Logging Container. VNS3 Plugins Guide 2018

Similar documents
VNS3 Plugin Guide. VSN3:turret NIDS Container

DataDog Container. VNS3 Plugins Guide 2018

Overlay Engine. VNS3 Plugins Guide 2018

VNS3 Plugins. VSN3:turret WAF Container Guide

VNS3:turret WAF Guide Sept 2015

Container System Overview

VNS3 3.5 Container System Add-Ons

VNS3 Configuration. IaaS Private Cloud Deployments

VNS3 Configuration. ElasticHosts

CenturyLink Cloud Configuration. CenturyLink Setup for VNS3

VNS3 Configuration. Google Compute Engine

Microsoft Azure Configuration. Azure Setup for VNS3

AWS VPC Cloud Environment Setup

VNS3 Configuration. Quick Launch for first time VNS3 users in Azure

VNS3 IPsec Configuration. Connecting VNS3 Side by Side via IPsec

Cloud Security Best Practices

VNS3 version 4. Free and Lite Edition Reset Overlay Subnet

dprobe TM for Docker Configuration Guide

VNS3 IPsec Configuration. VNS3 to Cisco ASA ASDM 5.2

VNS3 IPsec Configuration. VNS3 to Cisco ASA ASDM 9.2

VNS Administration Guide

Lockdown & support access guide

VNS3 3.5 Upgrade Instructions

The Balabit s Privileged Session Management 5 F5 Azure Reference Guide

How to Deploy the Barracuda NG Firewall in an Amazon Virtual Private Cloud

Cloud Services. Introduction

Deploying and Provisioning the Barracuda CloudGen WAF in the Classic Microsoft Azure Management Portal

How to Install Forcepoint NGFW in Amazon AWS TECHNICAL DOCUMENT

DenyAll WAF User guide for AWS

VNS3 to Windows RRAS Instructions. Windows 2012 R2 RRAS Configuration Guide

ElasterStack 3.2 User Administration Guide - Advanced Zone

CogniFit Technical Security Details

PVS Deployment in the Cloud. Last Updated: June 17, 2016

VPN-Cubed 2.x Cloud Only Lite Edition

Securing Microservices Containerized Security in AWS

NGF0502 AWS Student Slides

Virtuozzo DevOps. Installation Guide

vcloud Director User's Guide

EdgeConnect for Amazon Web Services (AWS)

VPN Troubleshooting. VPN Troubleshooting CHAPTER20. Tunnel Details

vcloud Director User's Guide

Securing VMware NSX-T J U N E 2018

Puppet on the AWS Cloud

Hypersocket VPN. Lee Painter HYPERSOCKET LIMITED Unit 1, Vision Business Centre, Firth Way, Nottingham, NG6 8GF, United Kingdom. Getting Started Guide

25 Best Practice Tips for architecting Amazon VPC

Tanium Appliance Installation Guide

How-to Guide: Tenable.io for Microsoft Azure. Last Updated: November 16, 2018

Securing VMware NSX MAY 2014

Cloud Computing /AWS Course Content

Paperspace. Architecture Overview. 20 Jay St. Suite 312 Brooklyn, NY Technical Whitepaper

Venafi Platform. Architecture 1 Architecture Basic. Professional Services Venafi. All Rights Reserved.

Virtual Private Cloud. User Guide. Issue 03 Date

Real4Test. Real IT Certification Exam Study materials/braindumps

LB Cache Quick Start Guide v1.0

HySecure Quick Start Guide. HySecure 5.0

Figure 1 0: AMI Instances

Deployment Guide for Nuage Networks VSP

Deployment Guide for Nuage Networks VSP

Cisco Stealthwatch Cloud. Private Network Monitoring Advanced Configuration Guide

Installing Cisco APIC-EM on a Virtual Machine

Fundamentals of Network Security v1.1 Scope and Sequence

Amazon AWS-Solutions-Architect-Professional Exam

vrealize Operations Management Pack for NSX for vsphere 2.0

AWS plug-in. Qlik Sense 3.0 Copyright QlikTech International AB. All rights reserved.

COP Cloud Computing. Presented by: Sanketh Beerabbi University of Central Florida

Installation of Informatica Services on Amazon EC2

PCoIP Connection Manager for Amazon WorkSpaces

Secure Industrial Automation Remote Access Connectivity. Using ewon and Talk2M Pro solutions

Horizon DaaS Platform 6.1 Service Provider Installation - vcloud

StreamSets Control Hub Installation Guide

vcloud Air - Virtual Private Cloud OnDemand Networking Guide

Gateway Guide. Leostream Gateway. Advanced Capacity and Connection Management for Hybrid Clouds

Linux Administration

Exam : Implementing Microsoft Azure Infrastructure Solutions

CompTIA Security+ CompTIA SY0-401 Dumps Available Here at:

Barracuda Link Balancer

Pexip Infinity and Google Cloud Platform Deployment Guide

Check Point vsec for Microsoft Azure

vcloud Director User's Guide 04 OCT 2018 vcloud Director 9.5

Read the following information carefully, before you begin an upgrade.

Xen and CloudStack. Ewan Mellor. Director, Engineering, Open-source Cloud Platforms Citrix Systems

How to Configure Authentication and Access Control (AAA)

AT&T CLOUD SERVICES. AT&T Synaptic Compute as a Service SM. Using VMware vcloud Connector

NetExtender for SSL-VPN

Zadara Enterprise Storage in

vcloud Director User's Guide

Microsoft Microsoft TS: MS Internet Security & Acceleration Server 2006, Configuring. Practice Test. Version:

Cisco Stealthwatch Cloud. Stealthwatch Cloud Free Trial Guide

Bastion Hosts. Protected Access for Virtual Cloud Networks O R A C L E W H I T E P A P E R F E B R U A R Y

Guest Shell. Finding Feature Information. Information About Guest Shell. Guest Shell Overview

Apache CloudStack CloudStack Administrator's Guide

Security on AWS(overview) Bertram Dorn EMEA Specialized Solutions Architect Security and Compliance

ArcGIS 10.3 Server on Amazon Web Services

Lenovo ThinkAgile XClarity Integrator for Nutanix Installation and User's Guide

Hosting DesktopNow in Amazon Web Services. Ivanti DesktopNow powered by AppSense

CloudLink Amazon Web Services Deployment Guide

Installing and Configuring vcloud Connector

Control-M Workload Automation

Load Balancing Bloxx Web Filter. Deployment Guide v Copyright Loadbalancer.org

CSC- Bioweek 2018 Using cpouta for cloud computing Kimmo Mattila, Shubham Kapoor, Ari-Matti Saren (Jukka Nousiainen)

Transcription:

Logging Container VNS3 Plugins Guide 2018

Table of Contents Introduction 3 Logging Container Detail 7 Accessing and Securing the Logging Container 14 Available Log Files 19 Options to Consume the Log Files 22 Resources 24 2

Introduction 3

VNS3 provides container based network services Isolated Linux containers within VNS3 allow partners and customers to embed features and functions safely and securely into their cloud network. waf content caching nids proxy load balancing custom VNS3 Core Components router switch firewall vpn concentrator protocol redistributor extensible nfv 4

Requirements The Logging container functionality is supported on VNS3 controller versions 4.3.4 and later. You have a cloud or virtual infrastructure account that Cohesive Networks can use for enabling your access to the VNS3 Controller Images. You have agreed to the VNS3 Terms and Conditions. Basic knowledge of Linux software installation and use of command line tools. 5

Getting Help with VNS3 This document assumes you have a VNS3 Controller instance launched and running in a security group, network or similar that has the appropriate access rules included for normal VNS3 operations. For any support issues, email us at support@cohesive.net Please review the VNS3 Support Plans and Contacts before sending support inquiries. If you need specific help with project planning, POCs, or audits, contact our professional services team via sales@cohesive.net for details. 6

Logging Container Detail 7

Getting Started with VNS3 Plugin System The following Logging Container functionality is deployed to VNS3 as a plugin using the container system. These instructions cover customization of a Cohesive Networks supplied Ubuntu-based container image. While you can use any source LXC container image or Docker file you wish, Cohesive Networks recommends starting with an Ubuntu 14.04 image/docker file. 8

Getting the Default VNS3_Base Plug-In The Linux Container default plug in is accessible at the following URL: https://vns3-containers-read-all.s3.amazonaws.com/vns3_base/ VNS3_Base_1404.export.tar.gz This is a read-only Amazon S3 storage location. Only Cohesive Networks can update or modify files stored in this location. This URL can be used directly in a VNS3 Controller via the Web UI or API to import the container for use into that controller. (General screenshot walkthrough and help available in the plug-in configuration document.) 9

Uploading the Container Image to the VNS3 Controller From the Container > Images menu item, choose Upload Image. ***Enter an Image name that includes logger. This is required to provide any allocated container from this image to mount the appropriate VNS3 system log files.*** To use the pre-configured plugin paste the URL into the Image File URL box. 10

Getting the VNS3_Base Plug-In When the Image has imported it will say Ready in the Status Column. To then launch a running VNS3_Base container, choose Allocate from the Action menu. 11

Launching a VNS3_Base Container After selecting Allocate from the Actions menu you then name your container, provide a description and the command used to execute the container. The name and description should be something meaningful within the context of your organization and its policies. In the cases of using the CN Base Container Image, use the command: /usr/ bin/supervisord. This will ensure the ssh daemon is started so you can access the allocated container. 12

Confirming the VNS3_Base Container is running After executing the Allocate operation you will be taken to the Container Display page. You should see your VNS3_Base Container with the name you specified. The Status should be Running and it should have been given an IP address on your internal plug-in subnet (in this case 192.51.100.4). 13

Accessing and Securing the Logging Container 14

Accessing the Logging Container Accessing a Container from the Public Internet or your internal subnets will require additions to the inbound hypervisor firewall rules with the VNS3 Controller as well as VNS3 Firewall. The following example shows how to access an SSH server running as a Container listening on port 22. Network Firewall/Security Group Rule Allow port 22 from your source IP or subnets. VNS3 Firewall Enter rules to port forward incoming traffic to the Container Network and Masquerade outgoing traffic off the VNS3 Controller s outer network interface. #Let the Container Subnet Access the Internet Via the VNS3 Controller s Outer or Public IP MACRO_CUST -o eth0 -s <VNS3_Base Container Network IP> -j MASQUERADE #Port forward port 33 to the Container port 22 PREROUTING_CUST -i eth0 -p tcp -s 0.0.0.0/0 --dport 33 -j DNAT --to <VNS3_Base Container Network IP>:22 15

Securing the Logging Container By default the container has the following accounts, configured as described. root - The root account is locked. The root account is not allowed to remote shell into the container. This is our recommended approach. However, if you wish to, you can use the container_admin account to unlock root, provide a root password, and edit /etc/ssh/ sshd_config to allow remote login by root. container_admin - The default password is container_admin_123! The default demo public key is also installed in the /home/container_admin/.ssh/ authorized_keys. PLEASE change this password and this key when configuring, or create a new default plugin container image as your base for future use, following your authentication procedures. The account container_admin has sudo or superuser privileges, and is allowed to remote shell into the container. 16

Accessing via the default private key -----BEGIN RSA PRIVATE KEY----- MIIEoAIBAAKCAQEA1pIQ/2VxIR6DJx4/mKKfZJ2EuhAe+jJaXnbYMq33Zryum5ku /r7kkcgr97r7gv0mcho23bjp/soqrbyviwrvburnh32okxl/ymx0yeudollh2/r/ THIS IS FOR INITIAL / DEMONSTRATION ACCESS ONLY! Delete the contents of /home/ container_admin/.ssh/ authorized keys to secure your containers. paldnpvotuqny836pogxp3/x2h86/mgrhoclbegy8ezm6+zwnl18vccqigymw06c a2qlgvmih6wd03/p++l+qeprmhazfqwzj02gg12lck7ecodrelr0y+ppe+yg2daf QI8gywRDa6l9v7BTEc5l/k3j2xqJxNXaBVzgjCJmVc7dfgfR1io31IHiTw1M8YPf 5lNpMdfiV4DjcG9f6GcUuO6uXgMZucnQT3ldfwIBIwKCAQAGIW4zLsi3zav5zaoL rn/7j3jshbe+axbl14kfgunpvd+aydzfcypy9xz0yqrucf9w7yyj8euho7dva8p9 V+UsFVcPhz6WfRJHnINTQT8Bqpi9JD4pTfqeFaMpzAEgG9P2IPZyf/7aTMcryzRu ikll4eckhdq2sjkpgj0nbbdcex3p8h9jdwklpxz4vebeqzedmv+pphvjutrelamb amjy3/wmgprh90poo47vnz+rsd/gldpeugyvju7f64cbzuqbf4rytcgw3dcyuw5g icheeiovbyeyrffeh0/fv3bn31qfteey7hxosagrrm/kuuxejktts3rzbojflmbj UuCrAoGBAPbWMrEueimj0zQcfxBlKFaph0DQQTFEXg0evgv+RitXdChooB9SmOe2 soyby36dx6v6qtznshoeoluqdshpi3a9jidyoaxdibmtqt2svywrbpjqfffocj+/ AbrfVr6Seu45C5t+aYlS8nULbphqp8Cvyof4ldV+5KyGtbllaNlPAoGBAN6JOoCy G+Td38HpaML9J9xioizahbPBXj1/qyP3e+idSubqpT7feMCn3wOF+haNc2NF6VEN Here is the default private key for initial login. qltgeckyaoa/tiysoel5ruzdpu5bmavaadmeapmjwexebli4qjfd/swjcp5wmzp/ lcsrdtlhcqjoci5lkspoz/czcpo9volvu8zraogad+rhw8yefdmhgu+rbl0e9usg x7wcafyitepctvfy8hrvrto7fo2aubcbztoaygvltszam3nzxk4il0qqrsem4ebx N1ET5ZdKF+T7OGvZMqkuSc9THXusatkeGPAi0Zeay3rLH6PM3EzcKjjAsG5RetkK mdcdsndvef6wczen9iucgyamt2jtwqjogbudxdhfqaqbnzx3l3vaupervicjxpld v9hk93cokgbmb/4ddv6/dcwutsngdc8grduhexxklecd+boqmt0z9rku7c4sl4r7 m1amdymdljiwlyx5rzmhow46bnwtzma6x/igkio2/ssylpsi9d//idjvnrpwee15 awkbgaczjw0ag+nosfzklhhdawiez+qgvdmcxf8ptozgo0wyol4sytccp82ffxee 25d8DyolvGgRjfDXKMyw7zfzwiknsZozEGNFDW+sgsPR9Pe1SQx07PtnUUflb3/C v5lilzmgw+rfvqf7lgqqpqspfpuy6h8vwjxla89sp3uwti4n -----END RSA PRIVATE KEY----- 17

Primary files for customization There are two significant files for securing the VNS3_Base container: /etc/ssh/sshd_config Please ensure this file is configured to your organization s best practices. /home/container_admin/.ssh/authorized_keys The base container comes with an example public key installed, and private key for use in VNS3 documentation. Please remove after initial use or programmatic configuration. 18

Available Log Files 19

Log Files available via the Logging Container /mnt/logs/auth.log /mnt/logs/boot.log /mnt/logs/dmesg /mnt/logs/kern.log - VNS3 kernel log /mnt/logs/syslog - VNS3 system log /mnt/logs/vnscubed_api_background.log /mnt/logs/vnscubed_api_server.log /mnt/logs/vnscubed_bgpmon.log /mnt/logs/vnscubed_monitor.log /mnt/logs/vnscubed_webui.log /mnt/logs/webserver_access.log /mnt/logs/webserver_error.log /mnt/logs/vnscubed_api_background/completed/ - Directory showing completed API calls /mnt/logs/vnscubed_connection_logs/ipsec.log - IPsec system log files /mnt/logs/vnscubed_connection_logs/tun0.log - Overlay Network server connection log files /mnt/logs/vnscubed_connection_logs/unauthorized.log 20

Log file rotation VNS3 controllers rotate log files to both ensure a useful log history is available at all times without taking up too much disk. Log files on VNS3 are rotated weekly with a history of 14 log files compressed and retained. As a result the previously mentioned log directory available in the Logging Container (/mnt/logs) may include some additional historical files. 21

Options to Consume the Log Files 22

Options for Consuming the Log Files via Logging Container Once the Logging Container has been correctly allocated, adding agents/collectors to the Container will allow 3rd party services/applications to consume the logs and custom alerts can be configured. Services like CloudWatch Log Agent, SumoLogic, and LogicMonitor are common choices. 23

VNS3 Configuration Document Links VNS3 Product Resources - Documentation Add-ons VNS3 Configuration Instructions (Free & Lite Editions BYOL) Instructions and screenshots for configuring a VNS3 Controller in a single or multiple Controller topology. Specific steps include, initializing a new Controller, generating clientpack keys, setting up peering, building IPsec tunnels, and connecting client servers to the Overlay Network. VNS3 Administration Document Covers the administration and operation of a configured VNS3 Controller. Additional detail is provided around the VNS3 Firewall, all administration menu items, upgrade licenses, other routes and SNMP traps. VNS3 Troubleshooting Troubleshooting document that provides explanation issues that are more commonly experienced with VNS3. 24

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback