33
Defining System Communication Interfaces for IPS Engines
2.
Right-click
IPS Engines
and select one of the following:
•
New
→
Analyzer
•
New
→
Combined Sensor-Analyzer
•
New
→
Sensor Cluster
•
New
→
Single Sensor.
3.
Enter a unique
Name
.
4.
(
Sensors only
) Select the
Analyzer
to which the Sensor sends event data.
5.
Select the Log Server options according to the type of element you are creating:
6.
If required in your setup, select the
Location
(see
Defining System Communication Interfaces for IPS
Engines
Each IPS engine needs at least one interface for communicating with other system components.
More than one system communication interface can be added to provide a primary and a
backup interface for Management Server communications.
For Analyzers, the volume of log traffic can easily grow large enough to delay other connections.
You may want to have dedicated interface(s) for receiving event data from sensors.
Element
Type
Option
Description
Analyzer
Log Server
Select the Log Server to which the Analyzer sends event logs.
Analyzer
Log Server for
Alerts
(
Optional
) Select the Log Server to which the Analyzer sends alerts. If
no Log Server is selected, alerts are sent to the same Log Server as
event logs.
Sensor
Log Server for
Recordings
(
Optional
) Select the Log Server to which the Sensor sends traffic
recordings. If no Log Server is selected, the Sensor does not make
any traffic recordings.
4
Summary of Contents for stonegate 5.2
Page 1: ...STONEGATE 5 2 INSTALLATION GUIDE INTRUSION PREVENTION SYSTEM...
Page 5: ...5 INTRODUCTION In this section Using StoneGate Documentation 7...
Page 6: ...6...
Page 12: ...12...
Page 18: ...18 Chapter 2 Planning the IPS Installation...
Page 28: ...28 Chapter 4 Configuring NAT Addresses...
Page 30: ...30...
Page 50: ...50 Chapter 6 Saving the Initial Configuration...
Page 60: ...60...
Page 72: ...72 Chapter 8 Installing the Engine on Intel Compatible Platforms...
Page 73: ...73 UPGRADING In this section Upgrading 75...
Page 74: ...74...
Page 88: ...88...