About SCSP Protection using the Managed Mode
In managed mode, an external SCSP server can be used to communicate with and
manage the SCSP agent on the appliance. The external SCSP server can be used
to manage multiple appliances. You can download the SCSP server (data center
security server), console, and policies from the NetBackup Appliance Web Console.
Managed mode is recommended for use only by security administrators or by
existing SCSP customers who have in-depth knowledge of SCSP.
Figure 4-2
illustrates the implementation of managed mode:
44
NetBackup Appliance Intrusion Prevention and Intrusion Detection Systems
About SCSP Protection using the Managed Mode
Figure 4-2
SCSP implementation in managed mode
The NetBackup Appliance is in managed mode, when it is connected to the SCSP Server, and the
events are monitored using the SCSP management console. Using this mode multiple appliances
can be monitored using a single SCSP Server.
Install SCSP Server and Management Console
Connect to a SCSP Server
Use
Monitor > SCSP Events
page to:
- Download SCSP server and console
- Install the server and console
- Download the IPS and IDS Policies, and import them into
the SCSP Console.
- Connect the NetBackup Appliances with the server
- Apply IPS and IDS Policies using the SCSP management
console
- Monitor events for all the NetBackup appliances
connected to this server.
Use the
Monitor > SCSP Events > Connect to SCSP server
to:
- Add the SCSP server details.
- Download authentication certificate.
- Connect to the SCSP Server.
SCSP agents are configured with each NetBackup Appliance that are used to send events to the SCSP server.
Events from all the appliances are monitored
using the SCSP Management Console
SCSP implementation for NetBackup Appliance - Managed Mode
SCSP agent
SCSP agent
SCSP agent
In managed mode you can:
Benefits of using the managed mode
■
Helps to provide separate tools catering to the Backup Administrators role and
the Security Administrator role.
■
Provides centralized and secure management of Multiple Appliances using a
single SCSP server and console.
■
Provides the ability to archive and export logs.
■
Provides a common console for monitoring, reporting, and setting up alerts.
■
Extends the NetBackup Appliance IPS and IDS policies on top of Symantec
Baseline to meet your data center standards.
■
Provides links to instantly download SCSP Server and Console from the
NetBackup Appliance Web Console.
45
NetBackup Appliance Intrusion Prevention and Intrusion Detection Systems
About SCSP Protection using the Managed Mode
Downloading the SCSP server and console installable
The following procedure describes how to download the SCSP server and console
from the
SCSP Event
page.
To download the SCSP server and console:
1
Log in to the NetBackup Appliance Web Console.
