 |
| 点击下载 |
企业在安全方面面临的最大挑战之一是如何管理由不断增加的、多个厂商的安全设备和系统所产生的大量警报信息。企业需要可以隔离和优先处理代表着实际安全威胁的消息的自动化系统。
更加有效的安全自动化的关键是一种被称为安全信息管理(SIM)的软件技术。CiscoWorks安全信息管理解决方案(SIMS)3.1建立在netForensics的技术的基础上,可以为搜集和分析企业所面临的、大量的安全事件数据提供非常强大的功能。
利用这种技术,企业可在不增加员工的基础上,管理他们不断扩大的安全基础设施和有效地监控数百万个事件消息。
利用CiscoWorks SIMS 3.1,用户将获得一个可以提供下列功能的解决方案:
- 对于SAFE和所有多厂商安全环境的、全面的事件监控
- 先进的虚拟化功能,可以实现迅速、直观的安全监控
- 集成化的风险评估功能可以揭示企业中的任何特定资产的总体风险
- 对于所有级别的安全操作的全面报告和预测
- 生产率增益和成本降低
CiscoWorks SIMS 3.1利用曾获大奖的netForensics软件提供这些功能。该软件是这个解决方案的核心。
CiscoWorks SIMS 3.1可以通过四个不同的阶段,搜集、分析和关联来自于整个企业的安全事件信息:规范化、汇总、关联和虚拟化。
规范化和汇总
在规范化和汇总阶段,CiscoWorks SIMS 3.1将从几乎所有的入侵检测系统、防火墙、操作系统、应用和防病毒系统搜集安全事件,并将其转换成一种通用的、便于理解的XML格式。事件随后将进行汇总,以清除重复的安全事件数据——安全管理员可以只看到1个关于一次针对PIX防火墙的端口扫描的消息,而不是6000个。
关联
利用统计关联,规范化的安全事件将按照资产或者资产群组归入不同的安全事件类别。事件类别可能包括刺探攻击、病毒攻击和拒绝服务攻击等。对于每个资产,CiscoWorks SIMS 3.1将通过将事件的严重程度和资产的价值结合到一起,不停地计算威胁指数,以确定安全事件的总体潜在威胁。CiscoWorks SIMS 3.1的主要优点在于能够发现那些被基于规则的关联系统所忽视的异常情况。
虚拟化
CiscoWorks SIMS 3.1可以在一个集中、实时的控制台中显示一个功能强大、直观、友好、基于Java的图形化界面。
管理面板提供了一个实时的企业级安全趋势视图,而实时控制台可以利用实时的关联和分析功能,迅速地隔离安全攻击。
风险评估
在安全方面,风险评估有助于了解企业中的任何一个特定资产的总体风险。风险通常被定义为威胁、危险性和价值的组合,其中:
- 威胁是指任何针对一个系统或资产的异常流量或活动。netForensics会记录每种威胁——无论它是端口扫描攻击还是登陆失败。这些记录将在计算总体风险时被考虑在内。
- 价值是指任何特定系统或资产的重要性等级(可能是以美元表示)。价值是一个由客户针对企业中的每个资产定义的变量。
- 危险性是指一个针对系统或者资产的攻击获得成功的可能性。
该解决方案结合了上述所有因素,为企业中的每个资产计算了一个总体风险指数。这个指数越高,就意味着资产的危险性越高。该解决方案还将生成一份风险评估报告,提供每个资产的必要细节和它的相关风险。通过了解企业中某个特定资产的危险性,企业可以采取相应的安全策略。
综述
随着企业IT基础设施的安全保障任务变得越来越具有挑战性,企业必须依靠技术来过滤来自于不断增加的安全设备和系统的大量安全事件信息。此外,技术不仅可以帮助机构降低攻击风险,还有助于在发生攻击时加快响应速度。CiscoWorks SIMS 3.1可以提高现有的安全团队的工作效率,进而帮助他们获得实际、显著的ROI。
灵活的部署选项
CiscoWorks SIMS 3.1能够以下列方式订购:
- 1. 一个纯软件产品。这可以提供部署一个多层服务器架构的灵活性,适用于大型部署。
2. 一个装置产品。包括预装在Cisco 1160硬件平台上的CiscoWorks SIMS 3.1。它可以为客户提供更加方便的安装。
装置产品具有与纯软件启动包相同的功能。该装置包括一个用于监控最多30个设备的使用许可。
如果事件数量较少,用户可以购买附加的使用许可,以监控超过30个设备。装置所能支持的设备的实际数量将取决于多个因素,包括消息频率、保持规定和设备类型。装置具有多种工具,例如用以监控消息频率和软件性能的系统状况监视器。
|
|
|
 |
| 纯软件产品 | 装置产品 |
| 分布式架构 | 单个服务器 |
| 全面可扩展性 | 部分可扩展性 |
| 1到4天安装服务 | 最短的安装时间 |
| 针对大中型部署 | 针对中小型部署 |
设备对于监控的支持
|
表1 所支持的事件来源和版本 | |
|
|
| 应用/设备 | 版本 | nF 组件 |
| Arbor Peakflow DoS | 2.1 | Arbor Peakflow代理 |
| Check Point FireWall-1 | NG, 4.1 | Check Point代理 |
| Cisco IOS ACL, FW, IDS | 12.2, 12.0 | Syslog文件代理 |
| Cisco Secure ACS | 3.1,3.0 | CSACS代理 |
| 思科防火墙交换模块 | 1.1.2 | Syslog文件代理 |
| Cisco Secure IDS | 4.1,4.0, 3.1, 2.5, 2.2 | CSIDS 代理 |
| Cisco Secure PIX | 6.3, 6.2, 6.1, 6.0, 5.3, 5.2, | Syslog 文件代理 |
| Cisco Secure PIX IDS | 6.3, 6.2, 6.1, 6.0, 5.3, 5.2 | Syslog 文件代理 |
| Cisco Security Agent | 4.0 | (需要管理中心来帮助思科安全代理转发事件) |
| Cisco VPN Concentrator | 3.1, 2.5.2 | Syslog文件代理 |
| CyberGuard Firewall | 5.1 | CyberGuard代理 |
| Dragon Sensor / Squire | 6.1 / 1.3.1 | Dragon代理 |
| Entercept HIDS | 4.0, 2.5, 2.0 | Entercept代理 |
| Intruvert | 1.2 | Intruvert代理 |
| ISS RealSecure HIDS / NIDS | 6.5, 6.0, 5.5 / 7.0, 6.5, 6.0 | ISS RealSecure代理 |
| ISS SiteProtector | 2.0 | ISS SiteProtector代理 |
| NetScreen | 4.0 | NetScreen代理 |
| Network Flight Recorder | 3.0 | NFR代理 |
| Secure Computing Sidewinder | 5.2 | Sidewinder代理 |
| Sourcefire | 2.0 | Sourcefire代理 |
| Snort NIDS | 1.8 | Snort代理 |
| Symantec Enterprise FW/VPN | 7.0, 6.5 | Symantec代理 |
| Symantec ManHunt NIDS | 2.2 | Enterprise Firewall/VPN |
| Symantec ITA | 3.6 | Symantec代理 |
| Tripwire NIDS | 3.0 | ManHunt代理 |
| UNIX OS 事件 | Solaris 8/7/6, Linux 7.2/7.1 | Tripwire代理 |
| Web服务器 | Apache, IIS, iPlanet | Web服务器代理 |
| Windows事件 | Win 2000 Server / Adv. Server | UNIX OS 文件代理 |
无线入侵检测——CiscoWorks WLSE可以检测、定位和消除由不知情的员工或者恶意的外界入侵者放置的恶意接入点。过去,网络管理人员必须亲自携带手持传感器,在整个建筑物中巡查一遍,才能找到恶意接入点。这种手动、费时、高成本的任务必须定期重复执行,以便及时发现新安装的恶意接入点。CiscoWorks WLSE则可自动完成这项任务。它不仅能通过一个被称为“位置管理器”(如图2所示)的图形化用户界面显示交换机端口的详细情况,还可以显示它们的物理位置。管理员现在可以迅速地检测、定位和禁用恶意接入点,消除它们所带来的安全威胁。
图2 CiscoWorks WLSE的“位置视图”可以显示恶意接入点的位置
无线/RF扫描和监控——Cisco Aironet接入点提供多种功能,而且内置了RF测量功能。CiscoWorks WLSE可以分析这些RF测量数据。一旦性能降低,CiscoWorks WLSE可以立即发出通知,并显示无线/RF覆盖范围(如图3所示)。任何WiFi客户端设备都可在WLAN中使用。但是,Cisco Aironet WLAN客户端适配器和思科兼容扩展客户端设备可以提供额外的优势。与Cisco Aironet接入点一样,这些客户端都内置了RF测量功能。事实上,客户端的无线扫描和监控功能所提供的RF测量数据比接入点生成的RF测量数据多出10到20倍。因为WLAN客户端可以在一个建筑物内的所有区域自由移动,所以客户端扫描和监控功能的添加可以将RF监控拓展到最可能包含恶意接入点的区域,同时实现更加准确的恶意接入点检测。
图3 位置管理器显示的无线/RF覆盖范围
干扰检测——CiscoWorks WLSE可以对所有受控的接入点的物理位置进行分类,创建一个WLAN安装地图。这使得无线感知网络能检测到对网络性能造成影响的、产生干扰性RF能量的地点。这种未知的RF能量的来源可能是一个恶意接入点或者一个工作在相同频段的设备,例如一部2.4GHz的无绳电话或者存在能量泄露的微波炉。
干扰检测和定位功能对于保持一个可靠的WLAN非常关键。发送到CiscoWorks WLSE的RF测量数据包括IEEE 802.11和非802.11干扰信息。如果干扰幅度超过了某个由管理员定义的阈值,CiscoWorks WLSE就会生成一个错误信息,从而让管理员可以迅速定位和消除干扰源。
图4 辅助性现场调查,“AP扫描模式”
CiscoWorks WLSE可以自动地执行多种重复性、费时的任务,从而简化Cisco Aironet接入点和网桥的管理。
AutoConfig——如果需要,新部署的接入点可以通过一种名为“AutoConfig”的功能,利用动态主机配置协议(DHCP),自动地接收由客户定义的缺省配置。这让管理员能在一个迅速扩充的环境中保持控制能力。
批量配置——客户可以像配置单个设备一样,配置一个包含数百个设备的群组。配置任务可以定期执行或者在需要的时候执行。
集中固件升级——接入点和网桥的硬件可以批量升级。升级可分配到某个特定的设备或者群组。任务可以定期执行或者在需要的时候执行。
动态分组——群组让网络变得更加便于理解和管理。设备可以按照管理员所定义的层次化分组进行组织。群组可以跨越多个子网。
配置档案——配置档案会存储每个设备的最近4个配置版本,从而让管理员可以撤销配置任务。
批量转换到Cisco IOS软件——运行VxWorks操作系统的Cisco Aironet 1200和350系列接入点可批量升级到Cisco IOS软件格式。
VLAN配置——接入点上的VLAN能进行配置和监控,从而让管理员可以为企业和公开VLAN上的不同用户提供不同的LAN策略和服务,例如安全和服务质量(QoS)。
自动发现——CiscoWorks WLSE可以利用思科发现协议,自动发现Cisco Aironet接入点、网桥和连接到接入点的交换机。发现任务可以定期执行或者在需要的时候执行。
集成——CiscoWorks WLSE通过系统日志消息、SNMP陷阱和一个XML接口,提供了与第三方NMS的集成。作为CiscoWorks系列网络管理产品的一部分,CiscoWorks WLSE还可以与CiscoWorks LAN管理解决方案(LMS)和其他CiscoWorks应用集成,从而可以最大限度地提高一个融合式有线或无线网络的管理效率。例如,设备库存信息和信任资格可以在CiscoWorks WLSE和CiscoWorks Resource Manager Essentials(RME)之间导入或导出。后者是一种可以为多种思科设备提供广泛网络管理功能的应用。如果需要,可以关闭CiscoWorks WLSE中的设备发现功能,并使其自动与RME同步库存信息。CiscoWorks WLSE使用的缺省用户角色与RME相同,但是允许定制。CiscoWorks WLSE可以从CiscoWorks 思科管理连接桌面启动,或者通过CiscoWorks 园区管理器拓扑图启动。
性能优化和可用性
CiscoWorks WLSE能主动地监控WLAN基础设施的使用情况、故障和性能降低情况。它可以支持以太网和无线通信接口。
干扰检测——CiscoWorks WLSE可以不间断地分析由Cisco Aironet系列接入点、Cisco Aironet WLAN客户端适配器和思科兼容扩展客户端设备生成的RF测试数据。在发生干扰时,CiscoWorks WLSE会自动发出通知。
可定制的阈值——管理员可以为特定的地点和群组设定不同的故障和性能阈值,以及特定的操作和缺省的优先级。一种包含关于受影响设备和故障的严重性的详细信息的集中故障界面可以帮助管理员迅速地解决问题。
故障状态——CiscoWorks WLSE可以提供一个所有接入点和用户群组的集中树型视图。彩色代码和群组标志可以显示缺省的状态。故障可以按照优先级过滤和排序,以便于查看和解决故障。
故障通知——故障通知和转发可以通过系统日志消息、SNMP陷阱和电子邮件实现。
交换机状态——CiscoWorks WLSE会监控与接入点相连的交换机,了解它们的端口、CPU和内存的可用性和使用情况。
增强的安全性
无线入侵检测——CiscoWorks WLSE可以迅速地发现和定位恶意接入点。关于恶意接入点所在的交换机端口的详细信息将让管理员可以禁用恶意接入点。
安全策略监控——CiscoWorks WLSE可以监控网络上的所有接入点,以确保安全策略的统一应用。而且CiscoWorks WLSE会对不符合服务集标识符(SSID)、广播、802.1X可扩展身份验证协议(EAP)设置和有线等效加密(WEP)的情况发出警报。警报可以通过电子邮件、系统日志或者SNMP陷阱的形式发出。
