Using the console version of IPS Setup to configure network settings

IPS Setup is a program you use to configure network settings for the Network IPS system.

1. Connect to the Network IPS system using a secure network connection and the IP address of the Network IPS system, if applicable.
2. At the unconfigured login prompt, type admin, and then press Enter.
3. Perform one of the following actions:

   Option	Action
   If you used the LCD panel to initially configure the IP address, subnet mask, and default gateway	Type the case-sensitive password the Network IPS system generated for you and then press Enter
   If you did not use the LCD panel or you are configuring a GV series system	Type admin for the password and then press Enter
   If you are re-configuring your Network IPS system	Type the appropriate password for the admin user

4. Follow the on screen instructions to complete the setup.

   Option	Description
   FIPS-140 level 2 Configuration	Enable FIPS (Federal Information Processing Standards) mode. Note: Before you enable FIPS mode, see the IBM Security Network IPS and SiteProtector FIPS Implementation Guide. Enable FIPS mode only if you need FIPS compliancy. There is no advantage to enabling FIPS mode if you do not require FIPS compliance.
   Change Password	Set the admin, root, and IPS Local Management Interface passwords.
   Network Configuration	Displays the IP address, subnet mask, and default gateway you entered through the LCD panel. You can change this information as needed. IPv4 Network Configuration If you do not use a DHCP-supplied IPv4 address, you must provide the IPv4 address of the management network adapter, the subnet mask value for the network that is connected to the management interface, and the IPv4 address for the management gateway. IPv6 Network Configuration Choose whether to automatically assign the IPv6 address or to manually configure it. If you do not use a static IPv6 address, you must provide the IPv6 address of the management network adapter, the decimal value that makes up the network portion of the address, and the IPv6 address for the management gateway.
   Host Configuration	Specify the host name and the domain name for the Network IPS system. Network IPS uses domain names to send e-mail and SNMP responses. Host name: The computer name for the Network IPS system. Example: myappliance Domain Name: The domain suffix (DNS search path) for the network. Example: mycompany.com
   DNS Configuration	Specify how Network IPS uses DNS information to send e-mail and SNMP responses. If you do not configure this information during the setup process, you must specify the IP address of the mail server for Network IPS each time you define an e-mail or SNMP response. Select whether to let the DNS information be supplied by a DHCP server. If you do not enable the use of a DHCP-supplied DNS information, then supply the IP addresses for the DNS servers used to perform domain name lookups. Example: 10.0.0.1 You must also provide the DNS search path that should be used when performing DNS query searches.
   Time Zone Configuration	Set the time zone for the Network IPS system.
   Configure NTP	Configure an NTP server to provide Coordinated Universal Time (UTC) for accuracy. Type the host name or IP address of the server and type the NTP version. The appliance supports the use of NTP versions 1, 2, 3, and 4.
   Date/Time Configuration	Set the date and the time for Network IPS as it appears in the management interface, so that you can accurately track events as they occur on the network.
   Agent Name Configuration	Provide the Network IPS name as it appears in the management interface. This name should correspond to a meaningful classification in the network scheme, such as a geographic location, business unit, or building address.
   Security Interface Configuration	Determine how Network IPS behaves within the network in order to protect it. Review the Network IPS operating modes for a description of each mode and its behaviors. Important: (For Network IPS GV series systems only) When you select the adapter mode for the single port pair, confirm that you have selected the correct adapter mode for the network connections of the virtual system. You might experience significant network implications if you have configured this setting incorrectly. Select from the following modes: Inline Protection: This mode monitors the network and actively blocks malicious traffic. It includes the block, quarantine, and firewall responses. Passive Monitoring: This mode replicates traditional intrusion detection technology and monitors traffic without sitting inline. It includes the block response. Inline Simulation: This mode monitors the network without affecting traffic patterns to help you baseline and test your security policy. It includes simulated block and quarantine responses.
   Interface Link Configuration	Select the speed and duplex settings for your particular network. You can select Auto to allow Network IPS to determine the best choice for your network.
   Configure SiteProtector Management	Select to register Network IPS with SiteProtector.
   Configure mDNS Service Discovery	If you disable mDNS Service Discovery, Network IPS does not broadcast a local management Web interface or SSH. The firewall also rejects multicast packets to destination address 224.0.0.251.
   Review Settings	Review your settings before they are applied. To skip the review, press Finish on any screen. Note: If you are configuring Network IPS with an SSH terminal, you might lose your connection when the system applies your settings. You can manually reconnect to Network IPS with a new SSH session.

5. Press Enter to log off.