3 time server, 4 intrusion prevention, 1 intrusion prevention system – NEXCOM IFA 1610 User Manual

Copyright © 2014 NEXCOM International Co., Ltd. All Rights Reserved.

IFA 3610/IFA 2610/IFA 1610 User Manual

Chapter 4: The Services Menu

40

4.3 Time server

The appliance uses NTP to keep its system time synchronised with time servers on the Internet. The settings available are

grouped into two boxes.

Use a network time server

A number of time server hosts on the Internet are preconfigured and used by the system, but custom time servers can

be specified after ticking the Override default NTP servers checkbox. This might prove necessary when running a setup

that does not allow the appliance to reach the Internet. Several time servers addresses can be supplied, one per line, in

the small form that will show up.

This box also shows the current time zone setting, that can also be changed by choosing a different one from the drop-

down menu. An immediate synchronisation can be done by clicking on the Synchronize now button.

Adjust manually

The second box gives the possibility to manually change the system time. While this is not recommended, this action

proves useful when the system clock is way off and an immediate update of the appliance‘s clock to the correct time is

needed.

Automatic synchronisation using time servers is not done instantly, but the clock is “slow down” or “speed up” a bit to

recover and align to the correct time, hence a system with a significant error in its time may require a long period to be

corrected. In those cases, forcing a manual synchronisation represents a more drastic but immediate solution.

4.4 Intrusion Prevention

The appliance includes the well known intrusion detection (IDS) and prevention (IPS) system snort, which is directly built
into iptables, to intercept and drop connections from unwanted or distrusted sources.

The page contains three tabs, Intrusion Prevention System, Rules, and Editor.

4.4.1 Intrusion Prevention System

If snort is not active, a grey switch next to the Enable Intrusion Prevention System label appears on the page
and can be clicked on to start the service. A message appears, informing that the service is being restarted and after a
short interval, the box will contain some options to configure the service.

Automatically fetch SNORT Rules
Ticking this box will let the appliance automatically download the snort rules from the HENGE

TM

Network.

Note:

If the appliance is not registered, rules are downloaded from the Emerging Threats web page. An informative

message is also shown at the bottom of the page.

Choose update schedule
The frequency of download of the rules: A drop-down menu allows to choose one of the hourly, daily, weekly, or
monthly options. This option appears only if the previous option has been activated.

Custom SNORT Rules
A file containing custom SNORT rules that should be uploaded. Pick one file from the file selection window that opens
upon clicking the Browse button, and upload it by clicking on the Upload custom rules button.