About SCSP Protection using the Managed ModeIn managed mode, an external SCSP server can be used to communicate with andmanage the SCSP agent on the appliance. The external SCSP server can be usedto manage multiple appliances. You can download the SCSP server (data centersecurity server), console, and policies from the NetBackup Appliance Web Console.Managed mode is recommended for use only by security administrators or byexisting SCSP customers who have in-depth knowledge of SCSP.Figure 4-2illustrates the implementation of managed mode:44NetBackup Appliance Intrusion Prevention and Intrusion Detection SystemsAbout SCSP Protection using the Managed Mode
Figure 4-2SCSP implementation in managed modeThe NetBackup Appliance is in managed mode, when it is connected to the SCSP Server, and theevents are monitored using the SCSP management console. Using this mode multiple appliancescan be monitored using a single SCSP Server.Install SCSP Server and Management ConsoleConnect to a SCSP ServerUseMonitor > SCSP Eventspage to:- Download SCSP server and console- Install the server and console- Download the IPS and IDS Policies, and import them intothe SCSP Console.- Connect the NetBackup Appliances with the server- Apply IPS and IDS Policies using the SCSP managementconsole- Monitor events for all the NetBackup appliancesconnected to this server.Use theMonitor > SCSP Events > Connect to SCSP serverto:- Add the SCSP server details.- Download authentication certificate.- Connect to the SCSP Server.SCSP agents are configured with each NetBackup Appliance that are used to send events to the SCSP server.Events from all the appliances are monitoredusing the SCSP Management ConsoleSCSP implementation for NetBackup Appliance - Managed ModeSCSP agentSCSP agentSCSP agentIn managed mode you can:Benefits of using the managed mode■Helps to provide separate tools catering to the Backup Administrators role andthe Security Administrator role.■Provides centralized and secure management of Multiple Appliances using asingle SCSP server and console.■Provides the ability to archive and export logs.■Provides a common console for monitoring, reporting, and setting up alerts.■Extends the NetBackup Appliance IPS and IDS policies on top of SymantecBaseline to meet your data center standards.■Provides links to instantly download SCSP Server and Console from theNetBackup Appliance Web Console.45NetBackup Appliance Intrusion Prevention and Intrusion Detection SystemsAbout SCSP Protection using the Managed Mode
Downloading the SCSP server and console installableThe following procedure describes how to download the SCSP server and consolefrom theSCSP Eventpage.To download the SCSP server and console:1Log in to the NetBackup Appliance Web Console.