Configuring SiteProtector Management in the Network IPS Local Management Interface

You must register the Network IPS appliance with the SiteProtector™ system to configure SiteProtector-to-Agent communications, such as heartbeat intervals, SiteProtector system groups, and authentication.

About this task

Navigating in the Network IPS Local Management Interface: Manage System Settings > Appliance > SiteProtector Management

Procedure

  1. Configure the following options:
    Option Description
    Register with SiteProtector Registers the appliance with the SiteProtector system.
    Local Settings Override SiteProtector Group Settings The appliance maintains all local settings. Any group policy settings that are set in the SiteProtector system do not affect this appliance.
    Note: If you do not select this option, the appliance inherits the settings of the SiteProtector system group that you specify at the first heartbeat.
    Desired SiteProtector Group for Sensor The name of the SiteProtector system group to which the appliance belongs.
    Important: Assign the appliance to a group that contains only other Network IPS appliances.
    Heartbeat Interval (secs) Type the number of seconds that the appliance waits between sending heartbeats to the SiteProtector system.
    Note: Valid entries are 300 - 86,400 seconds.
    SPA Logging Level Specifies the SPA logging level as normal, debug, or verbose.
    Cryptography Level Select which cryptographic security standard the appliance complies with.
    • Compatible Cryptography

      If selected, the appliance complies with cryptographic security standard FIPS 140-2. Select this option to connect to a SiteProtector system that is also installed in compatible mode.

      Protocols allowed: TLS v1.0, TLS v1.1, TLS v1.2
      Certificates: SHA-1 RSA-2048
      Ciphers: SHA-1 or stronger

    • Strict Cryptography (default option)

      If selected, the appliance complies with cryptographic security standard SP 800-131A. Select this option to connect to a SiteProtector system that is also installed in strict mode.

      Protocols allowed: TLS v1.2
      Certificates: SHA-2 RSA-2048
      Ciphers: SHA-2 or stronger

  2. In the Agent Manager Configuration area, click the Add icon and configure the following options:
    Option Description
    Authentication Level Specifies the level of trust.
    Note: The default option first-time-trust is the best choice for most environments.
    Agent Manager Name Lists the Agent Manager name exactly how it is displayed in the SiteProtector system (case-sensitive).
    Agent Manager Address Lists the IP address of the Agent.
    Note: This entry supports IPv4 and IPv6 addresses.
    Agent Manager Port Specifies the port number where the Agent is; the default value is 3995.
    Note: You can type a new port number, but you must also configure the new port number locally on the Agent Manager itself.
    Agent Manager User Name Specifies the user name of the Agent that is communicating with the SiteProtector system.
    Note: The account user name is set on the Agent Manager.
    Agent Manager User Password Specifies the password of the Agent that is communicating with the SiteProtector system.
    Note: Click Enter Password to add or change the password.
    Use Proxy Settings Specifies whether proxy settings are enabled or not.
    Proxy Server Address Lists the IP address of the proxy server.
    Proxy Server Port Lists the port number of the proxy server.