Backing up the database is the actual dimension data -- that's what you'll want to back up in the case of an issue. The VM itself can just be redeployed using the template you can download from our website.
If you'd like another way, completely shut down the VM for a short time, you can snapshot the VM in HyperV. Trying to snapshot the VM while it's running usually makes the image created unusable.
You got the wrong info.
You can set up all 4 client VPN types in XTM, and can have users accessing the firewall using the one that suits them best.
You could potentially have various users accessing the firewall using each of them.
I regularly access my firewall using IPSec, SSLVPN or IKEv2.
There is not...I have been wanting that for awhile. No luck
You can change the trusted interface IP address and the DHCP IP addr info using the Web UI (or WSM Policy Manager).
Once you change the IP addr with the Web UI, you will need to log in again using the new IP addr of the trusted interface of the firewall - 10.50.1.1
No. But you do need a Feature Key for your firewall when using Policy Manager.
You can download the Feature Key from the firewall site using Policy Manager: Setup -> Feature Keys -> Download
Did you connect to your firewall using WSM Policy Manager?
File -> Open -> Firebox
If so, Policy Manager should end up with the Feature Key from your firewall, then you can upload the modified config back to the firewall.
Best to open a support incident on this.
I'm not sure what SNMP queries/responses are possible to the passive member of a cluster.
Look at the destinations in FSM traffic monitor. You don't specify what OS your computers have, but any Windows computer and likely Macs will be using 443 to get their updates. Same for AV software.
Analyze before you block! This traffic could all be legitimate...or not. That is for you to determine by looking up the domains of the IP address you have seen.
There are various software programs that you can install on a PC to see what is going on.
. Look at GlassWire, which will tell you what program is allowing outgoing access, amoung other things.
. There are many software firewall programs which also can do the same.
. netstat -b, run in a CMD box with administrator privileges, will show you the current programs which have open outgoing ports
. you can run packet capture programs, such as Wireshark, which can show you the IP addrs to which HTTPS (TCP port 443) packets are sent, but they will not show the program(s) which cause this traffic
Yes you can.