eWEEK Labs Walk-Through: ConSentry Networks LANShield Controller CS2400

 
 
By eweek  |  Posted 2012-05-28
 
 
 

eWEEK Labs Walk-Through: ConSentry Networks LANShield Controller CS2400

We configured LANShield to probe our Active Directory server to assign users to roles. Roles contain policy rules that govern which users are allowed to use the network.

eWEEK Labs Walk-Through: ConSentry Networks LANShield Controller CS2400

eWEEK Labs Walk-Through: ConSentry Networks LANShield Controller CS2400 - EPV System Policy

We could see current EPV (endpoint validation) system bypass rules from the ConSentry InSight Command Center (a separate ConSentry tool), but we configured EPV rules in a command line.

eWEEK Labs Walk-Through: ConSentry Networks LANShield Controller CS2400 - EPV System Policy

eWEEK Labs Walk-Through: ConSentry Networks LANShield Controller CS2400 - Dashboard

After we configured our LANShield Controller, we monitored authentication failures and policy violations using the ConSentry InSight Command Center dashboard. We could drill down into specific alerts to get more granular information about specific

eWEEK Labs Walk-Through: ConSentry Networks LANShield Controller CS2400 - Dashboard

eWEEK Labs Walk-Through: ConSentry Networks LANShield Controller CS2400 - All users on the network

The ConSentry InSight Command Center shows which users are being tracked by the ConSentry LANShield Controller. Here we see detailed information about the end user currently logged on as an administrator.

eWEEK Labs Walk-Through: ConSentry Networks LANShield Controller CS2400 - All users on the network

eWEEK Labs Walk-Through: ConSentry Networks LANShield Controller CS2400 - LANShield integration

Up to 26 LANShield Controller devices can be controlled with a single ConSentry InSight Command Center. The InSight Command Center is available as software-only or as a hardware appliance. (We tested with the appliance, which is a 1U server running W

eWEEK Labs Walk-Through: ConSentry Networks LANShield Controller CS2400 - LANShield integration

eWEEK Labs Walk-Through: ConSentry Networks LANShield Controller CS2400 - Top 10 applications

The ConSentry LANShield Controller also functions as an in-depth packet analyzer and provides reports on network utilization.

eWEEK Labs Walk-Through: ConSentry Networks LANShield Controller CS2400 - Top 10 applications

eWEEK Labs Walk-Through: ConSentry Networks LANShield Controller CS2400 - Application instances

ConSentry LANShield Controller, again acting as an in-depth packet analyzer, tracks instances of applications.

eWEEK Labs Walk-Through: ConSentry Networks LANShield Controller CS2400 - Application instances

eWEEK Labs Walk-Through: ConSentry Networks LANShield Controller CS2400 - Malware incidents

We used Nessus to scan for weaknesses in our test network, setting off malware alerts from ConSentry LANShield Controller that showed up in the ConSentry InSight Command Center monitor.

eWEEK Labs Walk-Through: ConSentry Networks LANShield Controller CS2400 - Malware incidents

eWEEK Labs Walk-Through: ConSentry Networks LANShield Controller CS2400 - Telnet to the ConSentry LANShield Controller

We connected to the ConSentry LANShield Controller to perform many configuration operations.

eWEEK Labs Walk-Through: ConSentry Networks LANShield Controller CS2400 - Telnet to the ConSentry LANShield Controller

eWEEK Labs Walk-Through: ConSentry Networks LANShield Controller CS2400 - End Point Validation

EPV ships turned off by default. It was simple to turn it on (epv enable) but difficult to figure out that we needed to enable EPV at the command line. Professional services may be required to get ConSentry LANShield Controller fully

eWEEK Labs Walk-Through: ConSentry Networks LANShield Controller CS2400 - End Point Validation

eWEEK Labs Walk-Through: ConSentry Networks LANShield Controller CS2400 - Show aaa users

We learned early on to check actual user stats by going to the command line and typing show aaa users.

eWEEK Labs Walk-Through: ConSentry Networks LANShield Controller CS2400 - Show aaa users

Rocket Fuel