© 2003, Cisco Systems, Inc. All rights reserved. CSIDS 4.0—11-1 Chapter 11 Enterprise IDS Management.

Slides:

Advertisements

Similar presentations

This course is designed for system managers/administrators to better understand the SAAZ Desktop and Server Management components Students will learn.

Advertisements

Microsoft ® Official Course First Look Clinic Overview of Windows 8 By Ragowo Riantory, S.Kom, MCP.

Windows XP Operating Systems  COSC513 Operating Systems  Mr. Nut Prommongkonkun  Student ID #

Installing Windows XP Professional Using Attended Installation Slide 1 of 30Session 8 Ver. 1.0 CompTIA A+ Certification: A Comprehensive Approach for all.

What’s new in this release? September 6, Milestone Systems Confidential Milestone’s September release 2012 XProtect ® Web Client 1 Connect instantly.

Windows DX 66 megahertz (MHz) or faster processor (Pentium central processing unit recommended). 16 megabytes (MB) of memory (24 MB recommended).

Module 1: Installing Windows XP Professional

2.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 2: Installing Windows Server.

Lesson 15 – INSTALL AND SET UP NETWARE 5.1. Understanding NetWare 5.1 Preparing for installation Installing NetWare 5.1 Configuring NetWare 5.1 client.

Lesson 18 – INSTALLING AND SETTING UP WINDOWS 2000 SERVER.

1.1 Installing Windows Server 2008 Windows Server 2008 Editions Windows Server 2008 Installation Requirements X64 Installation Considerations Preparing.

Lesson 5-Accessing Networks. Overview Introduction to Windows XP Professional. Introduction to Novell Client. Introduction to Red Hat Linux workstation.

Lesson 4-Installing Network Operating Systems. Overview Installing and configuring Novell NetWare 6.0. Installing and configuring Windows 2000 Server.

Hands-On Microsoft Windows Server 2003 Chapter 2 Installing Windows Server 2003, Standard Edition.

 Contents 1.Introduction about operating system. 2. What is 32 bit and 64 bit operating system. 3. File systems. 4. Minimum requirement for Windows 7.

1 Chapter Overview Introduction to Windows XP Professional Printing Setting Up Network Printers Connecting to Network Printers Configuring Network Printers.

Tripwire Enterprise Server – Getting Started Doreen Meyer and Vincent Fox UC Davis, Information and Education Technology June 6, 2006.

VMware vCenter Server Module 4.

Virtual Machine Management

© 2012 The McGraw-Hill Companies, Inc. All rights reserved. 1 Third Edition Chapter 3 Desktop Virtualization McGraw-Hill.

11 MAINTAINING THE OPERATING SYSTEM Chapter 5. Chapter 5: MAINTAINING THE OPERATING SYSTEM2 CHAPTER OVERVIEW Understand the difference between service.

1 Chapter Overview Preparing to Install Windows XP Professional Installing Windows XP Professional from a CD-ROM Installing Windows XP Professional over.

16.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 16: Examining Software Update.

11 MAINTAINING THE OPERATING SYSTEM Chapter 5. Chapter 5: MAINTAINING THE OPERATING SYSTEM2 CHAPTER OVERVIEW  Understand the difference between service.

Chapter 7 Installing and Using Windows XP Professional.

Hands-On Microsoft Windows Server 2008 Chapter 1 Introduction to Windows Server 2008.

© 2003, Cisco Systems, Inc. All rights reserved. CSIDS 4.0—16-1 Chapter 16 Enterprise Intrusion Detection System Monitoring and Reporting.

©2012 Microsoft Corporation. All rights reserved. Content based on SharePoint 15 Technical Preview and published July 2012.

DB2 (Express C Edition) Installation and Using a Database

Chapter-4 Windows 2000 Professional Win2K Professional provides a very usable interface and was designed for use in the desktop PC. Microsoft server system.

