Fidelis Network High Capacity Collector QUICK START GUIDE. Rev-I Collector Controller Appliances Based on HP DL360-G9 and DL380-G9 Platforms

Similar documents
Fidelis Network High Capacity Collector QUICK START GUIDE. Rev-H Collector Controller Appliances Based on HP DL360-G9 and DL380-G9 Platforms

Fidelis Enterprise Collector Cluster QUICK START GUIDE. Rev-I Collector Controller2 (HP DL360-G10) and Collector XA2 (HP DL360-G10) Platforms

QUICK START GUIDE. Fidelis Collector SA. Rev-I Collector SA (HP DL360-G10) Platforms.

QUICK START GUIDE. Fidelis Network K2 Appliances. Rev-I K2 (HP DL360-G10) Platforms.

Fidelis Enterprise Collector Cluster QUICK START GUIDE. Rev-H Collector Controller2 (HP DL360-G9) and Collector XA2 (HP DL360-G9) Platforms

Fidelis Network Sensor Appliances QUICK START GUIDE

Fidelis Network Sensor Appliances QUICK START GUIDE

Dell FluidFS Version 6.0 FS8600 Appliance Deployment Guide

Appliance Guide. Version 1.0

Deploy the ExtraHop Discover 3000, 6000, or 8000 Appliances

The list below shows items not included with a SmartVDI-110 Server. Monitors Ethernet cables (copper) Fiber optic cables Keyboard and mouse

XenData SXL- 4200N Archive System: Getting Started & Library Operation Basics. Document last updated: November 30, 2017.

Cascade Sensor Installation Guide. Version 8.2 March 2009

Deploy the ExtraHop Discover 3100, 6100, 8100, or 9100 Appliances

Juniper Secure Analytics Quick Start Guide

Installation of Cisco Business Edition 6000H/M

Avid ISIS 1000 Quick Start

Installing Cisco StadiumVision Director Software from a DVD

Manager Appliance Quick Start Guide

<Insert Picture Here> Exadata Hardware Configurations and Environmental Information

Installation and Configuration Guide

Cisco TelePresence VCS CE1000 Appliance

Citrix CloudBridge CB User Manual

[ Quick Start Guide ]

Deploy the ExtraHop Discover EDA 6100, EDA 8100, or EDA 9100 Appliances

Express Setup. System Requirements. Express Setup CHAPTER

Plexxi Control Installation, Upgrade and Administration Guide Release 3.2.0

Elastix Appliance Assembly Process Guide ELX PaloSanto Solutions

Deploy the ExtraHop Discover Appliance 1100

Installation and Configuration Guide

VelaSync HIGH-SPEED TIME SERVER. Quick Reference Guide

Dell EMC XC Xpress Hyper-Converged Appliance Deployment Guide for AHV

Deploying the Cisco Tetration Analytics Virtual

Configure the Cisco DNA Center Appliance

Clustered Data ONTAP 8.2

24-Port 10/100/1000Mbps with. 4 Shared SFP Managed Gigabit Switch

Configure the Cisco DNA Center Appliance

Clustered Data ONTAP 8.2

Cisco UCS S3260 System Storage Management

Active Fabric Manager Installation Guide 1.5

Equalizer Quick Start Guide

Overview of Cisco 5520 Wireless Controller

QUICK START GUIDE Cisco NAC Appliance Hardware Installation, Release 4.1

PRISMA VelaSync HIGH-SPEED TIME SERVER. Getting Started Guide

24-Port Gigabit with 4 Optional 10G Slots. Layer 3 Managed Stackable Switch XGS / XGS Quick Installation Guide

Barracuda NG Firewall F400 Revision B

Cascade Express Installation Guide. Version 8.2 March 2009

24-Port Gigabit + 4-Port 10G SFP+ Slot. Layer 3 Stackable Managed Switch XGS Quick Installation Guide

Dell R740 Backup Solution Deployment Guide

Installing VMware vsphere 5.1 Components

Cisco UCS S3260 System Storage Management

Product Version 1.1 Document Version 1.0-A

HyTrust CloudControl Installation Guide

Release Notes for Cisco Application Policy Infrastructure Controller Enterprise Module, Release x

NetQoS Multi-Port Collector Setup Guide

GigaStor Upgradeable 2U. User Guide

Installation. Power on and initial setup. Before You Begin. Procedure

MT LoadMaster - Dell R-Series. Multi-Tenant LoadMaster for the Dell R-Series. Installation Guide

Deploy the ExtraHop Explore 5100 Appliance

NetApp HCI. Deployment Guide. Version July _A0

CA NetQoS Multi-Port Collector Setup Guide

Deploy the ExtraHop Trace 6150 Appliance

Analyzer Quick Start Guide

L2+ Managed LCD Switch GS T2XV(R) / GS T4XV(R) Quick Installation Guide

N-Dimension n-platform 340S Unified Threat Management System

Deploy a Customer Site

ForeScout CounterACT. Single CounterACT Appliance. Quick Installation Guide. Version 8.0

Plexxi HCN Control Software Installation, Upgrade and Administration Guide Release through 3.3.0

16/24/48-Port 10/100/1000T + 2/4-Port 100/1000X SFP Managed Switch GS T2S/GS T2S/GS T4S. Quick Installation Guide

Pegasus V3 Servers. Ernitec Smart Recovery Version Two. Version 3 Performance Increase. Optimized For Surveillance. Hardware Monitoring Remote Access

CommandCenter Secure Gateway

[ Quick Start Guide ]

Deploy the ExtraHop Discover 3100, 6100, 8100, or 9100 Appliances

Deployment of a new M-Lab site

Cisco UCS C-Series. Installation Guide

16/24-Port 10/100/1000T 802.3at PoE + 2-Port 100/1000X SFP Managed Switch GS P2S GS P2S. Quick Installation Guide

Management Security Switch SGSD-1022 / SGSD-1022P SGSW-2840 / SGSW-2840P. Quick Installation Guide

QUICK START GUIDE 7000 SERIES DEVICES

Pegasus V3 Servers. Core Cost Saving Concept. Version 3 Performance Increase. Optimized For Surveillance. Hardware Monitoring Remote Access

28-Port 10/100/1000Mbps with. 4 Shared SFP Managed Gigabit Switch WGSW / WGSW-28040P. Quick Installation Guide

HyTrust Appliance Installation Guide

Deploy the ExtraHop Trace 6150 Appliance

High Performance Computing

Cisco MCS 7845-H1 Unified CallManager Appliance

Cisco MCS 7825-I1 Unified CallManager Appliance

ISO Installation Guide. Version 1.2 December 2015

Proposal Invited for Implementing Network Architecture Design at QCI

Stealthwatch System Hardware Installation Guide. (for Stealthwatch System v6.9.1)

Dell Active Fabric Manager for Microsoft Cloud Platform System 2.2(0.0)

L2+ Managed PoE Switch GS-5220 PoE Series

Cisco VDS Service Broker Software Installation Guide for UCS Platforms

Pegasus 5 Series. Ernitec Smart Backup. Massive Power. Optimized for Surveillance. Battery Backed 12Gbps Raid Controller.

Cisco NAC Appliance Hardware Platforms

NetApp HCI. Deployment Guide. Version 1.2. April _B0

Cisco UCS S3260 System Storage Management

Dell Storage Manager 2016 R3 Installation Guide

G3-GSP-2P100-8TSSD Hardware Installation

McAfee Network Security Platform

CounterACT 7.0 Single CounterACT Appliance

Installing Cisco MSE in a VMware Virtual Machine

Transcription:

Fidelis Network High Capacity Collector Rev-I Collector Controller Appliances Based on HP DL360-G9 and DL380-G9 Platforms

