Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Look up keyword or section
Like this
1Activity

Table Of Contents

Preface P
Preface
Who Should Use This Guide
Summary of Contents
Related Documentation
More Information
Feedback
IPS-1 Overview
IPS-1 Key Benefits
IPS-1 System Architecture
IPS-1 Deployment
Working in the IPS-1 Management Dashboard
Working in the IPS-1 Management Dashboard
Logging into the IPS-1 Management Server with the IPS-1 Dashboard
To log into the IPS-1 Management Server with the IPS-1 Management Dashboard:
Logging into the IPS-1 Management Server with the IPS-1 Dashboard page22
Navigating the IPS-1 Management Dashboard Windows
Navigating the IPS-1 Management Dashboard Windows
The IPS-1 Management Dashboard Menus
The IPS-1 Management Dashboard Toolbar
Managing the IPS-1 System
Overview
System Messages
Installing Policies
Adding an Alerts Concentrator to the System
Adding an IPS-1 Sensor to the Management Server
User Accounts
User Accounts Overview
Managing User Accounts
User Accounts Overview page35
Managing User Accounts page35
Changing the Password
Unlocking a User Account
Licensing
Viewing License Summary
Overview page38
Viewing License Summary page38
Adding a License
Maintaining Database Size
Space Management Overview
Space Management Overview page41
Configuring Space Management
To configure Space Management:
Reclaiming Database Space
Alerts Concentrator High Availability
Figure2-1 Alerts Concentrator High Availability
Managing the IPS-1 Sensor
Connecting to the IPS-1 Sensor
IPS-1 Sensor Modes
Connecting to the IPS-1 Sensor page47
IPS-1 Sensor Modes page47
Changing the Sensor Mode (Software)
Changing the Sensor Mode (Hardware)
Configuring Other Sensor Definitions
Regular (non-Power) IPS-1 Sensor Configuration
Regular (non-Power) IPS-1 Sensor Configuration page50
IPS-1 Power Sensor Configuration
Shutting Down or Restarting the IPS-1 Sensor
Deleting Backlogged Sensor Data
Resolving IPS-1 Sensor Communications Issues
Introduction page53
Overriding Auto-Negotiation Settings for Power Sensors
Restoring Auto-Negotiation Settings
Starting and Stopping the IPS-1 Servers
Uninstalling the IPS-1 Servers
Viewing System Status Information
System Status in the IPS-1 Management Dashboard
Viewing System Status in the IPS-1 Management Dashboard
System Status in the IPS-1 Management Dashboard page58
Viewing System Status in the IPS-1 Management Dashboard page58
Alerts Concentrator Status Fields
Viewing Sensor History
Viewing the IPS-1 Status Monitor
Managing Attack Detection and Prevention
Updating Attack Signatures
Configuring Automatic Attack Signature Updates
Configuring Automatic Attack Signature Updates page67
Manually Updating Attack Signatures
Avoiding False Positives
Managing Protections
Overview page74
Managing Protection Profiles
Creating a New Profile page75
Managing Similar Profiles page75
Associating an IPS-1 Sensor with a Profile
Configuring Protections
Overview page77
Protection Settings Overview
Protection Settings Overview page79
One-Click Configuration of All Protocols and Protections
Viewing and Copying Comprehensive Protection Settings
Opening Protection Overview
Understanding Protection Overview
Opening Protection Overview page85
Understanding Protection Overview page85
Copying Protection Overview
Exempting Hosts from Inspection or Prevention
Exempting a Host’s Traffic from Inspection
Exempting a Host’s Traffic from Prevention
Exempting a Host’s Traffic from Inspection page87
Exempting a Host’s Traffic from Prevention page87
System-Wide Attack Correlation
Correlators Overview
Correlators Overview page89
Defining Correlators
Defining a Cluster Correlator (Regular or Secondary)
Defining a Cluster Correlator (Regular or Secondary) page90
Defining a Boolean Correlator (Regular or Secondary) page94
Defining a Boolean Correlator (Regular or Secondary)
Defining a Scan Correlator
Firewall-Style Access Control
IPS-1 Firewall GUI
IPS-1 Firewall GUI page104
Policy Settings
Alert Monitoring and Analysis
The Alert Browser and History Browser
The Alert Browser Window
Splitting the Alert Browser Window by Priority
Limiting the Number of Alerts
Changing the Alerts Time Span
Filtering Alerts by Field Values
Applying Filter Values From an Alert
Filtering-In a Single Value in a New Alert Browser Window
Copying and Pasting Filter Settings
Copying Alerts to the Clipboard
Viewing History Browser Snapshots
Opening a History Browser Window from a Timeline
Launching a History Browser page125
Opening a History Browser Window from a Timeline page125
Changing the History Browser Time Frame
Alert Management Tools
Viewing Alert Details
Viewing Alert Details page127
Using Alerts to Modify Protection Settings
Holding an Alert
Marking Alerts as Read
Annotating Alerts
The Timeline Window
Overview page134
Opening the Timeline Window
Creating the Default Timeline Set
Configuring Timelines and Views
Viewing Detailed Alerts from a Timeline Window
Creating Alert Graphs
Creating an Activity Level Graph
Overview page140
Creating an Activity Level Graph page140
Creating Pick Graphs
Creating a Top n Graph
Saving Graphs
Printing a Graph
Customizing Alerts
Configuring Actions
Overview page147
Configuring Actions page147
Applying Actions to Alerts
Changing an Alert’s Displayed Priority
Vulnerability Detection and Defense
Installing Network Vulnerability Data, and Dynamic Shielding
Installing Network Vulnerability Data, and Dynamic Shielding
Viewing Vulnerabilities
Investigating Vulnerabilities with the Distribution Graph
Investigating Vulnerabilities with the Distribution Graph
Distribution Graph Overview
Configuring the Distribution Graph
Distribution Graph Overview page159
Configuring the Distribution Graph page159
Investigation Examples
Viewing Compromise Risk in the Alert Browser
Disabling Vulnerability Correlation
Data Analysis with External Tools
Setting up Reports
Creating an ODBC Data Source
Generating a Report
Report Template List
Integration with Eventia Analyzer
Introduction
Integrating with Eventia Analyzer
Introduction page175
Backup and Migration
Exporting IPS-1 Management Server Data
Exporting Data using the Dashboard
Exporting Data using the Command Line
Migrating Data using the Command Line
Importing IPS-1 Management Server Data
0 of .
Results for:
No results containing your search query
P. 1
CP_R65.1_IPS-1_AdminGuide

CP_R65.1_IPS-1_AdminGuide

Ratings: (0)|Views: 4 |Likes:
Published by Sagar Gupta

More info:

Published by: Sagar Gupta on Oct 20, 2011
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

10/20/2011

pdf

text

original

You're Reading a Free Preview
Pages 4 to 110 are not shown in this preview.
You're Reading a Free Preview
Pages 114 to 116 are not shown in this preview.
You're Reading a Free Preview
Pages 120 to 127 are not shown in this preview.
You're Reading a Free Preview
Pages 131 to 176 are not shown in this preview.
You're Reading a Free Preview
Pages 180 to 186 are not shown in this preview.

You're Reading a Free Preview

Download
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->