RuggedCom RX1000 Network Router User Manual


 
RuggedRouter® User Guide
Industrial Defender
RX1100 owners can use the Industrial Defender security appliance for central
monitoring. The central monitoring facility is called a Security Event Management
(SEM) unit. This section details how to activate the Industrial Defender Agent on a
RuggedRouter so that it can periodically report to an SEM unit. Details and
recommendations on using the Industrial Defender system can be found in the
Industrial Defender documentation.
What information is sent to an SEM unit
The Industrial Defender Agent will currently forward the following information to an
SEM unit on a periodic basis:
Temperatures
Voltages
User logins/logouts
Network Interface traffic
CPU load
Disk usage
In addition, when syslog is properly configured, the SEM will be able to collect
system logging information for further processing. These include, but are not limited
to:
Webmin logins (both attempted and complete)
Webmin actions
SSH logins
Industrial Defender Configuration
The Industrial Defender Agent depends, for proper functionality, on a key retrieved
from an SEM unit. The Webmin Industrial Defender Agent General Configuration
page provides a three-step approach to configure the Industrial Defender Agent by:
Configuring the IP addresses of the SEM unit and RuggedRouter
Launching a key exchange sequence with the SEM
Helping to configure remote system logging operation
258 RuggedCom
Figure 227: Industrial Defender Agent Configuration