IEEE 802.1X服务器可用性的监控——CiscoWorks WLSE可以监控IEEE 802.1X EAP服务器——包括思科安全接入控制服务器(ACS)——的响应时间。支持Cisco EAP(LEAP)、受保护EAP(PEAP)和通用RADIUS身份验证。
安全用户界面——CiscoWorks WLSE可以提供一个安全的、基于HTML的用户界面。用户能随时随地访问该界面,甚至通过防火墙。除了基于Web的GUI以外,与Cisco IOS软件类似的命令行界面(CLI)可以提供对于CiscoWorks WLSE的直接控制台、Telnet或者安全壳式协议(SSH)访问,以实现基本的配置和诊断功能。
报告、趋势和规划
CiscoWorks WLSE提供多种预先定义的报告,它们对于诊断和容量规划非常有用。这些报告的内容包括网络使用情况、客户端关联和使用情况、历史和当前客户端使用统计数据,以太网和无线接口状态,以及错误详细信息。CiscoWorks WLSE可以提供群组级和单个设备级的报告。
所有报告都能定期生成,并通过电子邮件发送。报告可输出为CSV、XML和PDF格式。
适用于大型网络的容量
每个CiscoWorks WLSE(产品编号CWWLSE-1130-K9)最多可以管理2500个接入点。
基于角色的访问模式
CiscoWorks WLSE采用了一个灵活的、基于角色的用户访问模式。例如,帮助台人员的访问角色只能查看报告和故障。WLSE用户可以通过多种通用的身份验证模块(例如TACACS+、RADIUS和Microsoft NT域)进行身份验证。#p# 特性和优点
表1总结了CiscoWorks WLSE的特性和优点。
技术规格
表2列出了CiscoWorks WLSE的技术规格。
CiscoWorks WLSE所支持的思科设备
表3列出了CiscoWorks WLSE所支持的接入点和网桥。
注意:对于IEEE 802.11g的支持预计将于2004年度的第二季度推出。
表4列出了CiscoWorks WLSE所支持的交换机。
表5列出了CiscoWorks WLSE所支持的路由器。
表6列出了CiscoWorks WLSE所支持的接入服务器。
CiscoWorks WLSE所支持的Web浏览器
CiscoWorks WLSE可以通过下列Netscape和Internet Explorer浏览器访问。这些浏览器可以运行在一个CPU和内存要求都较低的系统上。
Netscape 4.79
Microsoft Internet Explorer 5.5 (装有Service Pack 2)和Microsoft Internet Explorer 6.0 #p#3.安装campus manager
Step 1 As root, mount the Campus Manager CD-ROM, using either of the following
methods:
Mount the CD-ROM on the Campus Manager server system.
Mount the CD-ROM on a remote Solaris system, then access the CD-ROM
from the Campus Manager server system.
Step 2 Run the installation program.
For a local installation, enter:
# cd /cdrom/cdrom0/
# ./setup.sh
For a remote installation, enter:
# cd remotedir
# ./setup.sh
Note Campus is installed in the same location as CiscoWorks2000
CD One. The default is /opt/CSCOpx.
The installation program checks for compatible patches, dependencies, and disk
space.
Step 3 Answer any questions that result from the checks.
The installation program displays many messages about the various packages
being installed and the services being started. The packages include application
software and device adapter packages for all devices that can be managed with
Campus applications.
The installation completes, installing Campus in the same location as CD One
(/opt/CSCOpx by default). The CiscoWorks2000 Server is running.
If errors occurred during installation, check the installation log file
/var/tmp/ciscoinstall.log. For information about troubleshooting, refer to
4.安装resource manager essentiall
1-9
Step 1 As root, mount the Essentials CD-ROM. You can either:
Mount the CD-ROM on the CiscoWorks2000 Server system.
or
Mount the CD-ROM on a remote Solaris system, then access the CD-ROM
from the CiscoWorks2000 Server system.
Step 2 Start the installation program.
For a local installation, enter:
# cd /cdrom/cdrom0/
# ./setup.sh
# ./setup.sh
The installation program checks for required patches and other dependencies and
displays:
1) Resource Manager Essentials
2) Resource Manager Essentials Incremental Device Support
3) All of the above
Select one of the items using its number or enter q to quit [q]
Note Option 3 is the most likely choice for new installations of
Essentials 3.3. If you try to install only one of the
components without the other already on your machine, the
installation fails.
Step 3 Enter 3 and press Return. The installation program checks dependencies and
system requirements.
If there is not enough disk space to install Essentials and IDS, the installation
program displays an error message and stops.
If the minimum requirements are not met, the installation program displays
an error message and continues with the installation.
The installation completes without displaying more questions, and the system
prompt appears.
5.安装device fault manager(注意安装)
2-2
Step 1 Make sure your system meets these prerequisites:
Required (or desired) operating system upgrades have been performed, and
required service packs are installed.
All installed applications are supported by CD One, 4th Edition. Applications
not supported by CD One, 4th Edition, will be disabled when you upgrade
CD One.
CD One, 4th Edition, has been installed.
Step 2 Close all open or active programs. Do not run other programs during the
installation process.
