Table of Contents

A
C
D
G
I
L
M
N
O
P
R
S
T
U
W

INDEX

A

accessing the popup menus

alarm popup menu     5-3

application popup menu     5-2

machine popup menu     5-2

ACLs

Cisco ACLs and NetRanger     2-6

configuring NetRanger-defined ACLs     6-25

configuring user-defined ACLs     6-23

adding an operational Sensor to an organization     3-31

advanced Director functions     9-1  to 9-39

alarms

context     4-8

daemon down     4-10

daemon unstartable     4-11

error     4-10

intrusion     4-8

labels     4-13

OKAlarms     4-12

popup menu     5-3

route down     4-11

C

Caution

changing a Sensor's NetRanger IDs     9-16

changing symbol status source     9-27

changing symbol type     9-27

definition     xx

deleting and creating nrConfigure databases     A-20

deleting nrConfigure databases     5-21

deployment of shunning     1-4

MAC media type in STK filters     B-9

maximum length of STK filter names     B-10

modifying OpenView characteristics     9-26

Oracle passwords     C-5, C-6, C-13, C-14

shun.fil filename     B-3

changing status propagation schemes     9-28

configuration management

across a distributed network     6-1

and nrConfigure     1-10

defined     xix

See also nrConfigure

configuring non-netrangr users     9-39

customizing the Director's environment     4-15

D

database

setting data collection and staging     6-11

setting triggers     6-14

See also DMP

device management

configuring device management     6-17

defined     xix

introducing     1-5

upgrading device management     3-28

See also network devices

Director

advanced functions     9-1  to 9-39

capabilities     1-6

analysis of Sensor data     1-12

collection of Sensor data     1-10

Sensor management     1-9

Sensor monitoring     1-7

support for user-defined actions     1-12

changing interface parameters     9-29

changing map configuration parameters     4-15

customizing the Director's environment     4-15

event processing support     9-2  to 9-13

custom scripts     9-4

e-mail notification     9-2

SNMP support     9-9  to 9-13

introducing     1-1

modifying and viewing entity attributes     4-23

placement on your network     2-8

setting color preferences     4-18

setting HTML browser preference     4-16

starting     4-14

stopping     4-27

submap hierarchy     4-1

See also menu functions

See also nrdirmap

DMP

capabilities

data analysis     7-9

data collection     7-3

data management     7-8

information displays

current configuration of actions display     7-18

directory summary for DMP staging area     7-17

overall status display     7-13

setting and viewing status information     7-10

trigger history and configuration display     7-14

installation

setting up a Remedy ARS system     C-26

setting up and customizing database reports     C-25

setting up the database loader     C-24

setting up the database schema     C-23

introducing     1-10, 7-1

log file data relationships (figure)     7-3

overview (figure)     7-2

push-pull process (figure)     7-9

reports

configuring the NetRanger SQL queries     7-22

customizing reports     C-25

generating reports with SQL queries     7-19

running the interactive SQL queries     7-19

SQL query types (table)     7-20

table schemas

default Oracle schemas     7-25  to 7-31

nr_log_alarm     7-27

nr_log_alarm_1     7-27

nr_log_command     7-31

nr_log_context     7-28

nr_log_error     7-30

nr_log_tcpconn     7-29

using     7-10

document conventions     xx

G

generating reports from NetRanger data     7-19

I

icons

deleting     4-24

displaying attributes     4-23

hiding and revealing     4-26

introducing     1-7

manually adding Application icons     4-22

manually adding Collection icons     4-19

manually adding Director icons     4-21

manually adding Sensor icons     4-20

repositioning on a submap     4-25

saving attributes to a file     5-11

working with     4-19

installation

adding an operational Sensor to an organization     3-31

Director

before you install the Director     3-4

configuring the Director after installation     3-11  to 3-15

installing and configuring     3-4

Sensor

assembling     3-15

building (optional)     3-31

completing the configuration     3-19  to 3-27

configuration steps     3-15

determining network configuration     3-16

initializing     3-17

installation parameters     3-18

rear panel (figure)     3-16

upgrading device management     3-28

upgrading existing Sensors and Directors     3-27

upgrading signatures     3-30

IOS-IDS support     4-7

L

limiting access to NetRanger information     9-33

M

maps

creating and using multiple maps     9-29

using read-only maps     9-38

menu functions

Describe>Modify Symbol     9-26

Edit>Add Object     4-19

Edit>Delete     9-15

Edit>Delete>From All Submaps     4-24

Edit>Describe/Modify Object     4-23

Edit>Hide     4-26

Edit>Object Properties     9-26

Faults>Alarms     9-10, 9-12

Faults>Events     9-10, 9-12

Locate>Objects     4-25

Map>Maps>Describe/Modify     9-28

Map>Maps>New     9-29

Map>Maps>Properties     9-28

Map>Properties     4-15

Map>Refresh Map     9-38

Map>Submap>Describe/Modify     9-27

Map>Submap>Properties     9-27

Options>Event Configuration     9-11

Security>About the Director     5-22

Security>Advanced>ACL Syslogs>Disable     5-19

Security>Advanced>ACL Syslogs>Enable     5-19

Security>Advanced>Logging>Show Log Filename     5-20

Security>Advanced>Logging>Switch Log File     5-20

Security>Advanced>nrConfigure DB>Backup     5-20

Security>Advanced>nrConfigure DB>Create     5-20

Security>Advanced>nrConfigure DB>Delete     5-21

Security>Advanced>nrConfigure DB>Restore     5-21

Security>Advanced>Reset Rel DB Status     5-21

Security>Configure     5-11

Security>Create>SNMP Trap     5-11, 9-10

Security>Create>Text File     5-11

Security>Create>Trouble Ticket     5-12

Security>Daemons>Restart     5-12

Security>Daemons>Start     5-12

Security>Daemons>Stop     5-13

Security>Exclude Alarms     5-13

Security>File Transfer     5-14

Security>Help     5-22

Security>Network Device     5-15

Security>Show>Alarm Details     5-6

Security>Show>Alarm Submaps     5-6

Security>Show>Connection Status     5-6

Security>Show>Context Buffer     5-6

Security>Show>Current Events     5-7

Security>Show>Daemons>Attributes     5-7

Security>Show>Daemons>Status     5-8

Security>Show>Daemons>Version     5-8

Security>Show>Database Info     5-9

Security>Show>IP Logging     5-9

Security>Show>Shun List     5-10

Security>Shun>Host     5-16

Security>Shun>Network     5-17

Security>Shunning>Disable Future Shuns     5-21

Security>Shunning>Enable Future Shuns     5-21

Security>Statistics>Reset     5-22

Security>Statistics>Show     5-22

Security>Unexclude Alarms     5-13

Security>Unshun>All     5-18

Security>Unshun>Host     5-17

Security>Unshun>Network     5-18

View>Automatic Layout     4-25

View>Hidden Objects>Show Hidden     9-28

multi-user issues     9-31

N

NetRanger

architecture     1-15

architecture (figure)     1-16

components     1-1

data collection     1-10

types of connections (figure)     2-2

network devices

and Sensor deployment     2-5

Cisco access control lists     2-6

defined     xix

types of devices supported     2-6

Network Security Database (see NSDB)

non-netrangr users     9-39

nrConfigure

components     6-2

configuring communications     6-6

configuring data management

introducing     6-10

setting data collection and staging     6-11

setting triggers     6-14

configuring device management     6-17

configuring Director forwarding     6-28

configuring event processing

configuring an event source to send events to eventd     6-35

configuring and enabling eventd     6-31

introducing     6-31

setting up the infrastructure     6-31

configuring intrusion detection

advanced setup     6-42

basics     6-37

introducing     6-37

configuring policy violation logging

See also ACLs

configuring NetRanger-defined ACLs     6-25

configuring user-defined ACLs     6-23

introducing     6-22

configuring the system files     6-47

introducing     1-9

nrdirmap

changing registration files     9-18  to 9-23

command line examples     9-24

command line parameters     9-19  to 9-24

disabling     9-34

NSDB

accessing NSDB through HTML browser     8-3

accessing NSDB through the Director interface     8-1

introduction     8-1

setting HTML browser preference     4-16

O

OKAlarms     4-12

P

Post Office

capabilities     1-13

introducing     1-2

message propagation (figure)     1-14

see also nrConfigure

pre-installation

deployment of network devices     2-5

managing network devices     2-6

placing the Director     2-8

placing the Sensor     2-4

understanding your network     2-1

R

running multiple concurrent user interface sessions     9-37

S

Sensor

capabilities     1-2

attack response     1-4

device management     1-5

network sensing     1-3

introducing     1-1

network device deployment     2-5

placement on a network     2-4

rear panel (figure)     3-16

types of connections (figure)     2-2

services

introducing     1-15

shunning     6-20

defined     xx

signatures

embedded     8-5

how to set up string matching     8-6

introducing     8-5

introduction     8-5

string matching     8-5  to 8-8

SNMP support     9-9  to 9-13

starting the Director     4-14

stopping the Director     4-27

submaps

application     4-6

collection     4-4

introducing     4-1

machine     4-5

top level     4-3

sysconfig-director     3-11

sysconfig-sensor

installation parameters     3-18

Main Menu     3-17

syslog support     6-22

T

terminology     xix

Timesaver

building a Sensor     3-31

definition     xxi

troubleshooting     A-1  to A-20

U

uninstalling the Director     3-32

upgrade information     3-27

W

Warning

battery handling     3-2

circuit breaker (15A)     3-3

definition     xxi

grounded equipment     3-4

installation     3-1

installation warnings     3-1  to 3-4

jewelry removal     3-2

lightning activity     3-2

power disconnection     3-2

power supply     3-3

product disposal     3-2

SELV circuit     3-3

TN power     3-3

Posted: Wed Jul 19 15:20:34 PDT 2000
Copyright 1989-2000©Cisco Systems Inc.