Reference Guide - Skybox Security, Inc.

2y ago
99 Views
8 Downloads
3.89 MB
482 Pages
Last View : 9d ago
Last Download : 9d ago
Upload by : Kaden Thurman
Transcription

SkyboxReference Guide10.1.300Revision: 11

Proprietary and Confidential to Skybox Security. 2020 Skybox Security,Inc. All rights reserved.Due to continued product development, the information contained in thisdocument may change without notice. The information and intellectual propertycontained herein are confidential and remain the exclusive intellectual property ofSkybox Security. If you find any problems in the documentation, please reportthem to us in writing. Skybox Security does not warrant that this document iserror-free.No part of this publication may be reproduced, stored in a retrieval system, ortransmitted in any form or by any means—electronic, mechanical, photocopying,recording, or otherwise—without the prior written permission of Skybox Security.Skybox , Skybox Security, Skybox Firewall Assurance, Skybox NetworkAssurance, Skybox Vulnerability Control, Skybox Threat Manager, SkyboxChange Manager, Skybox Appliance 5500/6000/7000/8000/8050, and theSkybox Security logo are either registered trademarks or trademarks of SkyboxSecurity, Inc., in the United States and/or other countries. All other trademarksare the property of their respective owners.Contact informationContact Skybox using the form on our website or by emailinginfo@skyboxsecurity.comCustomers and partners can contact Skybox technical support via the SkyboxSupport portal

ContentsIntended Audience . 9How this manual is organized . 9Related documentation . 9Technical support . 10Part I: Tasks . 11Managing tasks . 12Requirements. 12User roles and tasks . 13Working with tasks . 14Task properties . 18Task messages . 20Device access management . 20Using CyberArk for device password management . 22Quick reference for data collection . e:reference:reference:reference:reference:Firewall configuration collection . 25Firewall traffic log and audit log collection . 30Proxies, VPN devices, and IPS devices. 31Load balancers . 32Routers, switches, and controllers . 33Scanners and operational technology . 36File import tasks . 39Import directory tasks . 39Data formats for file import tasks . 44Basic file import tasks . 47Advanced file import tasks . 49Collector file import tasks . 51Advanced Collector file import tasks . 52Generic CSV file import tasks . 53Juniper SA files import tasks . 58Script invocation tasks . 58Importing interface and routing configuration. 60Firewall configuration tasks . 62Blue Coat proxy . 63Check Point FireWall-1 firewall . 66Check Point Provider-1 Domain Server . 79Check Point Gaia firewall . 89Check Point Security Management . 91Cisco Firepower Management Center . 98Cisco PIX/ASA/FWSM firewall . 99Cisco Security Manager . 105Skybox version 10.1.3003

Skybox Reference GuideDell SonicWALL firewall . 107DioNIS firewall . 108DPtech firewall . 109Forcepoint NGFW appliance . 111Fortinet FortiGate firewall . 112Fortinet FortiManager Security Management appliance . 116Genband firewall . 120Huawei Eudemon firewall . 122Juniper Networks Junos firewall . 123Juniper Networks Junos Space Network Management Platform . 127Juniper Networks NetScreen firewall . 129Juniper Networks Network and Security Manager. 131Linux iptables firewall. 133McAfee Enterprise (Sidewinder) firewall . 134Microsoft Azure firewall . 136Palo Alto Networks firewall . 138Palo Alto Networks Panorama . 144Sidewinder G2 (McAfee Enterprise) firewall . 146Sophos Unified Threat Management firewalls. 148VMware vShield Edge firewall . 149Zscaler Cloud Security Platforms . 149Firewalls implemented in software . 151Firewall rule usage analysis tasks . 154Syslog traffic events . 154Check Point FireWall-1 activity log data (LEA collection) . 163Examples of syslog records for rule usage analysis . 167Firewall change tracking tasks . 170Importing syslog change tracking events . 170Check Point FireWall-1 change events (audit log data) . 175Examples of syslog records for change tracking . 177Router, switch, and wireless controller tasks. 178Alcatel-Lucent router. 178Arista Networks router . 180Aruba Networks wireless controller . 182Avaya router . 183Avaya ERS routing switch . 185Brocade VDX router . 187Cisco IOS router . 189Cisco Nexus router. 195Cisco Wireless LAN Controller . 199Dionis NX router . 201Enterasys router . 202Extreme Networks router . 204Juniper Networks MX router . 206HP ProCurve router . 206Huawei router . 208H3C router. 211Nortel Passport 8600 router . 212Vyatta router . 214Skybox version 10.1.3004

ContentsScanner tasks . 216Guidelines for setting up scanner tasks . 216BeyondTrust Retina scanner. 217McAfee Vulnerability Manager (Foundstone) scanner . 218IBM Security AppScan . 220IBM Security SiteProtector System. 221Qualys QualysGuard scanner. 222Rapid7 Nexpose scanner. 226Tenable Network Security Nessus scanner . 228Tenable Network Security Tenable.io . 230Tenable Network Security Tenable.sc . 231Tripwire IP360 scanner. 233WhiteHat Sentinel scanner . 235Blacklists . 236Cloud and virtualization tasks . 239Amazon Web Services . 239Cisco ACI . 242Microsoft Azure Cloud Services . 243VMware NSX and vSphere . 246VMware NSX-T Data Center . 248Management systems tasks . 250BMC BladeLogic Network Automation . 250Forescout . 252HPE Network Automation . 253IBM BigFix . 255IBM z/OS . 256Infoblox NetMRI . 256McAfee ePolicy Orchestrator . 258Microsoft SCCM . 259Microsoft WSUS . 262Red Hat Satellite . 263SolarWinds NCM . 264Symantec Altiris . 266Trend Micro Deep Security . 267Twistlock . 268Microsoft Active Directory . 269CiscoWorks . 270HP Software & Solutions (OpenView) . 270Portnox Platform . 271Symantec Endpoint Management . 271Operational technology tasks . 272Claroty operational technology . 272CyberX operational technology . 273Indegy operational technology . 274SecurityMatters operational technology . 275Load balancer tasks . 277A10 Networks load balancer . 277Brocade ADX load balancer . 280Skybox version 10.1.3005

Skybox Reference GuideCisco ACE load balancer . 281Cisco CSS load balancer . 283Citrix NetScaler load balancer . 285F5 BIG-IP load balancer. 287Pulse Secure vTM load balancer . 291Radware Alteon load balancer . 292Radware AppDirector load balancer . 294Radware WSD load balancer . 296IPS tasks . 299Trend Micro TippingPoint IPS devices . 299McAfee IPS devices . 302IBM Proventia G appliances . 303Alerts services tasks . 305Symantec DeepSight alert services . 305VeriSign iDefense alert services . 306Analysis tasks . 308Change tracking tasks . 308Exposure (attack simulation) tasks . 309False positive reduction tasks . 310Policy compliance tasks . 311Rule recertification tasks . 312Security Metrics calculation tasks . 313Rule optimization status tasks . 313Vulnerability detection tasks: Patch data . 314Vulnerability detection tasks: Device configuration. 315Model maintenance tasks . 318Model completion and validation tasks. 318Copy model tasks . 322Model integrity tasks . 322Delete outdated entities tasks . 322Back up model and settings tasks . 324Skybox Server software update tasks . 324Collector software update tasks . 325Dictionary update tasks . 325Export tasks . 326Report generation tasks . 326Ticket creation tasks . 327CSV access rule review export tasks . 327CSV analysis export tasks . 329CSV change tracking export tasks . 330CSV compliance results export tasks . 331CSV Configuration Compliance export tasks . 332CSV exception export tasks. 334CSV Firewall Assurance export tasks . 335CSV Network Assurance export tasks . 337CSV optimization and cleanup export tasks . 338Skybox version 10.1.3006

ContentsCSV security metrics export tasks . 340Elasticsearch index export tasks . 341Splunk export tasks . 341Qualys format XML vulnerability occurrences export tasks . 342Part II: Tickets, reports, and notifications . 343Analyses . 344Skybox analyses . 344Customizing the display of an analysis . 344Types of analyses . 345Tickets reference . 351Tickets . 351Policies . 357Reports reference.

Skybox Reference Guide is the reference companion to the Skybox Firewall Assurance User Guide, the Skybox Network Assurance User Guide, the Skybox Vulnerability Control User Guide, the Skybox Threat Manager User Guide, and the Skybox Change Manager User Guide. The intended audience is reader

Related Documents:

workflow Dashboards and reporting Same-Day Identification Highlight Assets at Risk Focus on Areas of . –Threat Manager –per asset imported into Skybox Skybox licensing. 33 . Flexera Secunia IBM

Skybox Appliance Administration using the following URL ( Appliance IP address is the IP address of the Appliance (from DHCP or configured in Initial network IP address (on page 14))): https:// Appliance IP address :444 2 The default user name is

STRUCTURAL FRAME DESIGN The skybox frames take up four lev els. Each frame comprises two columns with rigid connections at the foundations and in the next three lev els. The primary beams, which carry the main grandstand in a sloping axis, are hinge-connected to the skybox frames and footings at both ends and between each other.

Comprehensive instructions for installation and migration, including general system and installation information and detailed procedures › Topics of interest to system administrators, including user management, product security, and ticket setup and configuration The intended audience of the Installation and Administration Guide is: ›

No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means—electronic, mechanical, photocopying,

dunkin-lewis, inc. horton archery llc 536 dunkin-lewis, inc. lucky craft, inc. 1336 dunkin-lewis, inc. plano inc. fall line 525 dunkin-lewis, inc. plano molding company 1342 dunkin-lewis, inc. tour star products llc 1340 dunkin-lewis, inc. windham weaponry 126 dunkin-lewis, inc. umarex usa 539 dunkin-lewis, inc. walther 130 dunkin-lewis, inc .

RingCentral Inc 27% 4.4 Pinterest Inc 24% 4.1 Zillow Group Inc 23% 6.5 NVIDIA Corp 23% 9.4 Teladoc Health Inc 22% 8.3 Uber Technologies Inc 21% 5.1 ServiceNow Inc 21% 15.9 Meta Platforms Inc 19% 4.1 Intuitive Surgical Inc 17% 14.2 Illumina Inc 17% 8.6 Alphabet Inc 16% 6.6 Microsoft Corp 16% 11.9 Amazon.com Inc 15% 7.0 Charles Schwab Corp/The 14 .

1003 / 83 1496 / 99 31 / 6 44 / 7 64 / 8 100 / 10 147 / 13 201 / 16 290 / 20 10 20 20 30 40--SYNAC 32 SYNAC 46 SYNAC 68 SYNAC 100 SYNAC 150 SYNAC 220 SYNAC 320 L0932-L0933-L0934-L0935-L0936-L0937-L0938-*Synac Series Fluids are available in Pails & Drums. See page 15 for more information and package part number suffix. LUBRIPLATE PRODUCT SAE NO. VIS. INDEX FLASH POINT FIRE POINT POUR POINT VIS .