IBM 1G User Manual

IBM Security 1G Network Active Bypass

User Guide



Copyright statement

© Copyright IBM Corporation 2009, 2014.

U.S. Government Users Restricted Rights — Use, duplication, or disclosure restricted by GSA ADP Schedule Contract with
IBM Corp.

Publication Date: April 2014

Contents

Homologation statement - regulation

notice................v

Safety, environmental, and electronic

emissions notices ..........vii

About this publication .......xvii

Contacting IBM Support .........xviii

Chapter 1. Introducing the Network

Active Bypass unit ..........1

Package contents .............1

Features ................1

About the unit ..............3

Basic operation .............4

Chapter 2. Setting up the Network Active

Bypass unit .............7

Configuring and deploying the Network Active

Bypass unit ...............7

Placing the Network Active Bypass unit and the

Network IPS appliances .........8

Connecting the power cables ........8

Logging into the management interface ....8

Setting up e-mail notification ........9

Setting up segments ...........9

Chapter 3. Configuring the Network
Active Bypass unit in the management

interface ..............11

About the management interface .......11

Accessing the management interface ......12

Monitoring the status of the Network Active Bypass

unit .................13

Managing settings for the Network Active Bypass

unit .................14

Setting up segment configurations......14

Configuring Management Port settings ....16

Setting up e-mail notifications .......16

Configuring SNMP traps .........17

Synchronizing time and setting time zones . . . 18

Managing User Account settings ......18

Backing up or restoring settings ......19

Applying firmware updates ........19

Enabling system logging .........19

Restarting the Network Active Bypass unit . . . 20

Configuring Remote Authentication .....20

Chapter 4. Configuring the Network
Active Bypass unit using the command

line interface ............21

Accessing the command line interface .....21

Syntax for command line parameters ......22

Command line parameters .........23

Notices ..............29

Trademarks ..............30

Index ...............31

© Copyright IBM Corp. 2009, 2014 iii

iv 1G Network Active Bypass: User Guide

Homologation statement - regulation notice

This product is not intended to be connected directly or indirectly by any means whatsoever to interfaces
of public telecommunications networks.

© Copyright IBM Corp. 2009, 2014 v

vi 1G Network Active Bypass: User Guide

Safety, environmental, and electronic emissions notices

Safety notices may be printed throughout this guide. DANGER notices warn you of conditions or
procedures that can result in death or severe personal injury. CAUTION notices warn you of conditions
or procedures that can cause personal injury that is neither lethal nor extremely hazardous. Attention
notices warn you of conditions or procedures that can cause damage to machines, equipment, or
programs.

DANGER notices

DANGER

To prevent a possible shock from touching two surfaces with different protective ground (earth),
use one hand, when possible, to connect or disconnect signal cables. (D001)

DANGER

Overloading a branch circuit is potentially a fire hazard and a shock hazard under certain
conditions. To avoid these hazards, ensure that your system electrical requirements do not exceed
branch circuit protection requirements. Refer to the information that is provided with your device
or the power rating label for electrical specifications. (D002)

DANGER

If the receptacle has a metal shell, do not touch the shell until you have completed the voltage and
grounding checks. Improper wiring or grounding could place dangerous voltage on the metal shell.
If any of the conditions are not as described, STOP. Ensure the improper voltage or impedance
conditions are corrected before proceeding. (D003)

DANGER

An electrical outlet that is not correctly wired could place hazardous voltage on the metal parts of
the system or the devices that attach to the system. It is the responsibility of the customer to ensure
that the outlet is correctly wired and grounded to prevent an electrical shock. (D004)

DANGER

© Copyright IBM Corp. 2009, 2014 vii

When working on or around the system, observe the following precautions:

Electrical voltage and current from power, telephone, and communication cables are hazardous. To
avoid a shock hazard:

®

v Connect power to this unit only with the IBM

provided power cord. Do not use the IBM

provided power cord for any other product.

v Do not open or service any power supply assembly.

v Do not connect or disconnect any cables or perform installation, maintenance, or reconfiguration

of this product during an electrical storm.

v The product might be equipped with multiple power cords. To remove all hazardous voltages,

disconnect all power cords.

v Connect all power cords to a properly wired and grounded electrical outlet. Ensure that the outlet

supplies proper voltage and phase rotation according to the system rating plate.

v Connect any equipment that will be attached to this product to properly wired outlets.

v When possible, use one hand only to connect or disconnect signal cables.

v Never turn on any equipment when there is evidence of fire, water, or structural damage.

v Disconnect the attached power cords, telecommunications systems, networks, and modems before

you open the device covers, unless instructed otherwise in the installation and configuration
procedures.

v Connect and disconnect cables as described in the following procedures when installing, moving,

or opening covers on this product or attached devices.

To disconnect:

1. Turn off everything (unless instructed otherwise).

2. Remove the power cords from the outlets.

3. Remove the signal cables from the connectors.

4. Remove all cables from the devices.

To connect:

1. Turn off everything (unless instructed otherwise).

2. Attach all cables to the devices.

3. Attach the signal cables to the connectors.

4. Attach the power cords to the outlets.

5. Turn on the devices.

(D005)

CAUTION notices

CAUTION:
Data processing environments can contain equipment transmitting on system links with laser modules
that operate at great than Class 1 power levels. For this reason, never look into the end of an optical
fiber cable or open receptacle. (C027)

viii 1G Network Active Bypass: User Guide

CAUTION:
The battery contains lithium. To avoid possible explosion, do not burn or charge the battery.

Do not:

v Throw or immerse into water

v Heat to more than 100°C (212°F)

v Repair or disassemble

Exchange only with the IBM approved part. Recycle or discard the battery as instructed by local
regulations. In the United States, IBM has a process for the collection of this battery. For information,
call 1-800-426-4333. Have the IBM part number for the battery unit available when you call. (C003)

CAUTION:
For 19” rack mount products:

v Do not install a unit in a rack where the internal rack ambient temperatures will exceed the

manufacturer's recommended ambient temperature for all your rack-mounted devices.

v Do not install a unit in a rack where the air flow is compromised. Ensure that air flow is not

blocked or reduced on any side, front, or back of a unit used for air flow through the unit.

v Consideration should be given to the connection of the equipment to the supply circuit so that

overloading the circuits does not compromise the supply wiring or overcurrent protection. To
provide the correct power connection to a rack, refer to the rating labels located on the equipment
in the rack to determine the total power requirement of the supply circuit.

v (For sliding drawers) Do not pull or install any drawer or feature if the rack stabilizer brackets are not

attached to the rack. Do not pull out more than one drawer at a time. The rack might become
unstable if you pull out more than one drawer at a time.

v (For fixed drawers) This drawer is a fixed drawer and must not be moved for servicing unless

specified by the manufacturer. Attempting to move the drawer partially or completely out of the
rack might cause the rack to become unstable or cause the drawer to fall out of the rack.

(R001 Part 2 of 2)

Product handling information

One of the following two safety notices may apply to this product. Please refer to the specific product
specifications to determine the weight of the product to see which applies.

CAUTION:
This part or unit is heavy but has a weight smaller than 18 kg (39.7 lb). Use care when lifting,
removing, or installing this part or unit. (C008)

CAUTION:
The weight of this part or unit is between 18 and 32 kg (39.7 and 70.5 lb). It takes two persons to
safely lift this part or unit. (C009)

Safety, environmental, and electronic emissions notices ix

Product safety labels

One or more of the following safety labels may apply to this product.

DANGER

Hazardous voltage, current, or energy levels are present inside any component that has this label
attached. Do not open any cover or barrier that contains this label. (L001)

DANGER

Multiple power cords. The product might be equipped with multiple power cords. To remove all
hazardous voltages, disconnect all power cords. (L003)

World trade safety information

Several countries require the safety information contained in product publications to be presented in their
national languages. If this requirement applies to your country, a safety information booklet is included
in the publications package shipped with the product. The booklet contains the safety information in
your national language with references to the US English source. Before using a US English publication to
install, operate, or service this IBM product, you must first become familiar with the related safety
information in the booklet. You should also refer to the booklet any time you do not clearly understand
any safety information in the US English publications.

Laser safety information

The following laser safety notices apply to this product:

CAUTION:
This product may contain one or more of the following devices: CD-ROM drive, DVD-ROM drive,
DVD-RAM drive, or laser module, which are Class 1 laser products. Note the following information:

v Do not remove the covers. Removing the covers of the laser product could result in exposure to

hazardous laser radiation. There are no serviceable parts inside the device.

v Use of the controls or adjustments or performance of procedures other than those specified herein

might result in hazardous radiation exposure. (C026)

CAUTION:
Data processing environments can contain equipment transmitting on system links with laser modules
that operate at greater than Class 1 power levels. For this reason, never look into the end of an optical
fiber cable or open receptacle. (C027)

x 1G Network Active Bypass: User Guide

Laser compliance

All lasers are certified in the U.S. to conform to the requirements of DHHS 21 CFR Subchapter J for class
1 laser products. Outside the U.S., they are certified to be in compliance with IEC 60825 as a class 1 laser
product. Consult the label on each part for laser certification numbers and approval information.

Product recycling and disposal

This unit must be recycled or discarded according to applicable local and national regulations. IBM
encourages owners of information technology (IT) equipment to responsibly recycle their equipment
when it is no longer needed. IBM offers a variety of product return programs and services in several
countries to assist equipment owners in recycling their IT products. Information on IBM product
recycling offerings can be found on IBM's Internet site at http:// www.ibm.com/ibm/environment/
products/prp.shtml.

Esta unidad debe reciclarse o desecharse de acuerdo con lo establecido en la normativa nacional o local
aplicable. IBM recomienda a los propietarios de equipos de tecnología de la información (TI) que reciclen
responsablemente sus equipos cuando éstos ya no les sean útiles. IBM dispone de una serie de programas
y servicios de devolución de productos en varios países, a fin de ayudar a los propietarios de equipos a
reciclar sus productos de TI. Se puede encontrar información sobre las ofertas de reciclado de productos
de IBM en el sitio web de IBM http:// www.ibm.com/ibm/environment/products/prp.shtml.

Notice: This mark applies only to countries within the European Union (EU) and Norway.

Appliances are labeled in accordance with European Directive 2002/96/EC concerning waste electrical
and electronic equipment (WEEE). The Directive determines the framework for the return and recycling
of used appliances as applicable through the European Union. This label is applied to various products to
indicate that the product is not to be thrown away, but rather reclaimed upon end of life per this
Directive.

In accordance with the European WEEE Directive, electrical and electronic equipment (EEE) is to be
collected separately and to be reused, recycled, or recovered at end of life. Users of EEE with the WEEE
marking per Annex IV of the WEEE Directive, as shown above, must not dispose of end of life EEE as
unsorted municipal waste, but use the collection framework available to customers for the return,
recycling, and recovery of WEEE. Customer participation is important to minimize any potential effects of
EEE on the environment and human health due to the potential presence of hazardous substances in EEE.
For proper collection and treatment, contact your local IBM representative.

Safety, environmental, and electronic emissions notices xi

Remarque: Cette marque s'applique uniquement aux pays de l'Union Européenne et à la Norvge.

L'etiquette du systme respecte la Directive européenne 2002/96/EC en matire de Déchets des
Equipements Electriques et Electroniques (DEEE), qui détermine les dispositions de retour et de recyclage
applicables aux systmes utilisés à travers l'Union européenne. Conformément à la directive, ladite
étiquette précise que le produit sur lequel elle est apposée ne doit pas être jeté mais être récupéré en fin
de vie.

Battery return program

This product contains a lithium battery. The battery must be recycled or disposed of properly. Recycling
facilities may not be available in your area. For information on disposal of batteries outside the United
States, go to http://www.ibm.com/ibm/environment/products/ batteryrecycle.shtm or contact your local
waste disposal facility.

In the United States, IBM has established a return process for reuse, recycling, or proper disposal of used
IBM sealed lead acid, nickel cadmium, nickel metal hydride, and other battery packs from IBM
equipment. For information on proper disposal of these batteries, contact IBM at 1-800-426- 4333. Please
have the IBM part number listed on the battery available prior to your call.

For Taiwan:

Please recycle batteries

For the European Union:

Notice: This mark applies only to countries within the European Union (EU).

Batteries or packing for batteries are labeled in accordance with European Directive 2006/66/EC
concerning batteries and accumulators and waste batteries and accumulators. The Directive determines
the framework for the return and recycling of used batteries and accumulators as applicable throughout
the European Union. This label is applied to various batteries to indicate that the battery is not to be
thrown away, but rather reclaimed upon end of life per this Directive.

Les batteries ou emballages pour batteries sont étiquetés conformément aux directives européennes
2006/66/EC, norme relative aux batteries et accumulateurs en usage et aux batteries et accumulateurs
usés. Les directives déterminent la marche à suivre en vigueur dans l'Union Européenne pour le retour et

xii 1G Network Active Bypass: User Guide

le recyclage des batteries et accumulateurs usés. Cette étiquette est appliquée sur diverses batteries pour
indiquer que la batterie ne doit pas être mise au rebut mais plutôt récupérée en fin de cycle de vie selon
cette norme.

In accordance with the European Directive 2006/66/EC, batteries and accumulators are labeled to
indicate that they are to be collected separately and recycled at end of life. The label on the battery may
also include a symbol for the metal concerned in the battery (Pb for lead, Hg for the mercury, and Cd for
cadmium). Users of batteries and accumulators must not dispose of batteries and accumulators as
unsorted municipal waste, but use the collection framework available to customers for the return,
recycling, and treatment of batteries and accumulators. Customer participation is important to minimize
any potential effects of batteries and accumulators on the environment and human health due to potential
presence of hazardous substances. For proper collection and treatment, contact your local IBM
representative.

For California:

Perchlorate Material - special handling may apply. See http://www.dtsc.ca.gov/ hazardouswaste/
perchlorate.

The foregoing notice is provided in accordance with California Code of Regulations Title 22, Division 4.5,
Chapter 33. Best Management Practices for Perchlorate Materials. This product, part, or both may include
a lithium manganese dioxide battery which contains a perchlorate substance.

Electronic emissions notices

The following statements apply to this IBM product. The statement for other IBM products intended for
use with this product will appear in their accompanying manuals.

Federal Communications Commission (FCC) Statement

Note: This equipment has been tested and found to comply with the limits for a Class A digital device,

pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against
harmful interference when the equipment is operated in a commercial environment. this equipment
generates, uses, and can radiate radio frequency energy and, if not installed and used in accordance with
the instructions contained in the installation manual, may cause harmful interference to radio
communications. Operation of this equipment in a residential area is likely to cause harmful interference,
in which case the user will be required to correct the interference at his own expense.

Note: Properly shielded and grounded cables and connectors must be used in order to meet FCC
emission limits. IBM is not responsible for any radio or television interference caused by using other than
recommended cables and connectors, by installation or use of this equipment other than xvi IBM Internet
Security Systems as specified in the installation manual, or by any other unauthorized changes or
modifications to this equipment. Unauthorized changes or modifications could void the user's authority
to operate the equipment.

Note: This device complies with Part 15 of the FCC Rules. Operation is subject to the following two
conditions: (1) this device may not cause harmful interference, and (2) this device must accept any
interference received, including interference that may cause undesired operation.

Canadian Department of Communications Compliance Statement

Safety, environmental, and electronic emissions notices xiii

This Class A digital apparatus complies with Canadian ICES-003.

Avis de conformité aux normes du minist󀷰re des Communications du Canada

Cet appareil numérique de las classe A est conform à la norme NMB-003 du Canada.

European Union (EU) Electromagnetic Compatibility Directive

This product is in conformity with the protection requirements of EU Council Directive 2004/108/ EEC
on the approximation of the laws of the Member States relating to electromagnetic compatibility. IBM
cannot accept responsibility for any failure to satisfy the protection requirements resulting from a
non-recommended modification of the product, including the fitting of non-IBM option cards.

This product has been tested and found to comply with the limits for Class A Information Technology
Equipment according to European Standard EN 55022. The limits for Class equipment were derived for
commercial and industrial environments to provide reasonable protection against interference with
licensed communication equipment.

Warning:

This is a Class A product. In a domestic environment, this product may cause radio interference in which
case the user may be required to take adequate measures.

European Community contact:

IBM Technical Regulations
Pascalstr. 100, Stuttgart, Germany 70569
Telephone: 0049 (0) 711 785 1176
Fax: 0049 (0) 711 785 1283
e-mail: tjahn@de.ibm.com

EC Declaration of Conformity (In German)

Deutschsprachiger EU Hinweis: Hinweis für Geräte der Klasse A EU-Richtlinie zur Elektromagnetischen
Verträglichkeit

Dieses Produkt entspricht den Schutzanforderungen der EU-Richtlinie 89/336/EWG zur Angleichung der
Rechtsvorschriften über die elektromagnetische Verträglichkeit in den EUMitgliedsstaaten und hält die
Grenzwerte der EN 55022 Klasse A ein.

Um dieses sicherzustellen, sind die Geräte wie in den Handbüchern beschrieben zu installieren und zu
betreiben. Des Weiteren dürfen auch nur von der IBM empfohlene Kabel angeschlossen werden. IBM
übernimmt keine Verantwortung für die Einhaltung der Schutzanforderungen, wenn das Produkt ohne
Zustimmung der IBM verändert bzw. wenn Erweiterungskomponenten von Fremdherstellern ohne
Empfehlung der IBM gesteckt/eingebaut werden.

EN 55022 Klasse A Geräte müssen mit folgendem Warnhinweis versehen werden: "Warnung: Dieses ist
eine Einrichtung der Klasse A. Diese Einrichtung kann im Wohnbereich Funk-Störungen verursachen; in
diesem Fall kann vom Betreiber verlangt werden, angemessene Maßnahmen zu ergreifen und dafür
aufzukommen."

Deutschland: Einhaltung des Gesetzes über die elektromagnetische Verträglichkeit von Geräten

Dieses Produkt entspricht dem “Gesetz über die elektromagnetische Verträglichkeit von Geräten
(EMVG)“. Dies ist die Umsetzung der EU-Richtlinie 89/336/EWG in der Bundesrepublik Deutschland.

xiv 1G Network Active Bypass: User Guide

Zulassungsbescheinigung laut dem Deutschen Gesetz über die elektromagnetische Verträglichkeit von
Geräten (EMVG) vom 18. September 1998 (bzw. der EMC EG Richtlinie 89/336) für Geräte der Klasse
A.

Dieses Gerät ist berechtigt, in Übereinstimmung mit dem Deutschen EMVG das EGKonformitätszeichen ­CE - zu führen.

Verantwortlich für die Konformitätserklärung nach Paragraf 5 des EMVG ist die IBM Deutschland
GmbH, 70548 Stuttgart.

Informationen in Hinsicht EMVG Paragraf 4 Abs. (1) 4:

Das Gerät erfüllt die Schutzanforderungen nach EN 55024 und EN 55022 Klasse A

update: 2004/12/07

People's Republic of China Class A Compliance Statement:

This is a Class A product. In a domestic environment, this product may cause radio interference in which
case the user may need to perform practical actions.

Japan Class A Compliance Statement:

This product is a Class A Information Technology Equipment and conforms to the standards set by the
Voluntary Control Council for Interference by Information Technology Equipment (VCCI). In a xviii IBM
Internet Security Systems domestic environment, this product may cause radio interference in which case
the user may be required to take adequate measures.

Korean Class A Compliance Statement:

Safety, environmental, and electronic emissions notices xv

xvi 1G Network Active Bypass: User Guide