Step 3 As root, log on to the system on which you will install DFM, and mount a local
or remote CD-ROM drive. For instructions on mounting the CD-ROM, refer to
Step 4 Start the installation program by entering one of the following:
For a local installation, enter:
# cd /cdrom/cdrom0
# ./setup.sh
2-3
The installation program stops CiscoWorks2000, performs a requirements check,
and displays the following prompt:
WARNING: User casuser already exists, the installation process will
overwrite its privilege.
Do you want to continue (y/n) [y]
Step 5 Press Return to confirm installing the packages with the correct privileges. The
installation program displays the following installation choices (the choices may
vary, depending on your configuration):
1) CiscoWorks2000 Device Fault Manager
2) Device Fault Manager HPOV-NetView adapters
Step 6 Select 1 and press Return. This installs the complete DFM package, which
contains DFM, the DFM incremental device support base package, the
HPOV-NetView Adapter, and the RME Adapter.
The installation program checks dependencies and system requirements.
If there is not enough disk space for the installation, the installation program
displays an error message and stops.
Note Do not be alarmed if you see the following message:
INFO: total size (MB) required = 87
This message applies to disk space required by the
current set of individual packages being installed.
If the minimum recommended requirements are not met, the installation
program displays an error message and continues installing.
The installation proceeds without displaying any more questions, and the system
prompt appears. The installation program copies the files to the CiscoWorks2000
default installation directory /opt/CSCOpx ($NMSROOT).
Step 7 Unmount and eject the CD-ROM.
(注意操作)
Step 8 Specify the clients that are allowed to connect to the DFM server. (DFM provides this
fine-grain control as an additional security feature.)
a. Unregister the daemons with the daemon manager:
– For DfmServer:
# $NMSROOT/bin/pdcmd -u DfmServer
– For DfmBroker:
# $NMSROOT/bin/pdcmd -u DfmBroker
(可以不做)b. Decide which hosts you want to specify using the --accept option with
arguments shown in Table 2-1.
For example, this command fragment would allow connections only from
hosts lucy and ethel:
--accept=lucy,ethel
c. Re-register the daemons with the daemon manager, specifying the clients that
can connect to the broker and server (in this example, the DFM broker port is
9002):
– For DfmBroker (the following command is one line):
# $NMSROOT/bin/pdcmd -r DfmBroker -e $NMSROOT/objects/smarts/bin/brstart -f "--output
--port=9002 --accept=lucy,ethel,... --restore=$NMSROOT/objects/smarts/conf/broker.rps"
– For DfmServer (the following command is one line):
# $NMSROOT/bin/pdcmd -r DfmServer -e $NMSROOT/objects/smarts/bin/sm_server -d DfmBroker -f
"--bootstrap=DFM_bootstrap.conf --accept=lucy,ethel,... --output --name=DFM"
(可选)d. Make sure that the client names and current IP addresses are registered with
DNS if:
– You are running DHCP and/or
– You specified the clients with hostnames
Step 9 To verify that the DfmServer process is running, log on to the CiscoWorks2000
desktop as the administrator and select Server Configuration>
Administration>Process Management>Process Status.#p#6.安装content flow manager(没有多少用)
Step 1 Log in as the root user as described in the “Becoming the Root User” section on
page 2-1.
Step 2 Mount the CD-ROM. For detailed instructions, see Appendix B, “Mounting and
Unmounting the CD-ROM Drive.”
Step 3 Change to the mounted directory using the cd command:
# cd /cdrom/cdrom0
Step 4 Start the installation script by entering the following command:
# ./setup.sh
The CFM setup program verifies the system environment for software
installation.
7.安装internetwork performance manager
1) 在solaris 上安装
4-15
Step 1 Log in as the root user
Step 2 Mount the CD-ROM drive
Step 3 Change to the mounted directory using the cd command:
# cd /cdrom/cdrom0
Step 4 Start the installation script by entering the following command:
# ./setup.sh
The following IPM setup program menu appears:
1) Review README File First (Recommended)
2) Install IPM Server and Client
3) Install IPM Client Only
4) Exit Setup
Please choose an option ->
Step 5 Type the number of the desired installation option and press Enter.(一般选2) The IPM setup
program verifies the system environment for installation of the software.
