Registering to the Cloud Central Management Portal
After installing the Sensei package in your system, it is necessary to register the system to Sunny Valley Networks Cloud Central Management Portal so that you can enjoy the central cloud management capability. (For OPNsense, this is optional, since Sensei OPNsense package has an integrated Management UI):
You can either create a new account for the portal or to the portal.
1.1. Sign-up for a new account from the Cloud Central Management Portal if you have not done already.
IMPORTANT NOTE: If you’ve signed up with Google Authentication and did not create a Cloud Portal password, you still need to create a password since Google Authentication is not available during the cloud registration stage. (Cloud Central Management Portal Authentication & Password Management).
Your Cloud Portal authentication credentials are used for registration.
- Run the following command in your system.
senseictl cloud register
This command will prompt you to enter your Cloud Portal username and password:
Figure 1: Registering to the Cloud Central Management Portal
Enter your information here and registration will be completed.
Initial Configuration of A Firewall For the Cloud Central Management Portal
After installing the Sensei packages in your system and registering it to Sunny Valley Networks Cloud Central Management Portal, the initial configuration steps explained below must be completed.
This configuration is necessary to connect your inspection agent to the Cloud Portal so that you can start managing it through the central management interface.
Sign In to the Cloud Central Management Portal.
Figure 2: Cloud Central Management Portal Sign In/Up Page
Click on the tab in the Main Menu of the account dashboard page. This will open the firewall configuration page in a new browser tab.
Figure 3: Accessing the Firewalls Page from Account Dashboard.
To add the firewall to the cloud portal, provide the required information about the node.
Figure 4: Adding a Firewall
First, set a name for the firewall by filling in the “Node name” field.
Reporting database field should be left as SQLite(local) or Elasticsearch (remote). The local Elasticsearch Database is not supported by the systems except Opnsense.
The remote Elasticsearch database does not necessarily need to be outside the system you’re installing the Sensei on; it can be on the same system. “Remote” in this regard means the database is not managed by the Sensei package.
Figure 5: SQLite(local) Selection as Reporting Database
If Elasticsearch is selected as a reporting database, Database URL, Database Username and Database Password fields should be filled in with the values used by your system.
Figure 6: Remote Elasticsearch Selection as Reporting Database
If you only see Passive Mode(Reporting Only) and not seeing Routed Modes enabled in the Deployment mode drop-down menu; then this means that you don’t have the netmap kernel module loaded on your system. Some advanced capabilities like Filtering, QoS, and TLS Inspection are only available with this deployment mode
Figure 7: Deployment Mode Selection
Then, select the interfaces that you want to be protected by the engine.**
Figure 8: Protected Interface(s) Selection
Click on the button at the end of the page. This will send the configuration to the node. If all is well, the following popup message appears at the right bottom corner of the page.
Figure 9: Message indicating that your firewall is successfully added.
By adding a firewall you agree to the Terms of Service and EULA.
After your firewall is added to the cloud portal, you can manage and view it easily from anywhere around the world by signing in to the Sunny Valley Networks Cloud Central Management Portal.
Figure 10: Cloud Central Management Portal Firewall Dashboard