An XGS Administrator uses XGS to perform basic network security protection and is responsible for device administration and basic security policy management. The administrator must understand the concepts of IBM X-Force Protocol Analysis Module (PAM) and how to use it for security event analysis. It is important that an XGS Administrator have a working knowledge of SiteProtector.
These courses introduce you to basic XGS concepts.
These courses deal with administering and maintaining the XGS appliance.
Security Policy Management
These courses teach how to configure the XGS appliance to provide network protection.
These courses teach you how to perform basic troubleshooting tasks in your XGS environment.
In this course, you will learn how to use the appliance's home dashboard
to quickly view the most important events, the different types of
events the appliance can detect and how to monitor them, and the
advantages of using flow data graphs to conduct network usage
The XGS appliance is IBM's next generation Intrusion Prevention Systems (IPS). The appliance can monitor user activity on the network and block certain users and groups for accessing and using certain network applications and resources. This video series explains how to implement this functionality and how to track and block user activity on the network.
In this video series, you learn about the XGS Network Access Policy, Intrusion Prevention Policy, and IPS Event Filter Policy. Using the SiteProtector management system, you learn how to configure the policies, how the policies work together, and how they provide different levels of protection.
This video demonstrates the API used to send the web services calls that generate the Advanced Threat Protection (ATP) type of security event alerts. This video is part of the XGS Advanced Topics course (IS680). It represents exercise five in Unit 06.
SNORT is open-source based software for Intrusion Prevention Systems (IPS) devices. Using the SNORT syntax, users can write the rules for IPS, or borrow, download, and buy already written SNORT rules on the market. If you want to write and implement your own set of rules, use the Open Signature policy to write and import rules written in SNORT syntax. This video walks you through the Open Signature policy.
The Secure Sockets Layer (SSL) protocol provides an encrypted tunnel for applications. The IBM XGS appliance decrypts traffic going from a user-controlled network to the Internet (outbound SSL connection) differently from the traffic coming in from
the Internet into a user-controlled network (inbound SSL connection). This course explains how the IBM XGS uses the TLS/SSL protocol when traffic is encrypted to enforce network access rules and perform deep packet inspection. This course includes three
This video shows how to configure the IBM Security Network Protection for VMWare when installing the virtual appliance for the first time, using the command-line interface (CLI). The configurations steps are:
- Logging in
- Accepting the IBM Software License Agreement
- Enabling FIPS mode
- Changing passwords
- Configuring the host
- Configuring management interfaces
- Configuring DNS information
- Reviewing the configuration
SiteProtector is the management platform used to enforce centralized policy management and event analysis from multiple XGS appliances. When SiteProtector takes control of the XGS, many of the administrative tasks can be done only thought the SiteProtector interface.
In this video series, you learn how to register the XGS appliance in SiteProtector, push the licenses, and merge XGS local polices with the default polices in SiteProtector.
This XGS video demonstrates how to control user access to the network resources.
This XGS demonstration focuses on policy configuration.
This XGS video demonstrates how XGS can monitor and control network usage.
This XGS demonstration of XGS product focuses on key IPS features.
This XGS demonstration focuses on blocking access to certain network applications and resources that can expose company information.
This XGS demonstration focuses on blocking URLs.
The XGS demonstration focuses on the key IPS features.
The XGS demonstration focuses on blocking URLs.
This video demonstrates Using the API in IBM Security Network Protection
This XGS demonstration focuses on Web Application policies.
This video provides you with a high-level overview of the hardware components of the IBM Security Network Protection (or XGS) appliance, also referred to as ISNP.
This video provides you with a high-level overview of the network architecture for the IBM Security Network Protection (or XGS) appliance, also referred to as ISNP, in which you’ll learn different considerations when placing the appliance on your network.
The XGS appliance is IBM's next generation Intrusion Prevention Systems (IPS). One of the XGS features is a light version of Data Leakage Protection (DLP) that can help in overall DLP design and architecture. The key characteristic of a DLP implementation in XGS is Content Analyzer Module (CAM). The CAM module can detect certain patterns of Personal Identifiable Information (PII) over limited number of network protocols and file formats. The video shows an example of a CAM implementation.
This course gives you an overview of the IBM Security Network Protection, or XGS appliance. You will learn what a next-generation IPS is, what are its main features and how to deploy it in your network. You also learn the main hardware components the different XGS appliance models can offer.
This video series demonstrates the completion of lab exercises that were offered at InterConnect 2016. You will learn all the differences that XGS for VMWare has with its physical appliance version: its limitations, the scenarios in which it is best suited, and how to configure it to work properly.
This video shows, with examples, the configuration of different functionalities on the IBM Secuirty Intrusion Prevention System (or GX appliance) and how these configurations are performed in the IBM Network Protection (or XGS appliance); thus reducing the learning process when transitioning from the GX to the XGS technology
Protocol Analysis Module (PAM) provides deep packet inspection and blocks malicious network traffic based on the signatures provided by IBM X-Force. In this course, you learn the key principles behind how PAM works.
This video explains how the IBM XGS product enhances the protection of enterprise networks by leveraging research information from IBM X-Force about IP reputation and geolocation. In part, the demonstration shows how those features can be demonstrated in lab setups that use private IP addresses.
- Introduction to the XGS command line interface (CLI)
This video introduces the CLI, what it is used for, explains the modes and commands, and an overview of the global commands.
- XGS CLI modes Part I
This video describes and demonstrates how to use the following CLI modes:
- XGS CLI modes Part II
This video describes and demonstrates how to use the following CLI modes:
This video shows how to leverage the analysis mode in the XGS CLI to troubleshoot the appliance using a few commands. It includes how to set the debug levels, how to use filters and how to disable Deep Packet Inspection.
This video describes the usage of four logs from the XGS CLI to troubleshoot the XGS appliance: System, Webserver, Updates, and Analysis. It includes a description of three methods to examine these log files: Tail, Less, and Grep.
This video describes how to use capture packets from the XGS CLI that can be used to perform advanced research and troubleshoot the XGS appliance. It shows how to capture logs on both the management and protection interfaces.
Note: The videos in this series will display in their own windows to provide a better viewing experience. You might have to disable the pop-up blocker in your browser if prompted to do so.
This course explains how to use IBM X-Force Exchange to research signatures and vulnerabilities.
This presentation talks about the features released in the latest version of XGS firmware delivered through 2016 and beginning of 2017. The session will cover the latest features such as hardware updates, stacking, integration with QRadar, QFlow enhancements, syslog over TLS and so on.
In this video, you see how you can stack two IBM QRadar Network Security
XGS 7100 appliances to significantly increase the amount of throughput
traffic you are able to inspect for threats.
The video provides an overview of the XGS dashboard.