IBM Proventia Management SiteProtector SP1001 Hardware Configuration Manual
  1. Manuals
  2. Brands
  3. IBM Manuals
  4. Network Hardware
  5. Proventia Management SiteProtector SP1001
  6. Hardware configuration manual

IBM Proventia Management SiteProtector SP1001 Hardware Configuration Manual

Version 2.0, service pack 7.0
Hide thumbs Also See for Proventia Management SiteProtector SP1001:
Table of Contents

Advertisement

Quick Links

Download this manual
®
IBM Proventia
Management SiteProtector
SP1001 Hardware Configuration Guide
Version 2.0, Service Pack 7.0

Advertisement

Table of Contents
loading

Related Manuals for IBM Proventia Management SiteProtector SP1001

Summary of Contents for IBM Proventia Management SiteProtector SP1001

  • Page 1 ® ™ IBM Proventia Management SiteProtector SP1001 Hardware Configuration Guide Version 2.0, Service Pack 7.0...
  • Page 3 ® ™ IBM Proventia Management SiteProtector SP1001 Hardware Configuration Guide Version 2.0, Service Pack 7.0...
  • Page 4 Copyright Statement © Copyright IBM Corporation 1994, 2008. IBM Global Services Route 100 Somers, NY 10589 U.S.A. Produced in the United States of America. All Rights Reserved.
  • Page 5 IBM Internet Security Systems (IBM ISS). Use of this information constitutes acceptance for use in an “AS IS” condition, without warranties of any kind, and any use of this information is at the user’s own risk. IBM Internet Security Systems disclaims all warranties, either expressed or implied, including the warranties of merchantability and fitness for a particular purpose.
  • Page 6 SiteProtector System: SP1001 Hardware Configuration...

  • Page 7: Table Of Contents

    Index ....37 Installing and Starting the SiteProtector Console . . 17 Installing the SiteProtector Console . 17 Starting the SiteProtector Console and logging on 18 © Copyright IBM Corp. 1994, 2008...
  • Page 8 SiteProtector System: SP1001 Hardware Configuration...

  • Page 9: Overview

    Overview Introduction The SiteProtector SP1001 Hardware Configuration Guide contains the information you need to configure the IBM Proventia Management SiteProtector SP1001 appliance hardware. Scope This guide provides procedures for configuring the SiteProtector SP1001 appliance hardware and Windows administration options. This guide is designed to be a companion to the SiteProtector documentation suite.

  • Page 10: How To Use The Sp1001 Appliance Documentation

    How to Use the SP1001 Appliance Documentation This topic explains how the information in the SiteProtector SP1001 Hardware Configuration Guide is organized and lists other documents in the SiteProtector documentation suite that you may use to configure SiteProtector. Document organization This document is organized into logical units, as described in the following table: Chapter Description...
  • Page 11 (PDF) files in the following places: v the IBM ISS Web site at http://www.iss.net/support/documentation v the Deployment Manager, if installed at your Site Licensing agreement For licensing information on IBM Internet Security System products, download the IBM Licensing Agreement from:http://www-935.ibm.com/services/us/iss/html/ contracts_landing.html Overview...

  • Page 12: Getting Technical Support

    Getting Technical Support IBM Internet Security Systems (ISS) provides technical support through its Web site and by email or telephone. The IBM ISS Web site The IBM Internet Security Customer Support Web page (http://www- 935.ibm.com/services/us/index.wss/offerfamily/iss/a1029129) provides direct access to online user documentation, current versions listings, detailed product literature, white papers, and the Technical Support Knowledgebase.

