Administration Guide
Page 3
... Platinum Web site at www.symantec.com/techsupp. 3 Technical support As part of languages ■ Advanced features, such as the Symantec Alerting Service and Technical Account Manager role, offer enhanced response and proactive security support Please visit our Web site for current information on product feature/function, installation, and configuration, as well as Symantec Security Response to provide Alerting Services and Virus Definition Updates for our Web-accessible Knowledge...
... Platinum Web site at www.symantec.com/techsupp. 3 Technical support As part of languages ■ Advanced features, such as the Symantec Alerting Service and Technical Account Manager role, offer enhanced response and proactive security support Please visit our Web site for current information on product feature/function, installation, and configuration, as well as Symantec Security Response to provide Alerting Services and Virus Definition Updates for our Web-accessible Knowledge...
Administration Guide
Page 16
... Symantec Network Security foundation activities, backdoors, buffer overflow attempts and blended threats like MS Blaster and SQL Slammer. The 7100 Series appliance's One-Click Blocking feature enables users to automatically enable blocking on all network traffic seen by enhancing the security and reliability of the hardware, simplifying deployment and management, and providing a single point of service and support. ■ Flexible Licensing Options: Each model of Solution: A single 7100 Series...
... Symantec Network Security foundation activities, backdoors, buffer overflow attempts and blended threats like MS Blaster and SQL Slammer. The 7100 Series appliance's One-Click Blocking feature enables users to automatically enable blocking on all network traffic seen by enhancing the security and reliability of the hardware, simplifying deployment and management, and providing a single point of service and support. ■ Flexible Licensing Options: Each model of Solution: A single 7100 Series...
Administration Guide
Page 17
... of the latest threats. The optional Symantec Network Security In-line Bypass unit provides fail-open : When using in-line mode, the Symantec Network Security 7100 Series appliance is centrally managed via the Symantec™ Network Security Management Console, a powerful and scalable security management system that will keep your network connected even if the appliance has a sudden hardware failure. The Network Security Management System automates the process of delivering security and product updates to Symantec Network Security using Symantec™ LiveUpdate to prevent an unexpected...
... of the latest threats. The optional Symantec Network Security In-line Bypass unit provides fail-open : When using in-line mode, the Symantec Network Security 7100 Series appliance is centrally managed via the Symantec™ Network Security Management Console, a powerful and scalable security management system that will keep your network connected even if the appliance has a sudden hardware failure. The Network Security Management System automates the process of delivering security and product updates to Symantec Network Security using Symantec™ LiveUpdate to prevent an unexpected...
Administration Guide
Page 19
... the Symantec Network Security foundation ■ Policy-Based Detection: Predefined policies speed deployment by allowing users quickly configure immediate response to create granular responses. Independently configurable detection settings make it easy for users to intrusions or denial-of-service attacks based on -demand, drill-down to the needs of access rights. All administrative changes made from the Network Security console are logged for complete, scalable control. ■ Role-based Administration: Symantec Network Security provides...
... the Symantec Network Security foundation ■ Policy-Based Detection: Predefined policies speed deployment by allowing users quickly configure immediate response to create granular responses. Independently configurable detection settings make it easy for users to intrusions or denial-of-service attacks based on -demand, drill-down to the needs of access rights. All administrative changes made from the Network Security console are logged for complete, scalable control. ■ Role-based Administration: Symantec Network Security provides...
Administration Guide
Page 20
... the Symantec Network Security 7100 Series" on the software and appliance nodes that can find information about Symantec Network Security software and Symantec Network Security 7100 Series appliances in the documentation sets, on the product CDs, and on the Symantec Network Security 7100 Series. ■ Symantec Network Security Administration Guide (printed and PDF). This guide explains how to install, configure, and perform key tasks on the Symantec Web sites. Third-party intrusion events are aggregated into a centralized location, leveraging the power of...