Introduction to HP LoadRunner Getting Familiar with LoadRunner >>>>>>>>>>>>>>>>>>>>>>

Module 1: Introduction to Microsoft SQL Server 7.0.

WINDOWS XP PROFESSIONAL Bilal Munir Mughal Chapter-1 1.

11 INSTALLING WINDOWS XP PROFESSIONAL Chapter 2. Chapter 2: INSTALLING WINDOWS XP PROFESSIONAL2 OVERVIEW  Install Windows XP Professional  Upgrade from.

A+ Guide to Managing and Maintaining Your PC Fifth Edition Chapter 15 Installing and Using Windows XP Professional.

© 2012 The McGraw-Hill Companies, Inc. All rights reserved. 1 Third Edition Chapter 6 Today’s Windows Windows Vista and Windows 7 McGraw-Hill.

Hands-On Microsoft Windows Server 2008 Chapter 1 Introduction to Windows Server 2008.

Module 4: Add Client Computers and Devices to the Network.

IBM Express Runtime Quick Start Workshop © 2007 IBM Corporation Install IBM Express Runtime Development Environment.

Learningcomputer.com SQL Server 2008 – Installation of SQL Server 2008.

Module 13: Maintaining Software by Using Windows Server Update Services.

CHAPTER Windows NT Server Installation. Chapter Objectives Give an overview of the installation process Outline the pre-installation and post- installation.

Module 1: Installing Microsoft Windows XP Professional.

Guide to MCSE , Second Edition, Enhanced1 The Microsoft Networking Family Collection of operating systems (OS) Operating Systems Work directly with.

Step By Step Windows Server 2003 Installation Guide Step By Step Windows Server 2003 Installation Guide.

By Rashid Khan Lesson 10-From Here to There: Remote Installation of the Windows XP Professional Client.

Module 1: Installing and Configuring Servers. Module Overview Installing Windows Server 2008 Managing Server Roles and Features Overview of the Server.

W2K Server Installation It is very important that before you begin to install Windows 2000 Server, you must prepare for the installation by gathering specific.

Chapter 3 Installing Windows XP Professional. Preparing for installation Pre-installation requirement; ◦ Hardware requirements ◦ Hardware compatibility.

A+ Guide to Managing and Maintaining Your PC Fifth Edition Chapter 13 Understanding and Installing Windows 2000 and Windows NT.

Module 1: Installing Microsoft Windows XP Professional.

A+ Guide to Managing and Maintaining Your PC Fifth Edition Chapter 13 Understanding and Installing Windows 2000 and Windows NT.

Chapter 14 Supporting Windows 2000 Professional. 14 You Will Learn… n About the different operating systems within the Windows 2000 suite n About the.

© 2003, Cisco Systems, Inc. All rights reserved. CSIDS 4.0—15-1 Chapter 15 Blocking Configuration.

©2012 Microsoft Corporation. All rights reserved. Content based on SharePoint 15 Technical Preview and published July 2012.

Installing or Upgrading to Windows Overview Preparing for Installation Installing Windows 2000 Professional from a Compact Disc Installing Windows.

© 2012 The McGraw-Hill Companies, Inc. All rights reserved. 1 Third Edition Chapter 6 Today’s Windows Windows Vista and Windows 7 McGraw-Hill.

Hands-On Microsoft Windows Server 2008 Chapter 5 Configuring Windows Server 2008 Printing.

Automating Installations by Using the Microsoft Windows 2000 Setup Manager Create setup scripts simply and easily. Create and modify answer files and UDFs.

IST 222 Day 2. Homework for Today Take up homework and go over Go to CompTIA web site and view objectives for A+ certification test.

Chapter 5 Server Installation NT Server Requirements NT Server File Systems Installation.

1 BCS 4 th Semester. Step 1: Download SQL Server 2005 Express Edition Version Feature SQL Server 2005 Express Edition SP1 SQL Server 2005 Express Edition.

Planning Server Deployments Chapter 1. Server Deployment When planning a server deployment for a large enterprise network, the operating system edition.