  • Page 13: Safety, Environmental, And Electronic Emissions Notices

    Safety, Environmental, and Electronic Emissions Notices Safety notices may be printed throughout this guide. DANGER notices warn you of conditions or procedures that can result in death or severe personal injury. CAUTION notices warn you of conditions or procedures that can cause personal injury that is neither lethal nor extremely hazardous.
  • Page 14 Electrical voltage and current from power, telephone, and communication cables are hazardous. To avoid a shock hazard: v Connect power to this unit only with the IBM ISS provided power cord. Do not use the IBM ISS provided power cord for any other product.
  • Page 15 Repair or disassemble Exchange only with the IBM ISS-approved part. Recycle or discard the battery as instructed by local regulations. In the United States, IBM ISS has a process for the collection of this battery. For information, call 1-800-426-4333. Have the IBM ISS part number for the battery unit available when you call.
  • Page 16 The booklet contains the safety information in your national language with references to the US English source. Before using a US English publication to install, operate, or service this IBM ISS product, you must first become familiar with the related safety information in the booklet. You should also refer to the booklet any time you do not clearly understand any safety information in the US English publications.
  • Page 17 (TI) que reciclen responsablemente sus equipos cuando éstos ya no les sean útiles. IBM dispone de una serie de programas y servicios de devolución de productos en varios países, a fin de ayudar a los propietarios de equipos a reciclar sus productos de TI.
  • Page 18 EEE on the environment and human health due to the potential presence of hazardous substances in EEE. For proper collection and treatment, contact your local IBM representative. Remarque: Cette marque s’applique uniquement aux pays de l’Union Européenne et à...
  • Page 19 In the United States, IBM has established a return process for reuse, recycling, or proper disposal of used IBM sealed lead acid, nickel cadmium, nickel metal hydride, and other battery packs from IBM equipment. For information on proper disposal of these batteries, contact IBM at 1-800-426- 4333.
  • Page 20 Note: Properly shielded and grounded cables and connectors must be used in order to meet FCC emission limits. IBM is not responsible for any radio or television interference caused by using other than recommended cables and...
  • Page 21 Klasse A ein. Um dieses sicherzustellen, sind die Geräte wie in den Handbüchern beschrieben zu installieren und zu betreiben. Des Weiteren dürfen auch nur von der IBM empfohlene Kabel angeschlossen werden. IBM übernimmt keine Verantwortung für die Einhaltung der Schutzanforderungen, wenn das Produkt ohne Zustimmung der...
  • Page 22 This product is a Class A Information Technology Equipment and conforms to the standards set by the Voluntary Control Council for Interference by Information Technology Equipment (VCCI). In a xviii IBM Internet Security Systems domestic environment, this product may cause radio interference in which case the user may be required to take adequate measures.
  • Page 23 Korean Class A Compliance Statement: Overview...
  • Page 24 xxii SiteProtector System: SP1001 Hardware Configuration...

  • Page 25: Chapter 1. Introduction To The Siteprotector Sp1001 Appliance

    This chapter introduces the SiteProtector SP1001 appliance and describes the components and functions of SiteProtector. Topics “What is the SiteProtector SP1001 Appliance?” on page 2 “SiteProtector Components” on page 3 “Proventia Server IPS for Windows” on page 5 © Copyright IBM Corp. 1994, 2008...

  • Page 26: What Is The Siteprotector Sp1001 Appliance

    Note: SecurityFusion module is not preinstalled on the SiteProtector SP1001 appliance. You must install this component on a separate computer. v IBM Proventia Server Intrusion Prevention System (IPS) for Windows, which provides host security protection for the SiteProtector SP1001 appliance.

  • Page 27: Siteprotector Components

    Console and the SiteProtector database. v The X-Press Update Server stores X-Press Updates (XPUs) downloaded from the IBM ISS Download center and makes them available to the agents and components on the network. The Update Server eliminates the need to download...
  • Page 28 SiteProtector Component Description Standalone XPress Update Servers (optional) In addition to the X-Press Update Server that is installed with the SP Core, you can install standalone X-Press Update Servers on separate computers. Event Archiver (optional) Store event data and improve performance by reducing the number of events the database must store.

  • Page 29: Proventia Server Ips For Windows

    Proventia Server IPS for Windows An embedded version of the Proventia Server IPS is installed and configured on the SiteProtector SP1001 appliance hardware and is delivered with a security policy that is predefined for the SiteProtector SP1001 appliance’s operating system and configuration.
  • Page 30 SiteProtector System: SP1001 Hardware Configuration...

  • Page 31: Chapter 2. Before You Begin

    Review this information before you install the SiteProtector SP1001 appliance hardware in a rack or connect the SiteProtector SP1001 appliance to a network. Topics “Requirements and Considerations” on page 8 “Pre-configuration Checklists” on page 10 © Copyright IBM Corp. 1994, 2008...

  • Page 32: Requirements And Considerations

    Product Key. See “Restoring Factory Defaults” on page 30. Unsupported configurations IBM ISS does not support customized configurations. To avoid putting the SiteProtector SP1001 appliance in an unsupported state, do not do the following: v install, reinstall, or remove applications from the SiteProtector SP1001 appliance...
  • Page 33 Ensure that the SiteProtector SP1001 appliance has the latest firmware and intrusion prevention updates installed. The SiteProtector SP1001 appliance retrieves updates from the IBM ISS Download Center, which is accessible over the Internet. For more information about product issues and updates, see the IBM ISS Download Center at http://www.iss.net/.

