Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01 Manual Download Page 1

Page: 1 / 104

Juniper Networks Network
and Security Manager

NSMXpress Series II User Guide

Release

2010.4

Published: 2010-11-17

Revision 1

Summary of Contents for NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01

Page 2: ...ions of the GateD software copyright 1988 Regents of the University of California All rights reserved Portions of the GateD software copyright 1991 D L S Associates This product includes software deve...

Page 3: ...re physically contained on a single chassis c Product purchase documents paper or electronic user documentation and or the particular licenses purchased by Customer may specify limits to Customer s us...

Page 4: ...ATE WITHOUT ERROR OR INTERRUPTION OR WILL BE FREE OF VULNERABILITY TO INTRUSION OR ATTACK In no event shall Juniper s or its suppliers or licensors liability to Customer whether in contract tort inclu...

Page 5: ...ree years from the date of distribution Such request can be made in writing to Juniper Networks Inc 1194 N Mathilda Ave Sunnyvale CA 94089 ATTN General Counsel You may obtain a copy of the GPL at http...

Page 7: ...Series II 8 Set Up Your Appliance 9 CLI Configuration 9 Web Interface Configuration 10 Chapter 2 Installing and Configuring NSM from the CLI 11 Navigating the Menus 11 General Options 11 Using nsm_se...

Page 8: ...Server Only 38 Generating Reports Regional Server Only 39 Modifying NSM Configuration Files 39 Backing Up the NSM Database 40 Changing the NSM Management IP 41 Scheduling Security Updates 41 Managing...

Page 9: ...60 Troubleshooting 61 Auditing User Operations 61 Error Logs 63 Network Utilities 64 Ping 64 Traceroute 65 Lookup 65 IP Subnet Calculator 66 Tech Support 66 Viewing System Information 67 Part 2 Append...

Page 11: ...Menu 36 Figure 14 Change Superuser Password 37 Figure 15 Download NSM MIBs 38 Figure 16 Export Audit Logs 38 Figure 17 Export Device Logs 38 Figure 18 Generate Reports 39 Figure 19 NSM Configuration F...

Page 12: ...Figure 47 Ping Utility 64 Figure 48 Traceroute Utility 65 Figure 49 Lookup Utility 66 Figure 50 IP Subnet Calculator 66 Figure 51 Juniper Tech Support 66 Figure 52 System Information 67 Part 2 Append...

Page 13: ...pter 1 Getting Started 3 Table 5 Required Ports on NSMXpress Series II 5 Table 6 Ethernet Port LEDs 7 Table 7 RJ 45 Console Connector Pinout 7 Chapter 3 Configuring NSM from the Web Interface 29 Table...

Page 15: ...figured as either a regional server or central manager This guide describes how you can install NSM onto your NSMXpress Series II appliance In addition this guide describes how to manage the appliance...

Page 16: ...resents keywords Represents UI elements Bold typeface like this user input Represents text that the user must type Bold typeface like this host1 show ip ospf Routing Process OSPF 2 with Router ID 5 5...

Page 17: ...s guide is intended for IT administrators responsible for the installation or upgrade of NSM Network and Security Manager Installation Guide Describes how to use and configure key management features...

Page 18: ...out configuring the device features for all supported Infranet Controllers Network and Security Manager Configuring Infranet Controllers Guide Provides details about configuring the device features fo...

Page 19: ...and easy problem resolution Juniper Networks has designed an online self service portal called the Customer Support Center CSC that provides you with the following features Find CSC offerings http www...

Page 20: ...314 JTAC 1 888 314 5822 toll free in the USA Canada and Mexico For international or direct dial options in countries without toll free numbers visit us at http www juniper net support requesting supp...

Page 21: ...ss Series II Part 1 contains the following chapters Getting Started on page 3 Installing and Configuring NSM from the CLI on page 11 Configuring NSM from the Web Interface on page 29 1 Copyright 2010...

Page 23: ...ntly from NSMXpress Series II because it eliminates the need to have dedicated resources for maintaining a network and security management solution NSMXpress Series II make it easy for administrators...

Page 24: ...mend that you install the NSMXpress Series II appliance on your LAN to ensure that it can communicate with your applicable resources such as authentication servers DNS servers internal Web servers thr...

Page 25: ...Yes Yes Connections from managed IDP devices to NSM 7803 Yes Yes Yes Connections from devices running Junos Secure Access devices or Infranet Controller devices 7804 No Yes Yes SSH connection to new...

