Home > Articles > Networking

Cisco IPS Device Manager (IDM)

📄 Contents

  1. Foundation and Supplemental Topics
  2. Foundation Summary
  3. Q&A
The Cisco IPS Device Manager (IDM) is a tool that enables you to configure and manage a single Cisco network sensor. This Java-based web tool provides you with a graphical interface to manipulate the operation of your sensor. This chapter will help you get started with the Cisco IDM.
This chapter is from the book

This chapter is from the book

This chapter covers the following subjects:

  • Cisco IPS Device Manager
  • System Requirements for IDM
  • Navigating IDM
  • Configuring Communication Parameters by Using IDM

The Cisco IPS Device Manager (IDM) is a tool that enables you to configure and manage a single Cisco network sensor. This Java-based web tool provides you with a graphical interface to manipulate the operation of your sensor. Each IPS appliance running on your network has its own web server that provides access to the IDM application on the sensor.

Accurately configuring your Cisco IPS devices is vital to efficiently protecting your network. This chapter explains how to navigate the graphical configuration tool that comes with each sensor. Beginning with Cisco IPS version 5.0, the IDM interface has been completely revamped. Reviewing this chapter will provide you with information on how the new interface is structured. This information will be important for you to follow the configuration examples used throughout the rest of the book.

"Do I Know This Already?" Quiz

The purpose of the "Do I Know This Already?" quiz is to help you decide if you really need to read the entire chapter. If you already intend to read the entire chapter, you do not necessarily need to answer these questions now.

The 10-question quiz, derived from the major sections in the "Foundation and Supplemental Topics" portion of the chapter, helps you determine how to spend your limited study time.

Table 3-1 outlines the major topics discussed in this chapter and the "Do I Know This Already?" quiz questions that correspond to those topics.

Table 3-1. "Do I Know This Already?" Foundation and Supplemental Topics Mapping

Foundation or Supplemental Topic

Questions Covering This Topic

System Requirements for IDM

1, 4, 5

Navigating IDM

3, 6, 8, 10

Configuring Communication Parameters by using IDM

2, 7, 9

  1. Which version of Linux is supported for use with IDM?

    1. Red Hat
    2. Debian
    3. Slackware
    4. Mandrake
    5. SUSE
  2. Which of the following is a configurable sensor communication parameter?

    1. Changing the TLS/SSL port
    2. Changing the Telnet port
    3. Changing SSH port
    4. Changing the TLS/SSL port and the Telnet port
    5. None of these
  3. Which of the following is not a configuration category in IDM?

    1. Sensor Setup
    2. Analysis Engine
    3. SNMP
    4. IP Logging
    5. Event Action Rules
  4. Which of the following Solaris versions is supported for use with IDM?

    1. Version 2.6
    2. Version 2.7
    3. Version 2.9
    4. Version 2.5
  5. Which web browser is supported on Microsoft Windows 2000 for access to IDM?

    1. Opera 7.54u1
    2. Internet Explorer 5.5
    3. Netscape 7.1
    4. Netscape 6.0
    5. Firefox 1.0
  6. Which of the following is not a monitoring category in IDM?

    1. Blocking
    2. Denied Attackers
    3. IP Logging
    4. Events
    5. Network Blocks
  7. Which of the following is not a configurable sensor communication parameter?

    1. Telnet port
    2. TLS/SSL port
    3. Default route
    4. IP address
    5. Host name
  8. Where are the configuration options on the IDM screen?

    1. The location of the options is configurable.
    2. The options are listed on the right side of the screen.
    3. The options are accessed via pull-down menus.
    4. The options are listed across the top of the screen.
    5. The options are listed on the left of the screen.
  9. Where should you configure the sensor communication parameters?

    1. Sensor Setup>Network
    2. Interface Configuration>Interfaces
    3. Sensor Setup>Allowed Hosts
    4. Analysis Engine>Virtual Sensor
    5. Analysis Engine>Global Variables
  10. Which Simple Network Management Protocol (SNMP) operations are supported by Cisco IPS version 5.0?

