| Home Prev |  NetWall E10 Getting Started Guide
|
Next |
|---|
The NetWall E10 product is able to support the Zero Touch feature in the Clavister InControl management software product. This means that it is possible to power up a brand new NetWall E10, connect it to the Internet, and the NetWall E10 device will automatically register itself with an InControl server. The device can then be remotely brought under centralized InControl management and configured remotely, without any local configuration needing to be done.
However, this feature will only work if the following prerequisites are true:
The version of InControl being used for device management is 2.00.00 or later.
The FQDN or IP address of the management InControl server has been set in the MyClavister account associated with the NetWall E10 device. This is done by logging in to the relevant MyClavister account, selecting Settings and then selecting the Zero Touch tab. Only one InControl server address can be associated with one MyClavister account.
The zero touch feature has been enabled for the license associated with the NetWall E10 device. This in the MyClavister account by selecting Licenses and then enabling the Zero Touch button next to the relevant license. If the zero touch button is grayed out then the feature is not available with that device. There is an option in the previous step to always enable zero touch by default for all new licenses.
The version of cOS Core running on the NetWall E10 must be 12.00.16 or later. This might require an upgrade of the factory installed cOS Core version.
The cOS Core configuration is in its "factory default" state. Following an upgrade to a version that supports zero touch or any configuration change, this will require a manual reset to the default cOS Core configuration. In the Web Interface this is done by going to:
Status > Maintenance > Reset & Restart
And then selecting the following option:
Reset the configuration to current core default
Note that a full hardware reset to factory defaults will undo any cOS Core version upgrade and this should therefore not be done. Also note that any configuration change that is saved after a reset to the default configuration will disable the zero touch feature.
The NetWall E10 can be connected to an ISP or other network that can provide Internet access and that has a DHCP server enabled which can provide a public DNS server address to the device. Note that physical connection to the Internet should be performed only after the device is running a zero touch supporting version of cOS Core with the factory default configuration.
Access is not blocked by surrounding network equipment for TCP traffic on port 998. This traffic is required for the NetWall E10 to communicate with the InControl server. DNS traffic between the NetWall E10 and public DNS servers must also not be blocked.
Internet Connections Must Use a Specific Interfaces for Zero Touch
When the NetWall E10 is running a version of cOS Core that supports the zero touch feature, the initial connection to the Internet for InControl management should be made via the WAN interface for the feature to function.Zero Touch Can Also Simplify Hardware Replacement
In addition to simplifying the addition of a new NetWall E10, the zero touch feature can also simplify hardware replacement of a NetWall E10 with another NetWall E10. When the replacement hardware is connected to the Internet, InControl can automatically install the correct license as well as the correct cOS Core version. In addition, InControl will upload its copy of the cOS Core configuration from the old hardware.A complete description of the zero touch feature and how it functions can be found in the separate InControl Administration Guide in the chapter titled Zero Touch.
