5.4. How to use the procedures
5.4.1. Accessing the GCap and GCenter
To perform the following task |
# |
Carry out the following procedures in succession |
|---|---|---|
First connection to the GCap by a direct connection |
1 |
|
Remote connection to iDRAC via HTTP |
1 |
|
Remote SSH connection in serial port forwarding mode |
1 |
Remote connection to the CLI using SSH via the iDRAC interface in serial port forwarding mode |
Connection to the GCenter via a web browser |
1 |
5.4.2. Configuring the GCap
To perform the following task |
Perform the following procedures in sequence |
|
|---|---|---|
The first installation to GCap |
1 |
|
2 |
||
Keyboard configuration |
1 |
Display: use the command show keymap |
2 |
Modify: use the command set keymap |
|
Configuring the Gcap interface: (GUI or CLI) |
1 |
Display: use the command show setup-mode |
2 |
Modify: use the command set setup-mode |
|
Date and time |
1 |
Display: use the command show datetime |
2 |
Modify: use the procedure Change GCap date and time |
|
Colours in the display |
1 |
Enable or disable: use the command colour |
Compatibility mode with the GCenter |
1 |
Show: use the command show compatibility-mode |
2 |
Modify: use the command set compatibility-mode |
|
Pairing with GCenter |
1 |
Use the procedure Pairing between a GCap and a GCenter |
5.4.3. Managing accounts
To perform the following task |
Perform the following procedures in sequence |
|
|---|---|---|
Authentication: the list of users |
1 |
Display the list: use the command show passwords |
2 |
Change passwords: use the command set passwords |
|
Authentication: modify the SSH keys |
1 |
Use the command set ssh-keys |
Authentication: display the password policy |
1 |
Use the command show password-policy |
Authentication: unlock blocked accounts |
1 |
Use the command system unlock |
Authentication: define a password policy |
1 |
Use the command set password-policy |
Authentication: display the protection policy against brute force attacks |
1 |
Use the command show bruteforce-protection |
Authentication: modify the protection policy against brute force attacks |
1 |
Use the command set bruteforce-protection |
Session: display the duration of inactivity before disconnection |
1 |
Use the command show session-timeout |
Session: modify the duration of inactivity before disconnection |
1 |
Use the command set session-timeout |
5.4.4. Managing networks
To perform the following task |
Perform the following procedures in sequence |
|
|---|---|---|
Managing Tunnel (gcp0) and Management (gcp1) interfaces |
1 |
Use the procedure Managing network settings for Tunnel and Management interfaces |
IP address of the GCenter: display the GCenter IP address |
1 |
Use the command show gcenter-ip |
IP address of the GCenter: modify the GCenter IP address |
1 |
Use the command set gcenter-ip |
Manage the capture interfaces monx |
1 |
Use the procedure Manage monx capture interface settings |
Manage interface aggregation of capture |
1 |
Use the procedure Manage capture interface aggregation |
Switch to the configuration single-interface |
1 |
Use the procedure Flip to single-interface configuration |
Switching to the configuration dual-interface |
1 |
Use the procedure Flip to dual-interface configuration |
5.4.5. Managing the detection engine
To perform the following task |
# |
Carry out the following procedures in succession |
|---|---|---|
Display advanced options |
1 |
Use the command show monitoring-engine |
Apply an advanced configuration |
1 |
Use the command set monitoring-engine |
Start the detection engine |
1 |
Use the command monitoring-engine start |
Stop the detection engine |
1 |
Use the command monitoring-engine stop |
Display the detection engine status |
1 |
Use the command monitoring-engine status |
Traffic generation: replaying a pcap file |
1 |
Use the command replay |
5.4.6. Managing servers
To perform the following task |
# |
Carry out the following procedures in succession |
|---|---|---|
Exit the current session or leave the SSH session |
1 |
Use the command exit |
System: restart the GCap |
1 |
Use the command system restart |
System: shut down the GCap |
1 |
Use the command system shutdown |
5.4.7. Monitoring the GCAP
To perform the following task |
# |
Carry out the following procedures in succession |
|---|---|---|
Monitoring: display the current status of the GCap |
1 |
Use the command show status |
Monitoring: display the statistics of the Sigflow detection engine |
1 |
Use the command show eve-stats |
Monitoring: display statistics and health information |
1 |
Use the command show health |
Monitoring: extract the information from the GCap as requested by technical support |
1 |
Use the command show tech-support |