    1. Get only
    2. Set only
    3. Trap only
    4. Get, Set, and Trap
    5. SNMP is not supported

The answers to the "Do I Know This Already?" quiz are found in the appendix. The suggested choices for your next step are as follows:

  • 8 or less overall score—Read the entire chapter. This includes the "Foundation and Supplemental Topics," "Foundation Summary," and Q&A sections.
  • 9 or 10 overall score—If you want more review on these topics, skip to the "Foundation Summary" section and then go to the Q&A section. Otherwise, move to the next chapter.

Foundation and Supplemental Topics

Cisco IPS Device Manager

The Cisco IDM is a Java-based web interface that enables you to configure and manipulate the operation of your Cisco network sensors. Each IPS appliance running on your network has its own web server that provides access to the IDM application on the sensor. The web server uses Transport Layer Security (TLS) to encrypt the traffic to and from the sensor to prevent an attacker from viewing sensitive management traffic. The web server is also hardened to minimize an attacker's ability to disrupt or compromise its operation.

This chapter focuses on the following topics:

  • System requirements for IDM
  • Navigating IDM
  • Configuring communication parameters by using IDM

System Requirements for IDM

Because the IDS Device Manager is a web-based application, the major system requirement is a web browser. Having sufficient memory and screen resolution also promotes effective operation of IDM. The recommended memory and screen resolution are as follows:

  • 256 MB memory (minimum)
  • 1024 x 768 resolution and 256 colors (minimum)

Cisco has identified system requirements based on the following three operating systems for use with IDM:

  • Microsoft Windows
  • Sun Solaris
  • Red Hat Linux

The recommended configuration for using Windows is as follows:

  • Microsoft Windows 2000 or Windows XP
  • Internet Explorer 6.0 with Java Plug-in 1.4.1 or 1.4.2, or Netscape 7.1 with Java Plug-in 1.4.1 or 1.4.2
  • Pentium III or equivalent, running at 450 MHz or higher

The recommended configuration for using Solaris is as follows:

  • Sun Solaris 2.8 or 2.9
  • Mozilla 1.7

The recommended configuration for using Red Hat is as follows:

  • Red Hat Linux 9.0 or Red Hat Enterprise Linux WS version 3, running GNOME or KDE
  • Mozilla 1.7

Navigating IDM

Starting with Cisco IPS version 5.0, the IDM interface has been completely restructured. The new graphical interface (see Figure 3-1) contains an icon bar with the following options:

  • Configuration
  • Monitoring
  • Back
  • Forward
  • Refresh
  • Help
03fig01.jpg

Figure 3-1 Main IDM Screen

Configuration

Configuring the operational characteristics of the sensor is the main functionality provided by IDM. By clicking on the Configuration icon (located on the top menu bar), you can display a list of configurable items down the left side of the screen (see Figure 3-1). These items are divided into the following operational categories:

  • Sensor Setup
  • Interface Configuration
  • Analysis Engine
  • Signature Definition
  • Event Action Rules
  • Blocking
  • SNMP
  • Auto Update

These operational categories are explained in the following sections.

Clicking on one of the configuration options (shown on the left side of the IDM interface) displays the configuration information for that option in the main portion of the screen. For example, Figure 3-2 shows the configuration screen displayed when you select Sensor Setup>Users.

03fig02.jpg

Figure 3-2 Sensor Setup Users Screen

When you make changes to a configuration screen, the Apply icon is no longer grayed out. To save the changes, click on the Apply button at the bottom of the configuration screen. Clicking on the Reset button removes your changes (restoring the original configuration values).

03fig03.jpg

Figure 3-3 Accept Changes Popup Window

Sensor Setup

When configuring access to your sensor, you will use the options available in the Sensor Setup category. These include configuring the sensor's IP address, the users on the system, and the sensor's time parameters. Through the Sensor Setup options, you can also configure access to the sensor for Secure Shell (SSH) and secure web access (using HTTPS). The Sensor Setup category is divided into the following options:

  • Network
  • Allowed Hosts
  • SSH>Authorized Keys
  • SSH>Known Host Keys
  • SSH>Sensor Key
  • Certificates>Trusted Hosts
  • Certificates>Server Certificate
  • Time
  • Users

The Network option enables you to configure the basic sensor network properties such as IP address, default gateway, network mask, and host name. The Allowed Hosts option enables you to define which IP addresses are allowed to access the sensor via its management interface.

The SSH options enable you to define the authorized host keys for systems that you want to connect to from the sensor (such as when using Secure Copy [SCP] to upgrade the sensor's software) as well as the public keys for SSH clients that are allowed to connect to the sensor. Similarly, the two Certificates options enable you to define the trusted certificates for systems that the sensor needs to connect to via HTTPS. This would commonly apply to master blocking sensors and other IPS devices to which your sensor connects by using Remote Data Exchange Protocol (RDEP).

The Time option enables you to define the time settings on the sensor. This includes specifying a Network Time Protocol (NTP) server, time zone settings, and summertime parameters. Finally, the Users option enables you to view the currently configured users, add users, and change users' passwords (if you log in via a privileged account). If you log in to a nonprivileged account, you will be able to change only your own password.

Interface Configuration

Each time your sensor is powered on; it automatically detects the interface modules that are installed in the sensor. The network interfaces enable your sensor to monitor network traffic, using either promiscuous or inline modes of operation. Before monitoring traffic, the interfaces need to be configured.

The command and control interface enables you to access your sensor. This interface is permanently mapped to a specific physical interface (depending on the model of the sensor).

The Interface Configuration category includes the following options:

  • Interfaces
  • Interface Pairs*
  • Bypass*
  • Traffic Flow Notifications

The Interfaces option enables you to configure basic interface properties, such as speed and whether the interface is enabled. The Interface Pairs option enables you to define pairs of interfaces that will be used for inline monitoring. When using inline mode, you may also need to use the Bypass option to configure the software bypass mode, which determines how network traffic is handled during operational disruptions in the sensor's inspection applications.

The Traffic Flow Notifications option enables you to configure the following parameters:

  • Missed Packet Threshold
  • Notification Interval
  • Interface Idle Threshold

These parameters determine when event notifications are generated based on the flow of traffic across the sensor's interfaces. For more information on Traffic Flow Notifications, refer to Chapter 4, "Basic Sensor Configuration."

Analysis Engine

The analysis engine performs packet analysis and alert detection. It monitors traffic that flows through the specified interfaces and interface pairs.

The Analysis Engine category provides the following options:

  • Virtual Sensor
  • Global Variables

To use the any of the sensor's interfaces to analyze network traffic, you must assign it to a virtual sensor. The Virtual Sensor option enables you to assign or remove sensor interfaces from a virtual sensor.

The Global Variables option enables you to configure the maximum number of IP log files that the sensor will support.

Signature Definition

Network intrusions are attacks and other misuses of network resources. A signature is a set of rules that a sensor uses to detect intrusive activity. As the sensor scans network traffic, it searches for matches to the signatures that it is configured to detect. When a match to a signature is found, the sensor takes the action that you have configured for that signature.

The Signature Definition category has the following options:

  • Signature Variables
  • Signature Configuration
  • Custom Signature Wizard
  • Miscellaneous

Using the Signature Variables option, you can configure signature variables that define ranges of IP addresses. You can then use these signature variables when defining signatures. When you change the value of the variable, the change is automatically replicated to all of the signatures where it is referenced. You can also change the predefined signature variable that determines which ports are examined during web analysis.

Using the Signature Configuration option, you can view the available signatures and their properties. You can enable and disable signatures as well as adding new signatures and editing the properties of existing signatures.

Using the Custom Signature Wizard option, you can create custom signatures by using a menu-driven interface that simplifies the creation process.

The Miscellaneous option enables you to configure specific global sensor parameters for the following aspects of the sensor's operation:

  • Application policy settings
  • Fragment reassembly settings
  • Stream reassembly settings
  • IP log settings

For more information on configuring these options, refer to Chapter 8, "Sensor Tuning."

