IBM 1G Скачать руководство пользователя страница 16 | Manualshive

Страница: 16 / 52

background image

xvi

1G Network Active Bypass: User Guide

«
...
14
15
16
17
18
...
»

Содержание 1G

Страница 1: ...IBM Security 1G Network Active Bypass User Guide ...

Страница 2: ...pyright statement Copyright IBM Corporation 2009 2014 U S Government Users Restricted Rights Use duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp Publication Date April 2014 ...

Страница 3: ...nagement interface 11 About the management interface 11 Accessing the management interface 12 Monitoring the status of the Network Active Bypass unit 13 Managing settings for the Network Active Bypass unit 14 Setting up segment configurations 14 Configuring Management Port settings 16 Setting up e mail notifications 16 Configuring SNMP traps 17 Synchronizing time and setting time zones 18 Managing...

Страница 4: ...iv 1G Network Active Bypass User Guide ...

Страница 5: ...ation statement regulation notice This product is not intended to be connected directly or indirectly by any means whatsoever to interfaces of public telecommunications networks Copyright IBM Corp 2009 2014 v ...

Страница 6: ...vi 1G Network Active Bypass User Guide ...

Страница 7: ...in conditions To avoid these hazards ensure that your system electrical requirements do not exceed branch circuit protection requirements Refer to the information that is provided with your device or the power rating label for electrical specifications D002 DANGER If the receptacle has a metal shell do not touch the shell until you have completed the voltage and grounding checks Improper wiring or...

Страница 8: ...t signal cables v Never turn on any equipment when there is evidence of fire water or structural damage v Disconnect the attached power cords telecommunications systems networks and modems before you open the device covers unless instructed otherwise in the installation and configuration procedures v Connect and disconnect cables as described in the following procedures when installing moving or o...

Страница 9: ...provide the correct power connection to a rack refer to the rating labels located on the equipment in the rack to determine the total power requirement of the supply circuit v For sliding drawers Do not pull or install any drawer or feature if the rack stabilizer brackets are not attached to the rack Do not pull out more than one drawer at a time The rack might become unstable if you pull out more...

Страница 10: ... product you must first become familiar with the related safety information in the booklet You should also refer to the booklet any time you do not clearly understand any safety information in the US English publications Laser safety information The following laser safety notices apply to this product CAUTION This product may contain one or more of the following devices CD ROM drive DVD ROM drive ...

Страница 11: ...a los propietarios de equipos a reciclar sus productos de TI Se puede encontrar información sobre las ofertas de reciclado de productos de IBM en el sitio web de IBM http www ibm com ibm environment products prp shtml Notice This mark applies only to countries within the European Union EU and Norway Appliances are labeled in accordance with European Directive 2002 96 EC concerning waste electrical...

Страница 12: ...l cadmium nickel metal hydride and other battery packs from IBM equipment For information on proper disposal of these batteries contact IBM at 1 800 426 4333 Please have the IBM part number listed on the battery available prior to your call For Taiwan Please recycle batteries For the European Union Notice This mark applies only to countries within the European Union EU Batteries or packing for bat...

Страница 13: ... products intended for use with this product will appear in their accompanying manuals Federal Communications Commission FCC Statement Note This equipment has been tested and found to comply with the limits for a Class A digital device pursuant to Part 15 of the FCC Rules These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a com...

Страница 14: ... 1176 Fax 0049 0 711 785 1283 e mail tjahn de ibm com EC Declaration of Conformity In German Deutschsprachiger EU Hinweis Hinweis für Geräte der Klasse A EU Richtlinie zur Elektromagnetischen Verträglichkeit Dieses Produkt entspricht den Schutzanforderungen der EU Richtlinie 89 336 EWG zur Angleichung der Rechtsvorschriften über die elektromagnetische Verträglichkeit in den EUMitgliedsstaaten und ...

Страница 15: ...N 55022 Klasse A update 2004 12 07 People s Republic of China Class A Compliance Statement This is a Class A product In a domestic environment this product may cause radio interference in which case the user may need to perform practical actions Japan Class A Compliance Statement This product is a Class A Information Technology Equipment and conforms to the standards set by the Voluntary Control C...

Страница 16: ...xvi 1G Network Active Bypass User Guide ...

Страница 17: ...e latest Network Active Bypass documentation go to the IBM Knowledge Center at http www ibm com support knowledgecenter SSB2MG welcome Related publications See the following documents for more information about the Network IPS appliances supported by the Network Active Bypass unit Document Contents GX5000 Series Getting Started Card Instructions for connecting and configuring a GX5000 Series IPS a...

Страница 18: ...he problem to IBM Support in one of the following ways v By using IBM Support Assistant ISA if the Service Request tool is enabled on your product Any data that has been collected can be attached to the service request Using ISA in this way can expedite the analysis and reduce the time to resolution v Online through the IBM Support Portal You can open update and view all of your service requests f...

Страница 19: ...ue v Two desktop power modules v Power cords v One CD Features This topic describes the features of the Network Active Bypass unit List of features v Active switching of traffic in case of system failure v Passive Bypass which is essential during power loss v Plug and play no additional drivers required on inline devices v TAP functions for passive traffic monitoring v 10 100 1000 TX Copper SX Mul...

Страница 20: ...tive Bypass unit has an assigned IP address You can retrieve or change the IP address by using command line parameters To access the management interface open a Web browser and type https followed by the management port IP address The default IP address for the management port is 192 168 0 111 The default management port Web address is https 192 168 0 111 The management interface is documented in ...

Страница 21: ... IPS appliance 3 LCD display Note LCD buttons are not active 4 LED indicators position of LED indicators varies depending on the model v Link Active LEDs for 1G ports lights indicate if a connection exists and the general amount of traffic v Existing connection Green indicates a connection Amber indicates a collision No light indicates no connection v Amount of traffic Rapid blinking indicates hea...

Страница 22: ...g modes Switching mode Description Active Active mode channels Ethernet frames between the public network and the private network through the Network IPS appliance Typically data flows from the public network to port N1 network in The Network Active Bypass unit transfers the data to port A1 appliance in and then routes the data through the Network IPS appliance to port A2 appliance out Active swit...

Страница 23: ...n the other port Network Active Bypass unit provides the following heartbeat modes Heartbeat mode Description Internal Heartbeat Frame Loopback Mode A user defined Ethernet heartbeat frame that is generated by the Network Active Bypass unit and sent from port A1 The Network Active Bypass unit Ethernet port A2 must receive the same heartbeat frame from the Network IPS appliance Note The heartbeat i...

Страница 24: ...ppliance and forwards the traffic to the network 2 Manual Active The bypass unit always passes traffic to the Network IPS appliance whether it receives a heartbeat or not Another description for this mode is that the bypass unit always works in Active Switching mode 3 Manual Active Bypass The bypass unit always passes traffic to the network bypassing the Network IPS appliance whether it receives a...

Страница 25: ...appliances on a rack 2 Connect the cable to and configure the Network IPS appliances using the instructions provided in the Network IPS GX Appliance Getting Started Guide available from the IBM Knowledge Center at http www ibm com support knowledgecenter SSB2MG welcome 3 Connect the power cables to the Network Active Bypass unit and to two different power sources for added redundancy 4 Use a brows...

Страница 26: ...nit is receiving power Logging into the management interface Procedure 1 Use the management cable labeled CAT5E to connect a computer to the management port on the Network Active Bypass unit Important Make sure you follow industry best practices for securing your critical network infrastructure Do not connect the management port to any network that is open to external traffic The management port s...

Страница 27: ... Active Bypass unit changes You must set up e mail notification before you configure your segments Setting up segments Procedure 1 In the management interface select theSegment page for the Segment you want to configure 2 Type or select the appropriate settings and then click Save Chapter 2 Setting up the Network Active Bypass unit 9 ...

Страница 28: ...10 1G Network Active Bypass User Guide ...

Страница 29: ...s on this segment Segment 3 Port settings and heartbeat settings to activate bypass or get into active mode for appliances on this segment Segment 4 Port settings and heartbeat settings to activate bypass or get into active mode for appliances on this segment Email Notifications Settings required for e mail notification such as e mail accounts and mail server information SNMP Settings Settings for...

Страница 30: ...ake any changes When you change the IP address the management port Web address changes also Management interface Web address You can access the management interface using a Web address that consists of https followed by the management port s IP address The Web address format is as follows https xxx xxx xxx xxx When you type the Web address replace xxx xxx xxx xxx with the IP address assigned to th...

Страница 31: ...ws the active bypass status for segment 4 Tap Settings Shows current port configurations Viewing system status The System section provides general system status as indicated in the following table Field Description Product Name Displays the name of the Network Active Bypass unit Proventia NAB Product ID Displays the product ID of the Network Active Bypass unit Proventia NAB rev 1 Hardware Revision...

Страница 32: ...ss unit Ethernet port A1 every 100 milliseconds ms and the Network Active Bypass unit Ethernet port A2 must receive the same heartbeat frame from the Network IPS appliance Number of HB lost to activate bypass 1 10 Specifies the heartbeat signal that acts as a link up status indicator for the Network Active Bypass unit Ethernet ports A1 and A2 If port A1 or A2 loses the link the Network Active Bypa...

Страница 33: ...e to or remain in Active Switching mode By default without a heartbeat the Network Active Bypass unit remains in Active Switching mode v 2 Manual Active The Network Active Bypass unit is always in Active Switching mode v 3 Manual Active Bypass The Network Active Bypass unit is always in Bypass Switching mode v 4 Manual Passive Bypass The Network Active Bypass unit is in passive bypass in which the...

Страница 34: ... Notification page to configure e mail servers and accounts and to enable or disable notifications Procedure Set the values as indicated in the following table Field Description Email Notification Enable or disable e mail notification Default Disabled Don t send Outgoing Mail Server SMTP Address of the appropriate outgoing SMTP mail server Outgoing Mail Server SMTP Port Port number of the outgoing...

Страница 35: ...se the SNMP Settings page to configure the SNMP destination IP and SNMPv2 community name and to enable or disable the SNMP trap function Procedure Complete the fields as indicated in the following table Field Description Send SNMP Traps Enable or disable the sending of SNMP traps Default Disabled SNMP traps destination IP Destination IP of the SNMP trap server Default localhost SNMPv2 community Co...

Страница 36: ... time with a network time server Default Disabled NTP Server Public domain of a collection of computers that provide time using NTP Time Zone Time zone used by the Network Active Bypass unit Default America New York Managing User Account settings Procedure Use the Users page to change the user name and password required to access the Web management interface Field Description Password Password req...

Страница 37: ...ck Upload Firmware Note It can take up to 5 minutes for the process to finish Check the Status page to verify that the new firmware version has been installed Enabling system logging About this task Use the Log Setting page to enable the consolidation of log data from various systems into a central repository System logs contain important information about actions the Network Active Bypass unit ha...

Страница 38: ...ccounting services for Network Active Bypass unit from one or more servers Procedure Complete the fields as indicated in the following table Field Description TACACS Allows TACACS protocol for access control Default Disabled Server IP address of the server providing access services Default 0 0 0 0 Encrypt Encrypts the body of the TACACS packets for more secure communications Default No Secret Shar...

Страница 39: ...ote shell emulator Connection requirements The requirements for both connection types are shown in the following table Connection type Port on Network Active Bypass unit Cable Serial terminal emulator Console port Console cable SSH remote shell emulator Management port Management cable Serial terminal settings Use a serial terminal emulator and the following terminal settings Setting Value Communi...

Страница 40: ...issions required Only the Admin account has permissions to set and to retrieve system parameters Command line syntax Use the following command line syntax to set or to retrieve values for parameters Command Action cli get more Outputs values for all parameters cli get parameter_ name Specifies a value for the parameter Example Typing cli get timeout displays the timeout value in decimal form cli s...

Страница 41: ...er Description ip Current IP address for the management port for Network Active Bypass unit Default 172 16 124 17 mask Subnet mask for the management port Default 255 255 255 0 gw Gateway IP address for the management port Default 172 16 124 1 current_ip Current IP address for the management port Note The current_ip parameter is read only Communication parameters The parameters in the following ta...

Страница 42: ...mail notification feature Parameter Description email Enables or disables the e mail notification feature v 0 disables e mail notification v 1 enables e mail notification Default 1 email_from Name or e mail address that is displayed in the From field on the e mail notification email_security Enables or disables the e mail security feature v 0 disables e mail security feature v 1 enables e mail sec...

Страница 43: ...o detect and activate Link Fault Detection Default Enabled Operational parameters The parameters in the following table control the behavior of the Network Active Bypass unit Parameter Description timeout Timeout value for Network Active Bypass unit Each timeout unit is 100 ms Timeout range is 100 milliseconds to 25 5 seconds In default bypass operation mode if the Network Active Bypass unit does ...

Страница 44: ...e appliance Default hb_mode 1 state State of the Network Active Bypass unit This parameter is read only v 0 Bypass Switch state v 1 Active Inline Switch state active_hb_cnt Stores the active heartbeat signal count The segment switches to Active Switch mode only if it receives active_hb_cnt number for a consecutive heartbeat Default 2 Range 1 10 bypass_hb_cnt Stores the bypass heartbeat signal coun...

Страница 45: ...ption tacacs_secret TACACS secret Default None tacacs_server IP number of TACACS server tacacs_service TACACS service Default all Chapter 4 Configuring the Network Active Bypass unit using the command line interface 27 ...

Страница 46: ...28 1G Network Active Bypass User Guide ...

Страница 47: ...lectual Property Law IBM Japan Ltd 19 21 Nihonbashi Hakozakicho Chuo ku Tokyo 103 8510 Japan The following paragraph does not apply to the United Kingdom or any other country where such provisions are inconsistent with local law INTERNATIONAL BUSINESS MACHINES CORPORATION PROVIDES THIS PUBLICATION AS IS WITHOUT WARRANTY OF ANY KIND EITHER EXPRESS OR IMPLIED INCLUDING BUT NOT LIMITED TO THE IMPLIED...

Страница 48: ...ent between us All statements regarding IBM s future direction or intent are subject to change or withdrawal without notice and represent goals and objectives only Trademarks IBM the IBM logo and ibm com are trademarks or registered trademarks of International Business Machines Corp registered in many jurisdictions worldwide Other product and service names might be trademarks of IBM or other compa...

Страница 49: ...supply 3 R reboot 20 S safety notices vii segment configuration 14 SSH port 21 status 13 support xviii switching modes 4 syntax command line 22 syslog 19 system status 13 T TACACS See Terminal Access Controller Access Control System TACACS See Terminal Access Controller Access Control System Plus technical support IBM Security xviii Terminal Access Controller Access Control System 20 Terminal Acce...

Страница 50: ...32 1G Network Active Bypass User Guide ...

Страница 51: ......

Страница 52: ... Printed in USA ...

Отзывы:

Нет отзывов

Похожие инструкции для 1G

NetDefend DFL-260E

Бренд: D-Link Страницы: 6

NetDefend DFL-260E

Бренд: D-Link Страницы: 198

DFL-300 - Security Appliance

Бренд: D-Link Страницы: 12

NetDefend SOHO DFL-160

Бренд: D-Link Страницы: 130

DFL-1600 - Security Appliance

Бренд: D-Link Страницы: 22

DFL-700 - Security Appliance

Бренд: D-Link Страницы: 141

DFL-210 - NetDefend - Security Appliance

Бренд: D-Link Страницы: 213

DFL-800 - Security Appliance

Бренд: D-Link Страницы: 20

DFL-210 - NetDefend - Security Appliance

Бренд: D-Link Страницы: 469

Бренд: D-Link Страницы: 8

DIR-330 - Wireless G VPN Router

Бренд: D-Link Страницы: 112

Бренд: D-Link Страницы: 16

DFL-700 - Security Appliance

Бренд: D-Link Страницы: 12

DFL-800 - Security Appliance

Бренд: D-Link Страницы: 23

DFL-800 - Security Appliance

Бренд: D-Link Страницы: 32

DFL-700 - Security Appliance

Бренд: D-Link Страницы: 138

Бренд: D-Link Страницы: 147

Бренд: D-Link Страницы: 948

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды