HP ProCurve Threat Management Solution Implementation Guide 2009-05
3-59
HP ProCurve Network Immunity Manager with a Third-Party IDS/IPS
Step 2: Detect Threats
iii. Click the Events tab in the right pane. This displays the PCM+ event log.
Your event will be in the log (as long as you specified an action of Request SMNP
Trap in the signature definition and set an appropriate risk rating range in the event
action override).
Given the number of events that PCM+ logs, knowing the time the event occurred
on the sensor will help you to locate it. In addition, the Event ID reported in the
sensor’s event log is passed to PCM+ in the SNMP trap. You can find the event
quickly by entering the Event ID (or just the last few digits of it) in the Description
field in the Filters section of the PCM+ event log.
Once you are confident that sensor events are being reported to PCM+, you can
set up a non-ProCurve Security Devices alert in PCM+/NIM’s Policy Manager to
capture the event and a policy to respond to the alert with an action.
Task: Configure a Fortinet FortiGate UTM Device
You can manage a Fortinet FortiGate UTM device either through its command-line interface
(CLI) or through its Web browser interface. This section describes how to configure the UTM
device through the Web browser interface.
Subtask: Set Up the UTM Device and Load the Operating System
This subtask covers the initial setup of the FortiGate UTM device, the installation of current
operating system, and the configuration of the device for operation on your network. (These
instructions were written using the FortiOS version 3.00, build 480.)
Download the Operating System. To download the operating system from the Fortinet
Web site, complete the following steps:
1. Open a Web browser and type www.fortinet.com in the address bar.
2. From the Fortinet home page, click Support.
3. Under Support Login, click the link to access the Login window. Type a user name and
password and click Login. (You may need to register to log in.)
4. In the navigation bar, click Firmware Images.
5. Use the descriptions in the box to determine the latest version of the operating system.
6. Click the FortiGate link to go to the support FTP site and navigate to the operating system
version you want.
7. Download the appropriate files to your computer. Select the variant of the .out file that
matches your hardware. For example, if you have a model 100A UTM device, select the
file with “100A” in its name. You should also download the release notes (in the .pdf file),
and if you want to verify the checksum, you can download the .sum file as well.
Complete the Initial Setup. Before you complete the following steps, your UTM device
should be set to its factory default configuration. If it is not, you can establish a console
connection and use a terminal program such as HyperTerminal or Tera Term to access the UTM
device’s CLI and issue the execute factoryreset command.
To complete the initial setup, complete the following steps:
1. On a management computer, set up a network interface with an IP address of 192.168.1.2
and a subnet mask of 255.255.255.0. This will enable you to communicate with the UTM
device, which has a factory default IP address of 192.168.1.99.