Transcription
SkyboxReference Guide10.0.200Revision: 12
Proprietary and Confidential to Skybox Security. 2019 Skybox Security,Inc. All rights reserved.Due to continued product development, the information contained in thisdocument may change without notice. The information and intellectual propertycontained herein are confidential and remain the exclusive intellectual property ofSkybox Security. If you find any problems in the documentation, please reportthem to us in writing. Skybox Security does not warrant that this document iserror-free.No part of this publication may be reproduced, stored in a retrieval system, ortransmitted in any form or by any means—electronic, mechanical, photocopying,recording, or otherwise—without the prior written permission of Skybox Security.Skybox , Skybox Security, Skybox Firewall Assurance, Skybox NetworkAssurance, Skybox Vulnerability Control, Skybox Threat Manager, SkyboxChange Manager, Skybox Appliance 5500/6000/7000/8000/8050, and theSkybox Security logo are either registered trademarks or trademarks of SkyboxSecurity, Inc., in the United States and/or other countries. All other trademarksare the property of their respective owners.Contact informationContact Skybox using the form on our website or by emailinginfo@skyboxsecurity.comCustomers and partners can contact Skybox technical support via the SkyboxSupport portal
ContentsIntended Audience . 9How this manual is organized . 9Related documentation . 9Technical support . 9Part I: Tasks . 11Managing tasks . 12Requirements. 12User roles and tasks . 12Working with tasks . 13Task properties . 16Task messages . 18Device access management . 18Using CyberArk for device password management . 20Quick reference for data collection . e:reference:reference:reference:reference:Firewall configuration collection . 23Firewall traffic log and audit log collection . 28Proxies, VPN devices, and IPS devices. 29Load balancers . 30Routers, switches, and controllers . 31Scanners and operational technology . 34File import tasks . 37Import directory tasks . 37Data formats for file import tasks . 41Basic file import tasks . 45Advanced file import tasks . 47Collector file import tasks . 49Advanced collector file import tasks . 50Generic CSV file import tasks . 50Juniper SA files import tasks . 55Script invocation tasks . 56Importing interface and routing configuration. 58Firewall configuration tasks . 59Blue Coat proxy . 60Check Point FireWall-1 firewall . 63Check Point Provider-1 CMA . 76Check Point Gaia firewall . 84Check Point Security Management . 85Cisco Firepower Management Center . 89Cisco PIX/ASA/FWSM firewall . 91Cisco Security Manager . 96Skybox version 10.0.2003
Skybox Reference GuideDell SonicWALL firewall . 98DioNIS firewall . 99DPtech firewall . 100Forcepoint NGFW appliance . 102Fortinet FortiGate firewall . 104Fortinet FortiManager Security Management appliance . 108Genband firewall . 111Huawei Eudemon firewall . 113Juniper Networks Junos firewall . 115Juniper Networks Junos Space Network Management Platform . 118Juniper Networks NetScreen firewall . 120Juniper Networks Network and Security Manager. 123Linux iptables firewall. 125McAfee Enterprise (Sidewinder) firewall . 126Palo Alto Networks firewall . 127Palo Alto Networks Panorama . 132Sidewinder G2 (McAfee Enterprise) firewall . 134Sophos Unified Threat Management firewalls. 136VMware vShield Edge firewall . 137Firewalls implemented in software . 138Firewall rule usage analysis tasks . 141Syslog traffic events . 141Check Point FireWall-1 activity log data (LEA collection) . 150Examples of syslog records for rule usage analysis . 154Firewall change tracking tasks . 157Importing syslog change tracking events . 157Check Point FireWall-1 change events (audit log data) . 162Examples of syslog records for change tracking . 164IPS tasks . 165Trend Micro (HP) TippingPoint IPS devices . 165McAfee IPS devices . 167IBM Proventia G appliances . 168Load balancer tasks . 170A10 Networks load balancer . 170Brocade ADX load balancer . 173Cisco ACE load balancer . 174Cisco CSS load balancer . 176Citrix NetScaler load balancer . 178F5 BIG-IP load balancer. 180Pulse Secure vTM load balancer . 184Radware Alteon load balancer . 185Radware AppDirector load balancer . 187Radware WSD load balancer . 189Router, switch, and wireless controller tasks. 192Arista Networks router . 192Aruba Networks wireless controller . 194Skybox version 10.0.2004
ContentsAvaya router . 196Avaya ERS routing switch . 197Brocade VDX router . 199Cisco IOS router . 201Cisco Nexus router. 207Cisco Wireless LAN Controller . 211Dionis NX router . 213Enterasys router . 215Extreme Networks router . 217Juniper Networks MX router . 219HP ProCurve router . 219Huawei router . 221H3C router. 223Nortel Passport 8600 router . 225Vyatta router . 226Scanner tasks . 229Guidelines for setting up scanner tasks . 229BeyondTrust Retina scanner. 230McAfee Vulnerability Manager (Foundstone) scanner . 231IBM Security AppScan . 233IBM Security SiteProtector System. 234Qualys QualysGuard scanner. 236Rapid7 Nexpose scanner. 239Tenable Network Security Nessus scanner . 242Tenable Network Security Tenable.io . 243Tenable Network Security Tenable.sc . 245Tripwire IP360 scanner. 246WhiteHat Sentinel scanner . 248Blacklists . 250Operational technology tasks . 252Claroty operational technology . 252CyberX operational technology . 254Indegy operational technology . 254SecurityMatters operational technology . 256Cloud and virtualization tasks . 258Amazon Web Services . 258Cisco ACI . 261Microsoft Azure . 262VMware NSX and vSphere . 264Management systems tasks . 267BMC BladeLogic Network Automation . 267ForeScout . 269HPE Network Automation . 270IBM BigFix . 272IBM z/OS . 273McAfee ePolicy Orchestrator . 273Microsoft SCCM .
Skybox Reference Guide is the reference companion to the Skybox Firewall Assurance User Guide, the Skybox Network Assurance User Guide, the Skybox Vulnerability Control User Guide, the Skybox Threat Manager User Guide, and the Skybox Change Manager User Guide. The intended audience is readers of the User Guides who want additional
