Views:
On the Device Configuration (Services) screen, you can configure settings for system services. For Services, you can enable one or more remote services for secure connections. These services provide connections for the Command Line Interface (CLI) and Web (HTTPS). You should use secure communications (SSH and HTTPS) to operate the CLI and the Web interfaces.
Note
Note
HTTPS service is an integral service for the SMS, always enabled and available. SSH and telnet require SuperUser access.
If you disable SSH, you cannot run or access the CLI.
For devices using V 2.1 or higher TOS, the system can use an encrypted channel for sending messages between the device and SMS. The encrypted channel polls the device according to the polling interval for the mode.
The Encrypted Alert Channel Settings option provides three modes:
  • Enabled Normal Mode — Disables the SNMP traps and enables an SSL connection between the SMS and the device to transfer Alert messages reliably and securely by polling the device approximately every five seconds. This option is the default.
  • Enabled Batch Mode — Disables the SNMP traps and enables an SSL connection between the SMS and the device to transfer Alert messages reliably and securely by polling the device according to a configured amount of minutes, which reduces network traffic slightly but increases the average time for the SMS to become aware of device Alerts.
  • Disabled (Use SNMP) — Uses the existing SNMP trap mechanism.
Option Description
SSH Secure connection for using the CLI. Requires a user with SuperUser capabilities.
HTTPS Secure network communication for Web pages. Enabling HTTPS enables Web services for the SMS. See the SMS Web API Guide.
HTTP Unsecure network communication connection for Web pages. Enabling HTTP enables Web services for the SMS.
See the SMS Web API Guide.
Note
Note
See TSE Settings for HTTP mode on TPS devices.
Encrypted Alert Channel Settings Compiles and sends alerts. Encrypted for security. You can disable this service to use SNMP.
  • Enable Normal Mode —Sends alerts as they are received
  • Enable Batch Mode — Compiles alerts according to a configured Wait Time Interval (minutes ranging from 1 to 60). Enter an amount of minutes if selecting this option.
  • Disabled (Use SNMP) — Alerts are sent using SNMP, disabling this service.
Note
Note
You must enable Encrypted Alert Channel if your profile’s Capture Additional Event Information setting includes HTTP. SNMP does not support HTTP context.
Encrypted Alert Channel settings are not supported on TPS devices.
Data Retrieval Service Enables the SMS to retrieve and display traffic stats by port per device.
Data Retrieval Services only apply to IPS devices.
SNMP Alerts are sent using SNMP. If your devices support both SNMP v2 and SNMP v3, you can configure the device to use one or both versions.
To use SNMP v3 for NMS traps, you must configure Services for SNMP v3 or Both.
TLS Settings Enable or disable the TLS versions (v1.0, v1.1, v1.2, and v1.3) for a managed device.
TLS Settings are only supported on TPS devices running TOS v4.1 or later. The TLS versions enabled on a TPS device must be compatible with the TLS versions enabled in this section. By default, only TLS v1.3 is enabled.