DOES LMS 4.1 manages firewall and IPS ?

Please help

Each of those are controlled by different configs. Usernames are only tracked if UTlite is installed on client machines as part of a login script. Host names are tracked by vlan contexting, at least for SNMPv3 anyways. Phone# are tracked if LMS is polling the call manager via SNMP
Sent from Cisco Technical Support iPhone App

Similar Messages

  • Error HTTP Status 500 after installing DS Management Console and IPS Services on BI Enterprise Server

    The following error
    HTTP Status 500 - while trying to invoke the method java.util.Properties.entrySet() of an object loaded from local variable 'globalProperties'
    occurred after installing DS Management Console and IPS Services on BI Enterprise Server
    BI Enterprise Edition 4.1 SP1 and BODS 4.1 SP1

    Hi,
    If you can't see the login screen of the CMC then it's a problem of webapps and not EIM services.
    Try cleaning the Tomcat cache for the BOE webapps and let Tomcat re cache it.  Often it does the job.
    - Stop Tomcat
    - Rename the BOE folder to BOE-OLD in C:\Program Files (x86)\SAP BusinessObjects\tomcat\work\Catalina\localhost\
    - Start Tomcat
    When the Tomcat process in task manager is done working (it can take 10-20 min+) then try again.
    When you're done, you can delete the BOE-OLD folder.
    Let me know!

  • In preferences what does "Override automatic cache management" mean and do?

    I was wondering what "Override automatic cache management" means and does.

    Firefox normally manages the size of it's cache, and can cache more or less information depending on various factors.
    Checking this option allows you to specify the maximum size of the Firefox cache, in MB.
    There isn't usually any need to enable this option.

  • Network Security IIS 7.5 FTP & Managed Firewall

    Hello
    The scenario is that we have an IIS 7.5 Windows 2008 R2 box ("IIS Box"), and on that box we want to configure a single FTP site.
    The FTP site will use the Basic Security option (no Anonymous access)
    The IIS Box sits behind a wholly-independent managed firewall appliance from a leading vendor. We trust the managed firewall and its configuration, and as such, Windows Firewall is completely disabled on the IIS Box. The managed firewall is configured to
    NAT 1-1 from private to public IP addresses.
    Ideally, I would have liked to have configured a policy on the managed firewall to allow all traffic through based on a specific source IP address, since the FTP clients to access the FTP site are well-known to us and we are not giving access to very many
    clients. Unfortunately this is not an option because the clients who are requesting access do not have static IP addresses.
    We also believe that establishing a Site-to-Site VPN and running the FTP within that, is not an option.
    What we are considering having to do, therefore, is to configure the managed firewall to allow FTP protocol through, regardless of the source IP address associated with the connection. i.e. Everyone can establish the connection, and we rely upon the Basic
    FTP security mechanism built in to IIS to protect us.
    I do not think this is ideal but it should be only a short term arrangement and we will ensure that the Physical Directory that can be accessed through the service leaves a reasonably narrow scope in terms of potential attack / abuse
    The question I have before I proceed with this, concerns the need for Passive FTP Data Channel ports.
    Clearly, to make this work, I will have to specify within the IIS settings, which ports to use. Let's say for example that I go for ports 10000-11000.
    Q1. My understanding is that I need to configure the managed firewall to permit INBOUND connections to the IIS box targeting ports 10000-11000, 20, and 21. Is that right?
    Q2. If I do, I then have a situation where my firewall is going to allow all connections through on those ports, and since this firewall is NOT application-aware, it won't care whether they are being used for FTP or anything else. It will simply let ALL
    connections through. At this point, what are the ramifications in terms of how IIS will respond? For example, is IIS FTP smart enough to realise that it should only permit connections that it has already arranged over the Control link (20/21)?
    Q3. If I specify in IIS admin that I want to use 10000-11000 for FTP - is IIS clever enough to PREVENT those ports being used by any other apps on the same IIS box? My concern here is, given that the managed firewall will definitely be letting ANYTHING through,
    what potentially happens if some other app or code starts listening on port 10500?
    I understand that whatever dynamic port range is configured on the server would generally be used for Outbound connections any way (source ports) but Still - I just would like any thoughts on the security ramifications of the configuration I am proposing.
    I don't feel Entirely comfortable yet, that I am not opening up an point of vulnerability.
    I am really looking for technical thoughts on the networking side of this, rather than (for example) general advice about "make sure you have Windows Updates installed" etc.
    thanks

    Hi Robert,
    I suggest you use the passive operational mode to achieve your goal.
    In which mode, the client initiates the data channel connection, then the server responds with the TCP port number to which the client should connect to establish the data channel. We can
    restrict the port range used by the FTP service, and then create a firewall rule that allows FTP traffic on only those allowed port numbers.
    How to Configure Windows Firewall for a Passive Mode FTP Server
    http://technet.microsoft.com/en-us/library/dd421710(v=WS.10).aspx
    Best Regards,
    Amy

  • Difference between MARS LMS and IPS

    I am trying to understand the difference between MARS, LMS and IPS and why you would use one over the other.
    Thank you all.

