Using the web version of Network IPS Setup to configure network settings

Use the web-based configuration wizard for Network IPS Setup to configure network settings for the Network IPS appliance.

Procedure

  1. At the unconfigured login prompt, type the following login credentials, and then press Enter:
    • Username = admin
    • Password = admin
  2. Follow these instructions to complete the setup:
    Option Description
    Welcome (including FIPS mode configuration) Enable FIPS (Federal Information Processing Standards) mode.
    Note: Enable FIPS mode only if you need FIPS compliancy. There is no advantage to enabling FIPS mode if you do not require FIPS compliance.
    For NIST SP 800-131A compliancy:
    1. Select the Enable FIPS mode check box.
    2. In the LMI TLS Configuration section, clear the Allow TLS v1.0 for LMI sessions check box and the Allow TLS v1.1 LMI sessions check box.
    Note: If you do not disable these two options during the initial setup, you can always configure the following two tuning parameters in the LMI at Secure Protection Settings > Advanced IPS > Tuning Parameters:
    • lmi.security.tlsv10 Value= True
    • lmi.security.tlsv11 Value= True
    Service Agreement Agree to the Software License Agreement and the Export Administration Regulations.
    Upload License Install the license file for the Network IPS appliance.
    Important: You cannot update the product without a valid license.
    Root Password Set the password that is used to log directly in to the Network IPS appliance (console) or to log in by using SSH.
    Network IPS Local Management Interface Password Set the password that is used to connect to the Network IPS Local Management Interface, the web-based management interface for the Network IPS appliance.
    Management Interface Provide the following settings for the management interface:
    • Host name: The computer name for the Network IPS appliance. Use up to 50 characters for a host name if there is no domain name, and up to 63 characters if you are using a fully qualified domain name.
      Example: myappliance
      The period that separates hostname.domainname is considered a character.
      Example: mycompany.com
    • Agent name: The name of the Network IPS appliance as it appears in the management interface. This name must correspond to a meaningful classification in the network scheme, such as a geographic location, business unit, or building address.
    • mDNSResponder: Select whether the Network IPS appliance broadcasts the network services that it provides.
    • Configure IPv4 TCP/IP: Select whether to use a DHCP-assigned IP address or to use link-local addressing if a DHCP server is not available.
    • Configure IPv6 TCP/IP: Select whether to automatically assign the IPv6 address or to manually configure it.
    • DNS Information: Specify how the Network IPS appliance uses DNS information to send email and SNMP responses. If you do not configure this information during the setup process, you must specify the IP address of the mail server for Network IPS each time you define an email or an SNMP response.
    X-Force Policy Configuration Determine which level of protection the Network IPS appliance uses for checking vulnerabilities.
    Note: The security settings that are available in the Protection Level list might change depending on which version of PAM the appliance is using.
    Security Interfaces Determine how Network IPS behaves in the network in order to protect it. Review the Network IPS operating modes for a description of each mode and its behaviors.
    Important: For Network IPS GV series systems only: When you select the adapter mode for the single port pair, confirm that you selected the correct adapter mode for the network connections of the virtual system. If you configure this setting incorrectly, you might experience significant network implications.
    Select from the following modes:
    • Inline Protection: This mode monitors the network and actively blocks malicious traffic. It includes block, quarantine, and firewall responses.
      Note: Inline protection mode is the default mode of the appliance.
    • Passive Monitoring: This mode replicates traditional intrusion detection technology and monitors traffic without sitting inline. It includes the block response.
    • Inline Simulation: This mode monitors the network without affecting traffic patterns to help you baseline and test your security policy. It includes simulated block and quarantine responses.

    Select the speed and duplex settings for your particular network. You can select Auto to allow Network IPS to determine the best choice for your network.
    Date and Time Set the date and the time for the Network IPS appliance as it appears in the management interface so that you can accurately track events as they occur on the network.

    To synchronize the system time with a network time server, you must enable Network Time Protocol (NTP). Type the IP address or the host name of the NTP server and select the NTP version. The appliance supports the use of NTP versions 1 through 4.
    SiteProtector™ Choose to register the Network IPS appliance with the SiteProtector system.
    Updates Install the latest security content available from IBM® X-Force® for Network IPS.
    Completion Review your configuration settings before they are applied.
  3. After reviewing and pressing Complete Setup, the Network IPS appliance applies your settings.

What to do next

Access the Network IPS Local Management Interface to manage and monitor settings for your Network IPS appliance. For Network IPS system management and monitoring procedures, see Accessing the Network IPS Local Management Interface.

Parent topic: Zero configuration networking