Page 26: ...Blank power supply tray switch Fan 0 Fan 1 If your NSMXpress contains two power supplies plug a power cord into each AC receptacle 5 Plug the other end of the power cord into a wall socket If your NS...

Page 27: ...llation is now complete The next step is to set up the software as described in Initial Setup Configuration on page 8 Table 6 on page 7 provides LED information for the Ethernet ports Table 6 Ethernet...

Page 28: ...e you must attach your NSMXpress Series II appliance to a console terminal running an emulation utility such as HyperTerminal 1 Configure a console terminal or terminal emulation utility to use the fo...

Page 29: ...ure your system via command line type nsm_setup For operation of NSM server switch to user nsm Please consult NSM product documentation for details admin NSMXpress To complete the setup process using...

Page 30: ...Xpress Series II appliance To return to the admin user enter exit at the prompt root user Administers advanced system settings To change to root user from the admin user go to the prompt enter sudo su...

Page 31: ...NSMXpress Series II appliance the following standard navigational menu options are available to you This section provides information on general options you can use during setup and configuration Thes...

Page 32: ...most menus Quit Enter Q to exit from the setup program You will be prompted to save or cancel any changes you made since you last saved Q Quit R Redraw menu Choice 1 9 Q R Q Using nsm_setup After ini...

Page 33: ...tion This section describes that setup process The steps in this procedure assume you Have completed all appropriate steps in Getting Started on page 3 Have a console terminal or terminal emulation ut...

Page 34: ...regional server NSM Configuration Main Menu 1 Management IP 10 150 43 205 The IP address on this server that will be used for management 2 NSM super password Password for super user 3 GUI server one t...

Page 35: ...y Off 6 Menu Advanced Options You have the following options High Availability Enter 5 to open a menu to configure HA Advanced Options Enter 6 to open a menu of additional configurable options includi...

Page 36: ...to open a menu to help you configure the second HA link in the HA cluster Use the items in this menu to set up a redundant link for the HA cluster If you are going to use a second link you need to se...

Page 37: ...for NBI Default is 8443 2 Menu Remote Replication of Database Off 3 Menu SRS Off M Main Menu R Redraw menu Choice 1 3 M R You have the following options https port for NBI service Enter 1 to change th...

Page 38: ...ate Hour of day to Replicate Database Enter 2 to start the backup at the specified time The valid range is 00 23 Remote Backup IP Enter 3 to specify the IP address of the remote backup machine Backup...

Page 39: ...r password for the SRS database At least eight characters are required The password is case sensitive Click Submit to save the options and return to the NSM Configuration Main Menu Configuring the Cen...

Page 40: ...ional options including the port number for receiving messages through the NSM API and remote database replication details The following sections provide procedures for configuring HA and advanced opt...

Page 41: ...g dev sdc1 or server share 3 Shared Disk NFS Mount Options Options when mounting shared disk e g rw intr tcp soft timeo 2 4 Return to High Availability menu Menu HA Links Enter 7 to open the HA Links...

Page 42: ...Menu R Redraw menu Choice 1 2 M R You have the following options https port for NBI service Enter 1 to change the port number for listening for messages for the NSM API In response to the prompt ente...

Page 43: ...change the timeout period for the remote backup The valid range is 1 through 65535 seconds Configuring Standard Configuration Options After the initial setup continue configuring typical options incl...

Page 44: ...one of the following options 1 to modify eth0 2 to set or modify eth1 3 Make the following selection for interface options by selecting one of the following options 1 to change the IP address and retu...

Page 45: ...t hostname also with 4 or more labels the previous hostname alias might remain in the etc hosts file This condition can be corrected by manually editing the etc hosts file Adding DNS Servers You can a...

Page 46: ...warding Local Status E mails You can use this option to forward all local root e mail messages to an e mail address You can add an unlimited number of e mail addresses in addition to mailing lists to...

Page 47: ...or saving changes At the prompt enter one of the following menu options A to apply all the new changes M to make more changes before configuring the regional server or the central manager C to cancel...

Page 48: ...ou have not updated the recovery partition through the Web UI only the Re install option option to install the previous version is displayed 4 Read the paragraph and then press Enter Booting Re Instal...

Page 49: ...etup process Your NSMXpress Series II comes preconfigured as a regional server or a central manager Most installation and configuration steps in this section are identical for both types of server All...

Page 50: ...the Install NSM Central Manager link to view the Install NSM Central Manager page see Figure 4 on page 31 as the case may be NOTE The admin user default username is admin and the password is the one...