    MARS is an appliance that aggregates/deduplicates syslog and netflow data from routers,switches,firewalls, and IPS sensors. In addition to Cisco devices it also supports things like Checkpoint Firewalls, Snort IPS, etc.
    LMS (Ciscoworks LMS) is primarily a device configuration and IOS management platform that runs on your own Windows server (not sure if Unix is still supported.) We use it to maintain the configs of hundreds of Cisco routers and switches, easily push out config changes to said devices, and mass-deploy IOS upgrades.
    IPS is sort of like anti-virus "on the wire" - it runs on dedicated IPS sensors, plug-in modules on firewalls or 6500's, and on routers via IOS IPS. Events can be forwarded to MARS for correlation, etc.
    You didn't ask, but CSM (Cisco Security Manager) is the more appropriate tool for mass-configuration and 'group policy' for firewalls and IPS sensors.
    Each product solves a particular problem; you wouldn't choose one over the other since they all work together to provide a cohesive solution. The specifics of your environment (particularly the number and type of devices) would dictate your choices here.

  • Can't add music my iPhone from iTunes.  When I try to drag a song over to my phone, I get the circle w/ the syncing line through it, but it does not update/load.  [Manually manage music and videos] is checked. And, this is the only Mac I have ever used to

    Can't add music my iPhone from iTunes.
    When I try to drag a song over to my phone, I get the circle w/ the syncing line through it, but it does not update/load.
    [Manually manage music and videos] is checked. And, this is the only Mac I have ever used to add music to my phone.
    Also, just updated the phone's software today, and iTunes' software is already up to date.

    Hi Gregg,
    Have you tried resetting the device (nothing will be lost): Hold down the Home and Power buttons at the same time and continue to hold them down until the Apple appears (up to 30 seconds). Once the Home screen redisplays, see if your Music app is behaving normally.
    Cheers,
    GB

  • I am getting an error message that my network connection has timed out. while trying to update my iPhone on iTunes. Has anyone found a solution? I was given some advice about turning off my firewall and/or virus protection but am nervous about doing that.

    I get a message that my network connection has timed out while trying to update my iPhone on iTunes. Has anyone else had that problem and if so what solutions have you found? I was told to turn off my firewall and/or virus protection while updating but am nervous about doing that for obvious reasons. I'm also disgusted with Apple not providing free tech support.

    See this article about the ports that have to be open during the update process. iTunes has to contact Apple during the download. iTunes for Windows: Troubleshooting security software issues

  • Do I need adobe application manager? and what does it do? can i uninstall it on Mac OS X Mavericks?

    Do I need adobe application manager? and what does it do? can i uninstall it on Mac OS X Mavericks?

    The application manager provides activation and online features, so no, unisntalling is not an option or else your Adobe software would go defunct.
    Mylenium

  • My macbook pro with OS 10.6.7 'mail' program does not send my mail through the IPS wireless, I am connected to. The message is my 'e-mail is rejected by the server'. It has been working until 5 days ago. The connection doctor says I am connected and no lo

    My macbook pro with OS 10.6.7 'mail' program does not send my mail through the IPS wireless, I am connected to. The message is my 'e-mail is rejected by the server'. It has been working until 5 days ago. The connection doctor says I am connected and no log in required.
    After trying lots I found now in 'Airport Utility is 'unable to detect any airport wireless devises.....'
    There is no provider to be seen in airport utility and only 'rescan' is an option with no results...
    even so I am connected and can browse the net receive mail etc. and the outgoing 'mail server' is set to the internet provider I am connected to.
    Can you enlighten me what can I do I need to use my e-mail program urgently !!!
    Thanks for your help

    I'm not sure what "IPS wireless" is, but unless you have an Apple Wi-Fi base station (such as a Time Capsule, AirPort Extreme, or AirPort Express), AirPort Utility won't see anything.
    You might try defining a new SMTP server to see if that will work any better.
    By the way, the subject field for these messages isn't intended to hold a lot of text.  Put a short description of your problem in the subject field and save the rest of your message for the body field.

  • Ports and IPs to be open/permitted in firewall to download and work in creative cloud

    What is the complete list of ports and IP addresses to be open/permited in our enterprise firewall in order to let internal PCs download and work with creative cloud applications?

