A typical basic scenario proposed by the solution consists of a set of sensors installed in various sensitive points in the organisation's network. These points consist of networked links called segments through which the sensitive traffic will travel and which the sensor will analyse more or less transparently, depending on which operational mode has been configured (IPS or IDS).
When planning the installation of the sensor devices, a few fundamental aspects should be taken into account: the specific bypass segments (network specific interfaces paired with a support bypass) should be installed right in the middle of the traffic to be analysed, the management interfaces (in the form of bonding) for remote access from both normal computers and the Manager, and the IPMI access interfaces for the SOL (Serial Over LAN) connection, iKVM and ipmi commands (start, restart and shut down). These interfaces will be further explained.
Since no specific hardware is required for the Manager, the only condition is that there be one or more network interfaces so as to allow for the creation of one bond for managing and connecting to the sensors, and another (optional) one for communications sent to other networks.
Both systems support standard 802.1q for virtual LANs (optional during configuration).
Comments
0 comments
Article is closed for comments.