33
Architecture
About management and detection architecture
protection policies, and view log data. You can generate reports and view them
immediately in the Network Security console, or you can schedule them to
generate automatically.
The Network Security console contains three main tabs that provide a view of
the Devices tab, Incidents tab, and Policies tab.
■
Devices tab
: Provides a hierarchical tree view of the network topology, with
a detailed summary of each device.
■
Incidents tab
: Provides detailed descriptions of incidents and events taking
place in the monitored network, and can be drilled down to reveal detailed
packet information.
■
Policies tab
: Provides the tools to create, manage, and apply user-defined
signatures, signature variables, and protection policies.
Reporting in the Network Security console includes dynamic chart and graph
generation, with information drill-down and data retrieval. Pre-defined reports
can be saved and printed. Users can send flow queries and play back traffic
sequences from the Network Security console as well.
About role-based administration
The Network Security console provides a simple yet powerful interface that is
useful for all levels of administration, from the Network Operation Center (NOC)
operator who watches for a red light, to the skilled security administrator who
examines and analyzes packets.
Four pre-defined user groups provide efficient management. Each group
includes a set of permissions for specific management operations. Each user’s
login identity indicates their role and permission assignment during an
administrative session.
Symantec Network Security automatically installs a SuperUser login account
that is authenticated with full administrative capabilities. The SuperUser can
create additional login accounts in the following user groups:
■
SuperUser
s: A user authenticated with full administrative capabilities. This
user is allowed to perform all administrative tasks that the Network Security
console can execute.
■
Administrators
: A user authenticated with partial administrative
capabilities. This user is allowed to perform most administrative tasks, with
the exception of some advanced actions.
■
StandardUsers
: A user authenticated with full read-only capabilities. This
user is allowed to view all information in the Network Security console.
Summary of Contents for 10521146 - Network Security 7120
Page 1: ...Symantec Network Security Administration Guide...
Page 12: ...12 Contents Index...
Page 14: ...14...
Page 70: ...70...
Page 110: ...110 Populating the topology database Adding nodes and objects...
Page 158: ...158 Responding Managing flow alert rules...
Page 188: ...188...
Page 242: ...242 Reporting Playing recorded traffic...
Page 268: ...268 Managing log files Exporting data...
Page 316: ...316 Advanced configuration Configuring advanced parameters...
Page 318: ...318...
Page 338: ...338 SQL reference Using MySQL tables...
Page 366: ...366 Glossary...
Page 392: ...392 Index...