Nortel 2050 Installation Manual
  1. Manuals
  2. Brands
  3. Nortel Manuals
  4. Network Router
  5. Softphone 2050
  6. Installation manual
Nortel 2050 Installation Manual

Nortel 2050 Installation Manual

Tps 3d sensor and defense center
Hide thumbs Also See for 2050:
Table of Contents

Advertisement

Quick Links

Download this manual See also: User Manual, Operation & Installation Manual
Nortel TPS 3D Sensor and Defense Center
Installation Guide
Release 4.7.0
TPS 3D Sensors 2050, TPS 2150,
TPS 2070, TPS 2170, and Defense
Part No. NN47240-300
Center TPS 2070 DC
(320737-B)
Santa Clara, California 95054
USA

Advertisement

Table of Contents
loading

Related Manuals for Nortel 2050

Summary of Contents for Nortel 2050

  • Page 1 Nortel TPS 3D Sensor and Defense Center Installation Guide Release 4.7.0 TPS 3D Sensors 2050, TPS 2150, TPS 2070, TPS 2170, and Defense Part No. NN47240-300 Center TPS 2070 DC (320737-B) Santa Clara, California 95054...
  • Page 2 Users must take full responsibility for their applications of any products specified in this document. The information in this document is proprietary to Nortel Networks.

  • Page 3: Table Of Contents

    Other deployment options... 15 Understanding detection engines and interface sets... 18 Connecting sensors to your network ... 20 Using a Nortel Defense Center... 23 Security considerations... 25 Installing the Defense Center DC 2070 ... 25 Setting the IP Address for the Management interface ... 26 Performing the initial setup ...
  • Page 4 Chapter 3: Hardware specification... 43 TPS 2x50 3D Sensor... 44 TPS 2x70 3D Sensor... 47 TPS 2070 DC ... 50 Appendix A: Safety and regulatory information... 53 Safety information... 53 Regulatory compliance ... 54 TPS 3D S ORTEL ENSOR AND EFENSE Chassis back I/O ports and features...

  • Page 5: Chapter 1: Before You Begin

    • any two components, or all three Each of the components is described in detail in the Nortel TPS 3D System User Guide. You can install a 3D Sensor with the IPS component as a standalone appliance, but if you want to use RNA or RUA, you must use the 3D Sensor with a Defense Center.

  • Page 6: Ips Installation Considerations

    “Using a Nortel Defense Center” on page 23 IPS installation considerations IPS is the intrusion prevention and detection component of the Nortel TPS 3D System. Before you install a 3D Sensor with IPS, you should consider how your network is configured and how you want to deploy the various components of the Nortel TPS 3D System within it.

  • Page 7: Rna Installation Considerations

    Finally, you should take into account any special network configuration factors, such as firewall placement, VPN deployments, and how you will use a Nortel Defense Center to aggregate and correlate RNA events. Monitoring network changes with RNA can help you realize a variety of goals.

  • Page 8: Typical 3D Sensor Deployments

    Typical 3D Sensor deployments In the following simple network architecture diagram, the network contains three areas with three different security policies: • between the border router and the firewall • in the demilitarized zone, or DMZ • in the internal, protected network Figure 1 Typical 3D Sensor deployments Deploying your 3D Sensors in each of these locations serves different purposes.
  • Page 9 internal network. Generally, all internal networks are ideal locations for the combined capabilities of IPS, RNA, and RUA. IMPORTANT! 3D Sensor’s sensing interfaces. Regardless of where you connect the sensing interfaces, make sure you connect the 3D Sensor’s management interface to a secure internal network that is protected from unauthorized access.
  • Page 10 Chapter 1: Before you begin Figure 2 Outside the firewall In the DMZ In this simple network architecture, the DMZ contains outward-facing servers (web, FTP, DNS, mail, and so on). The hosts in the DMZ provide services to external users and are at a greater security risk than those inside the firewall. In this network configuration, the servers in the DMZ also provide services such as mail relay and web proxy to users on the internal network.
  • Page 11 Chapter 1: Before you begin Figure 3 In the DMZ On the internal network Although the sample network includes a firewall configured to provide security to the servers and workstations on the internal network, 3D Sensors on this segment can monitor traffic that is allowed inbound by the firewall by choice or due to firewall misconfiguration.

