Specifications

ManualsBrandsCabletron Systems ManualsComputer equipmentETWMIM

201

202

203

204

205

206

207

208

209

210

Test response by directly invoking ASM − this level bypasses the SNMP trap mechanism, sending

the trap directly to ASM. ASM processes the threat as if it were received as a real SNMP trap

message. If ASM is in Search and Respond mode, the configured action will be applied.

•

Specify parameters of test incident to be sent to ASM

These parameters are used with both levels of testing. Your settings here define a simulated threat that

will be sent to ASM. You should specify parameters that match your settings for the Rule that you are

testing.

Sender ID

This is a unique identifier associated with the intrusion detection system that detected the

security event.

Sender Name

The sender name being tested. This is a unique name associated with the intrusion detection

system that detected the event. Sender Names are case sensitive.

Threat Category

The event category being tested. ASM's default event categories are ASM_ATTACK,

ASM_COMPROMISE, ASM_INFORMATIONAL, and ASM_MISUSE. Event Category

Names are case sensitive.

Signature

A signature provides a unique identifier for the threat being tested.

Threat IP

This is the IP address of the end station attached to the port where the threat was detected.

Specify additional parameters for sending SNMP trap

These parameters allow Console's SNMPTrap Service to receive a test trap and notify ASM of the

threat. They allow more comprehensive testing that simulate the receipt of an actual trap by Console's

SNMPTrap Service.

SNMPv3 User Name

The user name of the simulated user that will be used for testing.

Authentication Type

The authentication method used for the inform (MD5 or SHA) message.

Authentication Password

The authentication password of the simulated user.

Privacy Type

The encryption method used for the inform (DES or None) message.

Privacy Password

The encryption password for the simulated user.

Trap Receiver

This is the system where the SNMPTrap Service is running.

Trap Sender

This is the system that is sending the SNMP trap.

Save Password (clear text)

When checked, the password information is saved as human readable text in the

automatedSecurity.properties

file in the <install area>

\NetSight Automated Security

Manager\Resources

directory.

CAUTION: This feature is intended for use in a test environment and could present a

security risk in your live network environment. It is recommended that it not

be checked in a production environment.

Automated Security Manager Help

Incident Test Tool 195