Table of Contents

A
C
D
G
I
L
M
N
O
P
S
T
U
W

INDEX

A

accessing the popup menus

alarm popup menu     5-2

application popup menu     5-2

machine popup menu     5-1

ACLs

Cisco ACLs and NetRanger     2-6

configuring NetRanger-defined ACLs     6-25

configuring user-defined ACLs     6-23

adding an operational Sensor to an organization     3-30

advanced Director functions     9-1  to 9-42

alarms

context     4-7

daemon down     4-8

daemon unstartable     4-9

error     4-8

intrusion     4-6

labels     4-11

OKAlarms     4-10

popup menu     5-2

route down     4-9

C

Caution

changing a Sensor's NetRanger IDs     9-15

changing symbol status source     9-34

changing symbol type     9-34

definition     xxiv

deleting nrConfigure databases     5-18

deployment of shunning     1-4

MAC media type in STK filters     B-9

maximum length of STK filter names     B-10

Oracle passwords     C-5, C-6, C-13, C-14

shun.fil filename     B-3

changing status propagation schemes     9-35

configuration management

across a distributed network     6-1

and nrConfigure     1-10

defined     xxiii

See also nrConfigure

customizing the Director's environment     4-13

D

database

setting data collection and staging     6-11

setting triggers     6-14

See also DMP

device management

configuring device management     6-17

defined     xxiii

introducing     1-5

upgrading device management     3-27

See also network devices

Director

advanced functions     9-1  to 9-42

capabilities     1-6

analysis of Sensor data     1-12

collection of Sensor data     1-10

Sensor management     1-9

Sensor monitoring     1-7

support for user-defined actions     1-12

changing interface parameters     9-35

changing map configuration parameters     4-13

customizing the Director's environment     4-13

event processing support     9-2  to 9-12

introducing     1-1

modifying and viewing entity attributes     9-21

placement on your network     2-8

setting HTML browser preference     4-14

starting     4-12

stopping     4-15

submap hierarchy     4-1

See also menu functions

See also nrdirmap

DMP

capabilities

data analysis     7-9

data collection     7-3

data management     7-8

information displays

current configuration of actions display     7-18

directory summary for DMP staging area     7-17

overall status display     7-13

setting and viewing status information     7-10

trigger history and configuration display     7-14

installation

setting up a Remedy ARS system     C-26

setting up and customizing database reports     C-25

setting up the database loader     C-24

setting up the database schema     C-23

introducing     1-10, 7-1

log file data relationships (figure)     7-3

overview (figure)     7-2

push-pull process (figure)     7-9

reports

configuring the NetRanger SQL queries     7-22

customizing reports     C-25

generating reports with SQL queries     7-19

running the interactive SQL queries     7-19

SQL query types (table)     7-20

table schemas

default Oracle schemas     7-25  to 7-30

nr_log_alarm     7-26

nr_log_alarm_1     7-26

nr_log_command     7-30

nr_log_context     7-27

nr_log_error     7-29

nr_log_tcpconn     7-28

using     7-10

document conventions     xxiv

G

generating reports from NetRanger data     7-19

I

icons

deleting     9-22

displaying attributes     9-21

hiding and revealing     9-24

introducing     1-7

manually adding Application icons     9-20

manually adding Collection icons     9-17

manually adding Director icons     9-19

manually adding Sensor icons     9-18

repositioning on a submap     9-23

saving attributes to a file     5-13

working with     9-17

Insert Sensor utility     3-30

installation

adding an operational Sensor to an organization     3-30

Director

before you install the Director     3-4

configuring the Director after installation     3-10  to 3-13

installing and configuring     3-4

Sensor

assembling     3-14

building (optional)     3-31

completing the configuration     3-18  to 3-26

configuration steps     3-14

determining network configuration     3-15

initializing     3-16

installation parameters     3-17

rear panel (figure)     3-15

upgrading device management     3-27

upgrading existing Sensors and Directors     3-26

upgrading signatures     3-29

L

limiting access to NetRanger information     9-39

M

maps

creating and using multiple maps     9-36

using read-only maps     9-38

menu functions

Describe>Modify Symbol     9-33

Edit>Add Object     9-17

Edit>Delete     9-14, 9-15

Edit>Delete>From All Submaps     9-22

Edit>Describe/Modify Object     9-21

Edit>Hide     9-24

Faults>Events     9-10

Locate>Objects     9-23

Map>Maps>Describe/Modify     9-35

Map>Maps>New     9-36

Map>Refresh Map     9-38

