Professional Documents
Culture Documents
Envision Hardware Guide PDF
Envision Hardware Guide PDF
Envision Hardware Guide PDF
Contact Information
Go to the RSA corporate web site for regional Customer Support telephone and fax numbers: www.rsa.com
Trademarks
RSA, the RSA Logo, RSA enVision, RSA Event Explorer and EMC are either registered trademarks or trademarks of EMC
Corporation in the United States and/or other countries. All other trademarks used herein are the property of their respective
owners. For a list of EMC trademarks, go to www.rsa.com/legal/trademarks_list.pdf.
License agreement
This software and the associated documentation are proprietary and confidential to EMC, are furnished under license, and
may be used and copied only in accordance with the terms of such license and with the inclusion of the copyright notice
below. This software and the documentation, and any copies thereof, may not be provided or otherwise made available to any
other person.
No title to or ownership of the software or documentation or any intellectual property rights thereto is hereby transferred. Any
unauthorized use or reproduction of this software and the documentation may be subject to civil and/or criminal liability.
This software is subject to change without notice and should not be construed as a commitment by EMC.
Third-party licenses
This product may include software developed by parties other than RSA. The text of the license agreements applicable to
third-party software in this product may be viewed in the thirdpartylicenses.pdf file.
Portions of this application include technology used under license from Visual Mining, Inc. 2000 - 2010.
Portions of this application include iAnywhere technology, 2001 - 2010.
Distribution
Use, copying, and distribution of any EMC software described in this publication requires an applicable software license.
EMC believes the information in this publication is accurate as of its publication date. The information is subject to change
without notice.
THE INFORMATION IN THIS PUBLICATION IS PROVIDED "AS IS." EMC CORPORATION MAKES NO
REPRESENTATIONS OR WARRANTIES OF ANY KIND WITH RESPECT TO THE INFORMATION IN THIS
PUBLICATION, AND SPECIFICALLY DISCLAIMS IMPLIED WARRANTIES OF MERCHANTABILITY OR
FITNESS FOR A PARTICULAR PURPOSE.
Copyright 2012 EMC Corporation. All Rights Reserved. Published in the USA.
June 2012
Contents
Preface................................................................................................................................... 7
About This Guide................................................................................................................ 7
Terminology Used in this Document .................................................................................. 7
RSA enVision Documentation............................................................................................ 7
Related Documentation....................................................................................................... 8
Support and Service ............................................................................................................ 9
Before You Call Customer Support............................................................................. 9
Contents
Storage Specifications....................................................................................................... 50
NAS Configuration Values for VNX................................................................................ 51
Creation of Storage Pools .......................................................................................... 52
Network Interface Configuration............................................................................... 52
Creation of the File Systems ...................................................................................... 52
Creation of the Standalone CIFS Server.................................................................... 54
Creation of the CIFS Shares ...................................................................................... 55
iSCSI Configuration Settings..................................................................................... 57
Enable E-mail Connect Home ................................................................................... 60
Proxy Address Resolution Protocol ........................................................................... 61
NAS Configuration Values for Celerra............................................................................. 62
Creation of Storage Pools .......................................................................................... 62
Network Interface Configuration............................................................................... 63
Creation of the File Systems...................................................................................... 63
Creation of the Standalone CIFS Server.................................................................... 65
Creation of the CIFS Shares ...................................................................................... 67
iSCSI Configuration Settings..................................................................................... 68
Enable Celerra Connect Home .................................................................................. 71
Proxy Address Resolution Protocol ........................................................................... 71
Contents
Contents
Preface
About This Guide
This guide contains information on setting up and maintaining your RSA enVision
hardware appliance. Use this guide in conjunction with the Configuration Guide. It is
intended for system administrators who need to setup an enVision appliance.
This document uses the Gigabit ethernet switches convention (GB) for all references
to network switches. The operating system naming convention of INF is not used in
this document.
NAS (Network Attached Storage)
Description
NAS
RSA NAS
Celerra NS-120
ENV-NAS53-2
Preface
Related Documentation
For information about the RSA enVision Event Explorer module, see the following
documentation:
Release Notes. Provides information about what is new and changed in this
release, as well as workarounds for known issues.
Installation Guide. Provides instructions on installing the RSA enVision Event
Explorer module on your client machine in separate guides for Microsoft
Windows and Apple Macintosh operating systems. Intended audience is the end
user.
RSA enVision Event Explorer Help. Provides comprehensive instructions on
setting up and using the RSA enVision Event Explorer module.
For information about the RSA enVision EventSource Integrator, see the following
documentation:
Release Notes. Provides information about what is new and changed in this
release, as well as workarounds for known issues.
Preface
https://knowledge.rsasecurity.com
www.rsa.com/support
www.rsasecured.com
Preface
11
12
Appliance Layout
The appliance layouts of the ES and LS series appliance hardware types are the same.
The internal specifications of the ES and LS series appliance hardware differ. The
following topics provide information on the appliance layout, and briefly describe the
function of buttons on the:
Front Panel
Back Panel
Front Panel
The following figure shows the front panel of the RSA enVision appliance.
1
10
Item
Indicator,
Button, or
Connector
Information tag
Power-on
indicator,
power button
2: Appliance Layout
Icon
Description
13
Item
Indicator,
Button, or
Connector
NMI button
Icon
Description
USB
connectors (2)
Video
connector
LCD menu
buttons
LCD panel
14
System
identification
button
Optical drive
(CD/DVD)
10
Hard Drive
Bays (6)
2: Appliance Layout
Item
Description
2: Appliance Layout
Use to locate a particular system within a rack. When you push this button, the
LCD panel on the front and the system status indicator on the back flash blue
until you push the button again. There is also a system identification button on
the back panel.
15
Drive-activity indicator
Drive-status indicator
Item
Description
16
Drive Condition
Off
Drive failed
Drive rebuilding
Steady green
Drive online
Rebuild aborted
2: Appliance Layout
Back Panel
The following figure shows the back panel of the RSA enVision appliance.