Event Action Rules

Event action rules define how your sensor will process specific events when it detects them on the network. Event action rules define the following functionality on the sensor:

  • Calculating the Risk Rating
  • Adding event-action overrides
  • Filtering event action
  • Executing the resulting event action
  • Summarizing and aggregating events
  • Maintaining a list of denied attackers

The Event Action Rules category provides the following options:

  • Event Variables
  • Target Value Rating
  • Event Action Overrides
  • Event Action Filters
  • General Settings

Using the Event Variables option, you can define variables that you use when defining event filters. These variables identify lists or ranges of IP address. By defining event variables (instead of using the actual addresses in the filters), you can more easily update IP addresses. Whenever you need to add or remove an address, you just change the event variable definition.

The Target Value Rating enables you to configure an asset rating for specific IP address ranges. The asset rating can be one of the following values:

  • No value
  • Low
  • Medium
  • High
  • Mission critical

The Event Action Overrides option defines when actions are automatically assigned to events based on the value of the Risk Rating. You can assign an event action override for each of the actions that you can normally assign to a signature.

The Event Action Filters option enables you to define event action filters. These filters prevent (or filter) configured actions from being applied to specific events. Filters can be based on numerous factors such as IP address, signature ID, and Risk Rating.

The General Settings option enables you to define general settings that apply to event action rules. These include the following parameters, as well as the ability to enable and disable the meta-event generator and summarizer:

  • Deny attacker duration
  • Block action duration
  • Maximum denied attackers

Blocking

One of the actions that you can configure your sensor to take when a signature triggers is to block traffic from the system that initiated the intrusive traffic. The two types of blocking actions that you can configure are as follows:

  • Host block
  • Connection block

When you configure a signature to block a connection, it blocks only traffic from the host that triggered the signature to the destination port, the protocol (such as TCP or UDP), and the destination IP address that triggered the signature. Therefore, the blocking decision is based on the following parameters:

  • Source IP address
  • Destination IP address
  • Destination port
  • Protocol

A host block, on the other hand, blocks all traffic from the attacking host regardless of the destination port, protocol, or destination IP address.

The Blocking category has the following configuration options:

  • Blocking Properties
  • Device Login Profiles
  • Blocking Devices
  • Router Blocking Device Interfaces
  • Cat6k Blocking Device Interfaces
  • Master Blocking Sensor

Using the Block Properties option, you can configure the basic blocking properties along with the IP addresses that the blocking devices should never block. The Device Login Profiles option defines the credentials necessary for the sensor to access the blocking devices that you add by using the Blocking Devices option. To block network traffic, the blocking device applies an access control list (ACL) to one of its interfaces. You configure which interface the blocking ACL will be applied to on routers by using the Router Blocking Device Interfaces option. Similarly, you configure which interface the blocking ACL will be applied to on Catalyst 6000 switches by using Cat6k Blocking Device Interfaces.

The Master Blocking Sensor option enables you define which sensors will serve as master blocking sensors. A master blocking sensor initiates IP blocking for another sensor, since only one sensor can initiate IP blocking on a specific blocking device.

Simple Network Management Protocol

Beginning with Cisco IPS version 5.0, sensor software supports Simple Network Management Protocol (SNMP) functionality (see RFC 1157, "Simple Network Management Protocol [SNMP]"). SNMP facilitates the exchange of management information between network devices, enabling network administrators to manage network performance as well as find and solve network problems. Using SNMP, management stations can efficiently monitor the health and status of many types of network devices, including switches, routers, and sensors.

The SNMP category provides the following options:

  • SNMP General Configuration
  • SNMP Traps Configuration

SNMP Gets, Sets, and Traps are disabled by default. To use these features to manage your sensor, you need to enable them.

Auto Update

To maintain the latest software images on your sensors, you can configure your sensor to automatically load service pack and signature updates from a central FTP or SCP server. Selecting Auto Update displays the configuration values that your sensor will use to automatically update software.

