Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
102 views4 pages

Scenario: Pravail NSI As A Manager of APS: Description

This document provides instructions for integrating Pravail APS with Pravail NSI for central management. The objectives are to integrate the two systems, monitor APS using NSI, and manage protection levels, modes, blacklists, and whitelists from the central console. Specific steps are outlined to configure the APS for NSI integration, verify the integration, monitor traffic and alerts on NSI, and use NSI to control various protection settings on APS.

Uploaded by

Abdias Vazquez Martinez
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
102 views4 pages

Scenario: Pravail NSI As A Manager of APS: Description

This document provides instructions for integrating Pravail APS with Pravail NSI for central management. The objectives are to integrate the two systems, monitor APS using NSI, and manage protection levels, modes, blacklists, and whitelists from the central console. Specific steps are outlined to configure the APS for NSI integration, verify the integration, monitor traffic and alerts on NSI, and use NSI to control various protection settings on APS.

Uploaded by

Abdias Vazquez Martinez
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

 

Lab 9
Scenario: Pravail NSI as a manager of APS

Overview

Description
In this lab we will integrate Pravail APS with Pravail NSI for central
management and check features available on central management console.

Objectives
After completing this lab, you will be able to do the following:
• Integrate Pravail APS with Pravail NSI;
• Use Pravail NSI for monitoring of Pravail APS;
• Manage protection level and protection mode from central console;
• Manage blacklist and whitelist from central console;

Equipment/Tools
The following equipment is required to complete this lab:
• web browser
When accessing training labs, you will be prompted for Training Portal
Authentication. Use following credentials:
• Login: student54
• Password: 43xXBAJD89

Estimated Completion Time


• The estimated completion time for this lab is 30 minutes.

Student 54 L9-1
Central Management Console Lab 9

Enabling integration with Pravail NSI

Pravail APS configuration

1. Navigate to Administration -> General

2. Configure following settings for Pravail NSI Connection

• Controller: 10.2.25.237

• Shared Secret: nsicm

3. Save configuration and wait for few minutes

Verification

1. Log into Pravail NSI Controller at https://nsi-cm17.training.arbor.net/

Use following credentials:

Login: student54

Password: 43xXBAJD89

2. Navigate to Summary page, scroll down to system information section.


Verify that your Pravail APS device is listed. Wait until Pravail APS
device gets from “Initial synchronization” to “Good” Status.

Pravail APS monitoring from Central Management Console

ATLAS Threat Categories traffic

1. On Pravail NSI Controller, navigate to Dashboard


2. Under APS Traffic, take a look at Inbound Blocked Threats and
Outbound Blocked Threats
3. Choose any threat, and click on “Learn more” item in context menu to
get description of given threat
4. Clock on Blocked Hosts item in context menu of any threat to navigate
to Blocked Hosts page. Note that Search filters are pre-selected for you
5. Click Search button to find offending hosts
6. You can find more historical information about ATLAS threat
categories traffic in Explore->ATLAS Threat Categories page

L9-2 Student 54 Pravail APS 5.6


Lab 9 Central Management Console

Alerts
1. To see alerts from your APS device, navigate to Explore->Alerts
2. Click Filter field and select your APS appliance from the list. See if
there are any historical alerts reported.

Protection Groups
1. To check traffic statistics for protection groups, navigate to Protect-
>Protection Groups
2. Click on protection group corresponding to your web server to see
detailed information about passed, dropped traffic as well as all details
that are available on view protection group page of Pravail APS
3. Click Display All in Traffic Views and use Create PDF button from
the Arbor smart bar to create PDF version of this page.

Using Pravail NSI for protection management of Pravail APS

Protection Level and Protection Mode

1. Click Edit button for your protection group

2. Change Protection Level to Medium, and Protection Mode to


Inactive

3. Log into your Pravail APS device to verify changes. It may take up to a
minute to propagate changed from NSI to managed APS

Blacklists and Whitelists

1. On Pravail NSI Controller navigate to Protect->APS Inbound


Blacklist

2. Type North Korea and click Add to add additional country to blacklist

3. Navigate to Protect->APS Inbound Whitelist

4. Add IP address 168.143.81.49

5. Log into to your Pravail APS device and verify that blacklist and
whitelist were propagated. It may take up to a minute to propagate
changed from NSI to managed APS

Student 54 L9-3
Central Management Console Lab 9

Server type management

1. On Pravail NSI Controller navigate to Protect->Server Types

2. Click on Web Server on APS-LAB54

3. Change ATLAS Confidence Index to 50 for all protection levels and


save changes

4. Log into to your Pravail APS device and verify that changes were
propagated. It may take up to a minute to propagate changed from NSI
to managed APS. Note that Web Server type for your protection group
is now located in Custom Server Types

Protection Group cloud signaling activation

1. On Pravail NSI Controller navigate to Protect->Server Types

2. Click on protection group corresponding to your web server

3. Click All APSes, make sure that only APS-LAB54

is selected and click Apply

4. Note that cloud signaling widget now has Activate button. Click on it.

5. After a minute, navigate to Peakflow SP at


https://sp-cloud.training.arbor.net/ and check that Mitigation was
started

• Login: student54

• Password: 43xXBAJD89

6. Deactivate mitigation request from Pravail NSI console

This completes the lab exercise.

L9-4 Student 54 Pravail APS 5.6

You might also like