ITMT 1371 – Window 7 Configuration 1 ITMT Windows 7 Configuration Chapter 8 – Managing and Monitoring Windows 7 Performance.

© 2001, Cisco Systems, Inc. CSPFA 2.0—16-1 Chapter 16 Cisco PIX Device Manager.

9 Copyright © 2004, Oracle. All rights reserved. Getting Started with Oracle Migration Workbench.

Create setup scripts simply and easily.

What is an operating system An operating system is the most important software that runs on a computer. It manages the computer's memory and processes,

Presentation transcript:

© 2003, Cisco Systems, Inc. All rights reserved. CSIDS 4.0—11-1 Chapter 11 Enterprise IDS Management

© 2003, Cisco Systems, Inc. All rights reserved. CSIDS 4.0—11-2 Objectives Upon completion of this chapter, you will be able to perform the following tasks: Define features and key concepts of the IDS MC. Describe the IDS MC Architecture. Install the IDS MC. Understand the IDS MC deployment.

© 2003, Cisco Systems, Inc. All rights reserved. CSIDS 4.0—11-3 Introduction

© 2003, Cisco Systems, Inc. All rights reserved. CSIDS 4.0—11-4 What is the IDS MC? The IDS MC is a web-based application that centralizes and accelerates the deployment and management of multiple IDS Sensors or IDSMs. IDS MC PC Laptop SSL SSH Sensor

© 2003, Cisco Systems, Inc. All rights reserved. CSIDS 4.0—11-5 IDS MC Features Features of the IDS MC Sensor are as follows: Web-based management platform Enterprise management of IDS devices –IDS appliance running version 3.0(1) S4 or higher –IDSM running version 3.0(5) S23 or later –Up to 300 Sensors Provides the ability to create Sensor groups Provides a mechanism to require approval of configurations Provides the ability to import Sensor configurations Pushes signature and service pack updates to the IDS devices

© 2003, Cisco Systems, Inc. All rights reserved. CSIDS 4.0—11-6 Windows Installation

© 2003, Cisco Systems, Inc. All rights reserved. CSIDS 4.0—11-7 Server Requirements—Windows Hardware –IBM PC-compatible computer, 1 GHz Pentium CPU or faster –Color monitor with video card capable of viewing 16-bit of color –CD-ROM drive –100 Mbps network connection or faster Memory –1 GB of RAM minimum –2 GB of virtual memory minimum Hard drive space –12 GB of free space minimum –NTFS Software –Windows 2000 Server or Professional with Service Pack 3 –Microsoft ODBC Driver Manager or later

© 2003, Cisco Systems, Inc. All rights reserved. CSIDS 4.0—11-8 Client Access Requirements—Windows Hardware—IBM PC-compatible computer, 300 MHz or faster Memory –256 MB of RAM minimum –400 MB virtual memory Operating system –Windows 98 –Windows NT 4.0 –Windows 2000 Professional with Service Pack 2 or 3 –Windows 2000 Server with Service Pack 2 or 3 –Windows 2000 Advanced Server –Windows XP Professional Browser – Internet Explorer 5.5 with Service Pack 2 –Internet Explorer 6.0 – Netscape Navigator 4.76

© 2003, Cisco Systems, Inc. All rights reserved. CSIDS 4.0—11-9 Installation Overview CiscoWorks Common Services are required for the IDS MC. CiscoWorks Common Services provide the CiscoWorks Server-based components software libraries, and software packages developed for the IDS MC.

© 2003, Cisco Systems, Inc. All rights reserved. CSIDS 4.0—11-10 Installation Process

© 2003, Cisco Systems, Inc. All rights reserved. CSIDS 4.0—11-11 Installation Process (cont.)

© 2003, Cisco Systems, Inc. All rights reserved. CSIDS 4.0—11-12 Installation Process (cont.)