Monitoring

Besides helping you configure your sensor, IDM also provides the ability to monitor the status and operation of the sensor. The monitoring functionality is divided into the following options (see Figure 3-4):

  • Denied Attackers
  • Active Host Blocks
  • Network Blocks
  • IP Logging
  • Events
  • Support Information>Diagnostic Report
  • Support Information>Statistics
  • Support Information>System Information
03fig04.jpg

Figure 3-4 IDM Monitoring Functionality

The Denied Attackers option enables you to view the IP addresses that are currently blocked by the sensor. The Active Host Blocks option enables you to manually block specific hosts for a specified duration. Similarly, the Network Blocks option enables you to manually establish a block for an entire network. Using the IP Logging option, you can manually log traffic from a specified host.

Using the Events option, you can view events generated by the sensor. Monitoring events provides a basic mechanism that you can use to examine the events that your sensor is generating.

The Support Information options provide information useful in debugging the operation of the sensor. Refer to Chapter 12, "Verifying System Configuration," for more information on debugging the operation of your sensor.

Back

As you move through the various configuration and monitoring screens, IDM keeps track of the options you have selected. Clicking on the Back icon enables you to return to one of previous configuration screens that you were modifying or viewing (the Back icon is similar to your browser's Back button). Each click on the Back icon takes you back one screen in the list of configuration screens that you have visited.

For instance, suppose that you view the following configuration screens for the sensor:

  • Blocking > Blocking Properties
  • Sensor Setup > Users
  • Interface Configuration > Interfaces

Clicking on the Back icon returns you to the Sensor Setup Users configuration screen. Clicking on the Back icon a second time will return you to the Blocking Blocking Properties configuration screen.

Forward

As you move through the various configuration and monitoring screens, IDM keeps track of the options that you have selected. Clicking on the Forward icon enables you to move forward through this list of your selections. The functionality provided by the Forward icon is the opposite of the functionality provided by the Back icon.

For instance, suppose that you view the following configuration screens for the sensor:

  • Blocking>Blocking Properties
  • Sensor Setup>Users
  • Interface Configuration>Interfaces

Clicking on the Back icon returns you to the Sensor Setup Users configuration screen. Clicking on the Forward icon returns you to the Interface Configuration>Interfaces configuration screen.

Refresh

Clicking on the Refresh icon causes the current screen to update based on the configuration information stored on the sensor. If you try to refresh without applying changes that you have made, you will be prompted to either save the changes or discard them.

Help

Clicking on the Help icon brings up context-sensitive help in a separate browser window. Suppose that you are configuring the blocking properties for the sensor (via Blocking Blocking Properties). Clicking on the Help icon brings up Help information on configuring the blocking properties (see Figure 3-5).

03fig05.jpg

Figure 3-5 IDM Help Screen

Configuring Communication Parameters Using IDM

To configure the sensor communication parameters on your sensor, perform the following steps:

  1. Click on the Configuration icon located on the top IDM menu bar.
  2. If the Sensor Setup category is not expanded, click on the plus sign to the left of Sensor Setup.
  3. Click on Sensor Setup>Network. This will display the sensor's current communication parameters (see Figure 3-6).
    03fig06.jpg

    Figure 3-6 Sensor Communication Parameters Screen

  4. Enter the host name to be used for the sensor in the Hostname field.
  5. Enter the IP address of the sensor in the IP Address field.
  6. Enter the network mask in the Network Mask field.
  7. Enter the default route that the sensor will use for command and control traffic by specifying the IP address of the default router in the Default Route field.
  8. To enable secure web access, click on the Enable TLS/SSL check box. You can also specify the port for secure web access by specifying a port number in the Web server port field (the default is 443).
  9. To enable Telnet access to the sensor, click on the Enable Telnet check box (the default is for Telnet access to be disabled because it is an insecure management protocol since it does not encrypt the traffic).
  10. Click on the Apply button to save the changes to the communication parameters.

InformIT Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from InformIT and its family of brands. I can unsubscribe at any time.

Overview


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information


To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.

Surveys

Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites, develop new products and services, conduct educational research and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.

Newsletters

If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@informit.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information


Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.

Security


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.

Children


This site is not directed to children under the age of 13.

Marketing


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information


If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.

Choice/Opt-out


Users can always make an informed choice as to whether they should proceed with certain services offered by InformIT. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.informit.com/u.aspx.

Sale of Personal Information


Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents


California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure


Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.

Links


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact


Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice


We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020