Enterasys NMS-ADV-50 ユーザーズマニュアル
NAC management software provides secure, policy-based NAC
management. From one, centralized location IT staff can configure and
control the NAC solution, simplifying deployment and on-going
administration. The Enterasys NAC IP-to-ID Mapping capability binds
together the username, IP address and MAC address, and physical port of
each endpoint. NetSight reports this important information for audit or
forensics analysis.
NAC management provides additional value through its integration
with other NetSight capabilities and Enterasys security products. For
example, NAC management with policy management enable
“one click”
enforcement of role-based policies. IP-to-ID Mapping is also used by
ASM for location-independent distributed intrusion prevention and by
Enterasys Security Information & Event Manager (SIEM) to pinpoint the
source of the threat.
ASM for location-independent distributed intrusion prevention and by
Enterasys Security Information & Event Manager (SIEM) to pinpoint the
source of the threat.
Inventory Management
NetSight inventory management efficiently documents and updates
the details of the ever-changing network. It simplifies the deployment
and management of Enterasys devices and supports basic configuration
and firmware device management functions for popular third party
devices. IT staff can easily perform a broad list of tasks including device
administration on configuration files, schedule firmware updates, archive
configuration data, or restore one or multiple devices to a known good
state. Script-based configuration allows custom configuration scripts to be
pushed to a set of devices. NetSight identifies unused ports and chassis
slots and tracks moves, adds, and changes for Field Replaceable Units.
Inventory management also tracks configuration changes for Enterasys
the details of the ever-changing network. It simplifies the deployment
and management of Enterasys devices and supports basic configuration
and firmware device management functions for popular third party
devices. IT staff can easily perform a broad list of tasks including device
administration on configuration files, schedule firmware updates, archive
configuration data, or restore one or multiple devices to a known good
state. Script-based configuration allows custom configuration scripts to be
pushed to a set of devices. NetSight identifies unused ports and chassis
slots and tracks moves, adds, and changes for Field Replaceable Units.
Inventory management also tracks configuration changes for Enterasys
devices made by NetSight, third-party management applications, or the
command line interface.
command line interface.
Automated Security Management
Automated Security Management is a unique threat response solution
that translates security intelligence into security enforcement. It
interoperates with the Enterasys Intrusion Prevention System (IPS) and
third-party network security appliances to automate responses to security
incidents, remediating threats in real-time. It ensures that corporate data
is protected, secure, and available.
ASM executes policy-based rules, and when triggered, maps IP addresses
to ports and takes assigned actions. The range of possible response
actions is broad and configurable, including quarantining the user,
disconnecting a wired or wireless client, or rate-limiting the traffic flow.
Taking the action does not disrupt other users.
Combined with policy management functions and IPS, ASM
provides sophisticated identification and management of threats and
vulnerabilities. For example, when notified by the IPS, ASM can
determine the exact source location of a threat, determine a response
based on the security policy, and trigger the configured action on the
network switch, access point or wireless controller.
that translates security intelligence into security enforcement. It
interoperates with the Enterasys Intrusion Prevention System (IPS) and
third-party network security appliances to automate responses to security
incidents, remediating threats in real-time. It ensures that corporate data
is protected, secure, and available.
ASM executes policy-based rules, and when triggered, maps IP addresses
to ports and takes assigned actions. The range of possible response
actions is broad and configurable, including quarantining the user,
disconnecting a wired or wireless client, or rate-limiting the traffic flow.
Taking the action does not disrupt other users.
Combined with policy management functions and IPS, ASM
provides sophisticated identification and management of threats and
vulnerabilities. For example, when notified by the IPS, ASM can
determine the exact source location of a threat, determine a response
based on the security policy, and trigger the configured action on the
network switch, access point or wireless controller.
Mobile Management
NetSight mobile management extends OneView optimizing network
management and help desk troubleshooting with anywhere, anytime
access to critical information using popular mobile devices such as
iPad®, iPhone® and
management and help desk troubleshooting with anywhere, anytime
access to critical information using popular mobile devices such as
iPad®, iPhone® and
Android™ devices. Capabilities include: Network
Access Control (NAC) end-system view, system location and tracking,
wireless dashboards; detailed views of controllers and APs; event logs,
and wireless client search.
wireless dashboards; detailed views of controllers and APs; event logs,
and wireless client search.
OneFabric Connect/SDN
The Enterasys OneFabric Connect API provides a simple, open,
programmable and centrally managed way to implement Software
Defined Networking (SDN) for any network. With OneFabric Connect,
business aplications can be directly controlled from the OneFabric
Control Center Advanced managed via NetSight. The result is a
complete SDN solution. More information is available in the OneFabric
Connect API
NetSight Features
IPv6
Enterasys NetSight supports IPv6 management for IPv6 capable devices.
Device Discovery
The discovery process locates network attached devices, stores
attributes for these devices, and reports device status. Devices may be
discovered automatically by specifying an IP address range or via both
standard and
Enterasys NetSight supports IPv6 management for IPv6 capable devices.
Device Discovery
The discovery process locates network attached devices, stores
attributes for these devices, and reports device status. Devices may be
discovered automatically by specifying an IP address range or via both
standard and
multiple vendors’ proprietary discovery protocols. Devices
may also be added manually or imported into the NetSight database
using a device list file.
Network Topology Maps
A topology map is an automatically generated visual representation of
network connectivity. Topology maps, encompassing integrated wired
and wireless networks, provide network administrators with in-depth
graphical views of device groupings, device links, VLANs, and Spanning
Tree status. Color codes are used to indicate device status and SNMP/
SNMPv3 or information traps are easily generated.
FlexViews and Graphing
Incorporating both wired and wireless systems, FlexViews are Console
tools that allow network support staff to view a broad range of network
configuration parameters in graphical format
using a device list file.
Network Topology Maps
A topology map is an automatically generated visual representation of
network connectivity. Topology maps, encompassing integrated wired
and wireless networks, provide network administrators with in-depth
graphical views of device groupings, device links, VLANs, and Spanning
Tree status. Color codes are used to indicate device status and SNMP/
SNMPv3 or information traps are easily generated.
FlexViews and Graphing
Incorporating both wired and wireless systems, FlexViews are Console
tools that allow network support staff to view a broad range of network
configuration parameters in graphical format
—including tables, bar
graphs, line graphs, and pie charts. FlexView data is searchable and
sortable. For example, an administrator can use a FlexView to quickly
determine the top instances of ports with sustained load over 30% across
all networked devices.
Console ships with pre-defined FlexViews that depict status and
configuration information for the entire network. An administrator can
easily modify and apply filters to these pre-defined FlexViews, or create
additional ones. FlexView data may also be exported in CSV, XML, and
HTML formats.
RealCapture
RealCapture allows the on-demand, real time collection of over-the-
air traffic for troubleshooting and problem resolution. It gives IT
administrators visibility into the RF environment for quicker problem
resolution.
Basic Policy Management
Basic Policy Management allows users to view and configure port default
policy for network attached devices. Use Basic Policy Management to
view information about each port login session, including authentication
type and authenticated user role.
sortable. For example, an administrator can use a FlexView to quickly
determine the top instances of ports with sustained load over 30% across
all networked devices.
Console ships with pre-defined FlexViews that depict status and
configuration information for the entire network. An administrator can
easily modify and apply filters to these pre-defined FlexViews, or create
additional ones. FlexView data may also be exported in CSV, XML, and
HTML formats.
RealCapture
RealCapture allows the on-demand, real time collection of over-the-
air traffic for troubleshooting and problem resolution. It gives IT
administrators visibility into the RF environment for quicker problem
resolution.
Basic Policy Management
Basic Policy Management allows users to view and configure port default
policy for network attached devices. Use Basic Policy Management to
view information about each port login session, including authentication
type and authenticated user role.
Page 3