Map>Submap>Describe/Modify     9-34

Options>Event Configuration     9-11

Security>About the Director     5-19

Security>Advanced>ACL Syslogs>Disable     5-16

Security>Advanced>ACL Syslogs>Enable     5-16

Security>Advanced>Logging>Show Log Filename     5-17

Security>Advanced>Logging>Switch Log File     5-17

Security>Advanced>nrConfigure DB>Backup     5-17

Security>Advanced>nrConfigure DB>Create     5-17

Security>Advanced>nrConfigure DB>Delete     5-18

Security>Advanced>nrConfigure DB>Restore     5-18

Security>Advanced>Reset Rel DB Status     5-18

Security>Configure     5-8

Security>Create>SNMP Trap     5-9, 9-10

Security>Create>Trouble Ticket     5-9

Security>Daemons>Restart     5-10

Security>Daemons>Start     5-10

Security>Daemons>Stop     5-10

Security>Exclude Alarms     5-10

Security>File Transfer     5-11

Security>Help     5-19

Security>Network Device     5-12

Security>Save to File     5-13

Security>Show>Alarm Submaps     5-4

Security>Show>Connection Status     5-5

Security>Show>Context     5-4

Security>Show>Current Events     5-5

Security>Show>Daemons>Attributes     5-5

Security>Show>Daemons>Status     5-6

Security>Show>Daemons>Version     5-6

Security>Show>Database Info     5-6

Security>Show>IP Logging     5-7

Security>Show>Shun List     5-8

Security>Shun>Host     5-13

Security>Shun>Network     5-14

Security>Shunning>Disable     5-18

Security>Shunning>Enable     5-18

Security>Statistics>Reset     5-19

Security>Statistics>Show     5-19

Security>Unshun>All     5-15

Security>Unshun>Host     5-14

Security>Unshun>Network     5-15

View>Automatic Layout     9-23

N

NetRanger

architecture     1-15

architecture (figure)     1-16

components     1-1

data collection     1-10

types of connections (figure)     2-2

network devices

and Sensor deployment     2-5

Cisco access control lists     2-6

defined     xxiii

types of devices supported     2-6

Network Security Database (see NSDB)

nrConfigure

components     6-2

configuring communications     6-6

configuring data management

introducing     6-10

setting data collection and staging     6-11

setting triggers     6-14

configuring device management     6-17

configuring Director forwarding     6-28

configuring event processing

configuring an event source to send events to eventd     6-35

configuring and enabling eventd     6-31

introducing     6-31

setting up the infrastructure     6-31

configuring intrusion detection

advanced setup     6-42

basics     6-37

introducing     6-37

configuring policy violation logging

See also ACLs

configuring NetRanger-defined ACLs     6-25

configuring user-defined ACLs     6-23

introducing     6-22

configuring the system files     6-48

introducing     1-9

nrdirmap

changing registration files     9-25  to 9-30

command line examples     9-31

command line parameters     9-26  to 9-31

disabling     9-39

NSDB

accessing NSDB through HTML browser     8-2

accessing NSDB through the Director interface     8-1

introduction     8-1

setting HTML browser preference     4-14

O

OKAlarms     4-10

P

Post Office

capabilities     1-13

introducing     1-2

message propagation (figure)     1-14

see also nrConfigure

pre-installation

deployment of network devices     2-5

managing network devices     2-6

placing the Director     2-8

placing the Sensor     2-4

understanding your network     2-1

S

Sensor

capabilities     1-2

attack response     1-4

device management     1-5

network sensing     1-3

introducing     1-1

network device deployment     2-5

placement on a network     2-4

rear panel (figure)     3-15

types of connections (figure)     2-2

services

introducing     1-15

shunning     6-20

defined     xxiv

signatures

embedded     8-6

how to set up string matching     8-7

introducing     8-6

introduction     8-6

string matching     8-6  to 8-9

starting the Director     4-12

stopping the Director     4-15

submaps

application     4-5

collection     4-3

introducing     4-1

machine     4-4

top level     4-2

sysconfig-director     3-10

sysconfig-sensor

installation parameters     3-17

Main Menu     3-16

syslog support     6-22

T

terminology     xxiii

Timesaver

building a Sensor     3-31

definition     xxv

troubleshooting     A-1  to A-19

U

uninstalling the Director     3-32

upgrade information     3-26

W

Warning

battery handling     3-2

circuit breaker (15A)     3-3

definition     xxv

grounded equipment     3-4

installation     3-1

installation warnings     3-1  to 3-4

jewelry removal     3-2

lightning activity     3-2

power disconnection     3-2

power supply     3-3

product disposal     3-2

SELV circuit     3-3

TN power     3-3

Posted: Fri Jul 28 08:34:51 PDT 2000
Copyright 1989-2000©Cisco Systems Inc.