Manualshelf

Specifications

ManualsBrandsCabletron Systems ManualsComputer equipmentETWMIM
21222324252627282930
condition, possibly compromising the security of your network.
Disable Log Entry Details. Under extreme network loads, you can improve ASM performance by
disabling Log Entry Details. The Log Entry Details window displays information about a specific
trap/action entry in the Automated Security Manager Activity Monitor, and can be useful for
debugging purposes. The window is launched by double−clicking an entry in the Activity Monitor
table.
To disable Log Entry Details, edit your ASM properties file as follows:
Navigate to the Properties file: <your install directory>\Enterasys Networks\Netsight
Console\server\plugins\AutoSecMgr\AutoSecMgr.properties
a.
Open the AutoSecMgr.properties file in a text editor and add the following lines:
#asm.logging.summary.useTopic=false
#asm.logging.summary.enabled=false
asm.logging.detail.useTopic=false
asm.logging.detail.enabled=false
b.
If you still have performance problems, you can disable all logging by uncommenting the two
lines that control summary logging. Summary logging refers to the events logged in the
Automated Security Event Log tab.
c.
2.
Dragon Intrusion Defense System
Alarms should be configured as RealTime to ensure that ASM receives all events from
Dragon. Alarms that are set to Dynamic may filter some events that are needed by ASM.
1.
Windows
TM
2000
You should disable the Guest account when running NetSight Automated Security Manager on a
Windows
TM
2000 host system. Windows 2000 allows a user without an account on the machine to
login using the Guest account. This is a potential security problem.
1.
Devices
The Matrix N−Series Gold supports up to two users per port, with the possibility that one MAC could
be that of an IP phone. Be careful when configuring the Quarantine role and the ASM rules to avoid
configuring an action that would inadvertently affect the IP phone.
1.
ASM resolves IP addresses to MAC addresses using information from routing MIBs
(ipNetToMediaTable, ipCidrRouteTable, and ipRouteTable). Devices which support multiple virtual
routers (Matrix N−Series Gold and Platinum) need to be modeled using the correct SNMPv3 context
for the router, in order to access the routing MIBs.
2.
OPERATING SYSTEM PATCHES
Before installing NetSight Automated Security Manager on the UNIX platform, be sure to install the latest
patches for your operating system. You can download the most recent operating system patches from
http://sunsolve.sun.com/.
Automated Security Manager Help
Dragon Intrusion Defense System 13