Template:IDS Policy Manager Setup

From ImageStream Router Documentation

Revision as of 23:50, 11 May 2009 by Syoder (Talk | contribs)
Jump to: navigation, search
  • Download and install the IDS Policy Manager software from www.activeworx.org/programs/idspm

Contents

Add a new policy

  • Double-click on Snort Policies in the left-hand tree view.
  • Right-click on Snort Policies and select Add Policy.
  • Enter a name for the policy.
  • Select Snort Version Snort 2.7
  • Make sure the Initialize Policy checkbox is checked.
  • Click OK


Edit the new policy to add ImageStream Variables

  • Click on the new policy to expand the tree view.
  • Click on Variables
  • Right-click on the right-hand pane with the list of variables and select Add Item
  • Enter SNORT_IFACE for the Name and the interface name for the Value.
  • Other Snort/Snort ImageStream Variables


Add a new sensor

  • Double-click on Snort Sensors in the left-hand tree view.
  • Right-click on Snort Sensors and select Add Sensor.
  • Name: Enter the router's name.
  • Description: Enter a description for the router.

Sensor Settings Tab

  • Sensor Host: Enter the router's hostname or IP address.
  • Policy: Select the policy you created earlier from the dropdown.
  • Snort Version: Select 2.8.

Upload Settings Tab

  • Upload Protocol: Select SFTP from the dropdown. Leave the default SSH port (22).
  • Upload Directory: Enter /usr/local/snort/etc
  • Configuration File: Leave default snort.conf
Personal tools
Router software releases