2
10
11
12
13
14
15
Item
Indicator,
Button, or
Connector
PCIe slot1
PCIe slot 2
PCIe slot 3
PCIe slot 4
Power supply 1
Power supply 2
VFlash media
slot
iDRAC6
enterprise port
Serial
connector
10
Video
connector
11
USB
connectors (2)
2: Appliance Layout
Icon
Description
17
Item
18
Indicator,
Button, or
Connector
Icon
Description
12
Ethernet
connectors (4)
13
System status
indicator
connector
14
System status
indicator
Power-on indicator.
15
System
identification
button
2: Appliance Layout
2: Appliance Layout
19
Reference
1. Plan the installation. Complete the Configuration Wizard Planning Worksheet planning worksheet.
Single Appliance Site in the Configuration Guide
21
Task
Reference
2. Set up the RSA enVision appliance Set Up a Single Appliance Site on page 22
hardware.
3. Connect to the appliance remotely
using DRAC or using a KVM
switch.
4. Configure the single appliance site. Configure a Single Appliance Site in the
Configuration Guide
5. Install content updates.
1. Plan the installation. Complete the Configuration Wizard Planning Worksheet Single Appliance Site in the chapter Single Appliance Site in the Configuration
Guide.
2. Select a hardware setup location that meets the requirements for the current
installation and for future growth. For location requirements, see Hardware
Specifications on page 77. For information on installing the appliance, see the
manufacturers documentation.
22
4. If your ES appliance has an external DAS storage, connect the storage system to
the ES appliance (through ethernet connector GB2). Connect a cable from GB2 on
the ES appliance to the MGMT port on the RSA DAS 2000. For instructions, see
Configure the RSA DAS 2000 on page 24.
Note: You can connect to the management UI on the RSA DAS 2000 at
http://10.203.2.90.
5. Connect each of the power cords to a different power circuit for increased
reliability and availability.
6. If you are using external storage, power on the storage appliance. For instructions,
refer to the storage system documentation. Wait five minutes until the external
storage is powered on.
7. Power on the ES appliance.
8. Complete the enVision site configuration, using the enVision Configuration
Wizard. For instructions, see Single Appliance in the Configuration Guide.
23
24
IP Address: 10.203.2.11
GB2 address:
IP Address: 10.203.3.11
1. Log into the DAS-2000 from the enVision appliance by performing the following
steps:
a. Open a web browser and navigate to http://10.203.3.90.
b. Answer Yes to the Security Alert message.
c. Login to the DAS management console. For instructions, see the
corresponding DAS documentation.
2. On the left navigation window, click on Disk Pools and check the total free space
for each pool.
3. Create new Logical Unit Numbers (LUNs) from the available free space by
performing the following steps:
a. On the left navigation window, click on Virtual Disks.
b. Select the number of virtual disks for the new LUN.
c. Enter a name and the desired capacity for the new LUN.
d. Select NICAPPLIANCE as the server to assign the new LUN.
e. Click Apply and wait for the process to complete.
4. Verify that the new LUN has been created by performing the following steps:
a. To view the new LUN, click the link View all virtual disks that have been
created so far.
b. Click on the LUN name to view details about the LUN.
25
c. Review the properties of the LUN and ensure that it is assigned to NIC.
5. You must format the new LUN for use with the enVision platform. Perform the
following steps on the enVision appliance:
a. Open the disk management window. Click Start > Run, type diskmgmt.msc
and press Enter.
The new LUN appears as Unallocated in the lower pane of the disk
management window.
b. Before partition, run the Initialize and Convert Disk Wizard by following
the instructions in the wizard.
c. Right-click on the unallocated disk and select New Partition.
d. Specify the following settings in the New Partition wizard:
e. Click Next.
f.
Click Finish.
6. Add the new partition as an additional storage for use with the enVision platform.
Perform the following steps:
a. Log into the enVision application GUI at https://<Appliance IP Address>:443.
b. Click System Configuration > Directories > Manage Storage Locations.
c. Click the Add button and point to the path of the newly created drive, for
example, K:\
The new drive appears in the Manage Storage Locations window.
26
Cabling Examples
Enhanced Availability
Storage system
Network switch
Appliance rack
For a complete explanation of multiple appliance sites and multiple site deployments,
and for instructions on configuring enVision on these sites, see the chapter Multiple
Appliance Site in the Configuration Guide. For information on the hardware items,
see Hardware Specifications on page 77.
27
Reference
1. Plan the installation. Complete the Configuration Wizard Planning Worksheet Configuration Wizard Planning
Multiple Appliance Site in the Configuration Guide
Worksheet.
2. Set up the RSA enVision appliance Set Up a Multiple Appliance Site on page 28
hardware.
3. Connect to the Data Sever (D-SRV
or DS1 if there are multiple
D-SRVs) appliance remotely using
DRAC or using a KVM switch.
4. Configure the multiple appliance
site.
28
1. Plan the installation. Complete the Configuration Wizard Planning Worksheet Multiple Appliance Site in the chapter Multiple Appliance Site in the
Configuration Guide.
2. Select a hardware setup location that meets the requirements for the current
installation and for future growth. For location requirements, see Hardware
Specifications on page 77. For information on installing the appliance, see the
manufacturers documentation.
3. Connect the storage system. Note the IP address for the storage device in the
Identify External Storage section of the Configuration Wizard Planning
Worksheet - Multiple Appliance Site in Multiple Appliance Site in the
Configuration Guide.
4. Connect each LS appliance in the site to the LAN (through ethernet connector
GB1) and the switch (through ethernet connector GB2).
Note: Ignore any warning messages that you receive about IP conflicts when
29
5. Connect each of the power cords to a different power circuit for increased
reliability and availability. For powerline redundancy, the appliance and the
switch have dual power supplies.
6. Power on the storage system. For instructions, refer to the storage system
documentation. Wait five minutes.
7. Power on the network switch and LS appliances.
The LS Typing Wizard starts automatically on the appliances.
If you click Cancel at any time while using the wizard, you must restart the
wizard to type the appliance. To restart the wizard, double-click the
lsconfigurationwizard.exe file in the C:\windows\installations directory.
8. On each appliance in the site, follow these steps to assign the LS appliance type:
30
RC (Remote Collector)
d. Click Next.
e. Verify that the information is correct, and click Finish.
If the information is not correct, click Cancel.
9. Apply the appropriate labels for the appliance type to the front and back of the
appliance to identify it.
