Scribd
Upload
121 views29 pages

Tippingpoint X505 Training - 02 System Administration

This document provides an overview of system administration for the TippingPoint X505 device, including initial setup, navigation, upgrades, snapshots, monitoring, user administration, and the command line interface. The key points covered are: - Out-of-box setup assigns the WAN interface a DHCP address and LAN interface 192.168.1.254 - TOS and DV updates are released periodically and weekly respectively for upgrades - Snapshots backup the configuration and current DV for restoration - Two types of users - TOS and local - with different privilege levels and capabilities - Logs and events track firewall, IPS, and VPN activity - The CLI allows configuration changes and viewing information

Uploaded by

justingoldberg
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
121 views29 pages

Tippingpoint X505 Training - 02 System Administration

This document provides an overview of system administration for the TippingPoint X505 device, including initial setup, navigation, upgrades, snapshots, monitoring, user administration, and the command line interface. The key points covered are: - Out-of-box setup assigns the WAN interface a DHCP address and LAN interface 192.168.1.254 - TOS and DV updates are released periodically and weekly respectively for upgrades - Snapshots backup the configuration and current DV for restoration - Two types of users - TOS and local - with different privilege levels and capabilities - Logs and events track firewall, IPS, and VPN activity - The CLI allows configuration changes and viewing information

Uploaded by

justingoldberg
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 29

TippingPoint X505 Training

System Administration

System Administration Objectives

> Upon completion of this module, you should be familiar with the following:
Out-of-Box Experience (OBE) Initial System Setup Tasks System Navigation System Upgrades/Updates System Snapshots Monitoring User Administration
> TOS User vs. Local User

Privilege Groups Event Logs Command Line Interface Factory Reset


2

OBE

OBE

Security Level

OBE

OBE

Setup Command

Post-OBE Setup Tasks

> After completing OBE, connect to the management port or default LAN interface to begin managing your device > Alternatively, configuration changes can be made in the CLI to assign IP addresses > By default the WAN interface is configured as a DHCP client > By default the LAN interface is configured with the IP address 192.168.1.254/24

LAB 1 OBE

User Login Screen

11

Page Layout

12

LSM Window Areas

13

TOS and DV Updates

14

TOS and DV Updates

> TippingPoint OS (TOS) updates are released periodically for major version changes and maintenance releases > Digital Vaccine (DV) updates are released on a weekly basis, or as dictated by the severity of a new exploit/vulnerability

15

TOS and DV Updates

> TOS Updates must be performed manually > DV Updates can be performed manually or automatically (recommended)

16

System Snapshots

> Snapshots are backups of your X505 configuration > The current DV is included in the backup

> Click the Floppy Disk icon to save snapshots to disk > Click the Recycle icon to restore a Snapshot

17

System Monitoring

> Monitor system status


Memory, disk, module health, etc.

> Monitor Performance/Throughput

18

Authentication

19

User Administration

> Two types of users TOS and Local


TOS Users = Operator, Administrator or SuperUser Local Users = Choose from built-in privilege groups or create your own privilege group

20

Adding a New LSM User Security Level/User Capabilities


Functional Area IPS Firewall Events Quarantine VPN Network System Authentication Operator
View View View View View

Administrator
All All All All All

Super-User
All All All All All

View and run tools (Traffic Capture, Traceroute, Ping) All but Audit Log

All

All

All but Audit Log

All, and can reset Audit Log

Change own password

All, except can only change own password

Can edit all users and can create new users


21

Privilege Groups

> Privilege Groups


Built-in Groups Allow_VPN_access and RADIUS Create your own
> i.e. Teachers, Students, etc.

22

Privilege Group Example

> Educational Institution > Two Privilege Groups


Teacher Students

> Combination of Privilege Groups and Firewall Rules allow finite control over who can access what and when
Allow: Web & Email

Internet

Teachers

Faculty LAN

Deny: Everything else

Allow: Web 9-5

Students

Student LAN
23

Logs and Events

24

Logs and Events

> System Events


System Log, Audit Log

> Firewall/IPS Events


Alert Log, Block Log, Traffic Event Log

> VPN Events


Client VPN Connection Logs Audit Logs Site-to-Site VPN Connection Logs System Logs

25

Command Line Interface

> The Command Line Interface (CLI) can be used to configure your X505 out of the box as well as routine system configuration tasks > Most system configuration changes are made by prefixing each command with a configure terminal or config t > Use the show command to see system/configuration information > Use the ? to show which commands are available

26

Command Line Interface

> Press TAB to complete commands > Press ? to see available commands

27

Factory Reset

> Set the X505 back to factory configuration, including TOS and DV

28

LAB 2 TOS Upgrade and User Account Creation

You might also like