Appliance Guide. Version 1.0

Similar documents
Fidelis Network High Capacity Collector QUICK START GUIDE. Rev-I Collector Controller Appliances Based on HP DL360-G9 and DL380-G9 Platforms

Fidelis Enterprise Collector Cluster QUICK START GUIDE. Rev-I Collector Controller2 (HP DL360-G10) and Collector XA2 (HP DL360-G10) Platforms

QUICK START GUIDE. Fidelis Network K2 Appliances. Rev-I K2 (HP DL360-G10) Platforms.

Fidelis Network High Capacity Collector QUICK START GUIDE. Rev-H Collector Controller Appliances Based on HP DL360-G9 and DL380-G9 Platforms

Manager Appliance Quick Start Guide

QUICK START GUIDE. Fidelis Collector SA. Rev-I Collector SA (HP DL360-G10) Platforms.

DA-682A-DPP Series Quick Installation Guide

Fidelis Network Sensor Appliances QUICK START GUIDE

Fidelis Enterprise Collector Cluster QUICK START GUIDE. Rev-H Collector Controller2 (HP DL360-G9) and Collector XA2 (HP DL360-G9) Platforms

Deploy the ExtraHop Trace 6150 Appliance

Installation and Configuration Guide

Nexpose. Hardening Guide. Product version: 6.0

Quick Start Guide. State of the art hyper-optimized video management platform designed for ease, speed and efficiency.

Fidelis Network Sensor Appliances QUICK START GUIDE

WLM1200-RMTS User s Guide

Installation Procedure Red Hat 7 with Netscape 6

Installation and Configuration Guide

Password: admin DW-BJCUBE2T-LX DW-BJCUBE4T-LX DW-BJCUBE6T-LX DW-BJCUBE9T-LX DW-BJCUBE12T-LX DW-BJCUBE18T-LX

LAN Setup Reflection. Ask yourself some questions: o Does your VM have the correct IP? o Are you able to ping some locations, internal and external?

QUICK START GUIDE. STEP X - Name of Step DTX1000-T, DTX1000-R, DTX1002-T, DTX1002-R INVISAPC DTX1000/2

System Manager Unit (SMU) Hardware Reference

Deploy the ExtraHop Trace 6150 Appliance

Com.X5 Getting Started Guide

Comodo Dome Data Protection Software Version 3.8

Deploy the ExtraHop Discover Appliance 1100

HOW-TO-GUIDE: demonstrating Fabric Attach using OpenVSwitch

Getting Started Guide. Installation and Setup Instructions. For version Copyright 2009 Code 42 Software, Inc. All rights reserved

Com.X10 Quick Start Guide

Deploy a Customer Site

FileCruiser VM Quick Configuration Guide For Trial Version V1.0

ForeScout CounterACT. Single CounterACT Appliance. Quick Installation Guide. Version 8.0

State of the art hyper-optimized video management platform designed for ease, speed and efficiency. Blackjack BOLT-LX

CounterACT 7.0 Single CounterACT Appliance

LAN Setup Reflection

Sidewinder Control Center. Hardware Guide Models C1015, C2050, and C3000. Revision C

DA-820 Series Quick Installation Guide

Cisco TelePresence VCS CE1000 Appliance

Action Items SYSTEM REQUIREMENTS

16/24/48-Port 10/100/1000T + 2/4-Port 100/1000X SFP Managed Switch GS T2S/GS T2S/GS T4S. Quick Installation Guide

Deploy the ExtraHop Explore 5100 Appliance

AXIS Camera Station S20 Appliance Series AXIS Camera Station S2008 Appliance AXIS Camera Station S2016 Appliance AXIS Camera Station S2024 Appliance

Cisco MCS 7845-H1 Unified CallManager Appliance

16/24-Port 10/100/1000T 802.3at PoE + 2-Port 100/1000X SFP Managed Switch GS P2S GS P2S. Quick Installation Guide