© 2003, Cisco Systems, Inc. All rights reserved. CSIDS 4.0—11-13 Upgrade Process

© 2003, Cisco Systems, Inc. All rights reserved. CSIDS 4.0—11-14 Solaris Installation

© 2003, Cisco Systems, Inc. All rights reserved. CSIDS 4.0—11-15 Server Requirements—Solaris Hardware –UltraSPARC II, IIi, or IIe chipsets –UltraSPARC III or IIIc chipsets Memory—1 GB of RAM minimum System Software—Solaris 2.7 or Solaris 2.8

© 2003, Cisco Systems, Inc. All rights reserved. CSIDS 4.0—11-16 Client Access Requirements—Solaris Hardware—Solaris SPARCstation or Sun Ultra 10 with a 333 MHz processor with one of the following operating systems: –Solaris 2.7 –Solaris 2.8 Memory—1 GB of RAM minimum Browser—Netscape Navigator 4.79

© 2003, Cisco Systems, Inc. All rights reserved. CSIDS 4.0—11-17 Installation Overview CiscoWorks Common Services are required for the IDS MC. CiscoWorks Common Services provide the CiscoWorks Server-based components software libraries, and software packages developed for the IDS MC.

© 2003, Cisco Systems, Inc. All rights reserved. CSIDS 4.0—11-18 Installation Process SETUPDIR=/cdrom/idsmc ====================================================================== Started : Wed Dec 11 17:01:19 CST 2002 ====================================================================== ===============- Software Install Tool Started. -===================== ===- Welcome to the IDS Management Center and Security Monitor 1.0 Setup program. ====================================================================== INFO: This server architecture is 32-bit compatible. INFO: /tmp directory has 777 permissions. INFO: /etc/hosts is readable by all. INFO: OS major is 5 and OS minor is 8 INFO: OS major or minor patch version not set. INFO: Checking group entry casusers..... INFO: Group created for installable packages is casusers. INFO: Checking user entry casuser..... INFO: casuser for installable packages exists. INFO: No user added to the system. INFO: Warning - No PRMOPT_INSTALL_TYPE section in TOC-file. INFO: Warning - No installation default mode set.

© 2003, Cisco Systems, Inc. All rights reserved. CSIDS 4.0—11-19 Installation Process (cont.) 1) IDS Management Center 2) Security Monitor 3) All of the Above (IDS Management Center + Security Monitor) Select one of the items using its number or enter q to quit [q] 1 INFO: You entered 1 as the option Loading properties from info files, working... Making a list of dependencies, working... Making a list of dependencies for CSCOids, working... Making a list of dependencies for CSCOnsdb, working... Making a list of dependencies for CSCOossh, working... Making a list of dependencies, working... INFO: performing prerequisite: /cdrom/idsmc /info/idscom/prerequisite INFO: performing prerequisite: CSCOids: /cdrom/idsmc /packages/CSCOids/ Enter IDS MC/Security Monitor Database Password: Confirm Password : INFO: Password Encryption is Successful. Enter IDS MC/Security Monitor Database Location : [/opt/CSCOpx/MDC/Sybase/Db/IDS] Entered value is /opt/CSCOpx/MDC/Sybase/Db/IDS Creating file /tmp/cscotmp/idsinstall.properties.....

© 2003, Cisco Systems, Inc. All rights reserved. CSIDS 4.0—11-20 Installation Process (cont.) ====================================================================== Finished: Wed Dec 11 17:13:19 CST 2002 ====================================================================== ===============- Software Install Tool Completed. -===================== ======================================================================

© 2003, Cisco Systems, Inc. All rights reserved. CSIDS 4.0—11-21 Architecture

© 2003, Cisco Systems, Inc. All rights reserved. CSIDS 4.0—11-22 IDS MC Architecture Overview User IDS MC CiscoWorks Common Services Data Store SSH IDS device HTTP/HTTPS

© 2003, Cisco Systems, Inc. All rights reserved. CSIDS 4.0—11-23 IDS MC Directories IDS MC home directory \Apache\Sybase\Tomcat\Etc\ids \updates

