Related Manuals for Nokia Intrusion Prevention
Summary of Contents for Nokia Intrusion Prevention
- Page 1 Nokia Intrusion Prevention with Sourcefire Appliance Quick Setup Guide Part Number N450000567 Rev 001 Published September 2007...
- Page 2 FAR 52.227-19. IMPORTANT NOTE TO USERS This software and hardware is provided by Nokia Inc. as is and any express or implied warranties, including, but not limited to, implied warranties of merchantability and fitness for a particular purpose are disclaimed. In no event shall Nokia, or its affiliates, subsidiaries or suppliers be liable for any direct, indirect, incidental, special, exemplary, or consequential damages (including, but not limited to, procurement of substitute goods or services;...
- Page 3 Singapore 119968 Nokia Customer Support Web Site: https://support.nokia.com/ Email: tac.support@nokia.com Americas Europe Voice: 1-888-361-5030 or Voice: +44 (0) 125-286-8900 1-613-271-6721 Fax: 1-613-271-8782 Fax: +44 (0) 125-286-5666 Asia-Pacific Voice: +65-67232999 Fax: +65-67232897 050602 Nokia Intrusion Prevention with Sourcefire Appliance Quick Setup Guide...
- Page 4 Nokia Intrusion Prevention with Sourcefire Appliance Quick Setup Guide...
-
Page 5: About This Document
Sourcefire 3D Sensor on Nokia—consists of the Sourcefire Sensor on Nokia application running on a Nokia Intrusion Prevention with Sourcefire appliance. A Sourcefire 3D Sensor on Nokia can be deployed to run any or all of the following: Sourcefire Intrusion Prevention System (IPS)—IPS monitors your network for attacks that might affect the availability, integrity, or confidentiality of hosts on the network. -
Page 6: Before You Begin
Plan Your Deployment Before you begin installing and configuring your Nokia appliance, plan how you will deploy the Nokia Intrusion Prevention with Sourcefire components as part of a network and enterprise security plan. The Nokia Intrusion Prevention with Sourcefire User’s Guide provides information on intrusion prevention considerations, on network deployment scenarios, and on the use of network devices, such as hubs, switches, and taps, to connect your sensor. -
Page 7: Setup Overview
Setup Overview The following figure presents an overview of the steps to follow when you set up a Nokia appliance to operate as a 3D Sensor. Each step is described in more detail in the following pages. Set up Install the... -
Page 8: Install The Appliance
Make a note of the serial number of the appliance, which is located on the Product Tracking I.D. Label on the bottom or side of the appliance. You will need the serial number to obtain a license for the Intrusion Prevention System (IPS) software. - Page 9 1 stop bit The initial configuration begins with the following prompt: Hostname? If the Hostname? prompt does not appear on the console, see the Nokia IPxxx Intrusion Prevention with Sourcefire Installation Guide for your appliance for troubleshooting suggestions. Answer the prompts for hostname, user admin password, and user root password.
- Page 10 Enter Return to bypass this step. Do this if you want to leave auto-negotiation on. When asked to confirm the interface parameters, type y. The system will continue booting. When it is completed, the login prompt will appear. Nokia Intrusion Prevention with Sourcefire Appliance Quick Setup Guide...
-
Page 11: Configure Dns
Server fields—enter the IP address of a host running a DNS server. The optional secondary and tertiary servers are used if the primary (or secondary) server fails to respond. Click Submit. Nokia Intrusion Prevention with Sourcefire Appliance Quick Setup Guide... -
Page 12: Configure System Time
You must ensure that time is synchronized between the Defense Center and the 3D Sensors it manages. Nokia recommends that you do so by configuring the appliance to use NTP for continuous time synchronization with an NTP time server. You can configure the Defense Center itself to be the NTP time server. - Page 13 Although the message suggests a reboot might be necessary, you do not need to reboot the sensor. After the Sourcefire Sensor on Nokia package is enabled, a link to the Sourcefire Sensor Configuration page appears in the Network Voyager tree view.
- Page 14 Management Port—the TCP port number you want to use for communications between the Defense Center and the sensor. The default value is 8305/tcp. All appliances in your deployment should use the same port number. Click the Submit button. Nokia Intrusion Prevention with Sourcefire Appliance Quick Setup Guide...
- Page 15 The sensor is added to the Defense Center. It can take up to two minutes for the Defense Center to verify the sensor heartbeat and establish communication. You can view the sensor status on the Defense Center Sensors page (Operations > Sensors). Nokia Intrusion Prevention with Sourcefire Appliance Quick Setup Guide...
- Page 16 For example, if your Defense Center will be managing three different Sourcefire 3D Sensors on Nokia, with two of them running IPS and all three running RNA, then you must add two IPS software licenses and a single RNA Host license that is large enough to cover the number of hosts monitored by the three sensors in aggregate.
- Page 17 The Licensing Center Web site accepts 12-digit serial numbers only. Add leading zeros to your Nokia feature serial number to make it a 12-digit number. For example, for an IPS software license, add a leading zero to your appliance serial number.
- Page 18 VDBs, go to Operations > Update. For SEU updates, go to Policy & Response > IPS > SEU. Sensor software updates, SEUs, and VDBs are also available for download at the Nokia Support Web site. You can then use the Defense Center to upload them and install them.
- Page 19 Configure the Detection Engines At this point, your Sourcefire 3D Sensor on Nokia is set up in the following default configuration: All the available network interfaces, excluding the management interface, are combined in a single passive interface set. (To be considered available, an interface must be administratively disabled.)
- Page 20 To begin creating or applying detection policies, select Policy & Response and then either IPS or RNA, depending on the type of policy. The Sourcefire 3D System for Nokia User Guide provides information on how to create and change interface sets, detection engines, and detection policies.
-
Page 21: For Further Information
The following documentation is available on the Documentation and Restore CD that came with your Sourcefire Defense Center for Nokia or on the Nokia Support Web site: Sourcefire Defense Center for Nokia Installation Guide—describes how to install and initially configure the Defense Center. - Page 22 Nokia Intrusion Prevention with Sourcefire Appliance Quick Setup Guide...