TippingPoint X505 Training

System Administration

System Administration Objectives

> Upon completion of this module, you should be familiar with the following:
Out-of-Box Experience (OBE) Initial System Setup Tasks System Navigation System Upgrades/Updates System Snapshots Monitoring User Administration
> TOS User vs. Local User

Privilege Groups Event Logs Command Line Interface Factory Reset

2

OBE

OBE

Security Level

OBE

OBE

Setup Command

Post-OBE Setup Tasks

> After completing OBE, connect to the management port or default LAN interface to begin managing your device > Alternatively, configuration changes can be made in the CLI to assign IP addresses > By default the WAN interface is configured as a DHCP client > By default the LAN interface is configured with the IP address 192.168.1.254/24

LAB 1 OBE

User Login Screen

11

Page Layout

12

LSM Window Areas

13

TOS and DV Updates

14

TOS and DV Updates

> TippingPoint OS (TOS) updates are released periodically for major version changes and maintenance releases > Digital Vaccine (DV) updates are released on a weekly basis, or as dictated by the severity of a new exploit/vulnerability

15

TOS and DV Updates

> TOS Updates must be performed manually > DV Updates can be performed manually or automatically (recommended)

16

System Snapshots

> Snapshots are backups of your X505 configuration > The current DV is included in the backup

> Click the Floppy Disk icon to save snapshots to disk > Click the Recycle icon to restore a Snapshot

17

System Monitoring

> Monitor system status

Memory, disk, module health, etc.

> Monitor Performance/Throughput

18

Authentication

19

User Administration

> Two types of users TOS and Local

TOS Users = Operator, Administrator or SuperUser Local Users = Choose from built-in privilege groups or create your own privilege group

20

Adding a New LSM User Security Level/User Capabilities

Functional Area IPS Firewall Events Quarantine VPN Network System Authentication Operator
View View View View View

Administrator
All All All All All

Super-User
All All All All All

View and run tools (Traffic Capture, Traceroute, Ping) All but Audit Log

All

All

All but Audit Log

All, and can reset Audit Log

Change own password

All, except can only change own password

Can edit all users and can create new users

21

Privilege Groups

> Privilege Groups

Built-in Groups Allow_VPN_access and RADIUS Create your own
> i.e. Teachers, Students, etc.

22

Privilege Group Example

> Educational Institution > Two Privilege Groups

Teacher Students

> Combination of Privilege Groups and Firewall Rules allow finite control over who can access what and when
Allow: Web & Email

Internet

Teachers

Faculty LAN

Deny: Everything else

Allow: Web 9-5

Students

Student LAN
23

Logs and Events

24

Logs and Events

> System Events

System Log, Audit Log

> Firewall/IPS Events

Alert Log, Block Log, Traffic Event Log

> VPN Events

Client VPN Connection Logs Audit Logs Site-to-Site VPN Connection Logs System Logs

25

Command Line Interface

> The Command Line Interface (CLI) can be used to configure your X505 out of the box as well as routine system configuration tasks > Most system configuration changes are made by prefixing each command with a configure terminal or config t > Use the show command to see system/configuration information > Use the ? to show which commands are available

26

Command Line Interface

> Press TAB to complete commands > Press ? to see available commands

27

Factory Reset

> Set the X505 back to factory configuration, including TOS and DV

28

LAB 2 TOS Upgrade and User Account Creation