Best Practices for Conductor Configuration

Here are some best practices for configuring your Conductor.

Conductor Initial Setup

Configure these settings when you're setting up your Conductor.

  • Use NTP servers to set System Time – While you can set your system time manually, using NTP (Network Time Protocol) servers ensures your system time stays synchronized with Coordinated Univeral Time (UTC). See Set the Conductor system time.
  • Create a human-readable Conductor URL – You can just keep your Conductor as an IP address, but giving it a human-readable name makes it easier for humans. See Configure a Conductor IP, Friendly URL, or Port.
  • Create separate accounts for each person administering the Conductor - Only use the ‘admin’ account for top-level administration. Creating user accounts for each person who will be administering the Conductor lets you see who is making changes in the system when you review log details. For how to create a user account, see Add a Person.
  • Configure email settings - Configuring your email settings ensures your Conductor has an email address from which to send alerts Airwall and invitations. See Configure Email Settings.
  • Get and Set up a CA Certificate - Setting up a CA Certificate will stop the warnings that your site is unsafe. See Install a Custom CA Certificate Chain.

Deploying Airwall Edge Services

  • Add a DNS SRV record pointing to your Conductor – Adding this record allows easier deployment of physical Airwall Edge Services, as they can find and set the Conductor URL automatically once you connect them to your underlay network. See Connect an Airwall Gateway with a DNS SRV record.
  • Configure WiFi Settings - When you configure WiFi settings on the Conductor, any Airwall Edge Services with WiFi capabilities can retrieve the WiFi settings once they connect to the Conductor. See Configure WiFi Settings.

Managing Airwall Edge Services

  • Create Event Monitors – Create monitors for events to help you manage the activity and health of your Airwall secure network. See Create an Event Monitor.