The following message appears:
Enter full Netscape browser executable pathname:
[/opt/netscape/netscape]
Step 6 To accept the default path for Netscape Communicator, press Enter. If the
Netscape Communicator executable file is located in a different directory than the
default, type the full path (including file name) where the executable file is
located.
The IPM installation program determines whether or not your system meets the
hardware and software requirements for running IPM.
4-17
Step 7 If your system meets the requirements for IPM, the following prompt appears:
Do you want the Express Install (y/n) [Y]
To choose the Express Install which installs IPM using all default settings,
press Enter.
To choose the standard installation which prompts you for additional
information such as port numbers, product path, and filename, type N and
press Enter.
Step 8 If your system does not meet all the requirements for IPM, the installation
program proceeds with the standard installation and you are prompted for
information such as port numbers, product path, and filename.
Step 9 Verify that the installation was completed successfully by viewing the messages
displayed at the end of the installation and by viewing the installation log. The
installation log path is specified at the end of the installation script.
Step 10 Depending on the installation option you selected, a menu appears with options
to start the software or exit setup. If the installation was successful, select an
option to start the software.
The following menu appears when you install the IPM server and client software:
1) Start IPM Server and Client
2) Start IPM Server Only
3) Exit Setup
Please choose an option ->
The following menu appears when you install only the IPM client software:
1) Start IPM Client and Connect to Default Remote Server - cwb-sun4
2) Start IPM Client and Connect to Alternate Remote Server
3) Exit Setup
Please choose an option ->
To start the IPM server and client at a later time from the command line, enter:
# cd /opt/CSCOipm/bin
# ./ipm
To start just the IPM server at a later time from the command line, enter:
# cd /opt/CSCOipm/bin
# ./ipm start
2)在windows2000上安装
5-5
Step 1 Log in as the administrator.
Step 2 Insert the IPM CD-ROM in the CD-ROM drive on the workstation. The IPM
program files are automatically extracted from the CD-ROM. When all the files
are extracted, the Internetwork Performance Monitor Setup window appears.
Note If the setup window does not appear automatically when you insert the
CD-ROM, go to the root directory and run the ipmfull.exe command.
Step 3 Click Next. The License Agreement window appears.
Step 4 If you accept the license agreement, click Yes. The Setup Type window appears.
Note The Setup Type window allows you to specify whether you are
installing the IPM server, the IPM client, or both. If you are running
Windows 98, you can install only the IPM client, so the Setup Type
window is unnecessary. Instead, the Select Program Folder window
appears, and you should skip to Step 7.
Step 5 Specify whether you are installing the IPM server, the IPM client, or both:
To install both, select IPM Client & Server, then click Next.
To install only the IPM client, select IPM Client, then click Next.
To install only the IPM server, select IPM Server, then click Next.
The Choose Destination Location window appears.
Step 6 Accept the default location, or browse to find a location, then click Next. The
Select Program Folder window appears.
Step 7 Accept the default folder, enter a folder name, or browse to find a folder, then
click Next. The Select IPM Server Configuration windowappears.
shows the Select IPM Server Configuration window if you are
installing only the IPM client. If you are installing the IPM server the window is
similar, but the DbPort field is displayed instead of the Server Host field.
Step 8 If you are installing the IPM server, in the DbPort field enter a port number for
the IPM server database. The default port number is 44341/tcp.
If you are installing only the IPM client, in the ServerHost field enter the name
of the host on which the IPM server software is installed.
Step 9 (Optional) In the ServerPort field, enter a server port number. The default is
44342/udp.
If you are installing only the IPM client, verify that the IPM server is using default
port number 44342/udp. If the IPM server is using a different port number, enter
that number in this field. The IPM client and server can communicate only if they
are configured for the same port number.
Step 10 (Optional) In the WebPort field, enter a Web port number. The default is
1744/tcp.
Step 11 Click Next. IPM asks you to confirm your choices, and the Start Copying Files
window appears.
Step 12 Click Next. The Setup Status window appears and the files are copied.
Step 13 When all of the files have been copied, IPM asks if you want to do regular
unattended backups of the IPM database. If you want to enable this feature, click
Yes.
Step 14 The InstallShield Wizard Complete window appears. Installation is complete.
Step 15 IPM asks if you want to read the README file. The README file contains
late-breaking information that might not be found in the product documentation.
Step 16 To read the latest information about IPM in the README file, select the
README check box and click Finish.
3)访问IPM
可用IPM client 连接server,也可能用:http://serverip:1744访问。
经过安装发现IPM在中文版的系统上无法正常使用,只有在英文版的系统上才能使用。
8.安装access control list manager
Step 1 Make sure your system meets all of the requirements a
Step 2 To become superuser, enter su and the root password at the command prompt, or
log in as root.
Step 3 Insert the CD-ROM into your CD-ROM drive.
The CD-ROM is automatically mounted into the /cdrom/cdrom0 directory. If you
are running File Manager, a separate File Manager window displays the contents
of the CD-ROM.
Step 4 Enter:
# cd /cdrom/cdrom0
# ./setup.sh
Chapter 1 Installing ACL Manager
Installing ACL Manager on Solaris
Step 5 Enter y to agree to the terms of the copyright, then press Return.
If you are upgrading ACL Manager 1.2 to 1.3, the install program prompts you to
back up data from the previous release. You should back up your ACL Manager
1.2 data.
If you are installing ACL Manager for the first time, go to Step 8.
Step 6 Enter y at the command prompt, then press Return.
Step 7 Enter the path for the backup directory, then press Return.
After the data has been backed up, if the correct version of Essentials is not
installed, an error message appears and the installation terminates.
Step 8 If Essentials is installed, this message appears on your screen:
Select component(s) you wish to install (all/none/q)[all]:
Type all, then press Return.
If Essentials is running, the install program asks you whether you want to stop the
CiscoWorks2000 Daemon Manager or not. Type y to continue installing
ACL Manager. If you type n, the installation program exits.
The installation program displays the names of the server files being installed. If
you have upgraded from ACL Manager 1.2 to 1.3, the data is updated.
ACL Manager gets registered in the CiscoWorks2000 data backup framework.
After the installation is complete, the installation program restarts the
CiscoWorks2000 Daemon Manager.#p#9.安装real-time monitor(有点难)
1)在windows2000上创建一个安全帐户:
用管理员帐户登录;select start button>settings>control panel>administerative tools>computer management; expand the local users and groups list;select users;form the action menu ,select new user;creat the user-ngenius. Select start button>settings>control panel>administerative tools >local secureity policy; expand the local policies list;select user rights assignment;grant the user rights to the new user: log on as a batch job.log on as a service.log on locally.
2)安装real-time monitor
①log in as administerator
②insert the CD
③the welcome window displays.click next to continue.
④click next.
⑤click next.
⑥click next.
⑦accept or change the following information: web server port database server portn Genius user account login name nGenius user account password
⑧enter the database password.
⑨in the installation owner information panel.enter the following information log in name password
⑩click next.
(11)click next.
(12)click yes.
(13) click ok.
(14)click yes.
(15)end.
运行RTM
在开始菜单中按start nGenius server .
还需要在交换机和路由器上作设定,以IOS为例
service timestamps log datetime localtime show-timezone msec
service timestamps debug datetime msec localtime show-timezone
logging ***.***.***.***
snmp-server community ******* RO
snmp-server community ******* RW
snmp-server enable traps
snmp-server host ***.***.***.*** version 2c public
clock timezone CCT 8
ntp server ***.***.***.***