  • Page 12: Deploying A Multi-Port 3D Sensor

    In either case, by adding RUA to the 3D Sensor, you can immediately identify the user who is logged into the host that is running the rogue operating system or launching the internal attack. Figure 4 On the internal network Deploying a Multi-Port 3D Sensor Selected models of the 3D Sensor offer multiple sensing ports on an adapter card.
  • Page 13 Chapter 1: Before you begin Figure 5 Deploying a multi-port 3D Sensor In this scenario, the tap transmits incoming and outgoing traffic through separate ports. When you connect the multi-port adapter card on the 3D Sensor to the tap, the 3D Sensor is able to combine the traffic into a single data stream so that it can be analyzed.
  • Page 14 Chapter 1: Before you begin If your 3D Sensor supports multiple detection engines, you can also create interface sets to capture data from separate networks. The following illustration shows a single sensor with a dual-port adapter and two interface sets connected to two networks.

  • Page 15: Other Deployment Options

    Other deployment options The following sections describe other installation scenarios that may affect your enterprise’s deployment of the Nortel 3D System. • “Integrating with VPNs” on page 15 • “Detecting Intrusions on other points of entry” on page 15 •...
  • Page 16 Many organizations want to extend intrusion detection across a geographically disparate enterprise and then analyze all the IPS data from one location. The Nortel 3D System supports this by offering the Defense Center, which aggregates and correlates events from 3D Sensors deployed throughout the organization’s many locations.
  • Page 17 RNA in environments where proxy servers, NAT devices, and VPNs exist, in addition to information about using the Nortel Defense Center to manage multiple 3D Sensors and the deployment and management of 3D Sensors in a multi-site environment.

  • Page 18: Understanding Detection Engines And Interface Sets

    RNA may incorrectly identify the hosts behind the proxy or NAT device. In this case, Nortel recommends that you position 3D Sensors with RNA inside the network segment protected by the proxy or NAT device to ensure that hosts are correctly detected.
  • Page 19 The Nortel 3D System supports three types of interface sets, but the interface options available to you depend on the type of sensor and the capabilities of its sensing interfaces.

  • Page 20: Connecting Sensors To Your Network

    Comparing inline and passive interface sets An interface set is comprised of one or more sensing interfaces on the 3D Sensor. Each detection engine is assigned to an interface set and uses those interfaces to monitor the traffic on specific network segments. Interface sets can be one of the following types: •...
  • Page 21 Chapter 1: Before you begin that the detection engine sees every packet on a higher volume network because of the potential of packet collision. For a simple network with low traffic, this is not likely to be a problem. In a high-traffic network, a different option may provide better results.
  • Page 22 Chapter 1: Before you begin When the sensor switches to bypass mode, the internal crossover and the crossover cable between the endpoint and the sensor combine to create a straight-through cable, allowing normal operation of the connection. Between a Router and a Switch When you deploy an inline 3D Sensor between a router and a switch, use a straight-through cable between the switch and the sensor and a crossover cable between the sensor and the router.

  • Page 23: Using A Nortel Defense Center

    Using a Nortel Defense Center In addition to running 3D Sensors with IPS as standalone appliances, you can manage 3D Sensors with the Nortel Defense Center. The Defense Center aggregates and correlates events generated by multiple 3D Sensors on different segments of your network.

  • Page 24: Chapter 2: Installation

    HAPTER NSTALLATION This chapter describes the installation requirements for the following TPS appliances: • TPS 3D Sensor 2050 • TPS 3D Sensor 2070 • TPS 3D Sensor 2150 • TPS 3D Sensor 2170 • TPS 2070 DC TPS 3D S...

  • Page 25: Tps 2070 Dc

    “Performing the initial setup” on page 27 • “Console output” on page 32 Security considerations Before you install your Defense Center, Nortel recommends that you consider the following. • Locate your Defense Center in a lockable rack within a secure location that prevents access by unauthorized personnel.

  • Page 26: Setting The Ip Address For The Management Interface

    IP address of the management interface (192.168.45.45) and then access the Defense Center remotely using SSH. 2. Log in as root. The system requests a password. 3. Enter Nortel as the password. The password is case sensitive. WARNING! installing the Defense Center in a production environment.