  • Page 34: Pre-Configuration Checklists

    Pre-configuration Checklists Review the checklists in this topic to ensure that you have the items you need before you proceed with the configuration process. This topic includes the following checklists: v Information required v Cables required Information required checklist To establish network connectivity, you must enter specific information about your network.

  • Page 35: Chapter 3. Connecting And Configuring The Siteprotector Sp1001 Appliance

    “The SiteProtector SP1001 Appliance Back Panel” on page 14 “Connecting the SiteProtector SP1001 Appliance” on page 15 “Configuring the SiteProtector SP1001 Appliance to Communicate with the Network” on page 15 “Installing and Starting the SiteProtector Console” on page 17 © Copyright IBM Corp. 1994, 2008...

  • Page 36: Siteprotector Sp1001 Appliance Configuration Checklist

    SiteProtector SP1001 Appliance Configuration Checklist The process of configuring the SiteProtector SP1001 appliance hardware requires that you perform tasks in a certain order. Follow the steps in this topic when you configure the SiteProtector SP1001 appliance. Prerequisites Before you configure your SiteProtector SP1001 appliance, you must have completed the following tasks: v Ensure that you meet the requirements for configuring the SiteProtector SP1001 appliance.

  • Page 37: The Siteprotector Sp1001 Appliance Front Panel

    The SiteProtector SP1001 Appliance Front Panel The SiteProtector SP1001 appliance front panel consists of three features: v LCD controller module v Management port v USB ports SiteProtector SP1001 appliance front panel The following figure shows the SiteProtector SP1001 appliance front panel: Figure 1.

  • Page 38: The Siteprotector Sp1001 Appliance Back Panel

    The SiteProtector SP1001 Appliance Back Panel The SiteProtector SP1001 appliance back panel includes several different features related to the power source, connections, and internal components. SP1001 back panel The following figure shows the SiteProtector SP1001 appliance back panel: Figure 2. SP1001 back panel Back panel features The following table describes the features of the back panel: Feature...

  • Page 39: Connecting The Siteprotector Sp1001 Appliance

    2. Connect the Ethernet cable from the network to the management port. 3. Turn on the SiteProtector SP1001 appliance. “IBM ISS Proventia SP1001” appears on the LCD panel. Note: It may take several minutes for this screen to appear.

  • Page 40: Entering Network Information

    Procedure 1. Locate the LCD panel at the front of the SiteProtector SP1001 appliance, and then make sure that “IBM ISS Proventia SP1001” appears on the screen. 2. Press the ENTER button. The Appliance PIN screen appears. Note: If you want to require that users enter a personal identification number (PIN) to use the LCD panel, see.“Securing the SiteProtector SP1001 Appliance...

  • Page 41: Installing And Starting The Siteprotector Console

    3. Click Yes to accept the security certificate. 4. Read the IBM ISS License Agreement, and then click Accept. Note: The IBM ISS License Agreement appears only when you access this Web site for the first time. 5. Click the Install SiteProtector Console link.

  • Page 42: Starting The Siteprotector Console And Logging On

    Starting the SiteProtector Console and logging on Procedure 1. On your computer, open the SiteProtector Console. 2. Right-click the My Sites node in the left pane. 3. Select New → Site. 4. Log in using the SiteProtector SP1001 appliance’s IP address that you entered when you performed the procedure on 26.

  • Page 43: Chapter 4. Configuring The Siteprotector Console

    “SiteProtector Console Configuration Checklist” on page 20 “Installing License Files” on page 21 “Choosing the SP1001 Appliance Language” on page 22 “Securing SP1001 Appliance Passwords” on page 22 “Setting the Date and Time” on page 23 © Copyright IBM Corp. 1994, 2008...

  • Page 44: Siteprotector Console Configuration Checklist

    SiteProtector Console Configuration Checklist This topic provides a checklist that lists the tasks you should perform to configure the Console. Follow the steps in this topic when you configure the SiteProtector SP1001 appliance. Note: This checklist provides the recommended order that the tasks in this chapter should be performed.

  • Page 45: Installing License Files

    Installing License Files Now that you have logged on from the SiteProtector Console, you must install the new license files so that you can begin using the reporting, correlation, and security features that are installed on the SiteProtector SP1001 appliance. The SiteProtector SP1001 appliance requires properly configured licenses to run at full capability.

