Scribd Logo
Upload

Welcome to Scribd!

  • Swat 4.3.1 General

    Uploaded by

    Oren Halevi
    10 views12 pages

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    10 views12 pages

    Swat 4.3.1 General

    Uploaded by

    Oren Halevi

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 12

    SWAT

    4.3.1

    :
    :

    - "
    SWAT 4.3.1 GENERAL.doc

    11 :

    SWAT
    .

    SWAT NAC

    MAC ADDRESS/ IP

    SWAT .

    WEB

    POLICY POLICIES :

    )1

    IP VLAN

    )1

    )3

    )4

    POLICY

    )5

    1,2c,3 :SNMP

    SWAT 4.0.1 . :
    )1

    1 MAC ADDRESS

    )1

    3 IP

    Compliance management

    )1

    :
    )

    "

    MAC Vendor

    SNMP SysObjectId

    Policy TYPE

    Compliance : WMI
    )1

    SERVICE .

    )1

    DISK SPACE
    1

    11 :

    )3

    FREE DISK SPACE

    )4

    PROCESS

    )5

    REGISTRY KEY

    )6

    DOMAIN

    )7

    )8

    )9

    )11
    .

    WMI DB

    Compliance
    )1

    )1

    Telnet

    Welcome note/Banner

    PROMPT

    HTTP

    )
    )3

    HTTP Parsing WEB

    TCP

    TCP GRABBING


    )1

    Dynamic VLAN VLAN

    )1

    SWAT :
    )

    SIEM SOC

    Anti Virus

    )3

    EXIST

    )4

    Inventory

    )5

    API web \

    )6

    event log

    :NMAP
    )1

    IP

    11 :

    )1

    finger print

    )3

    :
    )1

    VLAN Remediation

    )1

    )3

    SMS

    TRAP

    SYSLOG

    :IP PHONE
    )1

    Voice VLANs Data VLANs .

    )1

    Voice VLAN .Data VLAN

    )3

    Voice VLANs .Data VLANs

    )4

    VLANS Voice - Data -.

    API Web Services.

    11 :


    )1

    COMPLIANCE

    :IP

    11 :

    : POLICIES

    : CONDITIONS
    6

    11 :

    :
    )1

    TRAPS

    11 :

    :
    )1

    )1

    11 :


    )1

    )1

    COMPLIANCE

    11 :


    )1

    )1

    )3

    )4

    )5

    ADMIN

    OPER

    REPORT

    ACCESS

    POLICIES

    :
    Value

    Remarks

    4 - CPU GHZ 3.1


    8GB memory
    Disk
    50GB

    Section
    Parameter
    HARDWARE
    CPU
    MEMORY
    Available
    Space
    Software

    No UAC
    Windows
    authentication

    Windows 2003/2008

    OS

    IIS 6+7
    3.5

    WEB Server
    DotNet Framework

    SQL 2005/2008
    100GB

    TYPE
    Disk-Size

    SQL
    local or remote

    :
    )1

    SQL

    )
    .


    )1

    READ SNMP/ (WRITE , ,


    11

    11 :

    SSH TELNET , DB )

    )1

    SNMP TRAP SWAT

    )3

    WMI COMPLIANCE

    :SWAT
    )1

    )1

    MAIL

    SNMP

    )3


    ))1

    , '

    ))1

    ))3

    :
    )

    LEARN MODE
    ))1

    CSV

    ))1

    " NETVIEW :
    EYE OF THE STORM

    )4

    ARP

    )5

    )6

    ( ) -

    )7

    :POLICIES
    )

    POLICY
    ))1

    SWAT

    TYPES

    CONDITIONS WMI

    POLICIES

    POLICIES
    11

    11 :

    )8
    .

    POLICIES

    MOVE TO VLAN DISCONNECT

    :Workflow
    )1

    )1

    : , ,

    )3

    , TRAP , SYSLOG

    )4


    ( ADMIN
    ) OPER

    )5

    , ,
    ( )
    )

    )6

    COMPLIANCE ,TRAP ,

    SYSLOG

    )7

    WEB

    )8

    '

    )9

    SYSTEM

    )1

    )1

    )1

    '-' 11:11 8:11

    )1

    )3

    PATCHES
    // /

    11

    11 :

    You might also like