Configuration

The administration of TightGate-Pro is menu-driven in German or English. Several access paths are available to log in with an administration role:

  • Access via the console is always possible directly on the server computer for all administration roles.
  • For the administration roles config, maint, update and backuser TightGate-Pro (with the exception of the version TightGate-Pro (CC) Version 1.4 Server) additionally enables a remote connection via SSH.

In all administration menus, individual menu items are selected with the arrow keys (cursor keys) UP and DOWN. Use the arrow keys LEFT and RIGHT to select between <OK> and <Abbruch>. <OK> selects the respective option, <Abbruch> returns to the menu level above.

The key combination ALT+C and the ESC key are synonymous with <Abbruch>. In the main menu, the administration session is closed via the top menu item <End>.

Note: If administrative access from an IP address outside the defined client network is to take place, this must be entered under config > Services > Maintenance and Updates > Remote Administrator IP. With TightGate-Pro (CC) Version 1.4 Server this menu item is called Nagios / Storage IP.

We recommend the freely available program "PuTTY" for the administration of TightGate-Pro. Web-based administration of TightGate-Pro is not possible for security reasons.

TightGate-Pro is configured as administrator config. TightGate-Pro can be configured using the following menus:

Configuration menuDescription
Systembasic settings for computer name, DNS, system languages, time zone, registration, and license.
NetworkSettings for network interfaces and accessible server.
ProxySettings for using uplink proxies for HTTP or FTP as well as web filtering and logging.
System PreferencesSystem-wide settings for user authentication and active services on TightGate-Pro.
User PreferencesDefaults for user profiles for: File lock, menu function, printing, web filtering and audio.
ServicesSettings for malware scanning, maintenance access and other accessible servers.
ClusterConfiguration for the cluster settings in a compound computer system. These settings are made at the factory.
Note: When the cluster system is activated, all menu items that are valid for the entire cluster are marked with (*).

As soon as changes are made in the configuration menus of TightGate-Pro, they must be saved and applied. A configuration change is indicated in red in the header area of the configuration menu. Several configuration changes can be made and then saved and applied together. Saving and applying is done on the main menu level. The following options are available for saving and applying:

ValueDescription
SaveConfiguration file is saved, settings are not yet effective.
Soft Apply*Take over and activate the settings made in the system. Existing connections to TightGate-Viewers and other network resources will not be disconnected if possible.
Hint: In the cluster, the command to Soft Apply is distributed to all nodes and executed automatically after 5 minutes at the latest. If circumstances exist that prevent Soft Apply, this process is not performed until Soft Apply is possible again. For example, if the administrator config is still logged on to the system, Soft Apply is not possible. If Soft Apply can only be executed on some nodes, but not on all nodes, this can lead to unstable system operation! A warning message in the config menu indicates with the hint Apply needed taht an apply is needed.
Full Apply*Take over and activate the settings made in the system. Services are restarted.
Warning: Because services are restarted and network connections are reset, logged-in users may experience interruptions and loss of data. This function should therefore not be triggered during productive operation.
Note: This function is only activated when changes are made in the submenu Network. For all other settings, a Soft Apply is sufficient to accept the settings.

TightGate-Pro (CC) version 1.4 Server is CC-compliant only with CC-compliant configuration settings throughout. In order not to mistakenly operate the system with different and therefore not CC-compliant settings, different settings in the administration menus of TightGate-Pro (CC) Version 1.4 Server are marked conspicuously.

Affected Setting Options

The following administrator setting options config under config > Settings must be retained in the TightGate-Pro (CC) Version 1.4 Server setting to avoid compromising the CC compliance of the overall system:

Setting option Default value Alternative value
File transfer: Allow no yes
Magic URLs. no yes
Allow user shell no yes
Remote administration no yes

Signalling in the administration menus

signalisierung_neu.jpg

Deviations from CC-compliant configuration settings are indicated in the administrator's administration menu config by the message "CC deviation" in the header of the menu screen. The display is in yellow and appears at the same level as the note for saving or applying changes. If updates have been installed, the yellow message "+Updates" appears in the title bar. A further note for the respective menu item compares the deviation with the default. The background of the menu screen changes from blue to yellow for deviations from CC-compliant specifications as long as these deviations persist.

Signalling on the status page

Also on the status page of TightGate-Pro (CC) Version 1.4 Server, which can be called up in the browser of a logged in user using http://localhost, a deviation from the CC-compliant settings is indicated by the message "Deviations from CC, see config!" in the header line of the menu screen. In the interests of maximum signal effect, the display is in yellow and appears in the upper right corner of the status page.