  • Page 46: Choosing The Sp1001 Appliance Language

    ISSADMIN Windows administrator Administrator ISSADMIN Important: For the best security practices, IBM ISS recommends that you use strong passwords and change these passwords frequently. See the Microsoft Windows Server 2003 documentation regarding the criteria required for creating strong passwords. SiteProtector System: SP1001 Hardware Configuration...

  • Page 47: Setting The Database Administrator Password

    Setting the Database Administrator password Procedure 1. Select the System view. 2. In the left pane, expand the site node for the SiteProtector SP1001 appliance site, and then click the.Appliance icon. 3. Click OK to accept the security certificate. The Appliance Configuration interface appears in the right pane.
  • Page 48 SiteProtector System: SP1001 Hardware Configuration...

  • Page 49: Chapter 5. Optional Configuration Tasks

    This chapter provides procedures for configuring optional hardware and Windows administration options on the SiteProtector SP1001 appliance. Topics “Starting and Shutting Down the SiteProtector SP1001” on page 26 “Configuring SNMP Services” on page 27 “Securing the SiteProtector SP1001 Appliance Hardware” on page 28 © Copyright IBM Corp. 1994, 2008...

  • Page 50: Starting And Shutting Down The Siteprotector Sp1001

    Starting and Shutting Down the SiteProtector SP1001 About this task To ensure that the SiteProtector SP1001 appliance is properly maintained, you may need to restart or stop the SiteProtector SP1001 appliance hardware. The topic provides procedures for manually restarting and shutting down the SiteProtector SP1001 appliance and scheduling these tasks so that they can occur automatically.

  • Page 51: Scheduling A Server Shut Down Or Restart

    Scheduling a server shut down or restart Procedure 1. Select the System view. 2. In the left pane, expand the Site Node for the SiteProtector SP1001 appliance Site, and then click the Appliance icon. The Appliance Configuration interface appears in the right pane. 3.

  • Page 52: Securing The Siteprotector Sp1001 Appliance Hardware

    Securing the SiteProtector SP1001 Appliance Hardware About this task If you want to secure the SiteProtector SP1001 appliance LCD settings, you can require that users specify a PIN to access the LCD panel. Procedure 1. On the LCD panel, press the ENTER button. The Appliance PIN screen appears.

  • Page 53: Chapter 6. Troubleshooting

    This chapter contains information that can help you troubleshoot the SiteProtector SP1001 appliance hardware and Windows administration options. Topics “Restoring Factory Defaults” on page 30 “Issue Related to the LCD Panel” on page 31 © Copyright IBM Corp. 1994, 2008...

  • Page 54: Restoring Factory Defaults

    5. When the Windows Setup window appears, type the Product Key in the boxes provided. 6. Click Next, and then verify that the “IBM ISS Proventia SP1001” is displayed on the LCD. Note: It may take several minutes for this to appear.

  • Page 55: Issue Related To The Lcd Panel

    Issue Related to the LCD Panel This topic provides a solution to an issue that you may encounter when you use the SiteProtector SP1001 appliance’s LCD panel. Change to network settings fails Description: If you are trying to change the network settings in the LCD panel while a window that contains the network configuration options is open on the SiteProtector Console, the configuration change will fail.
  • Page 56 SiteProtector System: SP1001 Hardware Configuration...

  • Page 57: Appendix. Siteprotector Sp1001 Appliance Configuration Options

    This appendix describes the configuration options that you can use to configure the SiteProtector SP1001 appliance. Some of these options are described in more detail in other chapters in this guide. Topic “Configuration Options” on page 34 © Copyright IBM Corp. 1994, 2008...

  • Page 58: Configuration Options

    Configuration Options This topic provides descriptions of the SiteProtector SP1001 appliance configuration options. These options are displayed in the Console’s System Administration tab. Local configuration options The following table describes the local configuration options: Select this menu option... To do this... Set Server Name Set the server name, DNS Suffix, and Domain information.
  • Page 59 Select this menu option... To do this... Users Create, edit, or delete local users on the server, and edit properties. Create, edit, or delete local groups on the server, and edit properties. Shares Create folders, manage attributes, and set permissions. Create, delete, and edit the properties of each share.
  • Page 60 SiteProtector System: SP1001 Hardware Configuration...

  • Page 61: Index

    22 Product Key important consideration for rack mounted appliances 8 remote desktop 9 safety notices xi shut down send warning message before 27 Simple Network Management Protocol 27 Site Database 3 SNMP 9 © Copyright IBM Corp. 1994, 2008...
  • Page 62 SiteProtector System: SP1001 Hardware Configuration...
  • Page 64 Printed in USA...

Table of Contents