Sidewinder. Hardware Guide Models S1104, S2008, S3008. Revision E

AlterPath KVM/net Quick Installation Guide

CopperCube. Setup Guide

IT341 Introduction to System Administration Project II Setting up our LAN

Quick Start Guide V NLX-miniUCS APPLIANCE Unified Communications Server

Cisco MCS 7835-H2 Unified Communications Manager Appliance

L2+ Managed PoE Switch GS-5220 PoE Series

Active Fabric Manager Installation Guide 1.5

SAP HANA Appliance Express5800 A2040e Initial Operation Verification Guide. 7 th of August, 2018 NEC SAP Competence Center

StampA5D3x/PortuxA5/PanelA5. Quickstart Guide

Deploying Cisco UCS Central

Contents. Table of Contents

HP Supporting the HP ProLiant Storage Server Product Family.

Dell IoT Gateway 5500 Edge MicroServer Setup Guide

version 5.4 Installation Guide

Deploy the ExtraHop Discover 3100, 6100, 8100, or 9100 Appliances

High Performance Computing

Installing Cisco StadiumVision Director Software from a DVD

Viola M2M Gateway Enterprise Edition

CA NetQoS Multi-Port Collector Setup Guide

The Balabit s Privileged Session Management 5 F5 Azure Reference Guide

LifeSize ClearSea Installation Guide August 2012

Dell Active Fabric Manager for Microsoft Cloud Platform System 2.2(0.0)

Installation Procedure Red Hat 7 with Netscape 6

Chapter 2: System and Network Architecture. Chapter 4: Configuration of the Server and Client Machines. Chapter 5: Starting a Functional Test

L2+ Managed Gigabit/10 Gigabit Ethernet Switch GS-5220 Series

User Manual: Getting Started

How to Install a DHCP Server in Ubuntu and Debian

Different ways to use Kon-Boot

SPECIFICATION FOR NETWORK ATTACHED STORAGE (NAS) TO BE FILLED BY BIDDER. NAS Controller Should be rack mounted with a form factor of not more than 2U

Installation Procedure Windows 2000 with Internet Explorer 5.x & 6.0

AirCruiser G Wireless Router GN-BR01G

Installing and Configuring VMware Identity Manager Connector (Windows) OCT 2018 VMware Identity Manager VMware Identity Manager 3.

NetQoS Multi-Port Collector Setup Guide

L2/L4 Managed Gigabit Ethernet Switch GS-4210 Ultra PoE Series

User guide. ApplianX DPNSS-to-Q.SIG Gateway

BRIVO ONSITE QUICK START GUIDE 09/14/17

XLink Kai Raspberry Pi Beginners Tutorial

Cisco NAC Appliance Hardware Platforms

Online Help StruxureWare Data Center Expert

Online Help StruxureWare Central

UTM Content Security Gateway CS-2001

Wowza Media Server Pro for Riverbed Steelhead. Installation Guide

Integrated Ultra320 Smart Array 6i Redundant Array of Independent Disks (RAID) Controller with 64-MB read cache plus 128-MB batterybacked

Installation Procedure Windows NT with Netscape 4.x

Operation Manual for OutboxSMS-Lite

Cisco VDS Service Broker Software Installation Guide for UCS Platforms

L2+ 24-Port Gigabit Managed Switch with. Hardware Layer3 IPv4/IPv6 Static Routing GS S8C GS S8CR. Quick Installation Guide

Forescout. Quick Installation Guide. Single Appliance. Version 8.1

Azure Marketplace Getting Started Tutorial. Community Edition

IPS265T / IPS275T. TimeIPS Server. Installation Guide

L2+ Managed LCD Switch GS T2XV(R) / GS T4XV(R) Quick Installation Guide

NET INTEGRATION TECHNOLOGIES INC. NET INTEGRATOR MICRO. Quick Start Guide

Introducing the Cisco 1121 Secure Access Control System Hardware

For details on using the LX, access online help from the application, or download help in PDF format from the Support page on Raritan's website.

Hawk Server for Linux. Installation Guide. Beta Version MHInvent Limited. All rights reserved.

TimeIPS Server. IPS256T Virtual Machine. Installation Guide

Transcription:

Appliance Guide Version 1.0

Contents Contents 1 Revision history 2 Getting Started 3 Getting to Know the R7-3000/5000/5000x 5 Getting to Know the R7-1000 6 Setting Up the Appliance 7 Logging in to the Appliance 8 Configuring Network Settings 9 Identifying the Nexpose Appliance Type 11 Adding a Scan Engine (NSE Only) 12 Logging in to the Web Interface (NSC Only) 15 Identifying the operating system 16 Identifying the appliance model and serial number 17 Common Operations and Maintenance Tasks 18 Appliance Models 21 Contents 1

Revision history Date August 25, 2016 First version of guide published. Revision Revision history 2

Getting Started The Nexpose Appliance is a preconfigured server that enables you to assess vulnerabilities in your internal network devices and websites, manage vulnerability data, and mitigate threat exposures. You can deploy as many appliances as you need to build a scalable and robust vulnerability management solution on site. Read on to learn how to set up the R7-1000/3000/5000/5000x. Before you begin Before you can set up the appliance, you'll need to have the following items available: Rack cabinet enclosure (if you plan to rack mount the appliance) Phillips screwdriver (if you plan to rack mount the appliance) RJ-45 Ethernet cable Monitor Keyboard Mouse When you are ready to set up the appliance, you'll need to: Verify that the box contains the appliance and power cords. If any items are missing or damaged, please contact our support team. Remove the appliance and power cords from the box. Install the Nexpose Appliance into a server rack. Use the following guides to show you how to install the server into a rack: R7-3000/R7-5000(x) - DL380 Gen9 Server User Guide R7-1000 - DL120 Gen9 Server User Guide Make sure that the Nexpose Security Console is online and its Web interface is accessible if you are setting up a Nexpose Scan Engine. Set up overview The general set up instructions for the Nexpose Security Console and the Nexpose Scan Engine are very similar. However, if you have purchased a Scan Engine, there are additional steps that you will need to Getting Started 3

perform to connect it to the Nexpose Security Console. Generally, the set up steps for the Nexpose Security Console and Nexpose Scan Engine appliances include: 1. Installing the appliance into a server rack. 2. Connecting the peripherals to the appliance. 3. Connecting the appliance to the network. 4. Powering on the appliance. 5. Logging into the appliance. 6. Configuring the network settings for the appliance. If you have purchased a Nexpose Scan Engine, you'll also need to: 1. Verify that the Nexpose Security Console is online and its web interface is accessible. 2. Add the Nexpose Scan Engine through the Security Console web interface. 3. Pair the Security Console with the Scan Engine. 4. Verify that the Scan Engine has successfully paired with the Security Console. Getting Started 4

Getting to Know the R7-3000/5000/5000x Now that you've unpacked everything, you're ready to set up the appliance. If you are setting up the R7-3000/5000/5000x, you'll need to be able to identify the RJ-45 port, power supply, VGA port, and USB ports to set up the appliance. Let's take a look at the rear view: Item Name 1 PCI Express slots 1 (top), 2 (center), and 3 (bottom) 2 Extra PCI Express slots 4 (top), 5 (center), and 6 (bottom); requires second riser card and second processor 3 Serial port 4 Power supply 1 5 Power supply 2 6 VGA connector 7 1GbE RJ-45 port 4 8 1GbE RJ-45 port 3 9 1GbE RJ-45 port 2 10 1GbE RJ-45 port 1 11 ilo connector 12 USB 3.0 connector 1 13 USB 3.0 connector 2 14 FlexibleLOM ports Getting to Know the R7-3000/5000/5000x 5

Getting to Know the R7-1000 If you are setting up the R7-1000, you'll need to be able to identify the power supply, RJ-45 ports, VGA port, and USB ports to set up the appliance. Let's take a look at the rear view: Item Name 1 PCI Express slot 3 2 PCI Express slot 2 3 PCI Express slot 1 4 Non-hot-plug power supply 5 Power supply power connection 6 1GbE RJ-45 port 1 and 2 7 VGA connector 8 USB 3.0 connectors Getting to Know the R7-1000 6

Setting Up the Appliance You're now ready to set up the appliance. Step 1: Connect the appliance to the network The Nexpose Appliance connects like any other computer to a switch on your network. To set up the network connection, connect one end of an Ethernet cable to the Ethernet LAN port labeled ETH0 or 1 on the appliance. Connect the other end of the Ethernet cable to a network jack. Step 2: Connect the appliance to peripherals The next thing you need to do is connect the appliance to a monitor, keyboard, and mouse. To attach the peripherals, connect the monitor to the VGA port and connect the keyboard and mouse to the USB ports on the back of the appliance. Step 3: Connect the appliance to a power supply The appliance is now ready to be powered on. Plug one end of the power cord into a power strip and the other end into the AC power plug on the appliance. Press the Power button located on the front of the appliance to turn it on and start the boot up process. The first time you boot-up the appliance, it attempts to use DHCP to configure network settings for NIC 1 (ETH0). The process may take up to five minutes. If DHCP IPs are not available, you will need to configure a static IP. After the boot-up process completes, you can log into the system to configure your network settings. Setting Up the Appliance 7

Logging in to the Appliance When your appliance boots up, it will present you with a login prompt. To log in to the appliance, you will need to provide the default credentials: Username: administrator Password: rapid7 You will be prompted to re-enter the password and enter a new password to continue.! A dictionary word cannot be used for your new OS or SSH password. After logging in, you will be able configure your network settings. If you need static IP addressing, please read the next section. If your environment requires DHCP, you are can skip to section on identifying the Nexpose Appliance type. Logging in to the Appliance 8

Configuring Network Settings The first time you switch on the appliance, Nexpose attempts to use DHCP to configure network settings for NIC 1 (ETH0). If Nexpose is unable to configure the appliance settings, you'll need to manually configure the network settings. Setting up a static IP for the appliance To add a static IP address for your appliance, you will need to edit the /etc/network/interfaces file. In a terminal, type the following: $ nano /etc/network/interfaces Edit the following values: auto eth0 iface eth0 inet static address 192.168.0.2 netmask 255.255.255.0 network 192.168.0.0 (Optional) broadcast 192.168.0.127 gateway 192.168.0.1 To save the file, use the key combination of Ctrl+N and follow the prompts. When you are done, you will need to run the following command to restart the networking service: $ ifdown eth0 && ifup eth0 To verify changes to the configuration, run the following command: $ ifconfig eth0 Adding DNS server information After you've configured the static IP address for the appliance, you'll need to update the DNS information in the resolv.conf file. Configuring Network Settings 9

Run the following to edit the file: $ nano /etc/resolv.conf The entries should be similar to the example below: nameserver <PRIMARY DNS IP ADDRESS (can be multiple *add more lines)> search <LOCAL DNS SEARCH PATHS (can be multiple * separated by spaces)> When you are done, you will need to run the following command to restart the networking service: $ ifdown eth0 && ifup eth0 To verify changes to the configuration, run the following command: $ ifconfig eth0 Configuring Network Settings 10

Identifying the Nexpose Appliance Type As previously mentioned, the Nexpose Appliance is a scalable solution, which means that you can deploy multiple instances of it. Each appliance can either act as a Nexpose Scan Engine (NSE) or Nexpose Security Console (NSC). The Nexpose Scan Engine discovers assets during scans and checks them for vulnerabilities or policy compliance. The Nexpose Security Console is an engine that has a web interface and reporting capabilities. You can think of the Security Console as an engine that controls multiple engines and integrates their data into the database for display and reporting. Identifying the appliance type To determine whether your appliance is a Nexpose Security Console or a Nexpose Scan Engine, you'll need to check for the nsc folder in opt/rapid7/nexpose. If it exists, the appliance is a Security Console. If it does not have an nsc folder, it is a Scan Engine. To see if the opt/rapid7/nexpose/nsc path exists, run the following command: $ ls -al /opt/rapid7/nexpose/nsc If the contents of the nsc folder are listed, the appliance is a Security Console; otherwise, it is a Scan Engine. Identifying the Nexpose Appliance Type 11

Adding a Scan Engine (NSE Only) If you are setting up a Nexpose Scan Engine, the last thing you need to do is add it to the Security Console and pair them together. If you are setting up a Nexpose Security Console, you can skip to the next section on logging into the Web interface. Adding a Scan Engine to the Security Console 1. Start a Web browser and log in to the Security Console Web interface. 2. Go to the Administration page. 3. Find the "Scan Options" section and select the Create option for Engines. Adding a Scan Engine (NSE Only) 12

4. Enter the address and port number the Scan Engine will use to listen for communication from the Security Console. 5. Save the new Scan Engine. After you add the engine, the Security Console creates the consoles.xml file. You will need to edit this file in the pairing process. Pairing the Scan Engine with the Security Console 1. Open the consoles.xml file using a text editing program, like nano. Consoles.xml is located in the [installation_directory]/nse/conf directory on the Scan Engine. 2. Locate the line for the console that you want to pair with the engine. The console will be marked by a unique identification number and an IP address. 3. Change the value for the Enabled attribute from 0 to 1. Adding a Scan Engine (NSE Only) 13

4. Save and close the file. 5. Restart the Scan Engine, so that the configuration change can take effect. After you add and pair your Scan Engine, it is ready to be used. Adding a Scan Engine (NSE Only) 14

Logging in to the Web Interface (NSC Only) The Nexpose Security Console comes with a Web interface that you can use to manage your vulnerability scans, scan results, and other scan engines. You perform all tasks with Nexpose through the Security Console Web interface. To access the Security Console, start a Web browser and navigate to the IP address of the appliance and specify the port. The default port number is 3780. You'll need to make sure you specify HTTPS when you are entering the URL. An example of an address for the Security console would be https://192.168.1.1:3780. When the browser displays the login page for the Nexpose Security Console, you'll need to enter your credentials. The first time you are log in to the Security Console, you'll need to use the default credentials: Username: nxadmin Password: nxpassword After you log in successfully, you will be ready to start using Nexpose. Can't access the Web interface? Make sure to specify an HTTPS connection and the correct port number when entering the IP address of your Appliance. If you have properly entered the address and still cannot connect, it s possible that a firewall may be blocking you from reaching Nexpose. Check your firewall settings. Logging in to the Web Interface (NSC Only) 15

Identifying the operating system To identify the operating system running on the appliance, you can run the following command: $ lsb_release -a The results display the operating system No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 14.04.3 LTS Release: 14.04 Codename: trusty Identifying the operating system 16

Identifying the appliance model and serial number To identify the appliance model and serial number, you can run the following command: $ cat /etc/r7appliance/info Running the command returns the following information: MODEL=R7-1000 CHASSIS_SN=2M25240848 IMAGE_SN=7a37dfa299d043bdf419580d05496a23 IMAGE_REVISION=r06 ORIGINAL_KERNEL=3.13.0-74-generic INSTALLATION_TIMESTAMP='Thu Feb 4 22:51:30 UTC 2016' The model number in this example is 'R7-1000' and the chassis serial number is '2M25240848 '. Identifying the appliance model and serial number 17

Common Operations and Maintenance Tasks The following sections provide you with information on how to perform some common operations and maintenance tasks, such as configuring the NTP service, backing up your data, and recovering a forgotten password. Configuring the NTP service You can use the Network Time Protocol (NTP) to synchronize time between computer systems over the network. Type the following to configure the appliance to use your time server: $ sudo nano /etc/openntpd/ntpd.conf Running the command returns the following information: servers 0.debian.pool.ntp.org servers 1.debian.pool.ntp.org servers 2.debian.pool.ntp.org servers 3.debian.pool.ntp.org Add your server's fully qualified domain name to the end of the file and save it. After configuration file is updated, run the following command to restart the NTP services: $ sudo service openntpd restart To verify that NTP service is synchronizing to the remote NTP servers, run the following command: $ sudo openntpd -d An example of output demonstrating successful synchronization is shown below: ntp_adjtime returns frequency of 0.000000ppm ntp engine ready reply from 216.75.56.132: offset -0.004655 delay 0.009308, next query 9s reply from 192.155.81.203: offset -0.008303 delay 0.010795, next query 5s reply from 204.2.134.162: offset 0.003466 delay 0.010629, next query 8s reply from 45.79.78.173: offset -0.002455 delay 0.010835, next query 7s reply from 107.170.242.27: offset -0.000492 delay 0.014363, next query 8s Common Operations and Maintenance Tasks 18

Configuring rsyslog for remote syslog management Rsyslog provides support for message logging and forwarding log messages remotely. Support of both internet and unix domain sockets enables this utility to support both local and remote logging. The rsyslog daemon is responsible for listening to log messages from different parts of a Linux system and routing the messages to the appropriate log file in the /var/log directory. It can also forward log messages to another Linux server. Basically, the rsyslog.conf file tells the rsyslog daemon where to save its log messages. This instruction comes from a series of two-part lines within the file. This file can be found at /etc/rsyslog.d/50-default.conf in your appliance. You will need a copy of rsyslog running on a remote machine which will be receiving the logs from your existing server. This setup allows retrieval of your logs in cases where your appliance crashes or is otherwise inaccessible. You can find more information on configuring rsyslog on your server at http://manpages.ubuntu.com/manpages/trusty/man5/syslog.conf.5.html. Updating the operating system You can periodically update the system by running the following commands: $ sudo apt-get update $ sudo apt-get upgrade You can also enable automatic security updates by opening the /etc/apt/apt.conf.d/30r7applaptupdate file and changing APT::Periodic::Enable to 1. Backing up your data Running regularly scheduled backup and restore routines ensures full recovery of the Security Console in the event of hardware failure. It is also best practice for archiving all scan data and configurations at any point in time. For details on the backup process refer to the Nexpose Administrator's Guide under the Performing a Backup section. Common Operations and Maintenance Tasks 19

Reset the root password If you have lost or forgotten the password for your appliance, you will need to boot the appliance into single user mode to reset it. To learn how to boot the appliance into this mode, please read http://askubuntu.com/questions/24006/how-do-i-reset-a-lost-administrative-password. Common Operations and Maintenance Tasks 20

Appliance Models R7-5000X series appliance specs Operating System: Ubuntu 14.04 LTS Memory: 256GB CPU: (2) Intel Xeon E5-2609 v3 @ 1.9 GHz Storage: 8 TB on a RAID 10 Array with 16 drives R7-5000 series appliance specs Operating System: Ubuntu 14.04 LTS Memory: 128GB CPU: (2) Intel Xeon E5-2609 v3 @ 1.9 GHz Storage: 4 TB on a RAID 10 Array with 16 drives R7-3000 series appliance specs Operating System: Ubuntu 14.04 LTS Memory: 64 GB CPU: (2) Intel Xeon E5-2609 v3 @ 1.9 GHz Storage: 2 TB on a RAID 10 Array with 8 drives R7-1000 series appliance specs Operating System: Ubuntu 14.04 LTS Memory: 16 GB CPU: (2) Intel Xeon E5-2603 v3 @ 1.6 GHz Storage: 1TB on a RAID 1 Array on 2 drives Appliance Models 21

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback