-
7/31/2019 Tippingpoint X505 Training - 02 System
Administration
1/29
TippingPoint X505 TrainingSystem Administrationystem
Administration
-
7/31/2019 Tippingpoint X505 Training - 02 System
Administration
2/29
2
System Administration Objectives
> Upon completion of this module, you should be familiar with
thefollowing:
Out-of-Box Experience (OBE)
Initial System Setup Tasks
System Navigation
System Upgrades/Updates
System Snapshots
Monitoring
User Administration
> TOS User vs. Local User
Privilege Groups
Event Logs
Command Line Interface Factory Reset
-
7/31/2019 Tippingpoint X505 Training - 02 System
Administration
3/29
3
OBE
-
7/31/2019 Tippingpoint X505 Training - 02 System
Administration
4/294
OBE
-
7/31/2019 Tippingpoint X505 Training - 02 System
Administration
5/295
Security Level
-
7/31/2019 Tippingpoint X505 Training - 02 System
Administration
6/296
OBE
-
7/31/2019 Tippingpoint X505 Training - 02 System
Administration
7/297
OBE
-
7/31/2019 Tippingpoint X505 Training - 02 System
Administration
8/298
Setup Command
-
7/31/2019 Tippingpoint X505 Training - 02 System
Administration
9/299
Post-OBE Setup Tasks
> After completing OBE, connect to the management port or
defaultLAN interface to begin managing your device
> Alternatively, configuration changes can be made in the CLI
to assignIP addresses
> By default the WAN interface is configured as a DHCP
client
> By default the LAN interface is configured with the IP
address
192.168.1.254/24
-
7/31/2019 Tippingpoint X505 Training - 02 System
Administration
10/29
LAB 1OBE
-
7/31/2019 Tippingpoint X505 Training - 02 System
Administration
11/29
11
User Login Screen
-
7/31/2019 Tippingpoint X505 Training - 02 System
Administration
12/29
12
Page Layout
-
7/31/2019 Tippingpoint X505 Training - 02 System
Administration
13/29
13
LSM Window Areas
-
7/31/2019 Tippingpoint X505 Training - 02 System
Administration
14/29
14
TOS and DV Updates
-
7/31/2019 Tippingpoint X505 Training - 02 System
Administration
15/29
15
TOS and DV Updates
> TippingPoint OS (TOS) updates are released periodically for
majorversion changes and maintenance releases
> Digital Vaccine (DV) updates are released on a weekly
basis, or as
dictated by the severity of a new exploit/vulnerability
-
7/31/2019 Tippingpoint X505 Training - 02 System
Administration
16/29
16
TOS and DV Updates
> TOS Updates must be performed manually
> DV Updates can be performed manually or
automatically(recommended)
-
7/31/2019 Tippingpoint X505 Training - 02 System
Administration
17/29
17
System Snapshots
> Snapshots are backups of your X505 configuration
> The current DV is included in the backup
> Click the Floppy Disk icon to save snapshots to disk
> Click the Recycle icon to restore a Snapshot
-
7/31/2019 Tippingpoint X505 Training - 02 System
Administration
18/29
18
System Monitoring
> Monitor system status
Memory, disk, module health, etc.
>
Monitor Performance/Throughput
-
7/31/2019 Tippingpoint X505 Training - 02 System
Administration
19/29
19
Authentication
-
7/31/2019 Tippingpoint X505 Training - 02 System
Administration
20/29
20
User Administration
> Two types of users TOS and Local
TOS Users = Operator, Administrator or SuperUser
Local Users = Choose from built-in privilege groups or create
your ownprivilege group
-
7/31/2019 Tippingpoint X505 Training - 02 System
Administration
21/29
21
Adding a New LSM User Security Level/User Capabilities
Functional Area Operator Administrator Super-User
IPS View All All
Firewall View All All
VPN View All All
Events View All All
Quarantine View All All
Network View and run tools (TrafficCapture, Traceroute, Ping)
All All
System All but Audit Log All but Audit Log All, and can reset
Audit Log
Authentication Change own password All, except can only
changeown password
Can edit all users and cancreate new users
-
7/31/2019 Tippingpoint X505 Training - 02 System
Administration
22/29
22
Privilege Groups
> Privilege Groups
Built-in Groups Allow_VPN_access and RADIUS
Create your own
> i.e. Teachers, Students, etc.
-
7/31/2019 Tippingpoint X505 Training - 02 System
Administration
23/29
23
Privilege Group Example
> Educational Institution
> Two Privilege Groups
Teacher Students
> Combination of Privilege Groups and Firewall Rules allow
finitecontrol over who can access what and when
Internet
Allow:Web 9-5
Deny:Everything else
Allow:Web & Email
Students StudentLAN
FacultyLANTeachers
-
7/31/2019 Tippingpoint X505 Training - 02 System
Administration
24/29
24
Logs and Events
-
7/31/2019 Tippingpoint X505 Training - 02 System
Administration
25/29
25
Logs and Events
> System Events
System Log, Audit Log
> Firewall/IPS Events
Alert Log, Block Log, Traffic Event Log
> VPN Events
Client VPN Connection Logs Audit Logs
Site-to-Site VPN Connection Logs System Logs
-
7/31/2019 Tippingpoint X505 Training - 02 System
Administration
26/29
26
Command Line Interface
> The Command Line Interface (CLI) can be used to configure
yourX505 out of the box as well as routine system configuration
tasks
> Most system configuration changes are made by prefixing
each
command with a configure terminal or config t
> Use the show command to see system/configuration
information
> Use the ? to show which commands are available
-
7/31/2019 Tippingpoint X505 Training - 02 System
Administration
27/29
27
Command Line Interface
> Press TAB to complete commands
> Press ? to see available commands
-
7/31/2019 Tippingpoint X505 Training - 02 System
Administration
28/29
28
Factory Reset
> Set the X505 back to factory configuration, including TOS
and DV
-
7/31/2019 Tippingpoint X505 Training - 02 System
Administration
29/29
LAB 2TOS Upgrade and User AccountCreation
![CP-X505 Users Manual[1]](https://img.pdfslide.net/doc/110x75/577cc72f1a28aba711a03c7b/cp-x505-users-manual1.jpg)
