.. _default-settings-appliance: Device Appliance Automatically ------------------------------------------------- When Genian NAC Device is first registered, the administrator must change the appliance configuration for the device registered. If you are in an environment where multiple network sensors are registered, you can specify the initial settings so that the preferences are automatically applied when registering new equipment. #. Go to **System** in top panel #. Go to **System Defaults > Network Appliance** in the left System Management panel .. note:: The above settings are optional and will be the default settings for all additional policy servers.) Configure Appliance Settings '''''''''''''''''''''''''''' #. Go to **System** in top panel #. Find and click **Policy Server IP** in the main System window #. Find and click **Appliance** tab in the main System window Allow Remote Access via SSH ''''''''''''''''''''''''''' 1. Find **Security** section and enter **Approved SSH Source IP** - Individual IP's may be allowed(*e.g. 192.168.1.10*). - Entire Subnets may also be allowed, regardless of individual IP. (*e.g. 192.168.1.0/24*). - Access from all sources may also be permitted (*e.g. 0.0.0.0/0*). .. note:: Be mindful of NAT when accessing an appliance across network segments. The external NAT address must be allowed. 2. Click **Update** Proxy For Windows Updates ''''''''''''''''''''''''' #. Find **Proxy** for **Windows Updates** section and select **On** in drop-down #. Select **Network Group** for Proxy Service to use #. Click **Update** Setup SNMP Agent '''''''''''''''' #. Find **SNMP Agent** section and select **On** in drop-down #. Enter the following: - **Username** - **Authentication Password** (*SHA, minimum length – 8 characters*) - **Privacy Password** for data encryption (*AES, minimum length – 8 characters*) #. Click **Update** Edit Asset Management Thresholds '''''''''''''''''''''''''''''''' #. Find **Asset Management** section #. Enter the following: - **Data Disk Threshold** generates log if Data Disk is over this threshold (*Default is 90*) - **Memory Threshold** generates log if Memory is over this threshold (*Default is 90*) - **CPU Threshold** generates log if CPU is over this threshold (*Default is 95*) #. Click **Update** Edit System Date And Time ''''''''''''''''''''''''' #. Find **Date** and **Time** section #. Select **Country** and closest **City** from drop-downs for **System TimeZone** #. Click **Update** Change Character Set '''''''''''''''''''' #. Find **Miscellaneous** section #. Select **Character Set** from drop-down #. Click **Update** Configure Sensor Log Settings ''''''''''''''''''''''''''''' #. Go to **System** in the top panel #. Select **Network Sensor IP** in the view pane. #. Select the **Appliance** tab in the view pane. Under: **Miscellaneous** Configure: - Default Character Set - Sensor Debug Logging - Log Location - (**Local**, **Policy Server**, **Local & Policy Server**) .. note:: If logging is set to save to the Policy Server, individual log entries will be sent by Syslog over TLS using port 6514. If Syslog over TLS fails, standard syslog on port 514. For Cloud-Managed NAC, **Unique Ports** are used. You can check these port assignments under **System > Service > Port**