資料課件參考文稿

1、Setup and Installation GuideRelease 9.0.0Attention FIPS and Common Criteria UsersThis guide, as written, represents the non-FIPS mode feature functionality. It specifies where FIPS mode removes or modifies the functionality of a feature.Appendix A of this document and Appendix C of the NitroView Use

2、rs Guide include a list of features that should not be enabled when operating in FIPS mode as they are not compliant with FIPS 140-2, Level 2, Security Requirements for Cryptographic Modules. Appendix D of the NitroView Users Guide includes information regarding the Common Criteria evaluated configu

3、ration. If you must comply with FIPS or Common Criteria requirements, please refer to these appendixes prior to using the system.Part No. NS-75602001900SIGInformation in this manual is subject to change without notice. This manual may not be reproduced or transmitted in any form or by any means, wit

4、hout written consent of NitroSecurity, Inc.Copyright 2011 NitroSecurity, Inc.Printed in the USAContact InformationNitroSecurity, Inc. 230 Commerce WayPortsmouth, NH 03801603.766.8160Regulatory NoticesWarrantyNitroSecurity provides a standard warranty on its products. Please refer to the ProductWarra

5、nty included with your product. Additional information concerning product warresis available at.Table of ContentsAbout This Guide6Part IDocument Conventions6Support Information6Installing the NitroSecurity Device7Part IIBefore You Begin7Installing the Devices10Mounting the Device10Connecting the Pow

6、 er Supply10Starting the Device11Selecting the Netw ork Cable11Identifying Netw ork Ports13Connecting Netw ork Cables17Verifying the Connectivity Through the IPS Device. 17Setting Up the NitroSecurity DeviceConfiguring the Network Interface on the IPS18.18Part IIIConfiguring the Network Interface on

7、 the Receiver19Configuring the Network Interface on the DBM20Configuring the Network Interface on the ADM21Configuring the Network Interface on the ELM22Configuring the Network Interface on the ESM23Installing the X5, Pow er Supply, and UPS Device24Deploying an X5 Device. 26Optional IPv6 Configurati

8、on27Logging Into NitroView28Keying the Device30Using Your Device35Appendix A - FIPS Mode35Part IVSelecting FIPS Mode.35Removed Features36Non-Compliant Available Features37Features Available Only in FIPS Mode.37Appendix B - Ports for Devices Other than IPS38Part VAppendix C - Installing Receiver VM S

9、oftware43Part VI© 2011 NitroSecurity4NitroSecurity Setup and Installation GuideContents5Appendix D - qLogic 2460 SAN Adapter Installation54Part VII© 2011 NitroSecurityAbout This Guide1This guide provides you with the information you need to install your NitroSecurity NitroGuardIntrusion Pr

10、evention System (IPS), NitroView Receiver, NitroView Enterprise Security Manager (ESM), NitroView ESM/Receiver (ESMRCV), NitroView Database Monitor (DBM), NitroView Application Data Monitor (ADM), NitroView Enterprise Log Manager (ELM), NitroView Advanced Correlation Editor (ACE), NitroView Receiver

11、/ELM (RECELM), and NitroView ESM/ Receiver/ELM (ESMRECELM). The procedures covered in this guide include the following for allcurrent ms:Inspecting your deviceMounting the device Connecting power cables Starting the device Connecting network cables Testing network connectivityConfiguring the network

12、 interface.Document Conventions1.11.2Support InformationNitroSecurity is committed to customer satisfaction. Our Customer Support technicians areavailable to assist you in installing and maintaining your NitroSecurity devices.To contact NitroSecurity Support, eitheror call: supportPhone: 1.877.947.5

13、002© 2011 NitroSecurityConventionDescriptionNote: Neutral or positive information that emphasizes or supplements important points of the main text.Caution: Advises users that failure to take or avoid a specific action could result in equipment damage or loss of data.Warning: Advises users that

14、failure to take or avoid a specific action could result in bodily injury.6NitroSecurity Setup and Installation GuideInstalling the NitroSecurity Device7Installing the NitroSecurity Device2After you receive your NitroSecurity device, you must install and key it before you can use it toprotect your ne

