GCenter

A GCenter device must be paired with the GCap. Data transits only when the IPsec tunnel is initiated between the two devices.

The GCenter license is a prerequisite, contact your GATEWATCHER business engineer or contact commercials@gatewatcher.com.

3.5. Les comptes utilisateurs

The SETUP, GVIEW or GVIEWADM user accounts are required to access the configuration parameters from an administration station. This access can be done remotely (SSH or IDRAC interface), or directly from the equipment via a screen and a keyboard.