Manualshelf

Specifications

ManualsBrandsCabletron Systems ManualsComputer equipmentETWMIM
41424344454647484950
Open a Web browser and navigate to Dragon. The following URL opens the Dragon user interface:
https://<Dragon IP address>/dragon
1.
Enter the username and password that grants administrative access to Dragon.2.
Click AlarmTool on the Dragon main menu bar. Dragon's AlarmTool lets you create Event Groups
that describe specific network threats and what to do when those threats are detected.
3.
Create a new Event Group.
Click EVENT GROUPS in the left panel and then click NEW EVENT GROUP on the
Event Groups menu bar.
a.
Use the AlarmTool Wizard in the right panel to expand the Vulnerability category and
select SNMP:PRIVATE.
b.
Click the double arrow to the left of SNMP:PRIVATE to include it in your new Event Group.c.
Enter a Name for your new Event Group and click Save.d.
4.
Create a new Notification Rule.
Click NOTIFICATION RULES in the left panel and then click NEW NOTIFICATION
RULE on the Notification Rules menu bar.
a.
Click the double arrow for SNMPv3 in the right panel. ASM uses SNMPv3 for trap messages
as an added measure of security.
b.
Make the following notification settings:c.
Time
Period
None
Security
Name
<SNMPv3 Credential − User Name>
Transport UDP
Security
Engine
leave blank
Auth.
Protocol
MD5
Context
Name
leave blank
Server <ASM host IP address>
Context
Engine
leave blank
Port: 162
Auth
Password
<SNMPv3 Credential − Auth Password>
OID: .1.3.6.1.4.1.5624.1.2.45.1.0.3
Priv
Password
<SNMPv3 Credential − Priv Password>
Inform: TRUE Message:
etsysThreatNotificationThreatCategory='ASM_ATTACKS'
etsysThreatNotificationThreatName='%NAME%'
etsysThreatNotificationInitiatorAddress='%SIP%'
etsysThreatNotificationTargetAddress='%DIP%'
etsysThreatNotificationSenderID='dragon'
etsysThreatNotificationSenderName='dragon−test'
Enter a Name for your new Notification Rule and click Save.d.
5.
Create a new Alarm.
Click ALARMS in the left panel and then click NEW ALARM.a.
Select Real Time from the drop−down list in the Type field.b.
Leave the Summary Interval set to its default value (3600 milliseconds).c.
Select the name of your new Event Group from the drop−down list in the Event Group field.d.
Select the name of your new Notification Rule from the drop−down list in the Notification
Rule field.
e.
6.
Automated Security Manager Help
Restart the SNMPTrap Service 33