10. Repeat step 8 to step 9 for each appliance in your site.
11. Complete the enVision site configuration using the enVision Configuration
Wizard. For instructions, see Multiple Appliance Site in the Configuration
Guide.
31
Cabling Examples
This section shows examples of cabled multiple appliance sites.
The following figure shows an example of a multiple appliance site with a Local
Collector (LC), an Application Server (A-SRV), and a Database Server (D-SRV). The
site is connected to the switch. The switch is connected to the ENV-NAS53-1 or
ENV-NAS53-2 (external storage).
32
The following figure shows an example of a multiple appliance site with a Local
Collector (LC), an Application Server (A-SRV), and a Database Server (D-SRV). The
site is connected to the switch. The switch is connected to the RSA NAS 3500 or RSA
NAS 7000 (external storage).
A-SRV
D-SRV
LC
4
0
3
7
PRI
046-002-567_A02
2 MIN
046-002-000
EXP
PRI
EXP
PRI
2 MIN
EXP
EXP
PRI
046-002-567_A02
Switch
MG MT
CS
Control Station
10/100
cge 0
DO NOT
REMOVE
DO NOT
REMOVE
DO NOT
REMOVE
DO NOT
REMOVE
Storage Processor
cge 2
cge 1
10/100
cge 3
cge 0
cge 1
cge 2
cge 3
Data Movers
SP
B
BE0
BE1
Aux 0
Aux 1
BE0
BE1
Aux 0
Aux 1
33
The following figure shows an example of a cabled multiple appliance site with one
D-SRV, two A-SRVs, and three LCs. The site is connected to the switch. The switch is
connected to the ENV-NAS53-1 or ENV-NAS53-2 (external storage).
34
The following figure shows an example of a cabled multiple appliance site with one
D-SRV, two A-SRVs, and three LCs. The site is connected to the switch. The switch is
connected to the RSA NAS 3500 or NAS 7000 (external storage).
35
The following figure shows an example of a cabled multiple appliance site with three
D-SRVs, two A-SRVs, and three LCs. The site is connected to the switch. The switch
is connected to the ENV-NAS 53-1 or ENV-NAS53-2 (external storage).
36
The following figure shows an example of a cabled multiple appliance site with three
D-SRVs, two A-SRVs, and three LCs. The site is connected to the switch. The switch
is connected to the RSA NAS 3500 or NAS 7000 (external storage).
A-SRV1
A-SRV2
D-SRV1
D-SRV2
D-SRV3
LC1
LC2
LC3
EXP
PRI
0
EXP
PRI
EXP
EXP
046-002-567_A02
PRI
PRI
2 MIN
Switch
046-002-567_A02
2 MIN
046-002-000
Control Station
MG MT
CS
A
10/100
cge 0
cge 2
cge 1
10/100
cge 3
DO NOT
REMOVE
cge 0
cge 1
cge 2
cge 3
Data Movers
SP
B
BE0
DO NOT
REMOVE
DO NOT
REMOVE
DO NOT
REMOVE
Storage Processor
BE1
Aux 0
Aux 1
BE0
BE1
Aux 0
Aux 1
37
Enhanced Availability
Optionally, you can set up enhanced availability (EA) for the Local Collectors (LCs).
This allows you to define up to six cluster appliances (CAs) for a site to perform the
LC roles.
Contact RSA Professional Services to set up EA.
38
Reference
1. Plan the installation. Complete the Configuration Wizard Planning Worksheet planning worksheet.
Remote Collector Site in the Configuration Guide
2. Set up the RSA enVision appliance Set Up a Remote Collector Site on page 40
hardware.
3. Connect to the RC appliance using Connect to the Appliance Using a Keyboard,
a KVM switch.
Monitor, and Mouse in the Configuration Guide
4. Configure the Remote Collector
site.
39
Task
Reference
Ensure that the D-SRV1 to which the RC connects is configured and is running.
To set up a remote collector site:
1. Plan the installation. Complete the Configuration Wizard Planning Worksheet Remote Collector Site in the chapter Remote Collector Site in the Configuration
Guide.
2. Select a hardware setup location that meets the requirements for the current
installation and for future growth. For information on installing the appliance, see
the manufacturers documentation.
3. Connect the RC appliance to the LAN (through ethernet connector GB1).
40
4. Connect each of the power cords to a different power circuit for increased
reliability and availability.
5. If you are using external storage, power on the storage appliance. Wait five
minutes.
6. Power on the network switch and RC appliance.
7. Complete the enVision site configuration using the enVision Configuration
Wizard. For complete information, see the chapter Remote Collector Site in the
Configuration Guide.
41
Add an RC to a Site
The implementation of the Enhanced Availability feature for the Local Collectors is a
Professional Service package. To add a cluster appliance (CA) to perform the LC role
in a site, contact RSA Professional Services.
1. Connect a mouse, keyboard, and monitor to each of the new appliances and the
D-SRV1 appliance in a site. You can also use a Dell remote Access Controller
(DRAC) utility, if it is installed. See the Configuration Guide for more
information.
2. On each appliance in the multiple appliance site, install the latest service pack for
your version of the RSA enVision platform.
3. Determine Whether to Update Files on the D-SRV1
4. Update Files on the D-SRV1 if needed.
43
Hardware=60
(SYS-G-RSA400)
Hardware=60
(SYS-G-RSA400)
None
Hardware=60
(SYS-G-RSA400)
Hardware=RSA5xx
(SYS-G-RSA500)
Hardware=RSA5xx
(SYS-G-RSA500)
Hardware=RSA5xx
(SYS-G-RSA500)
None
Action Needed
g. Click Download Manager, and download the file to the D-SRV1 desktop.
44
Files to Extract
Directory to Which to
Extract Files
4.1 SP1
RSA_enVisionAPP4101b<buildnumber>.exe
E:\nic\installables
45
3. Connect each of the power cords to a different power circuit for increased
reliability and availability.
4. Power on the new appliance.
5. To reimage and type the new appliance, follow the instructions in Factory
Reimaging and Typing on page 73. When you are typing the appliance, use the
following parameters:
Note: You must change the passwords on the new appliance to match the
If you are typing an LC, select LC1, LC2, or LC3 for the appliance type
(select the next LC in the site in the sequence of LC1, LC2, and LC3).
