RSA EnVision 3.5.x Getting Started Guide 60 Series

RSA enVision
Getting Started Guide

enVision 3.5.x
60 Series
Revision 1
Copyright 1996 - 2007 RSA Security Inc.

enVision, Enterprise Dashboard, and Internet Protocol Database (IPDB) are trademarks of RSA Security Inc.
LogSmart is a registered trademark of RSA Security Inc.
All other trademarks, service marks, registered trademarks, registered service marks mentioned in this
document are the property of their respective owners.
Information in this document is subject to change without notice. The software described in this document is
furnished under a license agreement or nondisclosure agreement. No part of this publication may be reproduced,
stored in a retrieval system, or transmitted in any form or any means electronic or mechanical, including
photocopying and recording for any purpose other than the purchasers personal use without the written
permission of RSA Security Inc.
RSA Security Inc.
200 Lowder Brook Drive, Suite 2000
Westwood, MA 02090
U.S.A.
781.375.9000
End-User License Agreement

This End-User License Agreement ("EULA") is entered into between
RSA Security Inc. (RSA, we, "our" or us) and the Customer
(Customer, "you" or your) identified on an accepted sales or
purchase order (Order Agreement) for use of the software listed on
the same and all associated media (collectively, the Software) and all
related printed materials and "online" or electronic documentation
(collectively, the Documentation). You agree to be bound by the
terms of this EULA.
1.
Grant of License. The Software is licensed, not sold, and the

license granted herein is non-exclusive and nontransferable. You
may use the purchased quantity of Software on the single
computer that it is purchased with, and you may make one (1)
copy of the Software and Documentation solely for backup or
archival purposes. Additional Software products available from
RSA may have additional provisions pursuant to the relevant
order documentation. You may not rent, lease, sublicense, assign
or otherwise transfer either the Software or Documentation. You
also may not publicly publish any performance test results
regarding use of the Software.
only in accordance with this EULA.

5.
Title and Copyright. Except for the rights expressly granted

herein, all right, title and interest in and to the Software and
Documentation shall remain solely with RSA. For purposes of
Section 117 of the Copyright Act of 1976, as amended, and for all
other purposes, RSA shall be considered the owner of the
Software and Documentation and any copies thereof, and of all
copyright, trade secret, patent, trademark and other intellectual
property rights therein. Certain of the Software products provided
hereunder may be owned by one or more third parties and
licensed to RSA (Embedded Software). You and we intend and
agree that Software products provided hereunder and owned by
any third parties are being sublicensed to you and that such third
parties retain ownership of and title to such products.
6.
You may receive the Software in more than one medium.

Regardless of the type or size of the media you receive, you may
use only that one medium that is appropriate for the single
computer indicated on the order documentation. You may not use
or install the other medium on another computer. You may not
loan, rent, lease, or otherwise transfer the other medium to
another user.
7.
U.S. Government Restricted Rights. The Software and

Documentation are provided with restricted rights. Use,
duplication, or disclosure by the Government is subject to
restriction as set forth in subparagraph (c)(1)(ii) of the Rights in
Technical Data and Computer Software clause at DFARS 252.2277013 or subparagraphs (c)(1) and (2) of the Commercial
Computer Software Restricted Rights at 48 CFR 52.227-19, as
applicable. Manufacturer is RSA Security, Inc., as successor-ininterest by operation of law to Network Intelligence Corporation,
200 Lowder Brook Dr., Suite 2000, Westwood, MA 02090.
8.
Governing Law and Jurisdiction.

This EULA shall be
construed, and the relations of the parties shall be determined, in
accordance with the laws of the Commonwealth of Massachusetts
in the United States, as such laws apply to contracts between
residents of Massachusetts. Neither the United Nations Treaty for
International Sale of Goods nor the Uniform Computer
Information Transactions Act (UCITA) shall govern this
Agreement. If any or all portions of the Software were acquired
outside of the United States, local laws may apply.
9.
a) Limited Software Warranty. RSA warrants that the

Software, as delivered, will conform in all material respects to the
user documentation for a period of ninety (90) days from the
date of shipment (the Warranty Period).
The following license provisions shall apply for use of the

Software identified in a purchase as Test and/or Standby;
a) Test:
Test systems are licensed for non-production
environments only.
b) Standby: (i) Standby systems are licensed for use as coldstandby deployments only, except as specifically provided in
this sub-paragraph; (ii) In the event the production system
that the Standby system has been purchased with is
unavailable due to failure or maintenance, the Standby system
may be used in a production environment. In no event may
redundant system pairs operate concurrently beyond the use
required due to failure or maintenance. Use of the Standby
system in a production environment shall be subject to the
license restrictions of the production environment it is
replacing.
2.
3.
4.
Other rights and limitations. You may not Reverse engineer,

decompile, disassemble or otherwise attempt to derive the source
code of the Software. You may not modify, copy (except as
authorized herein), translate or create derivative works of the
Software, or alter, remove or obscure any copyright, trademark or
other proprietary notice or disclaimer, or any export restriction or
similar notice, contained on the Software or Documentation. You
shall reproduce all such notices on any copy of the Software or
Documentation made in accordance with this EULA. The Software
is licensed as a single product. Its component parts may not be
separated for use on more than one computer. You shall notify us
promptly in writing of any unauthorized distribution, possession,
alteration, transfer, reproduction or other unauthorized use of the
Software or Documentation, or any improper or wrongful use of
our trademarks or trade names, of which you become aware.
Term and Termination. Unless earlier terminated in accordance
with the provisions set forth herein, the term of this EULA shall be
perpetual. Without prejudice to any other rights, we may
terminate this EULA if you fail to comply with any of the terms or
conditions hereof. Upon termination, you shall cease using the
Software and destroy all copies of the Software and
Documentation in your possession.
Upgrades. If the Software is an upgrade of a RSA or Network
Intelligence branded product, you may use that upgraded product
b) Hardware Warranty. For hardware products purchased

after January 1, 2007, RSA warrants that the Hardware will be
free from Material Defects in materials and manufacturing
workmanship for a period of ninety (90) days from the date of
shipment (Hardware Warranty Period). RSAs obligations
with respect to the hardware warranty under this section are
subject to the limitations set forth in Section 10 (b) below.
10. Remedies. a) Software. RSAs sole responsibility under the
limited warranty will be to use reasonable efforts to correct
material reproducible errors in the Software that are reported to
RSA within the Warranty Period or, if any material reproducible
error in the Software cannot be corrected using commercially
reasonable efforts, to refund the license fee paid by you to us.
RSA does not warrant that the Software will be free of errors, or
that all program errors will be corrected. The foregoing states our
entire liability to you, and your exclusive remedy for, a breach of
the limited warranty. If we determine that any reported problem
with the Software for which you request warranty services is not
covered by the warranty hereunder, you shall pay or reimburse
us for all costs of investigating and responding to such request at
our then prevailing time and materials rates. In no event shall we
have any obligation to make repairs or replacements required, in
whole or in part, as the result of: (i) normal wear and tear; (ii)
accident, disaster, or event of force majeure; (iii) misuse, fault, or
negligence of or by you; (iv) use of the Software in a manner for
which it was not designed; (v) causes external to the Software;
or, (vi) use of the Software in combination with equipment or
software not supplied by RSA, including but not limited to any
operating system software. Any replacement Software will be
warranted for the remainder of the original warranty period or
thirty (30) days from the date of delivery, whichever is longer.
Outside the United States, neither these remedies nor any
support services offered by RSA are available without proof of
purchase from an authorized reseller.
b) Hardware. A Material Defect is any reported malfunction, error
or other defect in the hardware reported during the Hardware
Warranty Period that can be reproduced by us and constitutes a
material substantial nonconformity from the Software
documentation. We shall have no obligation to correct a Material
Defect or provide other support services if the Material Defect in
the hardware is caused by a malfunction of hardware or software
not supplied by us, modification of the hardware not made by or
authorized by us, operator error, use of the hardware in a
manner not in accordance with the hardware documentation, or
use of the hardware does not include all updates available from
RSA. Notwithstanding anything to the contrary contained herein,
we do not in any event warrant or represent that all Material
Defects in the hardware, can or will be corrected. If a material
defect is identified in the hardware during the maintenance period
covering the hardware, we shall use commercially reasonable
efforts to provide one of the following at our sole discretion: (1)
an electronic remedy; (2) spare part replacement; or, (3)
Advance Replacement of Hardware as defined in the Software
and Hardware Maintenance Agreement.
11. No Other Warranties. TO THE MAXIMUM EXTENT PERMITTED
BY APPLICABLE LAW, THE EXPRESS WARRANTIES SET FORTH
HEREIN ARE THE ONLY WARRANTIES GIVEN BY RSA WITH
RESPECT TO THE SOFTWARE FURNISHED HEREUNDER. RSA
MAKES NO OTHER WARRANTIES, EXPRESS, IMPLIED OR

