Скачать презентацию
Идет загрузка презентации. Пожалуйста, подождите
Презентация была опубликована 10 лет назад пользователемАлла Непомнящева
1 © 2005, Cisco Systems, Inc. All rights reserved. IPS v Lesson 4 Using IPS Device Manager
2 © 2005, Cisco Systems, Inc. All rights reserved. IPS v Introduction to the IPS Device Manager
3 © 2005 Cisco Systems, Inc. All rights reserved. IPS v IPS Device Manager IDM is a web-based application that enables you to configure, manage, and monitor the sensor. The IDM web server resides on the sensor and can be accessed via your web browser.
4 © 2005 Cisco Systems, Inc. All rights reserved. IPS v IDM Features and Benefits Web-based embedded architecture Task-based GUI Configuration and monitoring Sensor system administration Signature grouping Signature customization Secure communication (TLS and SSL)
5 © 2005 Cisco Systems, Inc. All rights reserved. IPS v TLS and SSL Communications TLS and SSL use a process called handshaking that involves a number of coordinated exchanges between a client and a server. A trusted host certificate is used by the server to verify the identity of a connecting client. A server certificate is used by the server to prove its identity to the client. IDM HTTPS (TLS and SSL) HTTPS Server HTTPS Client IDM
6 © 2005 Cisco Systems, Inc. All rights reserved. IPS v SDEE and RDEP over HTTPS Sensor Configuratio n XML HTTPS RDEP IDM SDEE Event XML HTTPS
7 © 2005 Cisco Systems, Inc. All rights reserved. IPS v IDM System Requirements Supported operating systems for IDM and their corresponding supported browsers: Windows 2000, Windows XP –Internet Explorer 6.0 with Java Plug-In 1.5 –Netscape 7.1 with Java Plug-In 1.5 Sun SPARC Solaris 2.8 or 2.9 –Mozilla 1.7 Red Hat Linux 9.0 or Red Hat Enterprise Linux WS, version 3 running GNOME or KDE –Mozilla 1.7
8 © 2005, Cisco Systems, Inc. All rights reserved. IPS v Getting Started with the IDM
9 © 2005 Cisco Systems, Inc. All rights reserved. IPS v Logging In to the IDM
10 © 2005 Cisco Systems, Inc. All rights reserved. IPS v Trusting the Sensor
11 © 2005 Cisco Systems, Inc. All rights reserved. IPS v Trusting Cisco
12 © 2005 Cisco Systems, Inc. All rights reserved. IPS v License Key Warning
13 © 2005 Cisco Systems, Inc. All rights reserved. IPS v IDM User Interface ForwardBackRefresh Help
14 © 2005 Cisco Systems, Inc. All rights reserved. IPS v Online IDM Help
15 © 2005 Cisco Systems, Inc. All rights reserved. IPS v Configuring Network Settings Hostname Remote Access Default Route Network Mask IP Address Reset Web Server Settings Configuration Network Sensor Setup
16 © 2005, Cisco Systems, Inc. All rights reserved. IPS v Configuring Certificates
17 © 2005 Cisco Systems, Inc. All rights reserved. IPS v Server Certificate Generate Certificate Server Certificate Configuration Certificates Sensor Setup
18 © 2005 Cisco Systems, Inc. All rights reserved. IPS v Trusted Hosts D Add IP Address
19 © 2005 Cisco Systems, Inc. All rights reserved. IPS v Trusted Hosts (Cont.) View Delete
20 © 2005, Cisco Systems, Inc. All rights reserved. IPS v Configuring SSH
21 © 2005 Cisco Systems, Inc. All rights reserved. IPS v SSH Communications The clients key (SSH authorized key) enables the client to connect without password authentication. The servers key (SSH host key) is used by the sensor to prove its identity to the client. CLI SSH Client SSH Server
22 © 2005 Cisco Systems, Inc. All rights reserved. IPS v SSH Authorized Keys Authorized Keys Add Sensor Setup Configuration SSH
23 © 2005 Cisco Systems, Inc. All rights reserved. IPS v SSH Authorized Keys (Cont.) ID Modulus Length Public Exponent Public Modulus
24 © 2005 Cisco Systems, Inc. All rights reserved. IPS v SSH Authorized Keys (Cont.) Edit Delete Reset Apply
25 © 2005 Cisco Systems, Inc. All rights reserved. IPS v Sensor SSH Host Key Generate Key Sensor Key
26 © 2005 Cisco Systems, Inc. All rights reserved. IPS v Known Host Keys R Add Known Host Keys
27 © 2005 Cisco Systems, Inc. All rights reserved. IPS v Known Host Keys (Cont.) Retrieve Host Key IP Address
28 © 2005 Cisco Systems, Inc. All rights reserved. IPS v Known Host Keys (Cont.) Modulus Length Public Modulus Public Exponent
29 © 2005 Cisco Systems, Inc. All rights reserved. IPS v Known Host Keys (Cont.) ApplyReset Delete Edit
30 © 2005, Cisco Systems, Inc. All rights reserved. IPS v Rebooting and Shutting Down the Sensor
31 © 2005 Cisco Systems, Inc. All rights reserved. IPS v Rebooting the Sensor Reboot Sensor Configuration
32 © 2005 Cisco Systems, Inc. All rights reserved. IPS v Shutting Down the Sensor Shut Down Sensor Configuration
33 © 2005, Cisco Systems, Inc. All rights reserved. IPS v Viewing Events in IDM
34 © 2005 Cisco Systems, Inc. All rights reserved. IPS v The Events Panel The Events panel enables you to do the following: –Filter event data –View event data You can filter events based on the following: –Type –Time –Both type and time
35 © 2005 Cisco Systems, Inc. All rights reserved. IPS v Configuring the Event Display Monitoring Events View Reset Select the number of rows per page To configure events by type To configure events by time
36 © 2005 Cisco Systems, Inc. All rights reserved. IPS v Viewing the Events Back Next Sig IDEventsEvent IDSensor UTC TimeType# Close Help Details
37 © 2005 Cisco Systems, Inc. All rights reserved. IPS v Viewing Event Details
38 © 2005, Cisco Systems, Inc. All rights reserved. IPS v Summary
39 © 2005 Cisco Systems, Inc. All rights reserved. IPS v Summary The IDM is a web-based Java application that enables you to configure and manage your sensor. The IDM also enables you to view and manage alarm feeds from the sensor. The web server for the IDM resides on the sensor. You can access the web server for the IDM via the Internet Explorer, Netscape, or Mozilla web browsers. By default, TLS provides the security for communications between the sensor and the management system running the IDM.
40 © 2005 Cisco Systems, Inc. All rights reserved. IPS v Summary (Cont.) SSH can be used to securely connect to the sensor CLI. You can use the IDM to configure and manage both TLS certificates and SSH keys. You can use the IDM to reboot the sensor. You can use the IDM to put the sensor in a state in which it is safe to power it off. The IDM enables you to filter the events display by type, time, or both.
Еще похожие презентации в нашем архиве:
© 2024 MyShared Inc.
All rights reserved.