If you are typing an A-SRV, select AS1, AS2, or AS3 for the appliance type
(select the next A-SRV in the site in the sequence of AS1, AS2, and AS3).
If you are typing a D-SRV, select DS2, DS3, or DS4 for the appliance type
(select the next D-SRV in the site in the sequence of DS2, DS3, and DS4).
46
7. Apply the appropriate label to the front and back of the new appliance to identify
it.
Note: RSA recommends that you install the latest RSA enVision service pack on the
Add an RC to a Site
To add an RC:
47
3. Connect each of the power cords to a different power circuit for increased
reliability and availability.
4. Power on the new appliance.
5. To reimage and type the new appliance, follow the instructions in Factory
Reimaging and Typing on page 73. When you are typing the appliance, use the
following parameters:
48
NAS Configuration
The storage options available for an RSA enVision site depend on the type of setup.
RSA enVision multiple appliance sites (using LS series appliances) and high-end
single appliance sites (ES 3060, ES 5060, and ES 7560) require external storage. The
following topics explain in detail the external storage options available:
Storage Specifications
Important: The ENV-NAS and the RSA NAS series storage arrays are preconfigured
and ready to use with the enVision platform. If you are using a third-party NAS, use
the information in the topics listed above to configure the NAS for use with the
enVision platform.
Description
ENV-NAS53-1
ENV-NAS53-2
If you use a storage system other than as listed above, the storage system must meet
the specifications defined in Storage Specifications on page 50. RSA preconfigures
the NAS. If you want to make changes to the preconfigured system, or use another
storage system, you must configure the storage system with the same features and
values described in NAS Configuration Values for VNX on page 51 or NAS
Configuration Values for Celerra on page 62.
Note: RSA does not provide support for installing or configuring third-party storage
systems. For information on configuring third-party storage, see the vendor
documentation.
7: NAS Configuration
49
You must install and configure the storage system before you install the RSA enVision
appliances and configure the enVision site. For information on configuring the
enVision site, see the Configuration Guide.
The complete VNX documentation is available to EMC Powerlink users at the
Powerlink site.
The complete Celerra NS-120 documentation is available to EMC Powerlink users at
http://powerlink.emc.com/km/appmanager/km/secureDesktop?_nfpb=true&_pa
geLabel=image6b&internalId=0b014066803bc36d&_irrt=true.
Storage Specifications
The NAS must support local user authentication and a standalone CIFS server. The
RSA enVision appliance includes four predefined local user accounts. The enVision
appliance is designed to integrate with a NAS that includes the same four local users.
Note: If you use a third-party storage system with your enVision appliance site, the
Component
Specifications
Drives (Min/Max)
4/125
Raw Capacity
Disk Processor
Enclosure Content
Data Movers (1
minimum 2
recommended, x + 1
required for
redundancy)
The minimum required specifications for the NAS 3500 and the NAS 7000 are based
on an EMC NS-120 unified storage platform. For the full specification sheet, go to
www.emc.com/collateral/hardware/specification-sheet/
h5804-celerra-ns120-ss.pdf.
50
7: NAS Configuration
The following table lists the specifications for the Celerra NS-120 that must be met by
any third-party storage system.
Component
Specifications
Storage Processors
(2 minimum)
This section describes, at a high level, the tasks that are involved in configuring the
NAS to work with the enVision platform. For each task, this section provides the
specific values that must be configured. Use the default values for settings that are not
described in this document.
For information on secure deployment of your NAS, see the Security Configuration
Guide.
Note: RSA recommends that you configure the NAS to send logs to the enVision
platform. For information on how to configure the NAS to send logs to the enVision
platform, see RSA enVision Device Configurations on RSA SecurCare Online at
https://knowledge.rsasecurity.com.
Configuration of the VNX involves the following high-level tasks:
1. Creation of Storage Pools
2. Network Interface Configuration
3. Creation of the File Systems
4. Creation of the Standalone CIFS Server
5. Creation of the CIFS Shares
7: NAS Configuration
51
For the Disk Type, use CLSAS (Standard CLARiiON disk volumes). System-defined
storage pools are set to extend automatically.
Value
Data Mover
server_2
Device Name
cge-1-0
By default, Copper Gigabit Interface zero (CGE-1-0) is the first
port available. Creating a Fail Safe Network (FSN) using the
Copper Ethernet interface provides a medium through which to
connect to the VNX.
IP Address
10.203.2.101
Configure this IP address for the physical port (CGE-1-0) on the
data mover.
Name
10-203-2-101 (optional)
10.203.2.255 (read-only)
Other values
MTU: 1500
VLAN ID: 0
State
Informational Only
52
7: NAS Configuration
Four volumes are used by default. If no LC2 or LC3 is in place, those volumes are not
needed, but you can choose to create these volumes as placeholders. You can create
vol2 and vol3, and give each volume 1 GB or less of space. If you decide to add
additional Local Collectors to your deployment, it is much easier to expand an
existing volume than it is to configure another volume.
Create the file system using either the command line interface or the Unisphere
Manager.
Important: Do not create the file systems with performance tuning options.
Setting
Value
Vol0 Vol3
Data Mover
server_2
Storage Pool
clarsas_archive
Name
Slice Volumes
Yes
Ensure that the file systems appear as shown in the following figure, with no
additional options. Performance tuning settings can cause problems with the enVision
platform.
7: NAS Configuration
53
Create the CIFS Server using the settings in the following table.
Setting
Value
CIFS Server
Data Mover
server_2
Interface
10.203.2.101 (cge-1-0)
Server Type
Standalone
Administrator Password
temp
After you complete the initial configuration, you must change
the administrator password to the value that you entered in the
Password Manager page while installing the enVision platform.
For more information, see the following section, Local Users
and Passwords.
Workgroup
WORKGROUP
NetBIOS Name
RSAVNX
Interfaces
10.203.2.101
Note: The CIFS server IP address must be the same as the enVision default switch
schema. If your enVision setup does not use the default 10.203.2.101, the CIFS server
IP address must be changed to match the address specified in the enVision setup.
54
7: NAS Configuration
master
NIC_System
NIC_sshd
NIC_sftp
7: NAS Configuration
55
Ensure that you select the CIFS server on which to make the share available, and do
not let the system select ALL.
Setting
Value
Vol0
Data Mover
server_2
File System
vol0
CIFS Server
RSAVNX
vol0
Vol1
Data Mover
server_2
File System
vol1
CIFS Server
RSAVNX
vol1
Vol2
56
Data Mover
server_2
File System
vol2
CIFS Server
RSAVNX
vol2
7: NAS Configuration
Setting
Value
Vol3
Data Mover
server_2
File System
vol3
CIFS Server
RSAVNX
vol3
availability.
If your RSA enVision site uses Enhanced Availability (EA), you must configure
iSCSI.
Configure iSCSI with the settings in the following table.
Setting
Value
1/0
LUN
Size
1 GB
10.203.2.110
SP B
10.203.2.111
Gateway
10.203.2.11
Subnet Mask
255.255.255.0
7: NAS Configuration
57
Setting
Value
Host Initiators
iqn.2006-01.nic.niceacluster:CA1.niceacluster.nic
iqn.2006-01.nic.niceacluster:CA2.niceacluster.nic
iqn.2006-01.nic.niceacluster:CA3.niceacluster.nic
iqn.2006-01.nic.niceacluster:CA4.niceacluster.nic
iqn.2006-01.nic.niceacluster:CA5.niceacluster.nic
iqn.2006-01.nic.niceacluster:CA6.niceacluster.nic
iqn.2006-01.nic.niceacluster:CA7.niceacluster.nic
iqn.2006-01.nic.niceacluster:CA8.niceacluster.nic
iqn.2006-01.nic.niceacluster:DS1.niceacluster.nic
iqn.2006-01.nic.niceacluster:DS2.niceacluster.nic
Storage Group
StorageGroup_enVision
58
7: NAS Configuration
7: NAS Configuration
59
Compare your iSCSI storage group properties to the properties shown in the following
figure.
60
7: NAS Configuration
EMC uses this feature for upgrading the code level on the back-end storage. For more
information, contact Customer Support.
7: NAS Configuration
61
For the Disk Type, use CLSTD (Standard CLARiiON disk volumes). System-defined
storage pools are set to extend automatically.
62
7: NAS Configuration
Value
Data Mover
server_2
Device Name
cge0
By default Copper Gigabit Interface zero (CGE0) is the first port
available. Creating a Fail Safe Network (FSN) using the Copper
Ethernet interface provides a medium through which to connect
to the NAS.
IP Address
10.203.2.101
Configure this IP address for the physical port (CGE0) on the
data mover.
The second IP address that the Celerra requires is configured by
default. The Celerra ships with the default Control Station IP
address 10.203.2.100 for connecting to the Celerra Manager UI.
Name
10-203-2-101 (optional)
10.203.2.255 (read-only)
Other values
MTU: 1500
VLAN ID: 0
State
Informational Only
7: NAS Configuration
63
Create the file system using the Celerra command line mode. Use the nas_fs
command to create the file systems, and the server_mountpoint and server_mount
commands to mount them.
Important: Do not create the file systems with performance tuning options.
Setting
Value
Vol0
Data Mover
server_2
Storage Pool
clar_r5_performance
Name
vol0
1363148 MB
2936012 MB
Slice Volumes
Yes
Vol1 Vol3
64
Data Mover
server_2
Storage Pool
clar_r5_economy
Name
1048576MB
2202009MB
Slice Volumes
Yes
7: NAS Configuration
After you have created all of the file systems that you require, use server_mount
server_2 to list the file systems. Ensure that the file systems appear exactly as shown
in the following figure, with no additional options. Performance tuning settings can
cause problems with the enVision platform.
Value
Services
Unicode Enabled
7: NAS Configuration
Yes
65
Setting
Value
NTP
Yes
CIFS Server
Data Mover
server_2
Interface
10.203.2.101 (cge0)
Server Type
Standalone
Administrator Password
temp
After you complete the initial configuration, you must change
the administrator password to the value that you entered in the
Password Manager page while installing the enVision platform.
For more information, see the following section, Local Users
and Passwords.)
Workgroup
WORKGROUP
NetBIOS Name
NICELERRA
Yes
Interfaces
10.203.2.101
master
NIC_System
NIC_sshd
NIC_sftp
For information on changing NAS passwords, see Changing Passwords on page 91.
66
7: NAS Configuration
Ensure that you select the CIFS server on which to make the share available, and do
not let the system select ALL.
Setting
Value
Vol0
Data Mover
server_2
File System
vol0
CIFS Server
NICELERRA
vol0
Vol1
Data Mover
server_2
File System
vol1
CIFS Server
NICELERRA
vol1
Vol2
Data Mover
server_2
File System
vol2
CIFS Server
NICELERRA
vol2
7: NAS Configuration
67
Setting
Value
Vol3
Data Mover
server_2
File System
vol3
CIFS Server
NICELERRA
vol3
Value
LUN
Data Mover
server_2
quorum
Yes
Interface
10.203.2.101 (cge0)
Storage Pool
clar_r5_economy
Name
iscsi_quorum_fs
Size
1024MB
LUN Info
68
LUN
Size
1007 MB
7: NAS Configuration
Setting
Value
iqn.2006-01.nic.niceacluster:CA1.niceacluster.nic
iqn.2006-01.nic.niceacluster:CA2.niceacluster.nic
iqn.2006-01.nic.niceacluster:CA3.niceacluster.nic
iqn.2006-01.nic.niceacluster:CA4.niceacluster.nic
iqn.2006-01.nic.niceacluster:CA5.niceacluster.nic
iqn.2006-01.nic.niceacluster:CA6.niceacluster.nic
iqn.2006-01.nic.niceacluster:CA7.niceacluster.nic
iqn.2006-01.nic.niceacluster:CA8.niceacluster.nic
iqn.2006-01.nic.niceacluster:DS1.niceacluster.nic
iqn.2006-01.nic.niceacluster:DS2.niceacluster.nic
7: NAS Configuration
69
Compare your iSCSI target properties to the properties shown in the following figure.
Compare your iSCSI LUN Mask to the properties shown in the following figure.
70
7: NAS Configuration
1. Log on as Root.
2. Click Celerras > Celerras Name > Support.
3. On the Connect Home tab, complete the fields.
4. Click Test to test the feature.
7: NAS Configuration
71
existing data.
To reimage and type an appliance, you must complete the following tasks:
1. Disable Virtual Drives.
2. Reimage the Appliances.
3. Factory Type the Appliances.
Set up either a keyboard, video, and mouse (KVM) or Dell Remote Access
Controller (DRAC) utility to connect to the appliances. See either Connect to the
Appliance Using a Keyboard, Monitor, and Mouse or Dell Remote Access
Controller Utility in the Configuration Guide.
Ensure that you have physical access to the appliance to use the DVD drive.
73
6. Use the left and right cursor keys to set Virtual Flash to Disabled.
7. Press ESC twice, and select Save Changes and Exit.
Repeat this procedure for each appliance in the multiple appliance site.
74
ES
ES with Storage
LS
3. Click Next.
4. Click Finish.
5. Click Restart.
6. For an LS appliance, select the appropriate one of the following types from the list
of appliance types:
RC1
7. Click Next.
8. Click Finish.
9. Click Restart.
75
Hardware Specifications
An RSA enVision setup may include one or more appliances, depending on the type of
setup and the type of storage used. The following topics list in detail the appliance and
storage specifications:
ES Appliance Specifications
LS Appliance Specifications
Appliance Specifications
Adequate floor loading capacity. This depends on the rack and the number of
hardware items in it.
Enough clearance in the front and the back of the rack to allow for sufficient
airflow and to enable you to access appliance components.
supported.
A: Hardware Specifications
77
ES Appliance Specifications
The following table describes the specifications of the models of the ES appliance.
560-ES
1060-ES
1260-ES
2560-ES
3060-ES
5060-ES
7560-ES
Sustained
Performance Per
Appliance (Events
Per Second)
Up to
500 EPS
Up to
Up to
Up to
Up to
Up to
Up to
1,000 EPS 1,200 EPS 2,500 EPS 3,000 EPS 5,000 EPS 7,500 EPS
Recommended
Maximum Event
Sources per
Appliance
Up to 750 Up to
1,250
Up to 6
Simultaneous
RSA enVision Users
Up to 8
Up to 9
Up to 10
Up to 11
Up to 12
Up to 14
Internal
300 GB
Internal
300 GB
Internal
300 GB
Internal
300 GB
External
2.5 TB
External
2.5 TB
External
2.5 TB
Base Storage1
Data Protection
Hardware-accelerated RAID 5
controller with auto-rebuild, and
battery-backed 256-MB
on-controller cache
Appliance Power
Options
Operating
Environment
Application
Software
Regulatory
Approvals
http://www.dell.com/downloads/global/corporate/environ/comply/pedge_r710.pdf
storage. Data storage for events is 220 GB, once you take out formatting, OS partition, and temporary nugget
partition. External storage is either the DAS 2000, RSA NAS series or ENV-NAS series.
78
A: Hardware Specifications
LS Appliance Specifications
The four models of collection (LC and RC) appliances are: LS-R601, LS-R602,
LS-L605, and LS-L610. The model of application appliance (A-SRV) is LS-A60. The
model of database appliance (D-SRV) is LS-D60.
Description
Sustained
Performance Per
Appliance (Events
Per Second)
R601
R602
L605
L610
A60
D60
Remote
Collector
1,000 EPS
Remote
Collector
2,000 EPS
Local
Collector
5,000 EPS
Local
Collector
10,000 EPS
Application
Server
Database
Server
Up to
1,000 EPS
Up to
2,000 EPS
Up to
5,000 EPS
Up to
10,000 EPS
NA
Up to
30,000 EPS
from
Collectors
512
1,024
1,500
2,048
NA
3,072
(NAS 3500)
or 6,144
(NAS 7000)
from
Collectors
NA
NA
NA
Up to 16
NA
Maximum Event
Sources Possible
NA
Simultaneous
RSA enVision Users
Operating
Environment
Base Storage
3500 GB (requires the ENV-NAS53 series or the RSA NAS series for external
storage). The D60 supports a maximum of 3,072 or 6,144 (depending on the NAS
used) event sources. An additional NAS increases the storage space. It does not
increase the supported event sources.
Data Protection
Application
Software
Regulatory
Approvals
http://www.dell.com/downloads/global/corporate/environ/comply/pedge_r710.pdf
A: Hardware Specifications
79
Appliance Specifications
The following table describes several aspects for the ES and LS Series appliances.
Category
Description
Form Factor
2U Rack mount
Operating System
Processor
Memory
Hard Disks
Two RAID 1 SAS 300 GB (3.5-inch SAS 15K Disk Drives). Data
storage for events is 220 GB, once you take out formatting, OS
partition, and temp nugget partition.
LS series A-SRV only: Six RAID 5 SAS 300 GB (3.5-inch SAS
15K Disk Drives). Usable space is 1.29 TB.
RAID
PERC 6i
Optical Drives
Connectors
Front
Two USB
One Video
Back
Network
AC Power Supply
80
Voltage
Maximum inrush
current
Under typical line conditions and over the entire system ambient
operating range, the inrush current may reach 55 A per power
supply for 10 ms or less
Power cables
Heat dispersion
A: Hardware Specifications
Category
Batteries
Dimensions
Temperature
Relative Humidity
Description
System battery
RAID battery
4.1-V lithium-ion
Height
Width
Depth
Gross weight
Operating
Storage
Operating
Storage
Maximum Shock
Altitude
Storage
Operating
Storage
Operating
A: Hardware Specifications
81
Description
Storage Connection
iSCSI
Dimensions
Operating
Environment
Power
82
Height
Width
Depth
Gross weight
Temperature
10 to 40 C (50 to 104 F)
Temperature gradient
10 C (18 F)
Relative humidity
Altitude
Frequency
4763 Hz
AC voltage
Power factor
0.98 (typical)
Power consumption
450 W (maximum)
Heat dissipation
Protection
AC circuits
Inlet type
A: Hardware Specifications
Category
Description
Storage Connection
Dimensions - each
DPE or SPE
Operating
Environment
Height
5.25 in or 13.34 cm
Width
17.5 in or 44.45 cm
Depth
24.25 in or 61.6 cm
Weight (lb/kg)
Full: 96.8/44/0
Empty: 61.8/28.1
Ambient temperature
10 to 40 C (50 to 104 F)
Temperature gradient
Relative humidity
Altitude
A: Hardware Specifications
83
Category
AC Power and
Dissipation
84
Description
AC line voltage
Frequency
AC line current
Power consumption
Power factor
Heat dissipation
In-rush current
AC protection
AC inlet type
Ride-through
Current sharing
A: Hardware Specifications
The LS multiple appliance site uses the EMC Celerra as the RSA NAS 3500 or
NAS 7000 storage array. For complete information on the storage array, see the
EMC Celerra documentation. The following table contains specification information.
Category
Description
Storage Connection
Dimensions
Operating
Environment
AC Power and
Dissipation
Height
Width
Depth
Gross weight
Ambient temperature
10 to 40 C (50 to 104 F)
Temperature gradient
Relative humidity
Altitude
AC line voltage
Frequency
AC line current
Power consumption
Power factor
Heat dissipation
In-rush current
AC protection
AC inlet type
Ride-through
Current sharing
A: Hardware Specifications
85
Operating
Environment
Description
Height
Width
Depth
Site temperature
Temperature gradient
AC Power
Relative humidity
40% to 55%
Altitude
86
A: Hardware Specifications
Rack Specifications for RSA NAS 3500 and RSA NAS 7000
The NAS 3500 and NAS 7000 are shipped in a rack provided by EMC. The following
table contains the environmental details of the rack.
Category
Dimensions
Operating
Environment
Description
Height
Width
Depth
Gross weight
Site temperature
Temperature gradient
AC Power
Relative humidity
30% to 80%
Altitude
A: Hardware Specifications
87
Operating
Environment
Power
Characteristics
88
Specification
Height
Width
Depth
Gross weight
Operating temperature
0 to 50 C (32 to 122 F)
Storage temperature
Operating humidity
5% to 80% noncondensing
Storage humidity
5% to 95% noncondensing
1A (Safety Rating)
Frequency
47-63Hz
Measured power
consumption
39 dB
A: Hardware Specifications
AC Power
Specification
Height
Width
Depth
Service Type
International connector
IEC-309-332P6
A: Hardware Specifications
89
90
When installing disk shelves and a storage system into a movable cabinet or rack,
install from the bottom up for the best stability.
Power supplies can contain over 240 volts. If mishandled, this high voltage can
cause serious injury or death. Do not touch or handle a power cable or power
supply unless you have been trained and prepared to perform this task. Always
remove the power cord before attempting to remove or work on a Power Unit.
If your storage system or disk shelf has more than one power supply cord,
disconnect all power supply cords before servicing to reduce the risk of electrical
shock.
A: Hardware Specifications
Changing Passwords
When you set up an RSA enVision site, you must create and enter certain user
passwords. The topics listed below describe how to change the passwords on the RSA
enVision appliances and the NAS in a multiple appliance site. The procedures
described in this document are limited to those components that interact directly with
enVision appliances and the NAS.
Note: The NAS password information in this section is applicable to Celerra, VNX
and any third-party storage that may be used in your enVision setup.
The following topics explain in detail how to change passwords and verify changes
made:
Additional Passwords
Troubleshooting
master
NIC_System
NIC_SSHD
NIC_SFTP
Important: You must configure the NAS with the same password values that you
specified in the Password Manager page while configuring the enVision platform.
New passwords must meet the following criteria:
Not contain more than two consecutive characters of the user account name or
parts of the users full name
B: Changing Passwords
91
Important: Use the same passwords on the NAS and the enVision appliances. If you
change the passwords on the enVision appliances so that they do not match the
passwords on the NAS, your connection to the NAS stops working.
For information on other passwords that you can change, see Additional Passwords
on page 98.
passwords. Ensure that you have the older passwords for the user accounts master,
NIC_SFTP, NIC_SSHD, and NIC_System.
To change the local user passwords:
1. Log on to D-SRV1.
2. Press CTRL+ALT+DEL.
3. Click Change Password in the Windows dialog box.
4. Complete the fields in the Change Password dialog box as follows.
92
Field
Value
Username
Log on to
Old Password
B: Changing Passwords
Field
Value
New Password
5. Click OK.
6. When prompted that you have successfully changed the password, click OK.
7. Click Cancel to exit the Windows Security dialog box.
8. Repeat step 2 through step 7 for each of the default user passwords (master,
NIC_System, NIC_sshd, and NIC_sftp).
9. To verify that the new passwords have been accepted by the NAS, follow these
steps:
a. On D-SRV1, click Start > Run.
b. In the Run field, type \\IP address for the NAS on the SWITCH network\,
for example, \\10.203.2.101\.
c. Click OK.
The Authentication dialog box opens and forces you to enter the new
password. This dialog box verifies that pass-through authentication did not
work and that the new passwords were accepted.
d. Enter the new master password to log on to the NAS. This verifies that the
master password works.
Similarly, you can log on using the other default users to ensure that the
passwords work.
script.
You must use the Password Manager Utility in the RSA enVision appliance to change
the password for the enVision appliance.
Important: To change the passwords in a multiple appliance site, you must run the
Password Manager Utility on each of the appliances. If you change the passwords on
any one of the appliances in a multiple appliance site or a multiple site domain, you
must change the passwords of all the other appliances and the NAS in the site to the
same value.
Note: You must not change the passwords manually on the enVision appliance.
B: Changing Passwords
93
You can change the following passwords using the Password Manager Utility:
1. master
2. NIC_System
3. NIC_SSHD
4. NIC_SFTP
5. DBA
To change passwords using the Password Manager Utility:
CAUTION: Do not stop or terminate the script when it is running. This may result in
Should not contain the user account name or parts of the users full name that
exceed two consecutive characters
94
B: Changing Passwords
Check that the forwarder process is running successfully on the command line
utility.
1. Restart all D-SRVs. If you have multiple D-SRVs, ensure that you restart D-SRV1
first.
2. Log on to the D-SRV that you are verifying. If the password change has
succeeded, you should not be prompted for authentication. If you are prompted,
this means the password change has failed.
B: Changing Passwords
95
96
B: Changing Passwords
B: Changing Passwords
97
Additional Passwords
In addition to recommending that you change the passwords of the four key users for
the enVision appliance and the NAS, RSA recommends that you change other default
passwords to protect the RSA enVision appliance, the NAS, and the switch.
Note: Choose strong but memorable passwords. RSA recommends that you develop a
Description
Reference
Administrator account
password
NAS Passwords
Default administrative
passwords
98
B: Changing Passwords
Password
Description
Reference
Switch Password
Default password and the
Web Management IP
Address.
Troubleshooting
Change Passwords that were Accidentally Updated Manually
You must not change the passwords manually on the RSA enVision appliance. In case
you have manually changed the passwords on any of the nodes either in a single
appliance site or in a multiple appliance site, the site lockbox does not get updated
with the new password values. The existing site lockbox would still contain the old
password values.
You can bring the enVision system back to a consistent state under the following
circumstances:
If you have manually updated the passwords of the enVision user accounts
NIC_System, NIC_SFTP, or NIC_SSHD, use the Password Manager Utility to
change these password values. If you do not update the passwords in the site
lockbox, the enVision system will be in an inconsistent state. For instructions, see
Change Passwords on the enVision Appliance Using the Password Manager
Utility on page 93.
Note: The Password Manager Utility asks for the master password when it is
run on the DSRV. Ensure that you have not manually updated the master
password in this case.
If you have manually updated the master password, you must use the
SyncPasswords.vbs script to bring back the system to a consistent state.
3. When prompted, enter the manually updated master password and press ENTER.
4. Re-enter the passwords for the enVision user accounts:
B: Changing Passwords
99
a. NIC_System
b. NIC_SSHD
c. NIC_SFTP
Ensure that the passwords meet the password policy criteria specified for enVision
user accounts.
100
B: Changing Passwords
Glossary
A-SRV
See Application Server.
ad hoc report
An unscheduled report that runs immediately.
ADB
See Asset Database.
administrator
A user responsible for setting up and maintaining the RSA enVision platform. An
administrator has access to all enVision functions.
alert
An indication that an event, or a sequence of events, requires further investigation.
The enVision platform sends alerts based on messages received under a configured set
of circumstances such as filters. The administrator defines alerts for each view.
Alert History tool
The RSA enVision tool that is used to display alerts from the events database.
Alerts module
The RSA enVision module that provides tools to monitor, display, and configure
alerts.
Analysis module
The RSA enVision module that provides tools to view, query, and analyze collected
data.
appliance
The hardware on which RSA enVision software is deployed. See single appliance site
and multiple appliance site.
Application Server (A-SRV)
The appliance or component of the RSA enVision platform that supports interactive
users and runs the suite of enVision analysis tools. In a single appliance site, the
Application Server (A-SRV) is a component of the enVision system. In a multiple
appliance site, the A-SRV is installed on its own appliance. See single appliance site
and multiple appliance site.
asset
A system, such as a host, software system, workstation, or device, that is within a
network and makes up the enterprise environment.
Asset Database (ADB)
A unified view of assets created by merging data from supported vulnerability
assessment (VA) tools and imported asset information in the asset tracking tools. The
ADB provides security managers with insight into their operations.
Glossary
101
attribute category
A group of categories defined by the RSA enVision platform for device and asset
attributes. The nine categories are properties, location, organization, owner, physical,
function, importance, vulnerability, and zone. Users can define custom categories.
bind report
A group of reports that can be scheduled to run as a single report.
collection
The process of collecting, analyzing, and storing logs from event sources. the
RSA enVision platform stores the logs, with descriptive metadata, in the Log Smart
Internet Protocol Database (IPDB).
Collector
The appliance or component of the RSA enVision platform that captures incoming
events. In a single appliance site, the Collector is a component of the enVision system.
In a multiple appliance site, the Collector is installed on its own appliance.
Common Storage Directory (CSD)
A single directory that contains the configuration and statistical information for data
collected on a site. The Common Storage Directory (CSD) can be located on a single
appliance site, on the Database Server of a multiple appliance site, or on the Remote
Collector of a distributed system.
computer name
See node.
confidence level filtering
A filter defined by the administrator to determine if a supported intrusion detection
system (IDS) or an intrusion prevention system (IPS) can be trusted for its truthfulness
and applicability. The confidence level detects if a message from an IDS or an IPS
should be considered an alert.
Configuration database (nic.db)
A repository that stores a users configuration settings such as user information,
permissions, and views.
correlation
A relationship between a set of events and a set of specific conditions.
D-SRV
See Database Server.
Database Server (D-SRV)
The appliance or component of the RSA enVision platform that manages access and
retrieval of captured events. In a single appliance site, the Database Server (D-SRV) is
a component of the enVision system. In a multiple appliance site, the D-SRV is
installed on its own appliance. See single appliance site and multiple appliance site.
device
See event source.
device class
Identifies the classification of the event source. A device class provides a framework
for organizing event sources by their general function.
102
Glossary
Glossary
103
message category
A group of messages. Message categories are hierarchical, consisting of up to five
levels: a NIC category, an alert category, and up to three levels of event category.
message variable
Defines a type of data that is extracted from message payloads. Message variables are
useful when analyzing and reporting on data.
monitored device
A supported event source that has been configured to send event messages to the
RSA enVision platform. The enVision platform collects and stores events from
monitored devices.
multiple appliance site
An RSA enVision site in which each enVision component (Application, Collector, and
Database) is on its own appliance.
NIC
The acronym used to label many essential RSA enVision components, services, and
tools.
NIC database
See Configuration database (nic.db).
NIC domain
A group of multiple appliance sites that constitute an organization's entire deployment
of the RSA enVision platform. One site acts as the NIC domain master site.
NIC message ID
A number that identifies a message. This number may or may not be the same as the
vendor message ID.
NIC System device
Generates event messages to indicate the health and activity of the RSA enVision
platform, such as disk space usage, current EPS, data retrieval statistics, and user
activity messages.
NIC_View
Allows users to monitor the health of the RSA enVision system. The NIC_View alerts
users to problems within the enVision software environment.
node
An appliance in an RSA enVision site.
output action
Configured notification method for alerts. The primary output actions are SMTP,
SNMP, SNPP, Instant Messenger, syslog, run a command, text file, and task triage.
Overview module
The RSA enVision module that provides tools to configure the enVision platform and
monitor system health and performance.
RC
See Remote Collector.
104
Glossary
Glossary
105
106
Glossary