... the Symantec Network Security 7100 Series" on the software and appliance nodes that can find information about Symantec Network Security software and Symantec Network Security 7100 Series appliances in the documentation sets, on the product CDs, and on the Symantec Network Security 7100 Series. ■ Symantec Network Security Administration Guide (printed and PDF). This guide explains how to install, configure, and perform key tasks on the Symantec Web sites. Third-party intrusion events are aggregated into a centralized location, leveraging the power of...
Administration Guide
Page 21
...; Symantec Network Security 716x Service Manual (printed and PDF). This document provides the late-breaking information about the Symantec Network Security 7100 Series, including limitations, workarounds, and troubleshooting tips. Introduction 21 Finding information This card provides the minimum procedures necessary for installing, configuring, and starting to configure and manage effectively. ■ Symantec Network Security User Guide (PDF): This guide provides basic introductory information about Symantec Network Security core software. See also "Finding information" on supported...
...; Symantec Network Security 716x Service Manual (printed and PDF). This document provides the late-breaking information about the Symantec Network Security 7100 Series, including limitations, workarounds, and troubleshooting tips. Introduction 21 Finding information This card provides the minimum procedures necessary for installing, configuring, and starting to configure and manage effectively. ■ Symantec Network Security User Guide (PDF): This guide provides basic introductory information about Symantec Network Security core software. See also "Finding information" on supported...
Administration Guide
Page 39
... addition of in-line alerting mode over operating in addition to those interfaces has a hardware or software failure, all associated network traffic is no fail-open When you make repairs. About management on the 7100 Series The 7100 Series offers several management features in passive mode is currently no risk of the appliance model 7161. The screen can configure a non-blocking protection policy to the TCP connection. You can enable blocking with an...
... addition of in-line alerting mode over operating in addition to those interfaces has a hardware or software failure, all associated network traffic is no fail-open When you make repairs. About management on the 7100 Series The 7100 Series offers several management features in passive mode is currently no risk of the appliance model 7161. The screen can configure a non-blocking protection policy to the TCP connection. You can enable blocking with an...
Administration Guide
Page 43
... interfaces using in-line mode, or to leave them in passive mode. Your choice affects the cabling of initial configuration, including: ■ LCD: Use the LCD screen and push buttons on the appliance to enter the node IP address, password, and other information. This also affects the cabling process. ■ Initial configuration: Choose from three methods of the appliance. ■ Fail-open: If you place any interfaces...
... interfaces using in-line mode, or to leave them in passive mode. Your choice affects the cabling of initial configuration, including: ■ LCD: Use the LCD screen and push buttons on the appliance to enter the node IP address, password, and other information. This also affects the cabling process. ■ Initial configuration: Choose from three methods of the appliance. ■ Fail-open: If you place any interfaces...
Administration Guide
Page 44
... Security console The Network Security console serves as the main management interface for initial configuration when installing the slave appliance. Both the Symantec Network Security software and the 7100 Series appliance utilize the Network Security console for any in asymmetrically routed networks. About the management interfaces Symantec Network Security provides a management interface called the Network Security console. The 7100 Series appliance also provides two additional management interfaces: the serial console and the LCD panel. Setting up to a compact flash card...
... Security console The Network Security console serves as the main management interface for initial configuration when installing the slave appliance. Both the Symantec Network Security software and the 7100 Series appliance utilize the Network Security console for any in asymmetrically routed networks. About the management interfaces Symantec Network Security provides a management interface called the Network Security console. The 7100 Series appliance also provides two additional management interfaces: the serial console and the LCD panel. Setting up to a compact flash card...
Administration Guide
Page 59
... user actions Setting Maximum Login Failures Maximum Login Failures determines the number of a locked-out account to re-enable it locks the user out. Setting Lock LCD Screen Lock LCD Screen indicates whether the LCD panel on a Symantec Network Security 7100 Series appliance is set Lock LCD Screen to true, users must enter a password to 0, then no restrictions apply. The limit applies to control user access using the predefined user groups, managing user passwords and...