15、twork from intrusions or collect network data. Follow the steps in this guide to install your device quickly and easily. Installation instructions contained in this guide apply to allcurrent ms of NitroSecurity devices.To key your device after installing it, refer to the Setting Up the NitroSecurity

16、 Devicessection. Fored instructions on using and administrating the NitroSecurity devices,refer to the NitroSecurity User Guide.When you first log on to the system you will be prompted to select whether or not toenable FIPS mode on the ESM. The selection you make will be permanent and, if you select

17、 FIPS mode, all further communication with NitroSecurity devices will be in FIPS mode. For information regarding FIPS, see Appendix A.2.1Before You BeginThis section describes the steps you must take before you install your devices.Minimum RequirementsNitroSecurity recommends NitroSecurity NitroView

18、 be used on a machine that has a webbrowser that supports Flash 10.1.102.64 or higher.NitroSecurity NitroViewFollowing are the minimum system requirements for NitroSecurity NitroView:P4 Intel platform or AMD processorProcessor that is 2GHz or fasterWindows OS - Windows 2000/XP/2003 Server/Vista/2008

19、 Server/Windows 7 RAM that is 1.5GB or greaterMonitor with at least 1024 x 768 resolution Internet Explorer 7.x or laterFireFox 2.0.0.20 or laterSeveral features within NitroView use popup windows when uploading ordownloading files. Some web browsers have popup blockers enabled, which prevent these

20、dialogs from opening. It is recommended that you disable the popup blocker for the IP address or host name of your ESM.© 2011 NitroSecurityInspecting the Packaging and the Device1.As soon as you receive your device, inspect the packaging and the device for signs of damageor mishandling. If you

21、will be perforpacking tape that is securing the shipa FIPS installation, inspect the tamper-evidentcontainer. If there is evidence of tampering,contact NitroSecurity Support immediately (the product.) for instructions, and do not install2.3.Verify that all of the items listed on the packing slip hav

22、e arrived in the package.If you will be perfora FIPS installation, inspect the two tamper-evident sealsaly on the device (see Diagram 1 below) for signs of tampering. If there is evidence oftampering, contact NitroSecurity Support immediately atdo not install the product.for instructions, andDiagram

23、 1: Existing tamper-evident seals.4.If you will be perfora FIPS installation, find the tamper-evident seal containedwithin the package of accessories included in the shipcontainer and apply it so that itcompletely blocks the USB ports, preventing their use without leaving evidence of tampering(see D

24、iagram 2 below).© 2011 NitroSecurity8NitroSecurity Setup and Installation GuideInstalling the NitroSecurity Device9Diagram 2: Placement of third tamper-evident seal.Contact NitroSecurity Support immediately if not fully satisfied with the inspection.Included in your box are extra tamper-evident

25、 seals that you can place on the box as needed forfurther.Identifying a Location for InstallationYou must analyze your existing network and identify a network and physical location for yourdevice. Proper selection of the location is very important for using your device in an effective manner.You mus

26、t locate the IPS device between the trusted and untrusted sides of your network. Thetrusted side of your network is the side of your network you wish to protect, whereas the untrusted side is the side you intend to leave unprotected. For example, you could locate your IPS between your firewall (untr

27、usted side) and your switch (trusted side). Because network configurations vary greatly, your selection of location depends on your individual security requirements and network environment.This equipment is intended for installation in a restricted-access location.You must locate your Receiver devic

28、e at a location on the network that is accessible by anydevices that it will be monitoring. If direct communication is not possible between the Receiver device and the devices that it is monitoring, you must configure your network to allow proper routing of network traffic between them.You must loca

29、te your DBM device at a location on the network that is accessible by any devicesthat it will be monitoring. If direct communication is not possible between the Receiver device and the devices that it is monitoring, you must configure your network to allow proper routing of© 2011 NitroSecurityn

30、etwork traffic between them.You must locate your ESM device at a location on the network that is accessible by any IPS,Receiver, DBM, ADM, ACE, ELM, RECELM, and ESMRECELM devices that it is managing. The location must also be accessible by any systems that will be accessing the ESM through NitroView