1. System Overview The Fidelis Collector is the security analytics database for Fidelis Network. The Fidelis Collector receives network metadata from Fidelis Network sensors (e.g., Direct, Internal, Mail and Web Sensors) and stores it for ongoing analysis. A Fidelis Collector cluster of appliances consist of one or two Collector Controller(s) and typically three or more Collector XA database nodes. Figure 1: Fidelis Network Collector Controller 10G (Rev-I) Figure 2: Fidelis Network Collector XA4 Appliance (Rev-I) 2. Documentation & References Fidelis Network product documentation, appliance specifications, and instructions can be found at http://fidelisssecurity.com/customer-support/login or through the icon in the K2 GUI. Appliance Default Passwords System Account Default Password SSH / Appliance Console fidelis fidelispass K2 GUI admin system ILO administrator (printed on label, top of server) Technical Support For all technical support related to this product, check with your site administrator to determine support contract details. For support of your product, contact your reseller. If you have a direct support contract with Fidelis Cybersecurity, contact the Fidelis Cybersecurity support team at: Phone: +1 301.652.7190 Toll-free in the US: 1.800.652.4020 Use the customer support option. Email: support@fidelissecurity.com Web: http:///customer-support/login Fidelis Cybersecurity 2

Collector Setup Checklist Check Fidelis Network Sensor Appliance Requirements Appropriate rack space, power, and cooling (Appendix B) Rack tools, rails, and connectors Keyboard and video monitor / KVM switch for temporary appliance setup Power cables two per appliance, appropriate for power source and region Ethernet cables (cat5 and optical) for Admin, DB, SYNC and ilo ports (Section 3) Network switches with enough physical ports (Section 4) Optical transceivers for switches Logical network information: IP addresses, hostnames (Section 5, Appendix A) For Fidelis Network Software version 9.0.5 and later, the appliance system type (Appendix D) 3. Collector: Network Port and Cabling Requirements Each appliance must be connected to the various networks with appropriate cables and in some cases, transceivers. The tables below describe the physical connection and cable type associated with each port on the appliance. Collector Controller 10G Appliance Port Label Physical Connection Type (default) Cable Type Admin 10GbE LC connector Fiber SR Patch Cable, Multimode 850nM DB Net 10GbE LC connector Fiber SR Patch Cable, Multimode 850nM ILO GbE RJ45 (copper) Cat 5/5e/6 patch cable Figure 3: Network Port Assignments Collector Controller 10G (Rev-I) Fidelis Cybersecurity 3

Collector XA4 Database Node Port Label Physical Connection Type (default) Cable Type Admin GbE RJ45 (copper) Cat 5 patch cable DB Net 10GbE SFP+ w/ LC Connector Fiber SR Patch Cable, Multimode 850nM SYNC net 10GbE SFP+ w/ LC Connector Fiber SR Patch Cable, Multimode 850nM ILO GbE RJ45 (copper) Cat 5 patch cable Figure 4: Network Port Assignments Collector XA4 (Rev-I) 4. Collector Networking Environment The Collector appliances use multiple networks for service and inter-node communication. Networks may be deployed as three independent physical switches or multiple independent VLANs on the same switch fabric. The ADMIN, DB, and SYNC switches or VLANs must be different broadcast domains. (ilo and ADMIN networks may intersect) Use the tables below to identify the count and type of switch ports necessary to support the number of appliances for your deployment. Admin Network The Admin Network connects the Collector Controller to the Fidelis Network sensors and K2 systems. Also connects the Collector XA nodes to the K2. Appliance Switch Port Type Qty. Collector Controller 10G 10GbE Fiber SR, LC connector (may require SFP+ transceiver) 1 Collector XA4 GbE - Copper Cat5 RJ45 port 1 Fidelis Cybersecurity 4

DB Network The DB Network allows communication between Collector Controller and Controller XA nodes. This network must be independent from other networks. IPv4 addressing only. Appliance Switch Port Type Qty. Collector Controller 10G 10GbE Fiber SR, LC connector (may require SFP+ transceiver) 1 Collector XA4 10GbE Fiber SR, LC connector (may require SFP+ transceiver) 1 SYNC Network The SYNC Network provides transport for database node synchronization. This network must be independent from other networks. Only IPv4 addresses are supported. Appliance Switch Port Type Qty. Collector Controller 10G n/a Collector XA4 10GbE Fiber SR, LC connector (may require SFP+ transceiver) 1 ILO / IPMI Network Optional network for remote/out-of-band server administration. Appliance Switch Port Type Qty. Collector Controller 10G GbE - Copper Cat5 RJ45 port 1 Collector XA4 GbE - Copper Cat5 RJ45 port 1 5. Appliance Logical Network Configuration Each physical connection must be assigned logical network information. Build a table of the logical information for each appliance (sample below) that you can reference during configuration. You will refer to this table multiple times during setup. Appendix A has a worksheet you may use. Fidelis Cybersecurity 5

Sample Network Configuration Table Network Setting Assignments Interface Admin/eth0 DB/eth1 SYNC/eth2 ilo/imm Hostname (FQDN) collector-xa1.organization.net. Static IP Address 10.1.2.3 192.168.1.3 172.16.1.3 10.2.3.4 Subnet Mask 255.255.252.0 255.255.255.0 255.255.255.0 255.255.252.0 Gateway 10.1.2.1 Proxy Server 10.5.6.7 DNS Servers 8.8.4.4, 8.8.8.8 NTP Servers pool.ntp.org. Time Zone UTC (+0) 6. Appliance Installation Rack Installation Install each appliance in an enclosure/location that has necessary power and cooling. Power Connect power cables to the power supplies in the back of the appliance. Network Cabling Using the connectors and cables described in sections 4 and 5, begin to connect the appliances to the networks. Refer to the Collector network diagram for this section. Cable the Collector Controller 10G appliance(s) to the switches: 1. Connect Admin (eth0) port to the ADMIN switch port 2. Connect DB (eth1) port to the DB switch port 3. Connect the ilo port to the ADMIN (or ILO) switch port (optional) 4. Repeat for each Collector Controller. Cable the Collector XA4 Node appliances to the switches: 1. Connect Admin (eth0) port to the ADMIN switch port. 2. Connect DB (eth1) port to the DB switch port. 3. Connect SYNC (eth2) port to the SYNC switch port. 4. Connect the ilo port to the ADMIN (or ILO) switch port. (optional) 5. Repeat for each Collector XA. Fidelis Cybersecurity 6

Figure 5: Collector Network Diagram 7. Appliance Network Configuration 1. Power on the Appliance(s). 2. Connect to the component CLI using one of the following methods: - Via KVM Console: Connect a keyboard and monitor to the appliance. For Fidelis Network appliances version 9.0.5 or later, the screen on the right is displayed: 3. If you see the screen above, perform the following steps to apply the software. Otherwise skip to step 4. a. With [Perform Initial Install or Factory Reset] selected, press Enter. Fidelis Cybersecurity 7

b. Use the Up and Down arrow keys to select the system type Collector Controller (or Collector XA for cluster), and press Enter. If you need help determining the system type, see Appendix C. The system displays a screen with the message Congratulations, your CentOS installation is complete. c. Click Reboot. 4. Login in to the appliance using console or SSH - Via SSH: Directly attach an Ethernet cable from a client system such as a laptop to the Admin/eth0 port on the appliance. The default IP address is 192.168.42.11/24. Assign a static IP from the same subnet to the network interface on the client system and connect to the appliance using SSH. 5. Use these credentials at the login prompt: - user: fidelis - default password: fidelispass 6. From the command line, run: sudo /FSS/bin/setup You will be prompted for the SU (fidelis) password 7. Within Setup, select Network Settings. 8. Configure the network parameters for the system and each active network interface. a. Use the Network Configuration table you prepared earlier. b. When complete, return to the top menu. 9. When complete, select [OK] to leave Setup. 10. From command line, reboot the system: sudo /fss/bin/shutdown.pl --user admin --reboot Repeat steps for all appliances being added to the Collector cluster. 11. Use the PING command to verify connectivity between the XAs on their SYNC/eth2 interfaces. 8. Cluster Setup On the Final Collector XA4 Appliance If you have not completed setup for the XA4 appliances in section 7 above, or you are adding an XA4 appliance to the Collector, follow these steps: 1. Login via SSH or KVM console. 2. From the command line, run: su - root -c /FSS/bin/setup 3. Navigate to Collector Settings. 4. At the XA4 count, enter the number of XA4 appliances, and select Ok. Fidelis Cybersecurity 8

5. Review the list of IP addresses. Select Confirm if these are correct, or select Edit to correct them. 9. Fidelis Network Integration Register Collector Controller 10G with K2 1. Log into the K2 GUI from a web browser. 2. Add the Collector to the K2 at the System>Components page. Click Add Component. 3. Select Collector from the drop down menu. Complete the form: - name this is a user-friendly name for the Collector, not the FQDN of the Controller. - IP address of the ADMIN interface of the primary Collector Controller 10G appliance - (optional) description e.g. location, business unit, etc. - Click Save. 4. Register the Collector to K2. Click Register and accept the End User License Agreement (EULA). K2 will then communicate with the Collector at the specified IP address. Register Collector Controller 10Gs with the Fidelis Sensors 1. Log into the K2 GUI from a web browser. 2. Select the appropriate Direct, Internal, Mail or Web sensor and click Config. 3. Click the Advanced page for the sensor and select a Collector at the drop down box. 4. Repeat for each sensor. Fidelis Cybersecurity 9

Appendix A: Network Configuration Worksheet Collector Controller 10G (Primary) Network Setting Assignments Interface Admin/eth0 DB/eth1 ilo/imm Hostname (FQDN) Static IP Address Subnet Mask Gateway Proxy Server DNS Servers NTP Servers Time Zone Collector Controller 10G (Failover) Network Setting Assignments Interface Admin/eth0 DB/eth1 ilo/imm Hostname (FQDN) Static IP Address Subnet Mask Gateway Proxy Server DNS Servers NTP Servers Time Zone Fidelis Cybersecurity 10

Collector XA4 (A) Network Setting Assignments Interface Admin/eth0 DB/eth1 SYNC/eth2 ilo/imm Hostname (FQDN) Static IP Address Subnet Mask Gateway Proxy Server DNS Servers NTP Servers Time Zone Collector XA4 (B) Network Setting Assignments Interface Admin/eth0 DB/eth1 SYNC/eth2 ilo/imm Hostname (FQDN) Static IP Address Subnet Mask Gateway Proxy Server DNS Servers NTP Servers Time Zone Fidelis Cybersecurity 11

Collector XA4 (C) Network Setting Assignments Interface Admin/eth0 DB/eth1 SYNC/eth2 ilo/imm Hostname (FQDN) Static IP Address Subnet Mask Gateway Proxy Server DNS Servers NTP Servers Time Zone Appendix B: System Specifications Collector Controller 10G Collector XA4 Form Factor CPU Memory Storage Capacity & Configuration Network Adapters 1U rack-mount chassis SFF Dual Intel Xeon Gold 6148 20-core 2.4 Ghz 128 GB ECC DDR4 2666Mhz 480 GB 2x SSD, RAID-1 (240GB) 4x 1GbE 2x 10GbE optical 2U rack-mount chassis SFF Dual Intel Xeon Gold 6136 12-core 3.0 Ghz 192 GB ECC DDR4 2666Mhz 480 GB 2x SSD, RAID-1(240GB) ------------------------ 26.4 TB 22x HDD, RAID-10 (13.2TB) 4x 1GbE 2x 10GbE optical Out of Band Management Integrated Lights Out Management (ILO) Integrated Lights Out Management (ILO) Dimensions H: 4.29 cm (1.69 in) W: 43.46 cm (17.11 in) D: 70.7 cm (27.83 in) H: 8.73 cm (3.44 in) W: 44.54 cm (17.54 in) D: 67.94 cm (26.75 in) Weight (appx.) 16.27 kg (35.86 lb) 24.5 kg (54 lb) Power Supply Operating Temperature Dual hot-swap 800W High Efficiency AC power supplies 10 to 35 C (50 to 95 F) at sea level Dual hot-swap 800W High Efficiency AC power supplies 10 to 35 C (50 to 95 F) at sea level Fidelis Cybersecurity 12

Appendix C: System Types For Fidelis Network Software version 9.0.5 and later, the table below shows the software to apply based on the appliance SKU. You can find the SKU in the following locations: (Note that the SKU starts with FSS.) Appliance lid UID decal (see sample on right) Shipping carton UID decal (see sample on right) Packing list Purchase Order Appliance SKU with: System Type FSS-CXA4-I FSS-CC10G-I Collector XA Collector Controller QSC_Fidelis_CHC_20180324 Fidelis Cybersecurity 13

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback