AWN203 Sensor Mirroring Deployment

Deployment Guide

Overview

This guide describes how to deploy the AWN203 Sensor with mirroring. This figure shows a simplified network map of a mirror deployment:

In the box

These items are in the box:

Before you begin

Before you install your sensor:

Note: If your firewall performs SSL/TLS inspection, AllowList the sensor management IP address and verify that your firewall allows outbound access from that IP address over port 443 to the IP addresses listed under If you are a Managed Detection and Response (MDR) customer on the Arctic Wolf IP Addresses page in the Arctic Wolf Portal.

This figure shows the sensor ports used in this installation procedure:

AWN203 Sensor

Staging installation

To perform the staging installation:

  1. Rack the sensor in its final location.

  2. Use an ethernet cable to connect the Management Port, as pictured above, on the sensor to a network switch with an outbound connection.

  3. Plug in and power on the sensor.

    Tip: The system health and ID indicator turns solid blue when the sensor is on.

  4. Ping the maintenance IP address that you provided to Arctic Wolf.

  5. Email security@arcticwolf.com if you cannot perform step 3 or 4 successfully.

Production installation

To deploy AWN203 sensor with mirroring:

  1. Use an ethernet cable to connect a 1Gb mirror port on the sensor to the mirror port on your switch.

  2. Contact security@arcticwolf.com to confirm that Arctic Wolf is seeing your network traffic.