FMOS Initial Configuration Wizard

The most important settings can be set using the FMOS Initial Configuration Wizard, or “configwiz,” when FMOS is first installed on a machine.

Before you begin, please make sure that you can provide the required information.

Required Information

  • The host name of the device, including domain name
  • The interfaces that should be active
  • The static IP address and netmask for the primary network interface
  • Wanted password for the FireMon administrator role

Recommended Information

  • Default gateway IP address
  • DNS server IP address
  • NTP server IP address (Strongly recommended to ensure date/time accuracy and communication continuity among Security Manager components and devices)
  • SMTP server address and the email address of a user who should receive server alerts

If not configured during initial installation, these settings can be configured using the FMOS Control Panel after installation.

To run the initial configuration wizard, complete the following steps.

  1. At Welcome to FMOS, press Enter.

  2. Review FireMon's Copyright Notice,End User License Agreement, and Open Source Licenses. Press the right arrow to select I Agree and then press Enter.

  3. In the FireMon FMOS Configuration Wizard, complete the following steps, and then select OK and press Enter.

    1. For Host Name, enter a host name. For example, sm9test. The host name is the single-label name of the server. It can contain only letters, numerals, and hyphens. It is not typically case-sensitive, but the entered value will be used as-is. The host name should not be longer than 15 characters.

    2. For Domain Name, enter your domain. The domain name is the name of the DNS domain to which the server belongs. In many cases, this will match the DNS name of an Active Directory domain.

      Together, the host name and domain name, when combined with a “dot” (.) character, form the host’s fully-qualified domain name (FQDN). It is extremely important that the FQDN resolve correctly using DNS, and that the listed address matches the primary IP address of the server. The FQDN is used for certificate verification, cluster communication, and several other important network functions.

    3. For Network Adapters, select Configure to set network adapter settings.

    4. Select a Network Time option. Use Time Server Provided by DHCP is recommended.

      • If you selected Use Specific Time Servers, they will be listed in the Time Servers field.

    5. Select OK and press Enter.
  4. Enter organization identification information, and then select OK and press Enter.

  5. Create a local administrative user for normal access to the system, and select OK and press Enter.

Use your command line interface (CLI) user name. For the password, choose a strong password of at least 8 characters, containing at least one lowercase letter, one uppercase letter, one number, and one symbol.

  1. Optional. To configure how the server will send email messages, complete the following:

    • In Alert Recipient, enter one or more recipient addresses, separated by spaces, in Alert Recipient.

    • Select a Delivery method.
    • Set any Relay Host information.
    • Select OK and press Enter.

  2. In the server deployment page, select a server deployment option, and select OK and press Enter.

    1. Single-Server Deployment: will configure the machine as a single-server (or all-in-one) deployment.

      You should select Single-Server Deployment even if you have additional data collectors to add. Please refer to the Configure a Single Server with Multiple Data Collectors topic.

    2. Existing Deployment: will not add roles to the machine. This option is used for machines in a multi-server deployment, except the primary database machine, or if you already have a Security Manager deployment in your system, and plan on using this installation as an additional data collector or application server. This selection is common for MSSPs that have multiple application server deployments.

    3. New Deployment: will configure the machine for a distributed deployment, with the CA, DB, ES and AS roles. If this is the first server in a new multi-server deployment of Security Manager. It will provide the database and application server, unless Database Only is selected.

      Be sure to select New Deployment for ONLY the first server in a new deployment, and select Existing Deployment for all other servers.

    4. New Deployment (Database Only): will configure the machine for a fully distributed deployment, with the CA, DB and ES roles.

    The system configuration confirmation screen opens.

  3. Review the settings, scroll to the bottom of the screen to select Finish and press Enter.

To continue configuring a distributed deployment, please refer to the Configure a Distributed Deployment topic.

To continue configuring a High Availability distributed deployment, please refer to the Configure an HA Deployment topic.