HP X Unified Security Platform manual 20

Chapter 1 System Overview

When the X family device is installed and configured, it protects your network zones (LAN, WAN, and VPN, for example) using firewall rules and IPS filters. The device scans and reacts to network traffic according to the actions configured in the firewall rule or IPS filter. Each security zone and device can use a different set of firewall rules and IPS filters. Actions configured on the firewall rules and IPS filters provide the instructions for the device and can include blocking, rate limiting, or permitting the traffic and sending a notification about the action to a device or e-mail address. Options are also available to block traffic and quarantine the source IP address for the traffic.

For users who will deploy multiple X family devices across the enterprise, TippingPoint provides the Security Management System (SMS). The SMS allows you to coordinate the management of multiple devices for administration, configuration, and monitoring. Most importantly, the SMS includes enterprise-wide reporting and trend analysis.

Local Clients

You can access the X family device for monitoring, management, and configuration from any of the following three client applications:

•Local Security Manager (LSM) — Web-based GUI for managing one IPS device. The LSM provides HTTP and HTTPS (secure management) access. This access requires Microsoft Internet Explorer 6.0 or later, Firefox 1.5+, Mozilla 1.7+, or Netscape 8.1+. Using the LSM, you have a graphical display for reviewing, searching, and modifying settings. The GUI interface also provides graphical reports for monitoring the device traffic, triggered filters, and packet statistics.

•Command Line Interface (CLI) — Command line interface for reviewing and modifying settings on the device. The CLI is accessible through Telnet and SSH (secure access).

•Secure Management System (SMS) — the SMS allows you to remotely manage multiple X family devices. You can configure security zones, profiles and policy (firewall rules and IPS filters) from the SMS and distribute the configuration to multiple devices. The SMS also allows you to view, manage and edit device configuration, and review logs and reports for all devices under SMS management.

Note The device allows for 10 web client connections, 10 telnet/SSH (for CLI) connections, and one console connection at once.

System Requirements

The LSM is software accessed using a web browser. The browser’s hardware and software requirements are not as technical as systems loading the software locally. To access the LSM, you need the following:

•Microsoft Internet Explorer (MSIE) v 6.0 or greater with 128-bit encryption and support for JavaScript and cookies, Firefox 1.5+, Mozilla 1.7+, or Netscape 8.1+

SMS Configuration

If you will maintain your device using the Security Management System (SMS) or you will no longer use the SMS, you need to configure a setting on the device. This setting identifies if the device is controlled by the SMS.

For more information, see “SMS/NMS” on page 232.

4 X Family LSM User’s Guide V 2.5.1