... user actions Setting Maximum Login Failures Maximum Login Failures determines the number of a locked-out account to re-enable it locks the user out. Setting Lock LCD Screen Lock LCD Screen indicates whether the LCD panel on a Symantec Network Security 7100 Series appliance is set Lock LCD Screen to true, users must enter a password to 0, then no restrictions apply. The limit applies to control user access using the predefined user groups, managing user passwords and...
Administration Guide
Page 257
... Connection String ■ Setting DB User ■ Setting DB Password ■ SQL reference Setting Cluster ID Cluster ID indicates the Network Security cluster sending a message, so that you enable to export to SQL. To configure this parameter 1 Click Configuration > Node > Network Security Parameters. 2 In Select Node, choose the node from multiple clusters if spooled to the database, and should be unique for each Network Security cluster. Managing log files...
... Connection String ■ Setting DB User ■ Setting DB Password ■ SQL reference Setting Cluster ID Cluster ID indicates the Network Security cluster sending a message, so that you enable to export to SQL. To configure this parameter 1 Click Configuration > Node > Network Security Parameters. 2 In Select Node, choose the node from multiple clusters if spooled to the database, and should be unique for each Network Security cluster. Managing log files...
Administration Guide
Page 348
... time to the incident. A dime-size hardware device that stores the private key portion of the Network Security signature certificate to the network that is an application protocol. Incidents are derived from the highest priority event type that makes the device an integral part of such groupings. Incidents derive their names from an event or a group of events that users can be used...
... time to the incident. A dime-size hardware device that stores the private key portion of the Network Security signature certificate to the network that is an application protocol. Incidents are derived from the highest priority event type that makes the device an integral part of such groupings. Incidents derive their names from an event or a group of events that users can be used...
Administration Guide
Page 350
... a Symantec product. logic bomb The malicious code that allows simultaneous voice and data transmission over the Forwarding) Protocol Internet. LAN (local area network) A group of connections. license key A unique identification number used to operate with any other devices in a network, whether on the Internet or on the network. ISDN (Integrated Services Digital Network) A high-speed, digital, high-bandwidth telephone line that is a lightweight (smaller amount of code) version of Directory Access Protocol (DAP), which supports...
... a Symantec product. logic bomb The malicious code that allows simultaneous voice and data transmission over the Forwarding) Protocol Internet. LAN (local area network) A group of connections. license key A unique identification number used to operate with any other devices in a network, whether on the Internet or on the network. ISDN (Integrated Services Digital Network) A high-speed, digital, high-bandwidth telephone line that is a lightweight (smaller amount of code) version of Directory Access Protocol (DAP), which supports...
Administration Guide
Page 353
..., helping to configure the response. open source code A program whose source code is available for protocols that is out of data. OS (operating system) The interface between the hardware of a challenge-response authentication process. Messages are the Apache Web server and the Linux operating system. You can access files in a number of a device or entity on the firewall in the past. In addition to avoid overloading lines...
..., helping to configure the response. open source code A program whose source code is available for protocols that is out of data. OS (operating system) The interface between the hardware of a challenge-response authentication process. Messages are the Apache Web server and the Linux operating system. You can access files in a number of a device or entity on the firewall in the past. In addition to avoid overloading lines...
Administration Guide
Page 355
... assigned to an endpoint of ports, including internal ports for connecting disk drives, monitors, and keyboards, and external ports, for open . PIN (personal In computer security, a number used for passing data into and out of ports. ping (Packet Internet Groper) A program that is currently online and accessible. A hardware location for communication between 1 and 5 (inclusive) that is known to retrieve email from a remote server over Ethernet (PPPoE) has now become...
... assigned to an endpoint of ports, including internal ports for connecting disk drives, monitors, and keyboards, and external ports, for open . PIN (personal In computer security, a number used for passing data into and out of ports. ping (Packet Internet Groper) A program that is currently online and accessible. A hardware location for communication between 1 and 5 (inclusive) that is known to retrieve email from a remote server over Ethernet (PPPoE) has now become...
User Guide
Page 3
... right amount of support purchased and the specific product that delivers automatic software upgrade protection ■ Content Updates for our Web-accessible Knowledge Base. 3 Technical support As part of languages ■ Advanced features, such as the Symantec Alerting Service and Technical Account Manager role, offer enhanced response and proactive security support Please visit our Web site for virus outbreaks and security alerts. The Technical Support group's primary role...
... right amount of support purchased and the specific product that delivers automatic software upgrade protection ■ Content Updates for our Web-accessible Knowledge Base. 3 Technical support As part of languages ■ Advanced features, such as the Symantec Alerting Service and Technical Account Manager role, offer enhanced response and proactive security support Please visit our Web site for virus outbreaks and security alerts. The Technical Support group's primary role...
User Guide
Page 9
...; Cabling the 4 In-line Bypass unit to the 7160 ■ Product specifications ■ Product certifications The bypass unit provides fail-open is available in -line interface pairs. This user guide includes the following topics: ■ Verifying the contents of its in two models, the 2 In-line Bypass unit and the 4 In-line Bypass unit. If it , use the Network Security console to configure the corresponding in-line pairs. This user guide contains instructions...
...; Cabling the 4 In-line Bypass unit to the 7160 ■ Product specifications ■ Product certifications The bypass unit provides fail-open is available in -line interface pairs. This user guide includes the following topics: ■ Verifying the contents of its in two models, the 2 In-line Bypass unit and the 4 In-line Bypass unit. If it , use the Network Security console to configure the corresponding in-line pairs. This user guide contains instructions...
User Guide
Page 12
... port group connect to the two network segments and the two interfaces of four ports each, referred to the bypass unit and also sends a periodic keep-alive signal through the USB connection. Power supply 1 4 - Port group 1 7 - Port group 2 8 - The ports in -line pair. Mgmt USB 3 - Port group 3 Each port group includes: Net A, App A, App B, Net B USB connection The Symantec Network Security 7100 Series appliance communicates with the Symantec Network Security 7160 appliance. The appliance sends commands...
... port group connect to the two network segments and the two interfaces of four ports each, referred to the bypass unit and also sends a periodic keep-alive signal through the USB connection. Power supply 1 4 - Port group 1 7 - Port group 2 8 - The ports in -line pair. Mgmt USB 3 - Port group 3 Each port group includes: Net A, App A, App B, Net B USB connection The Symantec Network Security 7100 Series appliance communicates with the Symantec Network Security 7160 appliance. The appliance sends commands...
User Guide
Page 17
... power supply 2 is operating in online mode. The P2 LED glows when port group 2 is connected to a power source. Power supply 1 The PS1 LED glows when power supply 1 is operating in online mode. Rear panel LEDs on the USB connection. Transmit data The TX LED blinks when the bypass unit is receiving data on the USB connection. The P1 LED glows when port group 1 is connected to the ports in the diagram. 17 In-line...
... power supply 2 is operating in online mode. The P2 LED glows when port group 2 is connected to a power source. Power supply 1 The PS1 LED glows when power supply 1 is operating in online mode. Rear panel LEDs on the USB connection. Transmit data The TX LED blinks when the bypass unit is receiving data on the USB connection. The P1 LED glows when port group 1 is connected to the ports in the diagram. 17 In-line...
User Guide
Page 26
... of the network. Connecting the power on the 4 In-line Bypass unit You can use either USB port on the 4 In-line Bypass unit. You should connect it only to in-line pair 3 on the bypass unit and into a power source. To connect the power 1 Plug one power cord into a power socket on the 7160. 26 Cabling the 4 In-line Bypass unit to the 7160 To cable port group...
... of the network. Connecting the power on the 4 In-line Bypass unit You can use either USB port on the 4 In-line Bypass unit. You should connect it only to in-line pair 3 on the bypass unit and into a power source. To connect the power 1 Plug one power cord into a power socket on the 7160. 26 Cabling the 4 In-line Bypass unit to the 7160 To cable port group...