  • Page 27: Performing The Initial Setup

    5. To determine the name of the management interface, enter the following command: grep MANAGEMENT /etc/sf/ims.conf 6. To configure the management interface, enter the following command: where eth# is the result you received for the command in the previous step, and ipaddr, mask, and bcastaddr are the values you want to use in your network environment.
  • Page 28 You must select a new password for the admin user account. To change the default password: 1. In the Current Password field, type your current password (Nortel). 2. In the New Password and Confirm fields, type your new password. IMPORTANT! policies, and ensure that only appropriate personnel have access to this user account and password.
  • Page 29 • Select Use Static to manually specify network settings. The following table provides a description of each field you can configure. Network settings Settings Management Interface and Netmask Default Network Gateway Hostname Domain Primary DNS Server Secondary DNS Server IMPORTANT! syslog until after you reboot the Defense Center.
  • Page 30 • If you are using DHCP to specify your network settings, click Skip Configuration. IMPORTANT! were able to retain your network settings and license file, you can use the Restore Saved Settings option to refresh the page with your saved network settings if you make an error on the page.
  • Page 31 The new values are saved and you can continue with on page Installing software updates If an update is available for your Defense Center, use the Patch Update Management page to update your system. TIP! SEUs and rule files” on page To install an update: 1.

  • Page 32: Console Output

    1. Specify how you want to set the rule state for new rules after import: • If you want any new rules to use the default rule state set by Nortel in your existing policies, select In the default state.

  • Page 33: 3D Sensor 2X50/2X70

    3D SENSOR 2x50/2x70 The Nortel TPS 3D Sensor 2x50 and Nortel TPS 3D Sensor 2x70 offer the flexibility to modify existing rules, tune the rule set, and create custom rules. They provide quick snapshots of exploits against a network and save detailed packet information showing TCP/IP headers and payload.
  • Page 34 To install the appliance: 1. Using the enclosed mounting kit, mount the 3D Sensor in the rack. 2. Attach the power cord to the 3D Sensor. Plug it in to a power source. IMPORTANT! cords to both power supplies and plug them in. 3.

  • Page 35: Setting The Ip Address For The Management Interface

    IP address of the management interface (192.168.45.45) and then access the 3D Sensor remotely using SSH. Note that the password is case sensitive. Nortel strongly recommends that you change this password grep MANAGEMENT /etc/sf/ims.conf ifconfig eth# ipaddr netmask mask broadcast bcastaddr ifconfig eth0 192.168.10.5 netmask 255.255.255.0...

  • Page 36: Performing The Initial Setup

    The Login page appears. 2. Type admin for the login name and Nortel for the password. 3. Click Login. The End User License Agreement (EULA) screen appears. 4. Read the agreement and, click Agree to proceed. The Change Password page appears.

  • Page 37: Changing The Default Password

    You must select a new password for the admin user account. To change the default password: 1. In the Current Password field, type your current password (Nortel). 2. In the New Password and Confirm fields, type your new password. IMPORTANT! policies, and ensure that only appropriate personnel have access to this user account and password.

  • Page 38: Setting Up The Base License

    Management Interface and Netmask Default Network Gateway Hostname IMPORTANT! the syslog until after you reboot the 3D Sensor. Domain The fully qualified domain name where the 3D Sensor resides. Primary DNS Server The IP address of your DNS server for the network where the 3D Sensor resides. Secondary DNS Server A secondary DNS server’s IP address.

  • Page 39: Setting Up Remote Management

    To set up the base license: 1. After you obtain the license, paste it into the License field, and click Submit License. Setting up remote management 1. In the Management Host field, type the IP address or the hostname of the Defense Center that you want to use to manage the sensor.

  • Page 40: Importing Seus And Rule Files

    “Importing SEUs and rule files” on page SEUs can contain new binaries. Make sure your process for If you want any new rules to use the default rule state set by Nortel in your existing policies, select In the default state.
  • Page 41 Two default passive policies and three default inline intrusion are delivered with the Nortel Threat Protection System. By using the policies provided by Nortel as a basis for your intrusion policy, you can take advantage of the experience of the VRT.

  • Page 42: Console Output

    3. Select Passive or InLine from the Policy Mode drop-down list, as appropriate. TIP! you apply it to a detection engine. Click Save and continue with intrusion policy” on page Applying an intrusion policy The Detection and Prevention page appears without a policy during initial startup. Click Create Policy to create a new intrusion policy.

  • Page 43: Chapter 3: Hardware Specification

    HAPTER ARDWARE SPECIFICATION This chapter provides the hardware specifications for the following TPS appliances: • TPS 3D Sensor 2050 • TPS 3D Sensor 2070 • TPS 3D Sensor 2150 • TPS 3D Sensor 2170 • TPS 2070 DC TPS 3D S...

  • Page 44: Tps 2X50 3D Sensor

    Figure 9 TPS 2x50 3D Sensor chassis rear view TPS 3D S ORTEL ENSOR AND EFENSE shows the ports on the back of the TPS 3D Sensor 2050 and TPS 3D Power connector DB-9 DCE serial connector 10/100/1000 RJ-45 Ethernet connector Expansion card with 10/100/1000 RJ-45...

  • Page 45: Chassis Front Features

    Chassis front features Figure 10 Figure 10 TPS 2x50 3D Sensor chassis front view Chassis dimensions Chassis Dimensions table Chassis Dimensions Dimension Height Width Depth TPS 3D S ORTEL ENSOR AND EFENSE illustrates the features on the front of the chassis. System status indicator The amber system status LED lights up when the system needs attention due to a problem with power supplies, fans, system temperature, or hard...

  • Page 46: System Operating Environment

    The sensor power supply is rated for 300 watts. Rack and cabinet mounting options The TPS 3D Sensor 2050 or the TPS 3D Sensor 2150 can be used in racks and server cabinets that are 19 inches wide and up to 30 inches deep. The sensor comes with a rack-mount kit.

  • Page 47: Tps 2X70 3D Sensor

    TPS 2x70 3D Sensor The Nortel TPS 3D Sensor 2070 and the TPS 3D Sensor 2170 are designed to maximize performance in a 1U format. See the following sections for a complete description of the TPS 3D Sensor 2070 and the TPS 3D Sensor 2170: •...

  • Page 48: Chassis Front Features

    Chassis front features Figure 12 TPS 3D Sensor 2170 chassis. Figure 12 TPS 2x70 3D Sensor chassis front view TPS 3D S ORTEL ENSOR AND EFENSE illustrates the features on the front of the TPS 3D Sensor 2070 and the Overheat indicator This LED is red when the system overheats.

  • Page 49: Chassis Dimensions

    Chassis dimensions Chassis Dimensions table Chassis Dimensions Dimension Height Width Depth System operating environment This section describes the required office environment for the TPS 3D Sensor 2070 and the TPS 3D Sensor 2170. Environmental parameters Keep the TPS 3D Sensor 2070 or the TPS 3D Sensor 2170 in an environment that meets the specifications in the Environmental Parameters Operating temperature...

  • Page 50: Tps 2070 Dc

    TPS 2070 DC The Nortel TPS 2070 DC is designed to maximize performance in a 1U format. See the following sections for a complete description of the TPS 2070 DC: • ”Chassis back I/O ports and features” • “Chassis Front Features” on page 51 •...

  • Page 51: Chassis Front Features

    Chassis Front Features Figure 14 Figure 14 TPS 2070 DC chassis front features TPS 3D S ORTEL ENSOR AND EFENSE shows the features on the front of the TPS 2070 DC chassis. Overheat indicator This LED is red when the system overheats. NIC 2 indicator - not used NIC 1 indicator This LED mirrors the state of the Link/Act LED of the Management port.

  • Page 52: Chassis Dimensions

    Chassis dimensions Chassis Dimensions table Chassis Dimensions Dimension Height Width Depth System operating environment This section describes the required office environment for the TPS 2070 DC. Environmental parameters Keep the TPS 2070 DC in an environment that meets the specifications in the Environmental Parameters Environmental Parameters Operating temperature...

  • Page 53: Appendix A: Safety And Regulatory Information

    To reduce the risk of electric shock, do not plug Nortel products into any other type of power system. Contact your facilities manager or a qualified electrician if you are not sure what type of power is supplied to your building.

  • Page 54: Regulatory Compliance

    Regulatory compliance FCC Class A notice The equipment complies with Part 15 of the FCC Rules. Operation is subject to the following two conditions: 1) The device may not cause harmful interference, and 2) This equipment must accept any interference received, including interference that may cause undesired operation.

  • Page 55: Ce Notice

    Appendix A: Safety and regulatory information Regulatory compliance CE notice The CE mark on this equipment indicates that this equipment meets or exceeds the following technical standards: EN50082-1, EN55022, EN60555-2, EN61000- 4-1, EN61000-4-2, EN61000-4-3, EN61000-4-4, and EN61000-4-5. TPS 3D S 4.7.0 ORTEL ENSOR AND...

  • Page 57: Installation Guide

    Users must take full responsibility for their applications of any products specified in this document. The information in this document is proprietary to Nortel Net- works.

This manual is also suitable for:

207021502170

Table of Contents