31、. If direct communication is not possible between the ESM and the IPS, Receiver, DBM, ADM, ACE, ELM, RECELM, and ESMRECELM devices that it is managing or the systems running NitroView, you must configure your network to allow proper routing of network traffic between them.2.2Installing the DevicesAf

32、ter inspecting the device and identifying the preferred location for installation, perform the stepsin this section to install your NitroSecurity devices.See Appendix C for information regarding installing Receiver VM software.2.2.1Mounting the Device1.2.4.Prepare a space for the device in the mount

33、ing location.Mount the device securely in the location you have selected See rack mount instructions on the documentation CD.NitroSecurity recommends that you mount the device in a rack. Doing so protects your device and the cabling from accidental damage or disconnection.2.2.2Connecting the Power S

34、upplyAfter mounting the device, connect the power supply to the device as shown in the followingfigure:Properly install and ground the equipment in accordance with this instruction manualand national, state, and local codes.Electrical Hazard: Only qualifiednel should perform installation procedures.

35、© 2011 NitroSecurity10NitroSecurity Setup and Installation GuideInstalling the NitroSecurity Device11Since the device is inline, it is critical that the IPS is connected to an uninterruptiblepower supply (UPS).A system with redundant power cords and power modules operating at normalconditions b

36、alances the load share through its parallel design, which results in high reliability of the power system. We highly recommend connecting all NitroSecurity devices to a UPS.2.2.3Starting the Device1.2.Cable with power off, ensure traffic is passing.Press the power switch as shown in the following fi

37、gure:3.Wait until the device completes its full boot sequence. This may take two to four minutesdepending on the mof your device.2.2.4Selecting the Network CableIdentifying Connector TypesYou can connect your IPS device to the network using either copper or fiber connectorsdepending upon the mconnec

38、tion for your device:of your device. Look at the following table to identify the type of© 2011 NitroSecurityYou can connect your ESM, Receiver, and DBM devices to the network using copper connectors.You can easily identify the copper or fiber cables by looking at the connectors. The CAT5 copper

39、cable has RJ-45 connectors while LC fiber cable uses fiber connectors. The following figure shows the copper and fiber connectors:NitroSecurity recommends that you use CAT5 or above for your copper connection. Forgigabit connection, we recommend CAT5e.Identifying the Equipment TypeThere are two type

40、s of equipment to which you can connect your NitroSecurity devices: DataCircuit-Terminating Equipment (DCE) and Data Terminal Equipment (DTE).The following table gives some examples of the common DTE and DCE devices:Your NitroSecurity devices are DTE devices.Identifying Network CablesIf your device

41、uses a fiber connection, you simply need to select the fiber cables and connect themto the ports. However, if your device uses a copper connection, then you have to use either a straight-through or a crossover copper cable.© 2011 NitroSecurityTypeExamplesDTEFirewalls, RoutersDCESwitchesIf your

42、IPS mis.Use this connector type.TXRJ-45 (Copper)SXLC-Multimode (Fiber)LXLC-Singlemode (Fiber)12NitroSecurity Setup and Installation GuideInstalling the NitroSecurity Device13To distinguish between a straight-through and crossover cable, hold the two ends of the cable asshown in the following figure:

43、Straight-throughThe colored wires are in the same sequence at both ends of the cable.CrossoverThe first (far left) colored wire at one end of the cable is the same color as the third wire at the other end of the cable.2.2.5Identifying Network PortsAfter identifying the cables you need for your netwo

44、rk, you must identify the correct ports inyour NitroSecurity device to which to connect these cables.Your IPS, Receiver, DBM, ESM, ADM, ACE, ELM, RECELM, and ESMRECELM devices containmanagement ports for managing your device from NitroView. In addition, your IPS device contains trusted and untrusted

45、 ports to connect the device to the trusted and untrusted sides of your network. For more information about identifying the trusted and untrusted sides of your network, see “Identifying a Location for Installation.”Always turn off any laser sources before you inspect fiber connectors, opticalcompone