© 2003, Cisco Systems, Inc. All rights reserved. CSIDS 4.0—11-24 IDS MC Processes The IDS MC is composed of the following processes: IDS_Analyzer IDS_Backup IDS_DbAdminAnalyzer IDS_DeployDaemon IDS_Notifier IDS_Receiver IDS_ReportScheduler

© 2003, Cisco Systems, Inc. All rights reserved. CSIDS 4.0—11-25 Getting Started

© 2003, Cisco Systems, Inc. All rights reserved. CSIDS 4.0—11-26 CiscoWorks Login

© 2003, Cisco Systems, Inc. All rights reserved. CSIDS 4.0—11-27 CiscoWorks User Authorization Roles CiscoWorks user authorization roles allow for different privileges within IDS MC: Help Desk—Read-only for the entire system. Approver—Read-only for the rest of the system, and Approve configurations. Network Operator—Read-only for the rest of the system, and deploy configurations. Network Administrator—Read-only for the rest of the system, edit devices and device groups. System Administrator—All operations may be performed by the system administrator. Users can be assigned multiple authorization roles.

© 2003, Cisco Systems, Inc. All rights reserved. CSIDS 4.0—11-28 CiscoWorks Add User Choose Server Configuration>Setup>Security>Add Users.

© 2003, Cisco Systems, Inc. All rights reserved. CSIDS 4.0—11-29 IDS MC Launch Choose VPN/Security Management>Management Center>IDS Sensors.

© 2003, Cisco Systems, Inc. All rights reserved. CSIDS 4.0—11-30 Understanding the IDS MC Interface Instructions Page Path bar Object bar Object Selector handle TOCOption barTabs

© 2003, Cisco Systems, Inc. All rights reserved. CSIDS 4.0—11-31 IDS Workflow

© 2003, Cisco Systems, Inc. All rights reserved. CSIDS 4.0—11-32 Workflow The workflow consists of the following three-step process: Step 1 Generate—Allows you to generate configuration files for Sensors. Step 2 Approve—(Optional.) Allows you to manage configuration files proposed for deployment. Step 3 Deploy—Allows you to submit new deployment jobs and manage deployment jobs.

© 2003, Cisco Systems, Inc. All rights reserved. CSIDS 4.0—11-33 Workflow—Generate Choose Deployment>Generate.

© 2003, Cisco Systems, Inc. All rights reserved. CSIDS 4.0—11-34 Workflow—Deploy Choose Deployment>Deploy>Submit.

© 2003, Cisco Systems, Inc. All rights reserved. CSIDS 4.0—11-35 Workflow—Deploy (Schedule)

© 2003, Cisco Systems, Inc. All rights reserved. CSIDS 4.0—11-36 Workflow—Deploy (Pending) Choose Deployment>Deploy>Pending.

© 2003, Cisco Systems, Inc. All rights reserved. CSIDS 4.0—11-37 Workflow—Deploy (Pending) (cont.) Choose Deployment>Deploy>Pending.

© 2003, Cisco Systems, Inc. All rights reserved. CSIDS 4.0—11-38 Summary

© 2003, Cisco Systems, Inc. All rights reserved. CSIDS 4.0—11-39 Summary The IDS MC provides a web-based interface for configuring and managing multiple IDS Sensors. The IDS MC allows for a three-step process of deploying new configurations to Sensors. –Generate the configuration. –Approve the configuration. (Optional.) –Deploy the configuration. The IDS MC can be installed on Windows-based and Solaris-based servers.

© 2003, Cisco Systems, Inc. All rights reserved. CSIDS 4.0—11-40 Lab Exercise

© 2003, Cisco Systems, Inc. All rights reserved. CSIDS 4.0— sensorP.4 sensorQ Q P.0 Lab Visual Objective STUDENT PC.2 STUDENT PC ROUTER.1.2 ROUTER P Q P Q.0 RTS.100 Pods 1–5Pods 6– WEB FTP RBB