    Our firewall only supports IP configuration (not URL). Do you have IP list?
    From: Rajshree [email protected]
    Sent: miércoles, 06 de noviembre de 2013 17:23
    To: Simon, Mariano
    Subject: Ports and IPs to be open/permitted in firewall to download and work in creative cloud
    Re: Ports and IPs to be open/permitted in firewall to download and work in creative cloud
    created by Rajshree <http://forums.adobe.com/people/Rajshree>  in Adobe Creative Cloud - View the full discussion <http://forums.adobe.com/message/5819892#5819892

  • Unable to receive internet connection over wifi connection.  Shows that I am connected to the network, but do not have internet access.  Checked my firewall and turned it off.  What else am I missing or should be doing differently?

    Unable to receive internet connection over wifi connection.  Shows that I am connected to the network, but do not have internet access.  Checked my firewall and turned it off.  What else am I missing or should be doing differently?

    You might want to try resetting your router and your modem - just unplug the cords, leave them unplugged for about 3-5 minutes and then replug the modem and then the router in that order.
    This may or may not correct your problem - call back if it doesn't.
    Clinton

  • Does the SCCM updates manager use OpenSSL, and is it vulnerable to the Heartbleed bug?

    I'm 99.99% positive I know the answer, but my boss wants to know for SURE. Does the SCCM updates manager use OpenSSL, and is it vulnerable to the Heartbleed bug?
    Thank you for appeasing him.

    I must be misunderstanding something here. Would you please help me understand why this isn't answerable here? How does this have anything to do w/ our TAM? SCCM is SCCM regardless of where we got it, right? I'm quite perplexed, so thank you for
    clearing this up.
    My guess is liability. What if we're wrong? Very few people who frequent these forums are actual Microsoft employees.
    If you want a 'for sure' answer, you're best off contacting Microsoft directly IMHO.
    Don't retire TechNet! -
    (Don't give up yet - 12,830+ strong and growing)

  • Does resetting the system management controller on a MacBook delete any data, like files and pictures

    Does resetting the system management controller on a MacBook delete any data, like files and pictures

    No,.
    You can see the various steps to fix what ails your Mac here
    Step by Step to fix your Mac
    I've labeled which ones can certainly erase your data, they are at the bottom and adequatly warned.

  • HT1535 my iphone is set to "manually manage music and videos" and it still does not allow me to add music from my other computers.

    I have followed the steps in order to manually manage the music on my 3GS iphone. (used the latest version of itunes and my iphone is up to date with iOS5) and it still is not allowing me to add music from another computer.
    when i plug it into the second computer, it is asking me to click "manually manage music and videos" again. when i do that, it says it is going to sync with this new library and erase all music that is already there. i dont want this to happen! i only want to add a few select songs from each library. I have waaayy to much to add and erase every time.
    both of the computers i am using are PCs and have my itunes id for homesharing... please help me!

    Refer to this article
    Using iPhone, iPad, or iPod with multiple computers
    http://support.apple.com/kb/HT1202
    Notes:
    iPod shuffle and iPhone are intended for use with a single computer. You cannot load music from multiple computers or iTunes libraries onto iPod shuffle and iPhone like you can with other devices.

  • IDS and IPS ?

    Hi
    I am using before 4215 IDS in my network.
    My question is what is basic difference IDS and IPS ?. why I am using IPS in place of IDS , what is the key point and benefit ?.
    Thanks
    biplob

    Hi,
    Here are the definitions from IPS 5.1 guide.
    Understanding Promiscuous Mode (IDS)
    In promiscuous mode, packets do not flow through the sensor. The sensor analyzes a copy of the monitored traffic rather than the actual forwarded packet. The advantage of operating in promiscuous mode is that the sensor does not affect the packet flow with the forwarded traffic. The disadvantage of operating in promiscuous mode, however, is the sensor cannot stop malicious traffic from reaching its intended target for certain types of attacks, such as atomic attacks (single-packet attacks). The response actions implemented by promiscuous sensor devices are post-event responses and often require assistance from other networking devices, for example, routers and firewalls, to respond to an attack. While such response actions can prevent some classes of attacks, in atomic attacks the single packet has the chance of reaching the target system before the promiscuous-based sensor can apply an ACL modification on a managed device (such as a firewall, switch, or router).
    Understanding Inline Interface Mode (IPS)
    Operating in inline interface mode puts the IPS directly into the traffic flow and affects packet-forwarding rates making them slower by adding latency. This allows the sensor to stop attacks by dropping malicious traffic before it reaches the intended target, thus providing a protective service. Not only is the inline device processing information on layers 3 and 4, but it is also analyzing the contents and payload of the packets for more sophisticated embedded attacks (layers 3 to 7). This deeper analysis lets the system identify and stop and/or block attacks that would normally pass through a traditional firewall device.
    In inline interface mode, a packet comes in through the first interface of the pair on the sensor and out the second interface of the pair. The packet is sent to the second interface of the pair unless that packet is being denied or modified by a signature.
    http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/products_configuration_guide_chapter09186a008055df7d.html#wp1033759
    Hope this helps.
    Edward

Maybe you are looking for