Page 51: ...and then reenter it in the text box below it This password is used to authenticate this NSM server with other NSM servers with which it communicates Regional servers use this password to authenticate...

Page 52: ...dary server in the HA cluster If you select y it is the primary server the default If you select n it is the secondary server 4 Use the HA Remote IP option to enter the IP address for the HA peer in t...

Page 53: ...Options Use the options in this menu to set up a redundant link for the HA cluster If you are going to use a second link you need to set the IP address for eth1 before configuring this setting see Co...

Page 54: ...fer to the Network and Security Manager Installation Guide Figure 10 HA Advanced Settings 11 Click Submit to save the HA options and return to the NSM Configuration Main Menu Advanced Options To displ...

Page 55: ...bling and Configuring SRS Regional Server Only on page 36 Enabling and Configuring Remote Replication of the Database To configure remote replication of database settings 1 On the Advanced Options men...

Page 56: ...default is off If you turn on this feature the server is used with the GUI Server 3 Use the SRS DB IP option to enter the IP address for the server on which you have installed the SRS database server...

Page 57: ...navigation tree to access the options described in this section These options are available only after installing NSM The following sections explain how to use each of the NSM Administration options C...

Page 58: ...ort Audit Logs To export an audit log to a csv file select csv in the drop down list box and then enter the csv file name in the text box To export an audit log to a system log server select syslog in...

Page 59: ...NSM administrator and not an NSM appliance user Enter a user name as domain user such as global super Modifying NSM Configuration Files To manually edit the GuiSrv cfg DevSvr dfg and HaSvr cfg files s...

Page 60: ...e nsm setup utility all manual changes to the configuration files are lost Backing Up the NSM Database To configure backups of the NSM database select NSM Administration NSM Database Backup link under...

Page 61: ...ation NSM Management IP link under NSM Administration See Figure 21 on page 41 Figure 21 Change Management IP Scheduling Security Updates To schedule security updates select NSM Administration Schedul...

Page 62: ...age 45 Monitoring with SNMP on page 48 Forwarding Syslog Messages on page 51 Changing the System Time on page 54 Installing Updates on page 54 Managing Users on page 55 Configuring the Web Interface o...

Page 63: ...onfiguration The Network Configuration window appears as shown in Figure 25 on page 43 Figure 25 Network Interfaces Options The following sections describe each of the options available in the Network...

Page 64: ...ure and manage routes and gateways See Figure 27 on page 44 Figure 27 Routes and Gateways Hostname and DNS Clients Use this option to configure and manage hostnames and DNS clients See Figure 28 on pa...

Page 65: ...eges that are associated with the user profile If none of the servers authenticates the user the user login fails NOTE NSMXpress Series II must be configured as a RADIUS client on a RADIUS server so t...

Page 66: ...ADIUS Servers Dialog Box 2 Click Add to add a RADIUS Server to the WebUI The Add RADIUS Server dialog box appears See Figure 31 on page 46 Figure 31 Add RADIUS Server Dialog Box 3 Configure the follow...

Page 67: ...t to the name of the server whose priority you want to increase and click Move Up To decrease the priority of a RADIUS server select the check box next to the name of the server whose priority you wan...

Page 68: ...ructions for configuring NSMXpress Series II for SNMP monitoring You must provide access credentials for the SNMP server a list of IP addresses from which logon requests will be accepted and the trap...

Page 69: ...the NSMXpress Series II appliance 5 To limit SNMP Get requests to specific servers select Only and then enter the IP addresses of the permitted servers 6 Click Save SNMP System Information To configu...

Page 70: ...IP address of the SNMP management server 4 Select from the following trap conditions Disk space low Enter the percentage of free disk space below which SNMP issues a trap Memory low Enter the percenta...

Page 71: ...Series II creates a secure tunnel to the syslog receiver UDP messaging is available for basic syslog implementations The following sections provide procedures for managing syslog message forwarding V...

Page 72: ...be sent to this receiver Device Server The GUI Server logs configured to be sent to this receiver GUI Server The HA Server logs configured to be sent to this receiver HA Server Adding and Configuring...

Page 73: ...er will be known by within NSM 6 In the IP field Enter the IP address of the syslog receiver 7 In the Transport field select the type of syslog receiver Select UDP for basic syslog implementations Sel...

Page 74: ...d recevier 3 Make the desired changes to the configuration 4 Click Save to save and apply your edits to the configuration of this syslog receiver Deleting Syslog Receivers To delete a syslog receiver...

Page 75: ...E You need System Administration permission to create users This topic contains the following sections Creating New NSMXpress Series II Users on page 55 Deleting a User on page 56 Editing User Attribu...

Page 76: ...press user dialog box appears 3 Enter a user name in the Username text box 4 Select Set to from the password drop down list and enter the password you want to set in the password text box 5 Reenter th...

Page 77: ...ministrator NSM Administrators have access to NSM Administration RADIUS Management Maintenance and Troubleshooting modules Network Operator Network Operators have access to Network Utilities and Repor...

Page 78: ...SM Configuration Files No No Yes Yes NSM Database Backup No No Yes Yes NSM Management IP No No Yes Yes Schedule Security Updates Maintenance Yes Yes Yes Yes System Statistics Troubleshooting No No Yes...

Page 79: ...tenance System Statistics The system Statistics window appears as shown in Figure 41 on page 59 Figure 41 System Statistics CPU Select CPU to view graphs that monitor the CPU activity hourly daily wee...

Page 80: ...MXpress Series II available for recovery displacing the existing files in the recovery partition The factory default recovery files are retained as an alternative recovery choice Other versions are de...

Page 81: ...screen shows the progress of the operation Errors are reported if the required files are unavailable disk space is not sufficient or the previous version files are invalid When preparation is complete...

Page 82: ...he By authentication check box and choose an authentication mechanism from the drop down list to specify actions by a specific authentication mechanism Select Byanyauthentication except and choose a p...

Page 83: ...n page 63 shows an example Figure 44 Review Error Logs To view details of an individual error log select the file you want to view and click View Figure 45 on page 63 shows sample error log details Fi...

Page 84: ...y Packets Enter the number of packets this ping command will send The default is 5 The values range from 1 99 Packet Size Enter the packet size in bytes this ping command will send The default is 56 T...

Page 85: ...tool to print the route a packet takes to a network host See Figure 48 on page 65 Figure 48 Traceroute Utility NOTE The only required field is Hostname The value can be either a hostname or an IP addr...

Page 86: ...smallest network available Figure 50 IP Subnet Calculator Tech Support To get contact information for Juniper Networks technical support select Troubleshooting Tech Support To help analyze problems se...

Page 87: ...formation menu item to display information about the server including CPU load and memory use as shown in Figure 52 on page 67 Figure 52 System Information 67 Copyright 2010 Juniper Networks Inc Chapt...

Page 91: ...system is flexible and offers several options for rack mounting the hardware The different options include NOTE If you are installing multiple NSMXpress Series II appliances in one rack you should ins...

Page 92: ...ll screws towards the front of the chassis 2 Loosen the side rail screws of the chassis and slide the front rails of the system forward as far as they will move See Figure 54 on page 72 3 Tighten the...

Page 93: ...s on the sides of the rear mount brackets to secure the front and rear mounting brackets in place See Figure 55 on page 73 4 Verify that the mounting screws on one side of the rack are aligned with th...

Page 94: ...e recessed front rails on either side of the unit This enables easy cable routing on the racks with limited cable management Mid Mount in Two Post Equipment Rack This option is suitable for a two post...

Page 97: ...ge 77 describes their states Table 10 NSMXpress LEDs Condition Color LED The appliance is not receiving power Unlit Power The appliance is receiving power Green No hard disk activity Unlit Hard Disk H...

Page 98: ...ailure On steadily Red Hard Disk Failure LED NOTE This is applicable for NSM 3000 RAID configurations and not for non RAID configurations NSMXpress NSMCM Hard disk recovery or rebuild Blinking red NOT...

Page 101: ...device logs exporting 38 DevSvr cfg file 39 disk usage 60 DMZ 4 DNS client 44 DNS server 25 documentation comments on xviii E e mail forwarding 26 enterprise customers 3 error logs 63 eth0 activity 6...

Page 102: ...er 26 54 null modem serial cable 7 P password admin user 23 GUI server one time 15 20 31 heartbeat 16 21 32 NSM central manager 20 super user central manager 31 37 super user regional server 14 31 37...

Page 103: ...ng 54 receivers editing 54 receivers viewing 51 system information 67 system logs 63 system statistics 59 system time 25 54 T technical support 66 contacting JTAC xix tiling 60 time zone 26 54 time se...

Search results

Summary of Contents for NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01

Reviews:

Related manuals for NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01

Brands by name

Popular brands

Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01, Manual

Search results

Summary of Contents for NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01

Reviews:

Related manuals for NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01

Brands by name

Popular brands