SiteProtector Component
Description
Reporting module
The Reporting module generates graphical summary and compliance reports
that provides the information that you need to assess the state of your security.
Reports cover vulnerability assessment, attack activities, auditing, content
filtering, Desktop Protection security, SecurityFusion
™
and virus activity.
SecurityFusion module
The SiteProtector SecurityFusion module greatly increases your ability to
quickly identify and respond to critical threats at your Site. Using advanced
correlation and analysis techniques, the module identifies both high impact
events and patterns of events that may indicate attacks.
Impact analysis
— The module correlates intrusion detection events with
vulnerability assessment and operating system data and immediately estimates
the impact of events.
Site Database
The SiteProtector database stores raw agent data, occurrence metrics (statistics
for security events triggered by agents), group information, command and
control data, and the status of X-Press Updates (XPUs).
SP Core
The SP core includes the following components:
v
The application server, which includes the Sensor Controller component,
enables communication between the SiteProtector System Console and the
SiteProtector database.
v
The X-Press Update Server stores X-Press Updates (XPUs) downloaded from
the IBM Security Download center and makes them available to the agents
and components on the network. The Update Server eliminates the need to
download updates for similar products more than once and allows users to
manage the update process more efficiently.
v
SiteProtector Web Access is a interface that provides easy access to
SiteProtector for running reports and monitoring assets and security events.
SiteProtector Firmware
SiteProtector firmware consists of the operating system and the database that
runs on the SiteProtector SP3001 appliance hardware.
Standalone X-Press Update
Servers (optional)
In addition to the X-Press Update (XPU) Server that is installed with the SP
Core, you can install standalone X-Press Update Servers on separate computers.
System requirements
See the “Hardware and software requirements” topic under
Planning
in the Information Center (online
Help) for information regarding system requirements.
Note:
The “Hardware and software requirements” topics apply only to add-on components because the
SiteProtector SP3001 appliance hardware meets all SiteProtector requirements.
IBM Security Server Protection for Windows
An embedded version of the IBM Security Server Protection for Windows is installed and configured on
the SiteProtector SP3001 appliance hardware and is delivered with a security policy that is predefined for
the SiteProtector SP3001 appliance's operating system and configuration.
Purpose of IBM Security Server Protection
IBM Security Server Protection for Windows, formerly Proventia Server for Windows, is a comprehensive
security application that protects the SiteProtector SP3001 appliance and your network from the
following:
v
theft of corporate information, passwords, and other sensitive information
v
attempts to use the SiteProtector SP3001 appliance to attack other systems
4
SiteProtector System: SP3001 Hardware Configuration
Summary of Contents for SP3001
Page 4: ...iv SiteProtector System SP3001 Hardware Configuration ...
Page 12: ...6 SiteProtector System SP3001 Hardware Configuration ...
Page 16: ...10 SiteProtector System SP3001 Hardware Configuration ...
Page 26: ...20 SiteProtector System SP3001 Hardware Configuration ...
Page 30: ...7 Close the Remote Desktop session 24 SiteProtector System SP3001 Hardware Configuration ...
Page 32: ...26 SiteProtector System SP3001 Hardware Configuration ...
Page 42: ...36 SiteProtector System SP3001 Hardware Configuration ...
Page 46: ...40 SiteProtector System SP3001 Hardware Configuration ...
Page 48: ...42 SiteProtector System SP3001 Hardware Configuration ...
Page 49: ......
Page 50: ... Printed in USA ...