2
©
SOLIDA SYSTEMS INTERNATIONAL 2016
Table of Contents
1. INTRODUCTION .................................................................................................................................................... 4
1.1
R
EPUTATION
B
ASED
D
ETECTION
......................................................................................................................................... 4
1.2
I
NTRUSION
D
ETECTION AND
P
REVENTION
......................................................................................................................... 4
1.3
M
ONITORING AND
L
OGGING
.................................................................................................................................................. 4
2. HARDWARE INSTALLATION ............................................................................................................................. 5
2.1
T
YPICAL
C
ONFIGURATION
...................................................................................................................................................... 6
3. ACCESSING THE WEB APPLICATIONS ............................................................................................................ 7
3.1
M
ANAGEMENT
P
ORT
............................................................................................................................................................... 7
3.2
M
ANAGING
U
SERS
.................................................................................................................................................................... 8
4. CONFIGURING THE APPLIANCE ....................................................................................................................... 9
4.1
E
THERNET
P
ORT
C
ONFIGURATION
...................................................................................................................................... 9
4.2
A
PPLIANCE
N
AME
.................................................................................................................................................................... 9
4.3
D
EEP
P
ACKET
I
NSPECTION
C
ONFIGURATION
.................................................................................................................. 10
4.4
E
N
OTIFICATION
.......................................................................................................................................................... 11
4.4.1 Setting Up Email Notification .................................................................................................................................. 11
4.4.2 Email Notification ......................................................................................................................................................... 11
4.4.3 Instant Critical ............................................................................................................................................................... 12
4.4.4 Current Email Addr ...................................................................................................................................................... 12
4.4.5 New Email Addr ............................................................................................................................................................. 12
4.4.6 Event Notification Emails .......................................................................................................................................... 12
4.4
R
EPUTATION
T
HREAT
L
IST
U
PDATES
.............................................................................................................................. 13
4.4.1 About Tor Exit Nodes ................................................................................................................................................... 14
4.5
S
ET
M
OBILE
A
PPLICATION
P
ASSWORD
............................................................................................................................ 14
4.5
S
ETTING
T
HE
T
IME
Z
ONE
................................................................................................................................................... 15
5. REPUTATION BASED DETECTION ................................................................................................................. 16
5.1
O
VERVIEW
.............................................................................................................................................................................. 16
5.2
DGA
L
IST
............................................................................................................................................................................... 16
5.3
L
IST
U
PDATES
....................................................................................................................................................................... 17
6. INTRUSION DETECTION AND PREVENTION RULES ................................................................................ 19
6.1
R
ULE
O
VERVIEW
................................................................................................................................................................... 19
6.2
R
ULE
L
IST
............................................................................................................................................................................... 19
6.3
R
ULE
S
ETS
.............................................................................................................................................................................. 20
6.4
A
CTIVATING A
R
ULE
S
ET
..................................................................................................................................................... 20
6.5
O
PERATING
M
ODE
................................................................................................................................................................ 21
6.6
C
REATING
C
USTOM
R
ULES
.................................................................................................................................................. 21
6.7
R
ULE
I
D
................................................................................................................................................................................... 22
7. EVENTS AND EVENT SEVERITY ...................................................................................................................... 23
7.1
E
VENT
O
VERVIEW
................................................................................................................................................................ 23
7.2
E
VENT
S
EVERITY
................................................................................................................................................................... 23
7.2.1 Low severity (colored green in the GUI) ............................................................................................................. 24
7.2.2 Medium severity (colored orange in the GUI) .................................................................................................. 24
7.2.3 Critical severity (colored red in the GUI) ............................................................................................................ 24
7.3
S
OURCE AND
D
ESTINATION
IP
A
DDRESSES
..................................................................................................................... 24
8. RESPONDING TO CRITICAL EVENTS ............................................................................................................. 25
9. SYSTEM SOFTWARE UPDATES ....................................................................................................................... 26
