Managing Interoperation with IDP Devices

The Sensors tab allows you to specify the system settings Ivanti Policy Secure uses to establish a connection to an IDP device. Select System > Configuration > Sensors > Sensors. The main Sensor page displays the sensor, the network address, the state (enabled), the version, and the status of any configured sensors. The following sections describe tasks related to configuring and managing interaction between Ivanti Policy Secure and an IDP Sensor:

Configuring Communication with an IDP Device

To configure communication with an IDP device and a IDP log monitoring policy:

To use the IDP sensor with Ivanti Policy Secure you must enable logging for the applicable policies.

  1. Select System > Configuration > Sensors.

  2. Click New Sensor. The admin console displays the New Sensor page.

  3. Under Sensor Properties, specify the following information:

    • Name—A name Ivanti Policy Secure uses to identify the new connection entry.

    • Hostname—The hostname or IP address of the IDP Sensor to which Ivanti Policy Secure connects in order to receive application and resource attack alert messages.

    • Port—The TCP port on the IDP Sensor to which Ivanti Policy Secure listens when receiving application and resource attack alert messages.

    • One-time password—The encrypted password Ivanti Policy Secure uses when conducting the initial Transport Layer Security (TLS) handshake with the IDP Sensor. You must enter the encrypted Ivanti Policy Secure OTP password as displayed on the IDP ACM configuration summary screen.

    The hostname, TCP port, and one-time password must already be configured on the IDP Sensor before this configuration can be successful.

  4. Under Monitoring Options, specify IP addresses to monitor and the minimum alert severity level the IDP Sensor records and submits to Ivanti Policy Secure:

    • In the Addresses to Monitor field, specify individual IP addresses and address ranges, one entry per line. IDP reports attack information only for the IP addresses that you specify. For IDP to report all events to Ivanti Policy Secure, enter 0.0.0.0/0. For IDP to report only selected events, enter <default> to permit IDP to report events for events with source IPs that have an active user session on Ivanti Policy Secure, and /or enter one or more addresses or address ranges for any endpoint that you want the IDP sensor to report.

    With ISG-IDP or Junos IDP, you do not need to specify which IP addresses to monitor. The Infranet Enforcer monitors all IP address for which auth tables exist.

    • Select one of the severity options available in the Severity filter drop down list. The severity level is a number on a scale from 1 to 5, where 1 is informational and 5 is critical. This option represents the severity of messages the IDP should send to Ivanti Policy Secure.

  5. Click Save Changes.

Enabling or Disabling IDP Sensors

To enable or disable existing IDP Sensor entries on Ivanti Policy Secure:

  1. Select System > Configuration > Sensors.

  2. Select the check box for one or more IDP Sensor entries to enable or disable.

  3. Click Enable or Disable to enable or disable the specified IDP Sensor entries, respectively.

Reconnecting to an IDP Sensor

When the connection to an IDP Sensor is down, you can use the admin console on Ivanti Policy Secure to re-establish the connection. You can also use the admin console to refresh the status of existing connections between Ivanti Policy Secure and the IDP Sensor.

To re-establish communication with an IDP Sensor, you must generate a new One-time Password.

To reconnect to an associated IDP Sensor:

  1. Select the check box next to the IDP Sensor to which you want to reconnect.

  2. Click Reconnect.

    The admin console displays a message indicating that Ivanti Policy Secure is currently attempting to re-establish connection to the specified IDP Sensor. This page automatically refreshes each second during the reconnection process. Otherwise, the connection status page automatically refreshes once every 30 seconds.

Refreshing and Displaying the Connection Status

To refresh and display the connection status for the specified IDP Sensor:

  1. Select the check box for one or more IDP Sensor entries to display current connection status

  2. Click Refresh.

Deleting an IDP Sensor Entry

You can delete existing IDP Sensor entries that define a connection between Ivanti Policy Secure and an IDP Sensor.

To delete one or more existing IDP Sensor entries from Ivanti Policy Secure:

  1. Select the check box for the IDP Sensor entry or entries to delete.

  2. Click Delete, then confirm that you want to delete the sensor entry or entries.