Administration Area

The system information panel lists configuration and system information for the local sensor. As you can see in Figure 25-30, the system information report includes the following information:

Figure 25-30: System information report

• Sensor Version

• Host Name

• Organization Name

• Organization ID

• PostOffice Port

• Web Server Port

• CIDS Daemon Status

• CIDS Connection Status

• CIDS Version

• IP Address

• Netmask

• Default Route

• MAC Address

• Hardware

• Operating System

• CPU Usage

• Memory Usage

• CIDS Logging Disk Usage

• TAC Link

The update configuration panel can be used to update the software installed on the sensor. Updates can be initiated manually or they can be scheduled, as shown in Figure 25-31. When performing an update or configuring an automatic update, you must specify the FTP server address, directory, user name, and password.

Figure 25-31: Scheduled updates

Manual Blocking (Administration | Manual Blocking)

Manual blocking can be initiated from the Administration Area. You can specify the IP address or the network address you want to block and the amount of time the address(s) should remain blocked, as shown in Figure 25-32.

Figure 25-32: Manual blocking configuration panel

Diagnostics (Administration | Diagnostics)

The diagnostics Sub-Area can be used to run a new diagnostics test or to view the report generated when the last diagnostics report was generated.

• Informational Categorizes the event as informational in nature and not a risk to security. These events are shown with a blue icon in the IDS Event Viewer.

• Low Categorized the event as mildly severe. These events are displayed with a yellow icon in the IDS Event Viewer.

• Medium Categorizes the event as a moderate risk. These events are displayed with an orange icon in the IDS Event Viewer.

• High risk. High-risk events are displayed with a red icon in the IDS Event Viewer.