Symantec 10521146 Administration Guide - Page 285
Integrating with Symantec Decoy Server, Start, Decoy Console, Intrusion Detection
UPC - 037648268134
View all Symantec 10521146 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 285 highlights
Advanced configuration 285 Integrating third-party events The passphrase must be 8 to 64 characters long, inclusive. See the Symantec Network Security Installation Guide for further integration details. EDP Port Number indicates the port through which Symantec Network Security and Smart Agents communicate. Symantec Network Security listens for Event Dispatch Protocol (EDP) events through this port. The default value is set to 1333. If you edit this parameter, use a valid, unused TCP port between 1025 and 65535. Avoid using the QSP port number, or TCP port numbers 1080, 6665-6669, 7000, because software and appliance nodes monitor and analyze traffic on these ports. Note: Restart Symantec Network Security for changes to this parameter to take effect. Caution: Do not use the QSP port for EDP communication. Integrating with Symantec Decoy Server Now you can launch and log into the Symantec Decoy Server console by simply right-clicking any external sensor object in the topology tree and selecting Start Decoy Console. Note that the Symantec Decoy Server console remains open, even if you close the Network Security console. This section includes the following: ■ Integrating with Symantec Decoy Server ■ Launching from a new location ■ Launching from a known location Integrating with Symantec Decoy Server Symantec Network Security can be configured to receive events from ManTrap 2.1 and later, and Symantec Decoy Server 3.1, as well as from other third-party security sensors. Symantec Network Security can be configured to aggregate and correlate those events with all other events that Symantec Network Security detects. Other third-party sensors require separate Smart Agent software. To configure Symantec Decoy Server for integration with Symantec Network Security, or to purchase Smart Agent software, see the following web site: http://www.symantec.com/techsupp/enterprise/select_product_manuals.html, and click Intrusion Detection > Symantec Decoy Server.