Intrusion Prevention

IMPORTANT MODERATION NOTICE

This community is currently under full moderation, meaning  all posts will be reviewed before appearing in the community. Please expect a brief delay—there is no need to post multiple times. If your post is rejected, you'll receive an email outlining the reason(s). We've implemented full moderation to control spam. Thank you for your patience and participation.



  • 1.  help me about config 'management server' at preference settings of IDP 200

    Posted 04-09-2010 01:32
      |   view attached

    Hi all,

    I am having problems in NS-IDP-200 when I access UI, includes:
          1/ Component 'Log Viewer' not display logs record, not active and i can not create new report from it
          2/ I do not know how  to configure 'Management Server' in directory 'tools->preferences->Management server'

    Many days, i had tryed to solved but not successful. Please everybody help me!!!


    Thank you so much!



  • 2.  RE: help me about config 'management server' at preference settings of IDP 200
    Best Answer

    Posted 04-09-2010 10:10

    I believe it is thinking that SNMP and Syslog hosts are a different server, external to the NSM. Do you have those on your network?

     

    Regards,

    BR



  • 3.  RE: help me about config 'management server' at preference settings of IDP 200

    Posted 04-10-2010 00:39
      |   view attached

    I also think so. But i do not know how to make correct 'Script Name' at directory: Tools->Preference->Management Server->Global Logging->Script Name.

     

    I am intenting place ip address of idp management server at this directory:

        1/Tools->Preference->Management Server->SNMP->Manager

        2/Tools->Preference->Management Server->SNMP->Community

        3/Tools->Preference->Management Server->Syslog->Host

     

    My topo network: sniffer mode (not use HA)

     

                                   PixCisco----------Switch--------------|--SunOS 5.8 (idp manager server- 192.168.2.13)

                                                 port gmt |          | eth2         |

                                                                 |          |                  |--UI (192.168.2.46)

                                                               NS-200-IDP

                                                (192.168.2.13)     

     

     

    Thanks for your helps,

    Best Regards!

     

     

     

     



  • 4.  RE: help me about config 'management server' at preference settings of IDP 200

    Posted 04-10-2010 01:10

    sorry, i type to confus ip address in topo

    My topo network: sniffer mode (not use HA)

     

                                                                               (inside)

                                   PixCisco----------Switch--------------|--SunOS 5.8 (idp manager server- 192.168.2.13)

                                                 port gmt |          | eth2         |

                                                                  |          |                  |--UI (192.168.2.46)

                                                                NS-200-IDP

                                                (192.168.2.14)    

     

    When i had restart serviecs idp,snmpd,syslog  and they running ok, not alert anything:

     

    *******

    Creating virtual circuit for eth2
    Sniffer mode enabled for vc 'eth2'
    Trying to load last policy [testIDP]...Policy compiled successfully.
     
    Verifying rulebase 'Traffic Anomalies':
    'Traffic Anomalies' verified successfully.
     
    Verifying rulebase 'SYN-Protector':
    'SYN-Protector' verified successfully.
     
    Verifying rulebase 'Main':
    Rule 1: Cannot perform 'drop' action in sniffer mode
    Verifying rulebase 'Backdoor Detection':
    'Backdoor Detection' verified successfully.
     
    Verifying antispoofing rules:
    Antispoofing may not work properly in sniffer mode
    done
    Starting idpLogReader..............................OK
    Starting slogd.....................................OK
    Starting sciod.....................................OK
    Starting statusForwarder...........................OK
    Starting logForwarder..............................OK
    Starting sessionFetcher............................OK
    Starting dLogPurger................................OK
    [root@idp admin]#  
     
     
    Apr 10 15:00:09 idp snmpd: snmpd shutdown succeeded
    Apr 10 15:00:09 idp ucd-snmp[25419]: UCD-SNMP version 4.2.5  
    Apr 10 15:00:10 idp snmpd: snmpd startup succeeded
    Apr 10 15:01:03 idp syslogd 1.4.1: restart.
    Apr 10 15:01:03 idp syslog: syslogd startup succeeded
    Apr 10 15:01:03 idp syslog: klogd startup succeeded

     

    Please help me to solve this problem.

    Thank all,

    Brgs!



  • 5.  RE: help me about config 'management server' at preference settings of IDP 200

    Posted 04-14-2010 13:15

    Sapphire:

     

    I do not see this directory on the IDP, and I not see that path on the NSM GUI, under Tools -> Preferences. Hopefully someone from the NSM team can jump in and be of assistance.

     

    Regards,

    BR