Monday, September 7, 2009

IPS Device Manager (IDM) with HTTPS / SSL / TLS

Intrusion Prevention System (IPS), The device having the ability to detect and stop intruders in the network. IPS can be access through command Line (CLI) and also through web (GUI). The GUI used to access IPS is IDM.

IDM:

A GUI used to manage the IPS allowing a point-N' click way to manage the system. It can be access through web-browser. Different protcol can be used with IDM:

1. TLS / SSL / HTTPS
2. Remote Data Exchnage Protocol (RDEP)
3. Security Device Event Exchange (SDEE)
4. Extended Markup Language (XML)
5. Intrusion Detection Configuration (IDConf)

HTTPS is a secure version of HTTP, its a HTTP over SSL or TLS. TLS or SSL make sure that data send over HTTP is secure and is encrypted. SSL comes out first for secure transaction like banking operations and transactions so we have to use some secure protcol and that was SSL but it was used only for HTTP (web) while we need an alternate also for other than web traffice so TLS was in. TLS can be used for any traffic or any communication type.

When we communicate with IPS, we can use any one of the protocol (TLS, SSL, HTTPS). Once encrypted session is established we can use than any one of the two protocol (RDEP or SDEE) to send configuration using a secure method. Like RDEP is used to configure and then SDEE is used to report event or notify the target.

NOTE: XML created and allow that it can store data, a universal way to store data and information with text, like back in 2000's Microsoft declare that we will now use XML to store data, just like we have our Microsoft office with .x extension (.docx) so All information to sensor will send using XML.

System Requirements:
--> Windows 2000 or XP
--> Sun Sparc Solaris 2.8 or 2.9 or later
--> Red Hat Linux 9.0 w/Gnome or KDE


Browser:
--> Internet Explorer 6.0 or later
--> Netscape 7.1 or later
--> Mozilla 1.7 or later


Java Plug-in 1.5 or later

Login in to IPS using web browser like
https://10.1.1.10

Further detail of IPS configurations, Problmes solution will be discussed soon here.

I hope this wille informativ for You :)

No comments: