Deploy the ExtraHop Explore 5100 Appliance

Similar documents
Deploy the ExtraHop Trace 6150 Appliance

Deploy the ExtraHop Discover 3100, 6100, 8100, or 9100 Appliances

Deploy the ExtraHop Trace 6150 Appliance

Deploy the ExtraHop Discover 3100, 6100, 8100, or 9100 Appliances

Deploy the ExtraHop Discover EDA 6100, EDA 8100, or EDA 9100 Appliances

Deploy the ExtraHop Discover Appliance 1100

Deploy the ExtraHop Explore Appliance on a Linux KVM

Deploy the ExtraHop Discover 3000, 6000, or 8000 Appliances

Deploy the ExtraHop Explore Appliance on a Linux KVM

Deploy the ExtraHop Discover Appliance with VMware

Deploy the ExtraHop Explore Appliance in Azure

Deploy the ExtraHop Trace Appliance with VMware

Deploy the ExtraHop Discover Appliance in Azure

ExtraHop 6.1 ExtraHop Explore Admin UI Guide

ExtraHop Command-line Reference

Configure the idrac Remote Access Console

Deploy the ExtraHop Discover Appliance with VMware

Link Gateway Initial Configuration Manual

ExtraHop 7.0 ExtraHop Explore Admin UI Guide

Deploy the ExtraHop Discover Appliance with Hyper-V

Quick Start Guide for Vmware. Version 2.5 Vmware vsphere Instance

Deploy the ExtraHop Discover Appliance with Hyper-V

Manager Appliance Quick Start Guide

ForeScout CounterACT. Single CounterACT Appliance. Quick Installation Guide. Version 8.0

CounterACT 7.0 Single CounterACT Appliance

Deployment Guide: Routing Mode with No DMZ

Installation and Configuration Guide

Forescout. Quick Installation Guide. Single Appliance. Version 8.1

F5 WANJet 200. Quick Start Guide. Quick Start Overview

Reset the Admin Password with the ExtraHop Rescue CD

Configure the Cisco DNA Center Appliance

ExtraHop 7.0 ExtraHop Trace Admin UI Guide

Configure the Cisco DNA Center Appliance

24-Port Gigabit with 4 Optional 10G Slots. Layer 3 Managed Stackable Switch XGS Quick Installation Guide

Configure the Cisco DNA Center Appliance

AlterPath KVM/net Quick Installation Guide

Fidelis Network High Capacity Collector QUICK START GUIDE. Rev-H Collector Controller Appliances Based on HP DL360-G9 and DL380-G9 Platforms

MT LoadMaster - Dell R-Series. Multi-Tenant LoadMaster for the Dell R-Series. Installation Guide

The Privileged Appliance and Modules (TPAM) 1.0. Diagnostics and Troubleshooting Guide

Polycom RealPresence Distributed Media Application (DMA ) System

Network Configuration Example

OUTDOOR IR NETWORK CAMERA Series

Raritan PXE. Quick Setup Guide. Safety Precautions. Before You Begin. Mounting the PXE. Unpacking the PXE. Zero U Size. 1U Size

Cisco UCS C-Series. Installation Guide

Barracuda Link Balancer

D-Link (Europe) Ltd. 4 th Floor Merit House Edgware Road London HA7 1DP U.K. Tel: Fax:

SonicWALL Security Appliances. SonicWALL SSL-VPN 200 Getting Started Guide

ExtraHop 6.2 Admin UI Guide

Quick Install Guide. ibypass TM I2BP-4x Rev A 11/14

28-Port 10/100/1000Mbps with. 4 Shared SFP Managed Gigabit Switch WGSW / WGSW-28040P. Quick Installation Guide

24-Port Gigabit with 4 Optional 10G Slots. Layer 3 Managed Stackable Switch XGS / XGS Quick Installation Guide

16/24/48-Port 10/100/1000T + 2/4-Port 100/1000X SFP Managed Switch GS T2S/GS T2S/GS T4S. Quick Installation Guide

