Installation guide
164
Index
IPS installation modes
, 16
IPS policies
customized high-security inspection IPS policy
, 92
default IPS policy, 92
IPS template policies, 92
L
layer 2 firewall engine interfaces
capture interfaces
, 50
inline interfaces, 51
interface options, 47
IP addresses, 46
logical interfaces, 48
physical interfaces, 45
system communication interfaces, 45
traffic inspection interfaces, 48
VLANs, 45
layer 2 firewall installation modes, 16
layer 2 firewall template policies
layer 2 firewall inspection template
, 92
layer 2 firewall template, 92
layer 2 firewalls
commands for
, 139
configuring, 43–51
installation of, 16
installing, 98–110
interfaces ID numbering, 44
passive firewall mode for, 16
saving initial configuration for, 84
licenses, 23–26
checking, 26
generating, 25
installing, 26
management server POL-bound, 24, 66, 81
POS-bound, 24
retained, 66, 81
upgrading, 117–118
locations, 29
log server contact addresses, 30
logical interfaces, 39, 48
M
management servers
contact addresses for
, 30
POL-bound licenses, 66
POL-bound licenses for, 24, 81
master engines
adding nodes to
, 56, 70
adding virtual resources to, 56, 70
commands for, 139
defining VLAN IDs for, 60, 74
for virtual IPS, 55
installation of, 16
physical interfaces for, 57, 71
saving initial configuration for, 84
virtual IPS engines on, 64
virtual layer 2 firewalls on, 78
VLAN interfaces for, 60, 74
MD5 checksum, 99
mirroring ports, 20
N
NAT (network address translation), 27–30
O
one-time password, 107
used for initial configuration, 84
overview to the installation, 18
P
partitioning hard disk manually, 109
passive firewall mode, 16
for layer 2 firewalls, 16
passive inline mode
for layer 2 firewalls
, 17
physical interfaces
for master engines
, 57, 71
for virtual IPS engines, 65
for virtual layer 2 firewalls, 79
planning installation, 15–21
platforms supported, 19
policies, 89–94
ports, 20, 149
POS-bound licenses, 24
R
release notes, 12
requirements for hardware, 12
reset interfaces, 40, 49
retained licenses, 66, 81
routing, 90–91
S
saving initial configuration, 83–87
sensor-analyzers, upgrading to IPS engines, 120
sensors, upgrading to IPS engines, 120
SHA-1 checksum, 99
sniffing network interface, 106
SPAN port, 20
supported platforms, 19
system requirements, 12
T
TAP, 20
traffic inspection interfaces
capture interfaces
, 40
inline interfaces, 41
logical interfaces, 39