Upload
justingoldberg
View
229
Download
0
Embed Size (px)
Citation preview
7/31/2019 Tippingpoint X505 Training - 02 System Administration
1/29
TippingPoint X505 TrainingSystem Administrationystem Administration
7/31/2019 Tippingpoint X505 Training - 02 System Administration
2/29
2
System Administration Objectives
> Upon completion of this module, you should be familiar with thefollowing:
Out-of-Box Experience (OBE)
Initial System Setup Tasks
System Navigation
System Upgrades/Updates
System Snapshots
Monitoring
User Administration
> TOS User vs. Local User
Privilege Groups
Event Logs
Command Line Interface Factory Reset
7/31/2019 Tippingpoint X505 Training - 02 System Administration
3/29
3
OBE
7/31/2019 Tippingpoint X505 Training - 02 System Administration
4/294
OBE
7/31/2019 Tippingpoint X505 Training - 02 System Administration
5/295
Security Level
7/31/2019 Tippingpoint X505 Training - 02 System Administration
6/296
OBE
7/31/2019 Tippingpoint X505 Training - 02 System Administration
7/297
OBE
7/31/2019 Tippingpoint X505 Training - 02 System Administration
8/298
Setup Command
7/31/2019 Tippingpoint X505 Training - 02 System Administration
9/299
Post-OBE Setup Tasks
> After completing OBE, connect to the management port or defaultLAN interface to begin managing your device
> Alternatively, configuration changes can be made in the CLI to assignIP addresses
> By default the WAN interface is configured as a DHCP client
> By default the LAN interface is configured with the IP address
192.168.1.254/24
7/31/2019 Tippingpoint X505 Training - 02 System Administration
10/29
LAB 1OBE
7/31/2019 Tippingpoint X505 Training - 02 System Administration
11/29
11
User Login Screen
7/31/2019 Tippingpoint X505 Training - 02 System Administration
12/29
12
Page Layout
7/31/2019 Tippingpoint X505 Training - 02 System Administration
13/29
13
LSM Window Areas
7/31/2019 Tippingpoint X505 Training - 02 System Administration
14/29
14
TOS and DV Updates
7/31/2019 Tippingpoint X505 Training - 02 System Administration
15/29
15
TOS and DV Updates
> TippingPoint OS (TOS) updates are released periodically for majorversion changes and maintenance releases
> Digital Vaccine (DV) updates are released on a weekly basis, or as
dictated by the severity of a new exploit/vulnerability
7/31/2019 Tippingpoint X505 Training - 02 System Administration
16/29
16
TOS and DV Updates
> TOS Updates must be performed manually
> DV Updates can be performed manually or automatically(recommended)
7/31/2019 Tippingpoint X505 Training - 02 System Administration
17/29
17
System Snapshots
> Snapshots are backups of your X505 configuration
> The current DV is included in the backup
> Click the Floppy Disk icon to save snapshots to disk
> Click the Recycle icon to restore a Snapshot
7/31/2019 Tippingpoint X505 Training - 02 System Administration
18/29
18
System Monitoring
> Monitor system status
Memory, disk, module health, etc.
>
Monitor Performance/Throughput
7/31/2019 Tippingpoint X505 Training - 02 System Administration
19/29
19
Authentication
7/31/2019 Tippingpoint X505 Training - 02 System Administration
20/29
20
User Administration
> Two types of users TOS and Local
TOS Users = Operator, Administrator or SuperUser
Local Users = Choose from built-in privilege groups or create your ownprivilege group
7/31/2019 Tippingpoint X505 Training - 02 System Administration
21/29
21
Adding a New LSM User Security Level/User Capabilities
Functional Area Operator Administrator Super-User
IPS View All All
Firewall View All All
VPN View All All
Events View All All
Quarantine View All All
Network View and run tools (TrafficCapture, Traceroute, Ping) All All
System All but Audit Log All but Audit Log All, and can reset Audit Log
Authentication Change own password All, except can only changeown password
Can edit all users and cancreate new users
7/31/2019 Tippingpoint X505 Training - 02 System Administration
22/29
22
Privilege Groups
> Privilege Groups
Built-in Groups Allow_VPN_access and RADIUS
Create your own
> i.e. Teachers, Students, etc.
7/31/2019 Tippingpoint X505 Training - 02 System Administration
23/29
23
Privilege Group Example
> Educational Institution
> Two Privilege Groups
Teacher Students
> Combination of Privilege Groups and Firewall Rules allow finitecontrol over who can access what and when
Internet
Allow:Web 9-5
Deny:Everything else
Allow:Web & Email
Students StudentLAN
FacultyLANTeachers
7/31/2019 Tippingpoint X505 Training - 02 System Administration
24/29
24
Logs and Events
7/31/2019 Tippingpoint X505 Training - 02 System Administration
25/29
25
Logs and Events
> System Events
System Log, Audit Log
> Firewall/IPS Events
Alert Log, Block Log, Traffic Event Log
> VPN Events
Client VPN Connection Logs Audit Logs
Site-to-Site VPN Connection Logs System Logs
7/31/2019 Tippingpoint X505 Training - 02 System Administration
26/29
26
Command Line Interface
> The Command Line Interface (CLI) can be used to configure yourX505 out of the box as well as routine system configuration tasks
> Most system configuration changes are made by prefixing each
command with a configure terminal or config t
> Use the show command to see system/configuration information
> Use the ? to show which commands are available
7/31/2019 Tippingpoint X505 Training - 02 System Administration
27/29
27
Command Line Interface
> Press TAB to complete commands
> Press ? to see available commands
7/31/2019 Tippingpoint X505 Training - 02 System Administration
28/29
28
Factory Reset
> Set the X505 back to factory configuration, including TOS and DV
7/31/2019 Tippingpoint X505 Training - 02 System Administration
29/29
LAB 2TOS Upgrade and User AccountCreation