46、nts, or bulkheads. Fiber Optic laser radiation may be emitted from connected fiber cables or connectors. Do not stare directly into fiber optical equipment. Always keep a protective cap on unplugged fiber connectors.To identify the management ports and the trusted and untrusted ports on your IPS dev

47、ice, refer tothe table below to locate the illustration for the mof your device.To identify the ports on your Receiver, ESM, ESM/Receiver Combo, ESM X5, ADM,ACE, DBM, ELM, RECELM, and/or ESMRECELM device, refer to Appendix B.© 2011 NitroSecurityTo connect from.To.Use this cable type.NitroSecuri

48、ty Device RJ-45 PortDCEStraight-throughNitroSecurity Device RJ-45 PortDTECrossover© 2011 NitroSecurityIf your IPS mis.See.NS-IPS-110-2BTXFigure 1NS-IPS-1225-4BTXFigure 2NS-IPS-1225-2SXFigure 3NS-IPS-1225-2BSXFigure 3NS-IPS-1225-4SXFigure 4NS-IPS-1225-4BSXFigure 4NS-IPS-2230R-2BTXFigure 5NS-IPS-

49、2230R-4BTXFigure 6NS-IPS-2230R-2SXFigure 7NS-IPS-2230R-4SXFigure 8NS-IPS-2230R-8BTXFigure 10NS-IPS-2230R-2BSXFigure 7NS-IPS-2230R-4BSXFigure 8NS-IPS-2250R-2BTXFigure 5NS-IPS-2250R-4BTXFigure 6NS-IPS-2250R-2SXFigure 7NS-IPS-2250R-4SXFigure 8NS-IPS-2250R-8BTXFigure 10NS-IPS-2250R-2BSXFigure 7NS-IPS-22

50、50R-4BSXFigure 8NS-IPS-4245R-2BTXFigure 5NS-IPS-4245R-4BTXFigure 6NS-IPS-4245R-8BTXFigure 10NS-IPS-4245R-2SXFigure 7NS-IPS-4245R-4SXFigure 814NitroSecurity Setup and Installation GuideInstalling the NitroSecurity Device15The following illustrations depict which NIC ports to use but do not indicate w

51、hether these portsare on the front or rear of your device.Figure 1: NS-IPS-110-2BTXFigure 2: NS-IPS-1225-4BTXFigure 3: NS-IPS-1225-2SX/2BSX© 2011 NitroSecurityIf your IPS mis.See.NS-IPS-5400R-4BSXFigure 10Figure 4: NS-IPS-1225-4SX/4BSXFigure 5: NS-IPS-2230R/2250R/4245R-2BTXFigure 6: NS-IPS-2230

52、R/2250R/4245R-4BTXFigure 7: NS-IPS-2230R/2250R/4245R-2SX/2BSX© 2011 NitroSecurity16NitroSecurity Setup and Installation GuideInstalling the NitroSecurity Device17Figure 8: NS-IPS-2230R/2250R/4245R-4SX/4BSXFigure 9: NS-IPS-2230R/2250R/4245R-8BTXFigure 10: NS-IPS-5400R-4BSX2.2.6Connecting Network

53、 CablesConnect the cables to the untrusted and trusted ports as shown in the figures in the previoussection. If you are connecting fiber cables, remove the cable and network connector covers onlywhen you arey to connect the cables.2.2.7Verifying the Connectivity Through the IPS DeviceTo complete the

54、 installation of your IPS device, verify its connectivity. To verify the connectivity,from the trusted side of your network to a valid IP address on the untrusted side.© 2011 NitroSecuritySetting Up the NitroSecurity Device3Setting up the IPS, Receiver, DBM, ADM, ACE, ELM, RECELM, ESMRECELM, an

55、d ESM isimperative for proper operation. This section describes how to set up the NitroSecurity devices.3.1Configuring the Network Interface on the IPSTo configure the network interface on the IPS, follow the steps below.Before continuing with these steps, the IPS should be powered on and should havecompleted the boot process. These steps are used to set up a management interface on the IPS. If you will be managing the IPS inline, you may skip this section.1.2.3.4.Press th