Template:IDS Policy Manager Setup
From ImageStream Router Documentation
Revision as of 23:50, 11 May 2009 by Syoder
- Download and install the IDS Policy Manager software from www.activeworx.org/programs/idspm
Add a new policy
- Double-click on Snort Policies in the left-hand tree view.
- Right-click on Snort Policies and select Add Policy.
- Enter a name for the policy.
- Select Snort Version Snort 2.7
- Make sure the Initialize Policy checkbox is checked.
- Click OK
Edit the new policy to add ImageStream Variables
- Click on the new policy to expand the tree view.
- Click on Variables
- Right-click on the right-hand pane with the list of variables and select Add Item
- Enter SNORT_IFACE for the Name and the interface name for the Value.
- Other Snort/Snort ImageStream Variables
Add a new sensor
- Double-click on Snort Sensors in the left-hand tree view.
- Right-click on Snort Sensors and select Add Sensor.
- Name: Enter the router's name.
- Description: Enter a description for the router.
Sensor Settings Tab
- Sensor Host: Enter the router's hostname or IP address.
- Policy: Select the policy you created earlier from the dropdown.
- Snort Version: Select 2.8.
Upload Settings Tab
- Upload Protocol: Select SFTP from the dropdown. Leave the default SSH port (22).
- Upload Directory: Enter /usr/local/snort/etc
- Configuration File: Leave default snort.conf