Using Monitoring Center for Security 1.2
Index
Download this chapter
IndexIndex
Download the complete book
Using Monitoring Center for Security 1.2 (whole book PDF)Using Monitoring Center for Security 1.2 (whole book PDF) (PDF - 2 MB)
give_us_feedback

Table of Contents

Index
 A
 B
 C
 D
 E
 G
 H
 I
 L
 M
 N
 P
 R
 S
 T
 U
 V
 W

Index

A

Alarm Export utility

overview   7-24

archiving   7-24

audience for this document   ix

B

backing up the database   7-43

C

cautions

significance of   x

Cisco.com, accessing   xiv

Cisco Secure Policy Manager

importing events from   7-32

CiscoWorks2000

logging in   2-2

column order

in Event Viewer   4-11

columns

deleting from the Event Viewer display   4-15

compacting

database   7-39

context buffer

in Event Viewer   4-23

correlating events

D

database

compacting   7-39

reducing the size

database rules

adding   7-19

deleting   7-23

editing   7-22

overview   7-10

databases

backing up   7-43

restoring   7-45

deleting

device configurations   3-17

deleting events from the database

procedure for   4-16

recommendations for   4-16

destination addresses

viewing host names   4-23

devices

adding

RDEP-based sensors   3-3

adding configurations

Cisco IDS Host Sensor   3-10, 3-11

discovering postoffice settings   3-9

PIX Firewall   3-10, 3-11

postoffice-based sensors   3-4

deleting configurations   3-17

editing configurations   3-17

importing configurations   3-15

monitoring overview   3-2

documentation   xi

additional online   xiv

audience for this   ix

feedback, submitting electronically   xv

obtaining   xiv

CD-ROM   xv

Cisco.com   xiv

ordering   xv

other Cisco publications and information   xviii

related to this product   xii

typographical conventions in   x

E

editing

device configurations   3-17

e-mail servers

specifying   7-2

event

correlation

overview   1-4

Event Expansion Boundaries   4-18

event notifications

specifying default e-mail servers   7-2

event rules

activating   5-17

adding   5-11

deactivating   5-18

deleting   5-19

editing   5-16

overview   5-1

events

archiving   7-24

correlation

using Event Rules   1-4

using Event Viewer   1-4

using reports   1-4

deleting   7-24

deleting from the database   4-16

deleting from the Event Viewer display   4-15

refreshing in Event Viewer   4-26

resuming addition to Event Viewer   4-20

suspending addition to Event Viewer   4-20

types displayed in Event Viewer   4-2

Event Viewer   4-1

blocking   4-26

changing column order   4-11

collapsing cells   4-17

context buffer   4-23

deleting a column from the display   4-15

deleting events   4-16

deleting events from the display   4-15

expanding cells   4-19

preferences   4-21

refreshing events   4-26

removing blocks   4-27

resuming events   4-20

saving column order   4-20

setting Event Expansion Boundaries   4-18

starting   4-13

suspending events   4-20

viewing event statistics   4-25

viewing host names   4-23

viewing list of users   4-32

viewing the NSDB   4-25

G

graphs of event data   4-11

GUI elements   2-6

H

help   xvi

Cisco.com   xvi

online documentation   xiv

TAC   xvii

Escalation Center   xviii

website   xvii

host names

viewing for source and destination addresses in Event Viewer   4-23

hosts

blocking traffic from   4-26

removing blocks   4-27

I

IDIOM files

importing   7-33

IdsAlarms utility   7-24

IdsImportArchivedData utility

overview   7-34

IdsImportIdiom utility

overview   7-33

using   7-38

IdsImportNrLog utility

overview   7-32

using   7-38

IDS Pruning utility

overview   7-27

importing

alarms   7-30

device configurations   3-15

from CSPM   7-30

from Director   7-30

IDIOM files   7-33

nrlog files   7-32

pruning archive files   7-34

IPSec

using to secure communication between sensors and Security Monitor   A-1

L

logging in

CiscoWorks2000   2-2

M

monitored devices

N

networks

blocking traffic from   4-26

removing blocks   4-27

Network Security Database

nrlog files

importing   7-32

NSDB (Network Security Database)

viewing   4-25

P

postoffice

specifying settings   7-2

pruning archive files

importing   7-34

R

remote hosts

specifying   3-18, 3-21

reports

alarm   6-2

audit   6-4

CSA   6-5

deleting   6-10

deleting scheduled report templates   6-12

editing parameters for   6-11

overview   6-1

saving as HTML   6-9

types of   6-2

viewing   6-8

restoring

caution   7-46

databases   7-45

S

Secure Shell protocol

sensors

securing event reception from   A-1

sensor software

updating   7-47

signature updates

notification by e-mail   7-48

signature versions

updating   7-47

Software Center   7-55

source addresses

viewing host names   4-23

SSH

definition of   3-6

starting

Security Monitor   2-3

syslog

changing the port   7-5

default port   7-5

forwarding   7-6

pruning Solaris message file   7-8

specifying settings   7-4

T

TAC (Technical Assistance Center)   xvii

Escalation Center   xviii

website   xvii

technical support   xvi

Cisco.com   xvi

TAC   xvii

Escalation Center   xviii

website   xvii

troubleshooting

securing communication between sensors and Security Monitor   A-1

typographical conventions in this document   x

U

users

viewing list of in Event Viewer   4-32

V

viewing event statistics

from Event Viewer   4-25

W

warnings, significance of   x

wizard elements   2-8