Infoblox Authenticated DHCP

FusionHub. SpeedFusion Virtual Appliance. Installation Guide Version Peplink

Equalizer Quick Start Guide

ECDS MDE 100XVB Installation Guide on ISR G2 UCS-E and VMWare vsphere Hypervisor (ESXi)

24-Port 100/1000X SFP + 4-Port 10G SFP+ Managed. Metro Ethernet Switch MGSW-28240F. Quick Installation Guide

ScopTEL TM IP PBX Software. DNS Server Configuration Wizard

16/24-Port 10/100/1000T 802.3at PoE + 2-Port 100/1000X SFP Managed Switch GS P2S GS P2S. Quick Installation Guide

Installing and Configuring vcenter Support Assistant

Fidelis Enterprise Collector Cluster QUICK START GUIDE. Rev-H Collector Controller2 (HP DL360-G9) and Collector XA2 (HP DL360-G9) Platforms

Hardware Installation Guide Installation (x3350)

Implementing Infoblox Data Connector 2.0

48-Port 10/100/1000Base-T with 4 Shared SFP. Managed Gigabit Switch WGSW Quick Installation Guide

48-Port 10/100Mbps + 4 Gigabit TP / 2 SFP. Managed Switch WGSW Quick Installation Guide

Using the Cisco NCS Command-Line Interface

VMware Identity Manager Cloud Deployment. DEC 2017 VMware AirWatch 9.2 VMware Identity Manager

Dell Storage Manager 2016 R3 Installation Guide

VMware Identity Manager Cloud Deployment. Modified on 01 OCT 2017 VMware Identity Manager

BRIVO ONSITE QUICK START GUIDE 09/14/17

AirServer Connect User Guide

Creating an IBM API Management Version 2.0 environment

Management Security Switch SGSD-1022 / SGSD-1022P SGSW-2840 / SGSW-2840P. Quick Installation Guide

Installing Cisco StadiumVision Director Software from a DVD

XCONNECT 2018 GATEWAY USER MANUAL

vrealize Network Insight Installation Guide

UNIFIED ACCESS POINT ADMINISTRATOR S GUIDE

Dell EMC OpenManage Mobile. Version User s Guide (Android)

Industrial 24-Port 10/100/1000Mbps Managed Gigabit. Switch (-40~75 degrees C) with 4 Shared SFP Ports IGSW-24040T. Quick Installation Guide

QUICK SETUP GUIDE. Raritan PXE. Safety Precautions. Before You Begin. Mounting the PDU. Unpacking the PXE. 1U Size

Hardware LoadMaster. Installation Guide

Configuring the SMA 500v Virtual Appliance

ForeScout CounterACT. Installation Guide. Version 8.0

Fidelis Enterprise Collector Cluster QUICK START GUIDE. Rev-I Collector Controller2 (HP DL360-G10) and Collector XA2 (HP DL360-G10) Platforms

ITCorporation HOW DO I INSTALL A FRESH INSTANCE OF ANALYZER? DESCRIPTION RESOLUTION. Knowledge Database KNOWLEDGE DATABASE

Fidelis Network High Capacity Collector QUICK START GUIDE. Rev-I Collector Controller Appliances Based on HP DL360-G9 and DL380-G9 Platforms

QUICK SETUP GUIDE VIRTUAL APPLIANCE - VMWARE, XEN, HYPERV CommandCenter Secure Gateway

Getting Started Using Cisco License Manager

ilo MP Utilities ilo MP

Installation and Configuration Guide

NetApp HCI. Deployment Guide. Version July _A0

Dell FluidFS 6.0 FS8600 Appliance CLI Reference Guide

KACE Systems Deployment Appliance 5.0. Administrator Guide

Overview of the Cisco NCS Command-Line Interface

Dell EMC OpenManage Mobile. Version User s Guide (ios)

POWER. allows users to interface a third party control system with the devices on a VN Matrix network.

KeySecure Version 6.1.0

L2+ Managed Gigabit Switch WGSW series

Plexxi HCN Plexxi Connect Installation, Upgrade and Administration Guide Release 3.0.0

Getting Started with ESXi Embedded

Transcription:

Deploy the ExtraHop Explore 5100 Appliance Published: 2018-09-25 In this guide, you will learn how to configure the rack-mounted EXA 5100 ExtraHop Explore appliance and to join multiple Explore appliances to create an Explore cluster. For the best performance, data redundancy, and stability, you must configure at least three Explore appliances in an Explore cluster. System requirements To install the Explore appliance, your environment must meet the following requirements: Appliance 2U of rack space and 2x750W of power Network Access The following TCP ports must be open: TCP ports 80 and 443 Enables you to administer the Explore appliance through the Web UI. Requests sent to port 80 are automatically redirected to HTTPS port 443. TCP port 9443 Enables Explore nodes to communicate with other Explore nodes in the same cluster. Install the Explore appliance To install the Explore appliance, complete the following steps. Before you begin All Explore nodes in an Explore cluster must be physically located in the same datacenter. This configuration helps reduce any network latency that might affect the collection of records. 1. Rack mount the Explore appliance. Install the Explore appliance in your data center with the included rack-mounting kit. The mounting kit supports most four-post racks with either round or square holes. 2. Connect port 1. The Explore appliance contains a set of four 10/100/1000 BASE-T network ports. Only the first port on the left is active. Connect the 1GbE port on the Explore appliance to the management network with a network patch cable. 3. Optional: Connect a 10 GbE port Connect one of the 10 GbE ports on the appliance with a 10 GbE cable to your network to manage the Explore appliance. Note which port you are connecting to so you can configure this port later through the Admin UI. Note: You can configure only one port as an Explore appliance management port. 2018 ExtraHop Networks, Inc. All rights reserved.

4. Connect the power cords. Connect the two supplied power cords to the power supplies on the back of the appliance. 5. Plug the power cords into a power outlet. If the appliance does not power on automatically, press the power button on the front of the appliance. Configure an IP address DHCP is enabled by default on the ExtraHop appliance. When you power on the appliance, interface 1 attempts to acquire an IP address through DHCP. If successful, the IP address appears on the home screen of the LCD. If an IP address has not been configured, the LCD displays No IP. If your network does not support DHCP, you can configure a static IP address through the LCD menu on the front panel or through the command-line interface (CLI). Configure a static IP address through the CLI You can access the CLI by connecting a USB keyboard and SVGA monitor to the appliance or through an RS-232 serial cable and a terminal-emulator program. The terminal emulator must be set to 115200 bps with 8 data bits, no parity, 1 stop bit (8N1), and hardware flow control should be disabled. 1. Establish a connection to the ExtraHop appliance. 2. At the login prompt, type shell and then press ENTER. 3. At the password prompt, type the service tag number found on the pullout tab on the front of the appliance, and then press ENTER. 4. Enable privileged commands by running the following command: enable 5. At the password prompt, type the service tag number, and then press ENTER. 6. Enter configuration mode by running the following command: configure 7. Enter the interface configuration mode by running the following command: interface 8. Run the ip command and specify the IP address and DNS settings in the following format: ip ipaddr <ip_address> <netmask> <gateway> <dns_server> For example: extrahop[exa](config-if)# ip ipaddr 10.10.2.14 255.255.0.0 10.10.1.253 10.10.1.254 exclude_from_doc_site Deploy the ExtraHop Explore 5100 Appliance 2

9. Leave the interface configuration section: exit 10. Save the running config file: running_config save 11. Type y and then press ENTER. Configure a static IP address through the front panel Complete the following steps to configure the IP address from the front panel. If an IP address has not been configured, the front panel displays No IP. If the system is plugged in and powered off, the LCD screen displays ExtraHop. 1. Make sure that the default management interface is connected to the network and the link status is active. 2. Press the select button (#) to begin. 3. Press the right arrow (>) button to select Net and then press the select button. 4. Press the right arrow button twice to highlight DHCP and then press the select button. 5. Press the right arrow button to select Static and then press the select button. 6. Press the right arrow button to select IP and then press the select button. The currently configured IP address appears. 7. Press the right arrow button until the first digit you want to change is highlighted. 8. Press the select button. The digit blinks when selected. While the digit is blinking, press the left arrow (<) or right arrow (>) button to change the digit value. 9. After you have chosen the correct digit, press the select button. 10. Repeat steps 7-9 for each remaining digit you want to change. 11. Press the left arrow button to navigate to the up arrow on the display and press the select button. 12. On the Save screen, select Yes and then press the select button. 13. Wait a moment to be redirected to the Net screen. Repeat the actions above to set the mask, gateway, and up to two DNS servers. 14. Configure the idrac DHCP, IP, mask, gateway, and DNS in the same manner as the IP address. Configure the Explore appliance After you configure an IP address for the Explore appliance, log into the Explore Admin UI, https:// <explore_ip_address>, and complete the following recommended procedures. Note: The default login username is setup and the password is the service tag number on the pullout tab on the front of the appliance. You can modify user names and passwords in the Admin UI. Register your ExtraHop appliance Configure the 10GbE management port Review the Explore Post-deployment Checklist and configure additional Explore appliance settings. Create an Explore cluster Connect the Explore appliance to Discover and Command appliances Send record data to the Explore appliance Register your ExtraHop appliance When you purchase an appliance, you will receive an email with a new product key that must be added to your appliance from the ExtraHop Admin UI. This guide provides instructions on how to apply the new exclude_from_doc_site Deploy the ExtraHop Explore 5100 Appliance 3

product key and activate all of your purchased modules. You must have administrator privileges on the ExtraHop appliance to access the Admin UI. Register the appliance Before you begin Note: If you are registering a Discover or Command appliance, you can optionally enter the product key from the ExtraHop Web UI, (https://<extrahop_ip_address>/) after you accept the EULA and log in. 1. In your browser, type the URL of the ExtraHop Admin UI, https://<extrahop_ip_address>/ admin. 2. Review the license agreement, select I Agree, and then click Submit. 3. On the login screen, type setup for the username. 4. For the password, select from the following options: For 1U and 2U appliances, type the serial number printed on the label on the back of the appliance. The serial number can also be found on the LCD display on the front of the appliance in the Info section. For the EDA 1100, type the serial number displayed in the Appliance info section of the LCD menu. The serial number is also printed on the bottom of the appliance. For a virtual appliance in AWS, type the instance ID, which is the string of characters that follow i- (but not i- itself). For all other virtual appliances, type default. 5. Click Log In. 6. In the Appliance Settings section, click License. 7. Click Manage License. 8. If you have a product key, click Register and type your product key into the field. 9. Click Register. Note: If you received a license file from ExtraHop Support, click Manage License, click Update, then paste the contents of the file into the Enter License field. Click Update. Next steps Have more questions about ExtraHop licensing works? See the License FAQ. Troubleshoot license server connectivity Your ExtraHop appliance must be able to resolve the *.d.extrahop.com domain from the DNS server settings that you configured on your ExtraHop appliance. Communication with the licensing server through DNS is required for license updates and check-ins. Open a terminal application on your Windows, Linux, or Mac OS client that is on the same network as your ExtraHop appliance and run the following command: nslookup -type=ns d.extrahop.com If the name resolution is successful, output similar to the following appears: Non-authoritative answer: d.extrahop.com nameserver = ns0.use.d.extrahop.com. d.extrahop.com nameserver = ns0.usw.d.extrahop.com. If the name resolution is not successful, make sure that your DNS server is properly configured to lookup the extrahop.com domain. exclude_from_doc_site Deploy the ExtraHop Explore 5100 Appliance 4

(Optional) Configure the 10GbE management port 1. In the Network Settings section, click Connectivity. 2. In the Interfaces section, click Interface 5 or Interface 6. Make sure you select the same interface as the physical port you connected the 10GbE cable to. Interface 5 is the 10GbE port to the left on the rear of the appliance. 3. From the Interface Mode drop-down list, select Management Port. 4. Configure the rest of the network settings. 5. Click Save. 6. In the Interfaces section, click Interface 1. 7. From the Interface Mode drop-down list, select Disabled. 8. Click Save. 9. Click the View and Save Changes button at the top of the page to save the running config file. 10. Click Save. Your connection to the Web UI through interface 1 is terminated. 11. Log in to the Web UI again to connect through the newly configured 10GbE interface. Create an Explore cluster If you are deploying more than one Explore appliance, you can join the appliances together to create a cluster. For the best performance, data redundancy, and stability, you must configure at least three Explore appliances in an Explore cluster. Before you begin You must have already installed the Explore appliances in your environment before proceeding. In the following example, the Explore appliances have the following IP addresses: Node 1: 10.20.227.177 Node 2: 10.20.227.178 Node 3: 10.20.227.179 You will join nodes 2 and 3 to node 1 to create the Explore cluster. Important: Each node that you join must have the same configuration (physical or virtual) and the same ExtraHop firmware version. 1. Log into the Admin UI of all three Explore appliances with the setup user account in three separate browser windows or tabs. 2. Select the browser window of node 1. 3. In the Status and Diagnostics section, click Fingerprint and note the fingerprint value. You will later confirm that the fingerprint for node 1 matches when you join the remaining two nodes. 4. Select the browser window of node 2. 5. In the Explore Cluster Settings section, click Join Cluster. 6. In the Host field, type the hostname or IP address of node 1 and then click Continue. 7. Confirm that the fingerprint on this page matches the fingerprint you noted in step 3. exclude_from_doc_site Deploy the ExtraHop Explore 5100 Appliance 5

8. In the Setup Password field, type the password for the node 1 setup user account and then click Join. When the join is complete, the Explore Cluster Settings section has two new entries: Cluster Members and Cluster Data Management. 9. Click Cluster Members. You should see node 1 and node 2 in the list. exclude_from_doc_site Deploy the ExtraHop Explore 5100 Appliance 6

10. In the Status and Diagnostics section, click Explore Cluster Status. Wait for the Status field to change to Green before adding the next node. 11. Repeat steps 5-10 to join each additional node to the new cluster. Note: To avoid creating multiple clusters, always join a new node to an existing cluster and not to another single appliance. 12. When you have added all of your Explore appliances to the cluster, click Cluster Members in the Explore Cluster Settings section. You should see all of the joined nodes in the list, similar to the following figure. 13. In the Explore Cluster Settings section, click Cluster Data Management and make sure that Replication Level is set to 1 and Shard Reallocation is ON. exclude_from_doc_site Deploy the ExtraHop Explore 5100 Appliance 7

Next steps Connect the Discover and Command appliances to Explore appliances Connect the Explore appliance to Discover and Command appliances After you deploy the Explore appliance, you must establish a connection from all ExtraHop Discover and Command appliances to the Explore appliance before you can query records. Important: If you have an Explore cluster of three or more Explore nodes, connect the Discover appliance to each Explore node so that the Discover appliance can distribute the workload across the entire Explore cluster. Note: If you manage all of your Discover appliances from a Command appliance, you only need to perform this procedure from the Command appliance. 1. Log into the Admin UI of the Discover or Command appliance. 2. In the ExtraHop Explore Settings section, click Connect Explore Appliances. 3. Click Add New. 4. In the Explore node field, type the hostname or IP address of any Explore appliance in the Explore cluster. 5. For each additional Explore appliance in the cluster, click Add New and enter the individual hostname or IP address in the corresponding Explore node field. 6. Click Save. 7. Confirm that the fingerprint on this page matches the fingerprint of node 1 of the Explore cluster. exclude_from_doc_site Deploy the ExtraHop Explore 5100 Appliance 8

8. In the Explore Setup Password field, type the password for the Explore node 1 setup user account and then click Connect. 9. When the Explore Cluster settings are saved, click Done. Next steps Important: If you only deployed a single Explore appliance, after you connect to your Discover or Command appliance, you must log into the Admin UI on the Explore appliance and set the Explore Cluster Settings > Cluster Data Management > Replication Level to 0. Send record data to the Explore appliance After your Explore appliance is connected to all of your Discover and Command appliances, you must configure the type of records you want to store. See Records for more information about Explore configuration settings, how to generate and store records, and how to create record queries. exclude_from_doc_site Deploy the ExtraHop Explore 5100 Appliance 9

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback