We are in the midst of deploying RealSecure and need some advice on console log switching and backup. The person working this project six months ago came up with a rexx script that uses enginemgr to synch the sensor DB prior to doing a kill on rsconsole.exe and then copying the mdb to another location. The last step is to copy an empty DB back to the realsecure directory. The problem this solution creates is the inability to restart the console and reattach to the sensors and establish master console status. Without the console started, will the automatic db synch take place from the sensor when the DB threshold limit is hit on the sensor? When I look at netstat on the console workstation it is not listening on the port needed to allow this communication without the console being active and the sensor being actively monitored. I called ISS last week and was was told this is a known issue and a product enhancement has been requested from engineering that would allow the console to automatically start monitoring sensors when the console is started. I have suggested to the Project Mgr. running enginemgr -a getdb on a set schedule to sync the DB, but this is not viable since our she wants the visual alerts to go to the console at all times. I also suggested we get away from the console for visual alerts and rely on SNMP traps for the visuals. We have Spectrum, but I have not found a plug-in for the RealSecure OIDs. What are other people doing with SNMP traps sent from RealSecure? Back on the backup issue. Has anyone had any success in backing up the Console DB while the console is actively monitoring sensors? It appears to me rsconsole.exe has an exclusive lock on the rsntclientlog.mdb while running. Could a sensor synching to console log during the backup cause some problems? A way around this would be to stop the engines during the backup using enginemgr, but this would mean no ID during that time. Wouldn't it be great if the console had options to synch the sensors and age the DB on a scheduled interval (i.e. 24 hours)? Any suggestions are appreciated? -- Tim Brown ([EMAIL PROTECTED]) Network Analyst Office of Information Technology Services (ITS) State of North Carolina
begin:vcard n:Brown;Tim tel;work:(919)871-6499 x-mozilla-html:FALSE url:http://btsweb02.its.state.nc.us/ITS/ org:Office of Information Technology;Telecommunications Services adr:;;3700 Wake Forest Road;Raleigh;NC;27609; version:2.1 email;internet:[EMAIL PROTECTED] title:Network Analyst - IDS fn:Tim Brown end:vcard