ARISING BY CUSTOM OR TRADE USAGE, AND SPECIFICALLY
MAKES NO WARRANTY OF MERCHANTABILITY OR FITNESS FOR
ANY PARTICULAR PURPOSE.
SAID EXPRESS WARRANTIES
SHALL NOT BE ENLARGED OR OTHERWISE AFFECTED BY RSAS
RENDERING OF TECHNICAL OR OTHER ADVICE OR SERVICE IN
CONNECTION WITH THE PRODUCTS.
12. Limitation of Liability. RSAS LIABILITY IN CONTRACT, TORT,
OR OTHERWISE ARISING OUT OF OR IN CONNECTION WITH
ANY PRODUCTS, OR ANY OUTPUT OF ANY PRODUCTS OR ANY
SALES OR LICENSE AGREEMENT WITH YOU SHALL NOT EXCEED
THE AMOUNT PAID BY YOU TO RSA FOR PRODUCTS. IN NO
EVENT SHALL RSA BE LIABLE FOR ANY SPECIAL, INCIDENTAL,
TORT, OR CONSEQUENTIAL DAMAGES (INCLUDING ANY
DAMAGES RESULTING FROM LOSS OF USE, LOSS OF DATA,
LOSS OF PROFITS OR LOSS OF BUSINESS) ARISING OUT OF OR
IN CONNECTION WITH THE PERFORMANCE OF THE PRODUCTS
OR RSAS PERFORMANCE OF SERVICES, EVEN IF RSA HAS BEEN
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
13.
Confidentiality. You agree to hold the Software and

Documentation in strict confidence and not to disclose or make
available the same in any form to any third party unless required
by law.
14. Entire Agreement. This EULA constitutes the entire agreement

between the parties regarding the subject hereof and supersedes
all prior or contemporaneous agreements, understandings, and
communications, whether written or oral. This EULA may only be
amended by you with a written document signed by both parties.
The terms on any Order Agreement or similar document will have
no effect.
15. Miscellaneous. You may not delegate any duties nor assign any
rights hereunder without our prior written consent and any such
attempted delegation or assignment shall be deemed void absent
our consent. In the event that any provision contained herein
shall be held by a court of competent jurisdiction to be invalid,
illegal, or unenforceable in any respect, the validity, legality, and
enforceability of the remaining provisions contained herein shall
not in any way be affected or impaired thereby. The failure by
either party to enforce, or the waiver by either party of a breach
of any provision contained herein shall not constitute a waiver of
any
other
breach
or
of
such
provision.
Software and Hardware Maintenance Agreement

This Software and Hardware Maintenance Agreement (SHMA) is entered into between RSA Security Inc. (RSA, we, "our" or us) and the Customer
(Customer, "you" or your) identified on an accepted sales or purchase order (Order Agreement) for maintenance. Subject to the terms and
conditions of this SHMA and payment of the appropriate fees, we agree to provide certain technical support services (Support Services) to you. This
Agreement provides maintenance and support on both the Software and hardware products.
1.
Support Services.
a)
b)
c)
d)
e)
Support Access. Qualified personnel will: (1) Aid in the

diagnosis of, and correct, Material Defects in the Software
and hardware (as defined below); and, (2) Provide advice
through selected examples on how to use the Software and
hardware by way of phone, e-mail, and web-based technical
assistance. We will provide such reasonable support for
unaltered versions of the Products. The number for
telephone support is (781) 375-9000, or such other number
or numbers as we shall advise you of from time to time. All
support hours are U.S. Eastern Time and shall be
determined by your purchased Coverage level. Standard and
Extended Coverage hours shall be subject to change by RSA
upon written notice and exclude holidays that RSA is not
open for business. Partial coverage of a Customers Software
and/or hardware is not permitted.
i)
Standard Coverage: Monday through Friday, 8:30 a.m.

5:30 p.m., local customer time.
ii)
Premium Coverage: Twenty-four (24) hours a day,

seven (7) days a week.
2.
3.
Software Updates. We shall make available all bug fixes,

updates, and enhancements to the Software that we in our
sole discretion: (1) deem to be logical improvements to the
Software; (2) make generally available to licensees of the
Software; and, (3) do not separately price or market. RSA
shall also provide all core appliance operating system
upgrades provided that the Customer has a current support
agreement. This does not include additional software or
operating system variants that are required for optional
capabilities. The application of a new operating system may
require that Customer reimages the hardware appliance so
that the updates apply properly. Application of any operating
system other than that provided by RSA shall void
Customers appliance warranty.
Material Defect. A Material Defect is any reported
malfunction, error or other defect in the Software that can
be reproduced by us and constitutes a material substantial
nonconformity from the Software documentation. We shall
have no obligation to correct a Material Defect or provide
other support services if the Material Defect in the Software
is caused by a malfunction of hardware or software not
supplied by us, modification of the Software not made by or
authorized by us, operator error, use of the Software in a
manner not in accordance with the Software documentation,
or use of the Software does not include all updates available
from RSA or a Material Defect is due to the installation of
third-party software not provided by or approved by RSA.
Notwithstanding anything to the contrary contained herein,
we do not in any event warrant or represent that all Material
Defects, whether in Software or hardware, can or will be
corrected.
Response Process for Material Defects. If a Material Defect is
identified in the Software, we shall use commercially
reasonable efforts to provide one of the following at our sole
discretion: (1) an existing or new correction; and, (2) a
viable work around or plan for correction of the Material
Defect.
Knowledge Base. You shall have access to the RSA on-line
help RSA SecurCare Online knowledge base.
4.
Hardware Support Services.

a)
Material Defect. If a material defect is identified in the

hardware during the maintenance period covering the
Hardware, we shall use commercially reasonable efforts to
provide one of the following at our sole discretion: (1) an
electronic remedy; (2) spare part replacement; or, (3)
Advance Replacement of Hardware.
b)
Advance Replacement. Solely on the approval of a RSA

customer care representative and subject to the RSA Return
Material Authorization (RMA) procedures, we shall use
commercially reasonable efforts to Advance Replace a
defective hardware component. Advance Replacement shall
mean to ship a replacement hardware component to you
prior to the defective hardware component being returned to
us for repair. Any hardware shipped under the RMA
provisions shall have the same licensed capacity as the
original Products but may be an upgraded model of the
hardware.
Obligations of Customer.
a)
Cooperation. During the term of this SHMA, you agree to:

Notify us immediately upon discovery of any Material Defect
in the Product; Properly back-up the Product; Maintain an
electronic mail link-up with us via the Internet; Provide
access (electronic or physical) to your system containing the
Product at no cost if such is required to provide the Support
Services, including but not limited to, the necessary
computer time and related support services required by us;
and, Provide any other reasonable supporting data and
assistance to aid in the identification and correction of
Material Defects.
b)
Designated Contact. You shall designate a contact person

from your organization (which may be changed by notice to
us, the "Designated Contact") to be the sole contact
between you and us for the coordination and receipt of the
Support Services. The Designated Contact shall be
knowledgeable of the operation of your system containing
the Product and your use of the Product. The Designated
Contact shall be trained on the proper use of the Product.
c)
End-User License Agreement. During the term of this SHMA,

you will maintain in effect the End-User License Agreement
for each Software Product you have purchased. If the EndUser License Agreement is terminated for any reason, this
SHMA will terminate concurrently therewith.
d)
Intellectual Property Rights. We and you agree that

ownership and use of any and all Software Products and any
related confidential information, documentation or other
materials provided hereunder, including without limitation
any and all updates and upgrades to Software Products
subsequently provided to you, shall be governed by the EndUser License Agreement.
Fees, Term and Termination for Software and Hardware

Maintenance.
a)
Initial Term. The Initial Term of this Agreement, covering

the combined Software and hardware maintenance and
support, is twelve (12) months (or such longer period if
indicated and purchased via an Order Agreement) and shall
commence on the first day the Product is registered with

RSA, or thirty (30) days from the date of purchase,
whichever occurs first.
b)
c)
d)
5.
Renewal Term. Your current Maintenance Support shall

automatically renew in annual terms (Renewal Terms). The
fee for the Renewal Term shall be provided to you with no
less than thirty (30) days notice prior to the commencement
of the new term. You may discontinue Support Services in
Renewal Terms by providing written notice terminating this
SHMA prior to the effective date of the Renewal Term.
Hardware warranty expiration dates, for hardware purchased
prior to January 1, 2007, shall be the later of the date
originally granted by the initial hardware purchase from RSA
(or Network Intelligence) or the termination date of the then
current year of Software maintenance under this Agreement.
Reinstatement Fees for Lapsed Maintenance Support. If you
choose to allow this SHMA to lapse, you may at a later time
elect to reinstate this SHMA and receive the Support
Services in exchange for the applicable fees. Reinstatement
shall become effective upon payment of the following: (i)
the then current annual Maintenance Support Fee for the
Renewal Term, and (iii) the prorated SHMA Fee allocable to
the lapsed period from the effective date of termination to
the effective date of reinstatement of this SHMA.
Termination. In addition to any termination pursuant to the
provisions of clause (b) above, this SHMA may further be
terminated: by either party in the event the other party
materially breaches a provision of this SHMA and the
breaching party fails to cure such breach within thirty (30)
days after notice of such breach from the non-breaching
party; provided, however, that this SHMA may not be
terminated if such breach cannot be cured within such thirty
(30)-day period and the breaching party takes steps within
such thirty (30) day period to cure the breach and thereafter
cures such breach as soon as practicable.
Limited Warranty and Limitation of Liability.

a)
Standard of Care. We warrant that the Support Services will

be provided in a professional manner. b) No Other
Warranties. TO THE MAXIMUM EXTENT PERMITTED BY
APPLICABLE LAW, THE EXPRESS WARRANTIES SET FORTH
HEREIN ARE THE ONLY WARRANTIES GIVEN BY RSA WITH
RESPECT TO THE SERVICES FURNISHED HEREUNDER. RSA
MAKES NO OTHER WARRANTIES, EXPRESS, IMPLIED OR
ARISING BY CUSTOM OR TRADE USAGE, AND
SPECIFICALLY
MAKES
NO
WARRANTY
OF
MERCHANTABILITY OR FITNESS FOR ANY PARTICULAR
PURPOSE. SAID EXPRESS WARRANTIES SHALL NOT BE
ENLARGED OR OTHERWISE AFFECTED BY RSAS
RENDERING OF TECHNICAL OR OTHER ADVICE OR
SERVICE IN CONNECTION WITH THE PRODUCT.
c)
Limitation of Liability. RSAS LIABILITY IN CONTRACT,

TORT, OR OTHERWISE ARISING OUT OF OR IN
CONNECTION WITH ANY SERVICES, PRODUCTS, OR ANY
OUTPUT OF ANY PRODUCTS OR ANY SALES OR LICENSE
AGREEMENT WITH YOU SHALL NOT EXCEED THE AMOUNT
PAID BY YOU TO RSA IN MAINTENANCE SUPPORT FEES
FOR THE PRIOR TWELVE (12) MONTH PERIOD. IN NO
EVENT SHALL RSA BE LIABLE FOR ANY SPECIAL,
INCIDENTAL, TORT, OR CONSEQUENTIAL DAMAGES
(INCLUDING ANY DAMAGES RESULTING FROM LOSS OF
USE, LOSS OF DATA, LOSS OF PROFITS OR LOSS OF
BUSINESS) ARISING OUT OF OR IN CONNECTION WITH
THE PERFORMANCE OF THE PRODUCTS OR RSAS
PERFORMANCE OF SERVICES, EVEN IF RSA HAS BEEN
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
6.
Force Majeure. In the event that either party is prevented from

performing any of its non-monetary obligations under this SHMA
due to any cause beyond its reasonable control, the affected
party's performance shall be excused and the time for
performance shall be extended for the period of delay due to
such occurrence.
7.
Governing Law and Jurisdiction. This SHMA shall be

construed, and the relations of the parties shall be determined, in
accordance with the laws of the Commonwealth of Massachusetts
in the United States, as such laws apply to contracts between
residents of Massachusetts. Neither the United Nations Treaty for
International Sale of Goods nor the Uniform Computer
Information Transactions Act (UCITA) shall govern this
Agreement. All disputes arising under this Agreement shall be
brought in the District Court of the Commonwealth of
Massachusetts in Middlesex County or the Federal District Court
of Eastern Massachusetts as permitted by law.
8.
Entire Agreement. This SHMA constitutes the entire agreement

between the parties regarding the subject hereof and supersedes
all prior or contemporaneous agreements, understandings, and
communications, whether written or oral. This SHMA may only be
amended by you with a written document signed by both parties.
The terms on any Order Agreement or similar document will have
no effect.
9.
Miscellaneous. You may not delegate any duties nor assign any
rights hereunder without our prior written consent and any such
attempted delegation or assignment shall be deemed void absent
consent from us. In the event that any provision contained herein
shall be held by a court of competent jurisdiction to be invalid,
illegal, or unenforceable in any respect, the validity, legality, and
enforceability of the remaining provisions contained herein shall
not in any way be affected or impaired thereby. The failure by
either party to enforce, or the waiver by either party of a breach
of any provision contained herein shall not constitute a waiver of
any other breach or of such provision.
Table of Contents
Table Of Contents
1. Introduction...................................................................................................................... 1-1
Site Deployment.......................................................................................................................................... 1-2
2. Single Appliance Site....................................................................................................... 2-1

Site Setup Tasks .......................................................................................................................................... 2-2
Configuration Wizard Planning Worksheet Single Appliance Site............................................................. 2-4
Name the Site ....................................................................................................................................... 2-4
IP Address ............................................................................................................................................ 2-5
Identify External Storage (NAS 3500)................................................................................................. 2-5
DNS Servers......................................................................................................................................... 2-6
Time ..................................................................................................................................................... 2-7
Network Time Protocol (NTP)...................................................................................................... 2-7
Local Site Time............................................................................................................................. 2-7
External IP Address.............................................................................................................................. 2-8
3. Multiple Appliance Site ................................................................................................... 3-1

Appliance Types.......................................................................................................................................... 3-2
Appliance Types in a NIC Domain ...................................................................................................... 3-3
Site Access in the NIC Domain............................................................................................................ 3-4
Hardware in a Multiple Appliance Site ....................................................................................................... 3-5
Site Setup Tasks .......................................................................................................................................... 3-6
Configuration Wizard Planning Worksheet Multiple Appliance Site ......................................................... 3-9
NIC Domain ......................................................................................................................................... 3-9
Site ....................................................................................................................................................... 3-9
Name the Site................................................................................................................................ 3-9
Identify Appliances In the Site........................................................................................................... 3-10
Identify External Storage (NAS 3500)............................................................................................... 3-10
DNS Servers....................................................................................................................................... 3-11
Time ................................................................................................................................................... 3-12
Network Time Protocol (NTP).................................................................................................... 3-12
Local Site Time .................................................................................................................................. 3-12
Site to Site Connection....................................................................................................................... 3-13
Data Server (D-SRV) External IP Address ........................................................................................ 3-13
4. Multiple Appliance Site with Enhanced Availability ...................................................... 4-1

5. Remote Collector Site ...................................................................................................... 5-1
Site Setup Tasks .......................................................................................................................................... 5-2
Configure the FTP Server on the D-SRV............................................................................................. 5-4
Verify the RC Configuration................................................................................................................ 5-5
Configure the Data Forwarding Task................................................................................................... 5-6
Test the Configuration.......................................................................................................................... 5-7
Configuration Wizard Planning Worksheet Remote Collector Site ............................................................ 5-8
Name the Site ....................................................................................................................................... 5-8
Identify Appliance................................................................................................................................ 5-9
DNS Servers....................................................................................................................................... 5-10
Time ................................................................................................................................................... 5-11
Network Time Protocol (NTP).................................................................................................... 5-11
Local Site Time........................................................................................................................... 5-11
Site to Site Connection....................................................................................................................... 5-12
Data Server (D-SRV) External IP Address ........................................................................................ 5-12
RSA enVision Getting Started Guide
vii
Table of Contents
6. Next Steps ........................................................................................................................ 6-1

Set Up enVision........................................................................................................................................... 6-1
Log In to enVision....................................................................................................................................... 6-3
Minimum Local Access Requirements................................................................................................. 6-4
Log Out of enVision.................................................................................................................................... 6-5
Appendix A. Hardware Specifications and Requirements ................................................... A-1

Hardware Location ..................................................................................................................................... A-1
RSA enVision Appliance ........................................................................................................................... A-2
Appliance Layout ................................................................................................................................ A-2
Front Panel ................................................................................................................................... A-2
Hard-Drive Indicator Codes.................................................................................. A-4

Back Panel.................................................................................................................................... A-6
Power Indicators ................................................................................................... A-7

ES Appliance Model Specifications.................................................................................................... A-8
LS Appliance Model Specifications.................................................................................................... A-9
ES and LS Series RSA enVision Appliance Specifications .............................................................. A-10
ES Storage Array...................................................................................................................................... A-12
LS Storage Array............................................................................................................................... A-13
EMC Celerra N352 .................................................................................................................... A-13
EMC Celerra NS22 .................................................................................................................... A-14
Network Switch................................................................................................................................. A-15
Rack................................................................................................................................................... A-16
Multiple Appliance Site - Cabling Examples .................................................................................... A-17
Safety and Regulatory Statements..................................................................................................... A-19
Appendix B. Connect to the Appliance Using a Keyboard, Monitor, and Mouse (KVM) ...B-1
Front Panel ..................................................................................................................................................B-2
Back Panel...................................................................................................................................................B-3
Appendix C. Dell Remote Access Controller Utility (DRAC)..............................................C-1

Ports Used by enVision for DRAC (Dell Remote Access Control) Utility .................................................C-1
Set Up the Remote Access Controller (Utility) ...........................................................................................C-2
Access the Appliance from a Remote Location...........................................................................................C-4
Appendix D. Changing Private enVision Network IP Addresses......................................... D-1

Rename IPaddress for Each Appliance before Setting Up Your Site ......................................................... D-2
Change IPaddresses in enVision Configuration Wizard to Match Renamed Appliance Addresses........... D-3
Appendix E. Customer-Provided Storage..............................................................................E-1

EMC Celerra Storage ...........................................................................................................................E-2
NAS 3500 Requirements......................................................................................................................E-2
Network Configuration.........................................................................................................................E-3
NAS 3500 Configuration......................................................................................................................E-4
CIFS Server...................................................................................................................................E-4
Local Users ...................................................................................................................................E-4
File Systems/CIFS Shares Combinations......................................................................................E-5
enVision 3.7.x and EA .........................................................................................................................E-6
NetApp FAS Series ...........................................................................................................................E-7
CIFS shares and Directory Structure.............................................................................................E-8
Hardware Requirements................................................................................................................E-8
Setup Requirements ......................................................................................................................E-9
Connecting RSA enVision Appliances to the NetApp FAS........................................................E-10
NetApp CIFS File Storage Authentication..................................................................................E-12
viii
Table of Contents
Local User Authentication Method using Existing enVision Users ....................E-12

NetApp Multistore Authentication Method .........................................................E-12
Authentication of the NetApp FAS to the enVision Appliance through Adding the
NetApp FAS to the enVision Windows Domain.................................................E-13
NetApp CIFS Configuration .......................................................................................................E-15
ix
Preface
Preface
This guide contains information on configuring your RSA enVision site.
Audience
The Getting Started Guide is for system administrators who need to configure an enVision site.
Documentation Set
The enVision documentation set consists of the following:
Documentation
Description
Getting Started
Instructions on configuring your enVision site.
Migration Guide
Instructions on migrating your data from a previous version of

enVision to the current version. (not available for beta release)
Online Help
Comprehensive online guide to setting up enVision processing

options and using enVision analysis tools.
Go to https://knowledge.rsasecurity.com and log into RSA SecurCare Online to download all product
documentation.
Conventions
This guide uses the following conventions:
Item
Formatting
Literal values (values that the user

must type)
Bold font.
Fields, buttons, menu items, and so

forth
Bold font. (Note: Screen names are not bold.)
Keys (on the keyboard)
Example: Type New Report.
Example: Type New Report in the Description field on the Report

Setup window.
Bold font.
Example: Press Enter.
xi
Preface
Contact RSA
Contact RSA at:
200 Lowder Brook Drive
Suite 2000
Westwood, MA 02090
U.S.A.
Telephone: 781.375.9000
Fax: 781.375.9100
World Wide Web: http://www.rsa.com/node.aspx?id=3170
Sales
You can purchase enVision directly from our dedicated team of sales professionals or through our
North American and international resellers. Call us at 781.375.9000 or send us an email at nicsales@rsa.com.
Technical Support
Technical support is available during business hours via telephone at 800.995.5095 (Option #4 from
the menu).
You can also send email to the support team at nic-support@rsa.com.
Go to https://knowledge.rsasecurity.com and log into RSA SecurCare Online to:
review the Support Knowledge Base for troubleshooting, tips, FAQs, and so forth.
download all product documentation.
Revision Tracker
xii
Revision
Number
Date
Revision
12/13/07
Made several changes to the appendices for EMC Celerra NS22 hardware
offering. Changed every NAS instance to NAS 3500.
1. Introduction
1. Introduction
RSA enVision is a feature-rich compliance and security application. It allows you to automatically
capture and analyze log information from your network, security, application, operating and storage
environments. enVision's LogSmart Internet Protocol Database (IPDB) provides the only
architecture proven to automatically collect and protect all the data, from any network device, without
filtering or agents. It gives you a true picture of how your network is being used, and by whom. It
independently monitors your network to verify security policies, to generate alerts for possible
compliance breaches, and to analyze and report on network performance.
enVision is tightly coupled with its underlying appliance operating system and hardware, and together
they comprise a highly scalable platform that provides guaranteed levels of performance, plus the
ability to grow over time.
enVision is made up of three components:
Application - supports interactive users and runs the suite of analysis tools.
Collector - captures incoming events.
Database - manages access and retrieval of captured events.
1-1
1. Introduction
Site Deployment
enVision is deployed on a site basis. The enVision components are deployed based on the type of site
you have. There are two types of sites:
Single appliance site.

The ES series appliances are designed to operate in a stand-alone, non-distributed mode. They
have all three enVision components - Application, Collector, and Database - installed on one
appliance. The single appliance is a site. Some single appliance sites have an external storage
system.
See Chapter 2, Single Appliance Site, for information on a single appliance site.
Multiple appliance site.

The LS series appliances are designed to operate in a distributed installation. Each enVision
component - Application, Collector, and Database - is on its own appliance. The appliances
together form a site. Distributed multiple appliance sites allow multiple installations of any of
the three appliance types to be deployed in order to manage the variety of network
infrastructures found in production environments. All multiple appliance sites have external
storage systems.
See Chapter 3, Multiple Appliance Site, for information on a multiple appliance site.
Multiple appliance sites, can host a Remote Collector (RC) site. See Chapter 4, Remote
Collector Site, for information on associating a Remote Collector site with a multiple
appliance site.
enVision version 3.5.0 allows you to run version 3.3.6 and 3.5.0 of enVision within a multi-site
deployment, where versions differ across sites in a NIC Domain but the same version runs on all
systems within a site.
Please do not make any updates to your Microsoft Windows environment (e.g., change the
name of LAN interface, add IP addresses) prior to installing enVision.
1-2
2. Single Appliance Site

The ES series appliances are designed to operate in a stand-alone, non-distributed mode. The ES
appliances have all three enVision components - Application, Collector, and Database - installed on
one appliance. The single appliance is a site.
There are two enVision appliance series used for single appliance sites:
ES Series with local storage - designed for the unique requirements of the small/medium
sized business, up to enterprise-wide installations. The ES series achieves the industry's
lowest total cost of ownership (TCO) for organizations that need to manage up to 2,500
sustained events per second from up to 256 source devices without sacrificing any of the realtime or historical analysis.
ES Series with external storage - designed for the enterprise, where fleets of devices are
often deployed to enforce, monitor, and manage security. The ES series with external storage
has been architected to handle over 7,500 sustained events per second (EPS) from up to 1,250
source devices while supporting up to 16 simultaneous online users and still have plenty of
horsepower to spare for real-time and historical event research and analysis. This translates
into over 640 million events per day.
There are different models within each of these types. The appliance model you use depends on your
needs.
See Appendix A, Hardware Specifications and Requirements, for information on the appliances and the
external storage.
2-1
Site Setup Tasks

Here are the configuration tasks for a single appliance site (see Appendix C, Remote Access Controller
Utility, if you want to configure enVision on your appliance from a remote location).
Task
Activity
Complete the enVision Configuration Wizard Planning Worksheet - Single Appliance

Site in this chapter.
Select a hardware setup location that meets the requirements for the current installation and
for future growth. See Appendix A, Hardware Specifications and Requirements, for
location requirements.
See the appliance documentation for information on installing the appliance.
If your site has external storage, see the storage system documentation for information on
installing the storage system.
2-2
Connect each ES appliance in the site to the LAN.
If your ES appliance has external storage, connect the storage system to the ES appliance.
Connect the power cords, each using a different power circuit (this provides increased
reliability and availability).
Task
Activity
Power on the storage system, if applicable. Wait 5 minutes prior to powering on the
servers.
Power on the ES appliance.
Connect to the appliance using a KVM switch. (You can also connect remotely using
DRAC instead of using a local KVM. See Appendix C, Dell Remote Access Controller
(DRAC) Utility, for instructions.)
The Configuration Wizard starts automatically.
Complete the enVision Configuration Wizard as follows:

a.
Complete each window in the wizard.

You can click Back to scroll back through the windows in the wizard to review or
change information.
You can click Cancel to cancel the configuration process. If you click Cancel at
any time while using the wizard, you must restart the wizard to configure your
site. To restart the wizard, double-click the lsconfiguration.exe file in the
c:\windows\installations directory.
b.
Prior to completing the configuration process, the wizard displays the Review
Page window. Verify everything is correct on the Review Page. Click Finish. (If
the Review page is not correct, click Cancel and check your hardware setup.)
c.
As the last step in the configuration process, the wizard displays the enVision
Configuration Wizard Log window. The log shows the steps the system is
performing to configure the site. The system restarts several times while
completing the setup.
The setup process takes approximately 30 minutes to complete.
The appliance restarts automatically when the site configuration process is
complete.
After the site configuration is complete, you must set up the processing options in enVision. See
Chapter 6, Next Steps, for more information.
You cannot change any of the site configuration options after the wizard is finished.
Complete the enVision Configuration Wizard Planning Worksheet - Single Appliance
Site in this chapter prior to starting the wizard.
2-3
Configuration Wizard Planning Worksheet

Single Appliance Site
Name the Site
Site Name
A valid site name is a unique 2 to 11 alphanumeric character string.

The site name cannot be the same as any other enVision site name, nor can it be the same as any
existing Windows domain name, or NetBIOS name for a Windows domain. (The NetBIOS name for a
Windows domain is the name preceding the dot). For example if your Windows domain name is
MyDomainName.com, then the NetBIOS name for this Windows domain would be
MyDomainName; it would then be wrong to install an enVision site with the name MyDomainName.
Selecting the site name is extremely important. Once you name the site you cannot change the name.
The site name is used in the following names:
2-4
Node name for the appliance. For example, for an ES series appliance site, if your site name
is Seattle, the ES appliance node name is Seattle-ES.
NIC Windows domain name created for your site. The site name also becomes the name of
the Windows domain created for your site, sitename.nic. For example, if your site name is
Seattle, the Windows domain for the site is Seattle.nic.
IP Address
There are default addresses for the appliance:
LAN IP address - used to access the appliance on the LAN.
Subnet mask used to determine to which subnet an IP address belongs.
Gateway address identifies the computer that routes the traffic to the outside network.
You can override the default values during configuration; if you will override the default values, write
the new values in the table.
Default
LAN IP Address
192.168.1.155
Subnet Mask
255.255.255.0
Gateway Address
192.168.1.1
Override Value
Identify External Storage (NAS 3500)

If your ES series appliance has external storage, the wizard recognizes this and prompts you to enter
the IP address of the NAS 3500 external storage device. If you will override the default IP address
value shown below, write the new value in the table.
NAS 3500 IP Address
10.203.2.101
2-5
DNS Servers
Identify the primary and secondary DNS servers on your network, and options for the servers.
enVision uses the DNS servers to resolve IP addresses found in events for reporting and alerting.
DNS Server
IP Address
Primary
Secondary
Identify processing options for the DNS Servers.
2-6
Field
Description
Option
Do Not Use Recursion
Select this check box to indicate that the

DNS server uses forwarders exclusively
to resolve queries on behalf of its DNS
clients. If the process using forwarders for
resolution fails to resolve a query, a
failure message is returned.
Do not Use Recursion
Forwarding Timeout
Type the number of seconds that the DNS

server continues to attempt to contact and
use a listed forwarder. When the timeout
expires, DNS moves to the next forwarder
on the list and repeats the process. The
default value is 5.
_____ seconds
Time
Network Time Protocol (NTP)
Identify a server to which enVision will synchronize its time.
Known NTP time servers, such as atomic clocks, are outside your network and may be a
security issue. RSA Security Inc. assumes no risk to your network if you choose to use a
known NTP server.
Note: The enVision Configuration Wizard allows you to use the Windows Date and Time Properties
window to update your date and time directly from the wizard.
Select
NTP Servers
ntp2.usno.navy.mil
tock.usno.navy.mil
tick.usno.navy.mil
navobs1.oar.net
ntp0.mcs.anl.gov
navobs1.wustl.edu
tick.usnogps.navy.mil
tock.usnogps.navy.mil
tick.ucla.edu
bigben.cac.washington.edu
ntp.alaska.edu
tick.mhpcc.hpc.mil
Local Site Time

Identify the time zone in which your site is located.
Time Zone
(While running the configuration wizard, you must confirm the current date and time in your selected
time zone.)
2-7
External IP Address
Indicate whether this site uses an external address.
This site uses an external IP address and port number.
Data Server LAN IP Address

(internal IP address)
Data Server LAN Port Number
(internal port number)
Data Server External IP Address
Data Server External Port Number
2-8
3. Multiple Appliance Site

component - Application, Collector, and Database - is on its own appliance. The appliances together
form a site. Distributed multiple appliance sites allow multiple installations of any of the three
appliance types to be deployed in order to manage the variety of network infrastructures found in
production environments. All multiple appliance sites use external storage systems.
See Appendix A, Hardware Specifications and Requirements, for information on the appliances and
the external storage.
3-1
Appliance Types
Here are the appliance types used in a multiple appliance site:
Component
Appliance
Type
Description
Each site has...
Database server
D-SRV
Manages access and retrieval

of captured events.
Application server
A-SRV1
Supports interactive users.
Up to 3
A-SRV2
Runs the suite of analysis

tools.
You may want multiple A-SRVs

so that you can separate the
alerting processes from the
reporting processes.
A-SRV3
Note: If you have 3

A-SRVs, you can only have up to
2 LCs.
Collector (Local
Collector)
LC1
LC2
Captures incoming events

locally.
LC3
Up to 3
(Minimally each site has 1 LC.)
Note: If you have 3 LCs, you can
only have up to 2 A-SRVs.
Each site can optionally host up to 16 Remote Collector (RC) server appliances; each RC is
considered a site. RCs capture incoming events remotely. Remote collectors have store-and-forward
technology that allows user-selectable critical events to be processed in real-time, while non-critical
events are compressed, encrypted, and locally cached until they can be forwarded to the master
enVision site (by the NIC Forwarder Service) for historical analysis as available WAN bandwidth
allows. (The Administrator sets up the remote collector's Forwarder parameters on the Modify
Collector Service window in enVision.) See Chapter 4, Remote Collector Site, for information on
configuring RCs.
Note: The total events per second (EPS) for all Collectors per site (per D-SRV) cannot exceed 30,000
EPS.
Here is an example of a multiple appliance site:
3-2
Appliance Types in a NIC Domain

A group of multiple appliance sites is referred to as a NIC Domain. You can deploy up to ten D-SRVs
in a NIC domain.
The NIC domain is set up in a specific topology with one site acting as the master site. Data flow and
configuration information are based on your NIC domain topology.
You set up the NIC domain during installation, using the enVision Configuration Wizard.
In the following example, the NIC domain consists of six sites:
Site 1 acts as the master site.
Sites 3 and 4 are remote sites associated with Site 2.
Site 6 is a remote site associated with Site 5.
Currently on a multi site and multi version installation, the master site must be 3.5 while the slave
sites can be on 3.3.6 or 3.5.
3-3
Site Access in the NIC Domain

You can access and maintain data globally across all sites in the NIC Domain.
The exceptions are these site-specific items that only have meaning to the site where they were
configured:
3-4
Directories.
Module/tool settings that you set for:
System Performance tool - display options.
Query tool - process options and storage directory for saved queries.
Reports module - storage directory and format for saved report results.
Executive Dashboard - item settings. (Note: Permissions for the items are set
globally.)
Custom reports that you added.
Scheduled reports (can only be scheduled to run on the site where they were configured).
Custom queries that you added.
Hardware in a Multiple Appliance Site

Each multiple appliance site is comprised of the following hardware items:
RSA enVision appliances.
Storage system.
Network switch.
Appliance rack.
See Appendix A, Hardware Specifications and Requirements, for information on the hardware items.
3-5
Site Setup Tasks

Here are the configuration tasks for a multiple appliance site.
Task
Activity
Complete the Configuration Wizard Planning Worksheet - Multiple Appliance Site in this
chapter.
Select a hardware setup location that meets the requirements for the current installation and for future
growth. See Appendix A, enVision Hardware Specifications and Requirements, for location
requirements.
Configure the storage system. Note the IP address for the storage device in the Identify External
Storage (NAS 3500) section of the Configuration Wizard Planning Worksheet - Multiple
Appliance Site in this chapter.
Connect each LS appliance in the site to the LAN.
Please ignore any warning messages you may receive about IP conflicts when you are
making the physical connections to the LAN.
3-6
Connect each of the rack power cords to a different power circuit (this provides increased reliability
and availability).
Power up the storage system (refer to the storage system documentation for instructions on how to
power it up). Wait 5 minutes prior to powering on the servers.
Power on the network switch and LS appliances.
Task
8
Activity
The LS Typing Wizard starts automatically on the appliances. Assign the LS appliance type to each
appliance in the site, as follows:
a.
Connect to the appliance.
b.
Select the LS check box.
c.
Select the LS type for the appliance. The options are:

AS1 (Application Server)
DS1 (Database Server)
RC (Remote Collector)
LC1 (Local Collector)
c.
Click Next.
d.
The wizard displays the Review Page window. Verify that the information is correct. Click
Finish. If the Review page is not correct, click Cancel.
If you click Cancel at any time while using the wizard, you must restart the wizard to type
the appliance. To restart the wizard, double-click the lsconfigurationwizard.exe file in the
c:\windows\installations directory.
e.
Apply the appropriate labels for the appliance type to the front and back of the appliance to
identify it.
Repeat steps a - e for each appliance in your site.

9
Connect to the D-SRV appliance using a KVM switch. (You can also connect remotely using DRAC
instead of using a local KVM. See Appendix C, Dell Remote Access Controller (DRAC) Utility, for
instructions.)
The enVision Configuration Wizard starts automatically.
10

a.

You can click Back to scroll back through the windows in the wizard to review or change
information.
You can click Cancel to cancel the configuration process. If you click Cancel at any time
while using the wizard, you must restart the wizard to configure your site. To restart the
wizard, double-click the lsconfigurationwizard.exe file in the c:\windows\installations
directory.
b.
Prior to completing the configuration process, the wizard displays the Review Page
window. Verify everything is correct on the Review Page. Click Finish. (If the Review
page is not correct, click Cancel and check your hardware setup.)
c.
As the last step in the configuration process, the wizard displays the enVision Configuration
Wizard Log window. The log shows the steps the system is performing to configure the
site. The system restarts several times while completing the setup.
The appliances restart automatically when the site configuration process is complete.
3-7
Task
11
Activity
Install and start the NIC App Server service:
a.
Make sure that you have completed the enVision 3.5.0 installation.
b.
Run the appserver_install.bat batch script in the nic\3500\servername\bin\ folder

providing the external LAN IP address of A-SRV machine as an input parameter to the batch
script. For example:
E:\nic\3500\servername\bin\ appserver_install.bat a-srv-ip_address

This batch program installs and starts the NIC App Server windows service on your A-SRV
and adds it to the list of services in the manage Services window in enVision.
There can be only on instance of the NIC App Server running in a given enVision domain.
Even if you have only one A-SRV, you must run the appserver_install.bat batch
program to install and start the NIC App Server service.

Next Steps: If there is a Remote Collector (RC) associated with this site, go to Chapter 5, Remote
Collector Site, for information on configuring the remote site.
If you have a multiple site domain, repeat the tasks in this chapter to configure the remaining sites.
After the site configuration is complete, you must set up the processing options in enVision. See
Chapter 6, Next Steps, for more information.
Complete the enVision Configuration Wizard Planning Worksheet - Multiple
Appliance Site in this chapter prior to starting the wizard.
3-8

Multiple Appliance Site
The worksheet consists of two sections:
NIC Domain. Complete this section for your NIC domain.
Site. Complete this section for each site in your NIC Domain. (Make a copy of the worksheet,
so that you can complete a worksheet for each site.) If you are configuring a remote collector
for a multiple appliance site, see Chapter 5, Remote Collector Site.
NIC Domain
Draw a topology diagram of your NIC Domain. Label the Master Site of the NIC Domain. Label each
site with a site name to identify it for additional planning purposes.
Site
Complete this section of the worksheet for each site in the NIC Domain.
Name the Site

Site Name

Node name for each of the appliances in the site. For example, if your site name is Boston,
the Database server appliance node name is Boston-DS1.
Boston, the Windows domain for the site is Boston.nic.
3-9
Identify Appliances In the Site

There are default addresses for each appliance in the site:
Subnet mask - used to determine to which subnet an IP address belongs.
Gateway address - identifies the computer that routes the traffic to the outside network.
Select each appliance type in your site. If you will override the default values, write the new values in
the table.
Select
Appliance
Type
IP Address
Subnet Mask
Gateway Address
A-SRV1
192.168.1.155
255.255.255.0
192.168.1.1
A-SRV2
192.168.1.155
255.255.255.0
192.168.1.1
A-SRV3
192.168.1.155
255.255.255.0
192.168.1.1
D-SRV
192.168.1.155
255.255.255.0
192.168.1.1
LC1
192.168.1.155
255.255.255.0
192.168.1.1
LC2
192.168.1.155
255.255.255.0
192.168.1.1
LC3
192.168.1.155
255.255.255.0
192.168.1.1
If you have remote collectors associate with this site, complete the Configuration Wizard Planning
Worksheet Remote Collector Site in Chapter 5, Remote Collector Site.
Identify External Storage (NAS 3500)

If you will override the default IP address value shown below, write the new value in the table.
NAS 3500 IP Address
3-10
10.203.2.101
DNS Servers
DNS Server
IP Address
Primary
Secondary

Field
Description
Option

Forwarding Timeout

default value is 5.
_____ seconds
3-11
Time
known NTP server.
Select
NTP Servers
ntp2.usno.navy.mil
tock.usno.navy.mil
tick.usno.navy.mil
navobs1.oar.net
ntp0.mcs.anl.gov
navobs1.wustl.edu
tick.ucla.edu
ntp.alaska.edu
tick.mhpcc.hpc.mil
Local Site Time

Time Zone
time zone.)
3-12
Site to Site Connection

If this site is not the master site in the NIC Domain, identify the master site the site to which this site
is connected.
This site is connected to another site in the NIC Domain.
Master Site Data Server (D-SRV) IP Address

(external IP address)
Master Site Name
Data Server (D-SRV) External IP Address

Indicate whether this sites database server (D-SRV) requires an external address and port number.
This sites data server (D-SRV) uses an external IP address and port number.

3-13
4. Multiple Appliance Site with Enhanced Availability
4. Multiple Appliance Site with Enhanced

Availability
component - Application, Collector, and Database - is on its own appliance. The appliances together
form a site. Distributed multiple appliance sites allow multiple installations of any of the three
appliance types to be deployed to manage the variety of network infrastructures found in production
environments. All multiple appliance sites use external storage systems.
Optionally, you can set up enhanced availability for the Local Collectors (LC). This allows you to
define up to six CAs (Cluster Appliances) for a site to perform the LC roles.
The implementation of the enhanced availability feature for the Local Collectors is a Professional
Service package. You can arrange for a Professional Service package by contacting RSA at
781-375-9000.
4-1
5. Remote Collector Site

Each multiple appliance site can optionally host up to 16 Remote Collector (RC) server appliances;
each RC is considered a site. RCs capture incoming events remotely. Remote collectors have storeand-forward technology that allows user-selectable critical events to be processed in real-time, while
non-critical events are compressed, encrypted, and locally cached until they can be forwarded to the
master site (by the NIC Forwarder Service) for historical analysis as available WAN bandwidth allows.
(The Administrator sets up the remote collector's Forwarder parameters on the Modify Collector
Service window in enVision.)
The RCs use the LS series appliances. See Appendix ,A. Hardware Specifications and Requirements,
for the specifications for the LS series appliances.
Note: The total events per second (EPS) for all Collectors per site (per D-SRV) cannot exceed 30,000
EPS.
Before you configure the RC, make sure that the site with which the RC is associated is
configured and up and running.
5-1
Site Setup Tasks

Here are the configuration tasks to configure an RC site (associated with a multiple appliance site).
Task
Activity
Complete the Configuration Wizard Planning Worksheet - Multiple Appliance Site in this
chapter.
growth. See Appendix A, enVision Hardware Specifications and Requirements, for location
requirements.
Connect the RC appliance to the LAN.
Connect the rack power cords to different power circuits (this provides increased reliability and
availability).
Power on the network switch and RC appliance.
Connect to the RC appliance using a KVM switch.

The enVision Configuration Wizard starts automatically.

a.

You can click Back to scroll back through the windows in the wizard to review or change
information.
You can click Cancel to cancel the configuration process. If you click Cancel at any time
while using the wizard, you must restart the wizard to configure your site. To restart the
wizard, double-click the lsconfigurationwizard.exe file in the c:\windows\installations
directory.
b.
Prior to completing the configuration process, the wizard displays the Review Page
window. Verify everything is correct on the Review Page. Click Finish. (If the Review
page is not correct, click Cancel and check your hardware setup.)
c.
As the last step in the configuration process, the wizard displays the enVision Configuration
Wizard Log window. The log shows the steps the system is performing to configure the
site. The system restarts several times while completing the setup.
The appliance restarts automatically when the site configuration process is complete.
5-2
Task
Activity
Configure the FTP server on the host sites D-SRV. See the Configure the FTP Server on the D-SRV
section later in this chapter for complete instructions.
Verify the RC configuration on the host sites A-SRV. See the Verify the RC Configuration section
later in this chapter for complete instructions.
10
Configure the data forwarding scheduled task on the host sites A-SRV. See the Configure the Data
Forwarding Task section later in this chapter for complete instructions.
11
Test the configuration. See the Test the Configuration section later in this chapter for complete
instructions.
Complete the enVision Configuration Wizard Planning Worksheet Remote
Collector Site in this chapter prior to starting the wizard.
5-3
(This Task Only Applies If a Remote Collector Site Is Running v3.3.6

Forwarding to a v3.5.0 D-SRV)
Configure the FTP Server on the D-SRV
You must configure the FTP server on the host sites D-SRV.
To configure the FTP Server on the host sites D-SRV:
1.
Connect to the D-SRV of the site associated with the remote collector.
2.
Click the Windows Start menu and select ProgramstAdministrative ToolstServices.

The system displays the Services dialog box.
3.
a.
Right-click on IIS Admin Service and select Properties.
b.
Change the Startup type to Automatic.
c.
Select Start, if it is not already started and click OK.
Click the Windows Start menu and select StarttProgramstAdministrative

ToolstInternet Services Manager.
The system displays the Internet Information Services dialog box.
4.
a.
Double-click on the system name (for example, Foxboro-DS1).
b.
In the left menu frame, drill down until Default FTP Site is located, right-click on
Default FTP Site and from the menu, select Properties.
c.
Click Security Accounts tab and review the Anonymous Connections check boxes:
Allow Anonymous Connections can be either checked or not checked.
Allow Only Anonymous Connections must not be checked.
d.
Click Home Directory tab and make sure the Write check box is selected.
e.
Click OK.
f.
Click Apply.
g.
Click OK.
Right-click on Default FTP Site.

a.
From the menu, select Start.

For the first forward, the FTP Site needs to be started manually. At the end of the
forwarding the process will Stop the FTP Service and then start it again at the beginning
of each subsequent forward.
b.
5.
Close the Internet Services Manager dialog box.
Click the Windows Start menu and select ProgramstAdministrative ToolstServices.

The system displays the Services dialog box.
5-4
a.
Right-click on FTP Publishing Service and select Properties.
b.
Change the Startup type to Automatic.
c.
Select Start, if it is not already started, and click OK.
Verify the RC Configuration

To verify the RC configuration on the host site's A-SRV:
1.
Log in to enVision on the application server (A-SRV) of the host site.
2.
Make sure that the RC is listed as a site:

a.
Click OverviewtSystem ConfigurationtServicestSet Up Site Communication.

enVision displays the Set Up Site Communication window.
b.
Make sure that the RC is listed as a site and the information displayed is correct.
5-5
Configure the Data Forwarding Task

To schedule the data forwarding task for the RC on the host site's A-SRV:
1.
Complete the following steps to log in to envVision on the application server (A-SRV) of the
host site:
a.
Start your web browser.
b.
Type http://address:8080 in the Address field, where address is the machine name or IP
address of the A-SRV and 8080 is the port through which you access enVision.
For example, http://sunshine:8080 or http://10.10.30.140:8080.
c.
Press Enter.
The system displays the Log In window.
d.
2.
Type your password and click Log In.
Click OverviewtSystem ConfigurationtServicestScheduler ServicetSchedule Task.

enVision displays the Schedule Task window.
3.
Select the remote collector from the Site drop-down list.

enVision displays: NIC Forwarding (the data forwarding task).
By default, the data forwarding task runs every hour.
4.
To specify when the data forwarding task is performed and how often, click Set Recurrence.
enVision displays the Set Recurrence window.
5.
Complete the window and click Apply.

enVision displays the Schedule Task window.
6.
Click Schedule.
enVision displays the task on the Manage Scheduled Tasks window.
5-6
7.
Click Apply.
8.
If the NIC Scheduler Service is not running, start the NIC Scheduler Service.
Test the Configuration

To test the configuration:
1.
After the Data Forwarding task runs, from the A-SRV analyze the devices collected on the
RC site.
2.
Run a report (for example, Bandwidth Usage by Address) to analyze the devices collected.
When you select the time range of the report, the forwarded data is four hours old by
default (and at a minimum, 1 hour old).
3.
Make sure that data was returned for your device(s).
5-7

Remote Collector Site
Name the Site
Site Name

5-8
Node name for the appliance. For example, if your site name is Hartford, the appliance node
name is Hartford-RC1.
Hartford, the Windows domain for the site is Hartford.nic.
Identify Appliance
There are default addresses for the site:
Subnet mask used to determine to which subnet an IP address belongs.
Gateway address identifies the computer that routes the traffic to the outside network.
If you will override the default values, write the new values in the table.
Appliance
Type
IP Address
Subnet Mask
Gateway Address
RC1
192.168.1.155
255.255.255.0
192.168.1.1
5-9
DNS Servers
DNS Server
IP Address
Primary
Secondary
5-10
Field
Description
Option

Forwarding Timeout

default value is 5.
_____ seconds
Time
known NTP server.
Select
NTP Servers
ntp2.usno.navy.mil
tock.usno.navy.mil
tick.usno.navy.mil
navobs1.oar.net
ntp0.mcs.anl.gov
navobs1.wustl.edu
tick.ucla.edu
ntp.alaska.edu
tick.mhpcc.hpc.mil
Local Site Time

Time Zone
time zone.)
5-11
Site to Site Connection

Identify the master site the site to which this site is connected.
Master Site Data Server (D-SRV) IP Address
(external IP address)
Master Site Name
Data Server (D-SRV) External IP Address

Indicate whether this sites database server (D-SRV) requires an external address and port number.
This sites data server (D-SRV) uses an external IP address and port number.

5-12
6. Next Steps
6. Next Steps
After the site configuration is complete, you must set up the processing options in RSA enVision. See
the online Help in enVision for information on setting up and using the enVision analysis tools.
Prior to setting up your system you should plan how the system will be set up to accomplish your
security goals, policies and requirements.
Set Up enVision
Setting up enVision involves three sets of tasks:
I. Appliance and device configuration tasks.
These are tasks that you perform outside of the enVision software.
II. Basic setup tasks.
These are tasks to set up the enVision software. This allows you to collect, report and alert on
events from supported devices.
1.
Set up event collection.
2.
Set up system access permissions.
3.
Set up views.
4.
Set up Alerts module tools.
5.
Schedule reports.
III. Optional setup tasks.

These are tasks to set up additional features or processing options.
1.
Set up data storage.
2.
Set up data processing options.
3.
Set up message handling.
4.
Set up customized reporting.
5.
Set up application display options.
6-1
6. Next Steps
Each task has a list of Required Reading topics in RSA enVision's online Help that provide the
information you need to make setup decisions related to the task. Additional tasks may be required to
perform the specific processing that you want.
To access Help within enVision:
1.
Click OverviewtBest Practices.

enVision displays the Best Practices menu and splash screen.
2.
6-2
Select Help from the menu.
6. Next Steps
Log In to enVision
You log in to enVision via a remote system, connecting to the enVision appliance (for multiple
appliance sites, connect to the Application Server, A-SRV). Use one of two protocols to access the
system, depending on how enVision has been configured:
HTTP (Hypertext Transfer Protocol), using default port 8080.
HTTPS (Hypertext Transfer Protocol Secure), using default port 8443.
To log in to enVision:
1.
Start your web browser.
2.
Type http://address:port in the Address field, where,

address is the machine name or IP address of the machine on which the system is installed;
for multiple appliance sites, this is the A-SRV (Application Server).
port is the port through which you access enVision.
For example, http://sunshine:8080 or http://10.10.10.10:8080.
3.
Press Enter.
If you are connecting via HTTPS, your browser may display certificate validation messages
the first time you access enVision. (Depending on how server certificates are configured on
the appliance, these messages may cite validation issues such as a host name mismatch
between the server and its certificate.)
The system displays the Log In window.
4.
Type your password and click Log In.

Immediately change your password to more secure one after you log into enVision (see
the online help for instructions).
6-3
6. Next Steps
Minimum Local Access Requirements

Here are the minimum hardware and software requirements for running the enVision client software:
Prior to 3.5.0 the Java Plug In install launched automatically from the product. Because of
the security constraints in the image for 3.5.0, this no longer happens and you must install
the JRE manually.
Windows
Macintosh
O/S
Microsoft Win2K, WinXP
OS X 10.4.6
Browser
Microsoft Internet Explorer v6.x
Mozilla Firefox 1.0.7*
Mozilla Firefox 1.0.7*

Java Plug-In
JRE v1.4.1
enVision also supports the Sun Java
Plug-in version 1.5.x.
J2SE version 1.5.0_06
Processor
P3:1Ghz or P4:1.8Ghz
Athlon 1800+
G5 or higher
RAM
512MB
1 GB RAM
Network
100baseTX
100baseTX
Display Resolution
1024x768 at 16 bit color
1024x768 at 16 bit color
* You can use the Mozilla Firefox 1.0.7 web browser with enVision with the exception of the
Enterprise Dashboard tool. You cannot use Firefox to view the Enterprise Dashboard tool.
Popup blockers, ad banner blockers and personal firewalls can all interfere with the launching of
enVision, especially at first log in. Make sure that you set up the blockers to allow enVision to operate
normally, or disable these blockers (you can disable pop-up blockers in your browser under
Tools/Pop-Up Blocker or by clicking on the Pop-Ups icon). Configure personal firewalls to allow
connections between enVision client and appliance.
You must enable animation for web pages in your browser. For Microsoft Internet Explorer:
6-4
1.
In the browser, click on ToolstInternet Options....
2.
On the Internet Options dialog box, click on the Advanced tab.
3.
Scroll to Multimedia and Select the box Play animations in web pages.
4.
Click OK.
5.
Restart the browser.
6. Next Steps
Log Out of enVision

To log out of the user interface:
X Click Log Out (bottom left-hand side of window).
enVision closes all open windows. All enVision services and processes continue to run
without interruption.
6-5
Appendix A. Hardware Specifications and Requirements
Appendix A. Hardware Specifications and

Requirements
The hardware that comprises each site is dependent on the type of site and your security needs.
This appendix contains the specifications and requirements for the following for the various RSA
enVision sites:
RSA enVision appliances.
Storage system.
Network switch.
Appliance rack.
For complete information on each hardware item, see the hardware's vendor-supplied manual.
Hardware Location
growth. The specific requirements for each hardware item are listed in this appendix. Here is a
summary of the location requirements:
Proper temperature control: 10 to 35 C (50 to 95 F) with a maximum temperature

gradation of 10C per hour.
Proper humidity control: 20% to 80% (non-condensing) with a maximum humidity gradation
of 10% per hour
Adequate floor loading capacity. This depends on the rack and the number of hardware items
in it.
Near appropriate AC outlets and Ethernet hubs or individual jacks (10/100/1000 Base-T
cables cannot be longer than 100 meters).
Enough clearance in the front and the back of the rack to allow for sufficient airflow and to
enable you to access appliance components.
Important! Installation or operation of appliances stacked on a desk top table is not supported.
A-1
RSA enVision Appliance

See the hardware documentation for complete information on the RSA enVision appliance. This
section contains basic layout and specification information.
Appliance Layout
The front and back panels of the ES and LS series RSA enVision appliances have the same layout.
Front Panel
Here is the front panel of the RSA enVision appliance:
Item
Indicator,
Button, or
Connector
Power-on
indicator,
power button
The power-on indicator lights when the system power is on.
NMI button
Use to troubleshoot software and device driver errors when

using certain operating systems.
Icon
Description
The power button has been disabled for security purposes.
Use this button only if directed to do so by qualified support

personnel or by the operating system's documentation.
3
A-2
System
identification
button
Use to locate a particular system within a rack. When one of

these buttons is pushed, the LCD panel on the front and the
blue system status indicator on the back blink until one of the
buttons is pushed again.
Item
Indicator,
Button, or
Connector
LCD panel
Icon
Description
Provides system ID, status information, and system error

messages. The LCD lights during normal system operation.
Both the systems management software and the identification
buttons located on the front and back of the system can cause
the LCD to flash blue to identify a particular system.
The LCD lights amber when the system needs attention, and
the LCD panel displays an error code followed by descriptive
text.
Note: If the system is connected to AC power and an error has
been detected, the LCD lights amber regardless of whether the
system has been powered on.
USB
connectors (2)
Connects USB 2.0-compliant devices to the system.
Video
connector
Connects a monitor to the system.
Hard drives (2)
Six 3.5-inch hot plugs
Optical drive
(CD/DVD)
One CD/DVD drive
A-3
Hard-Drive Indicator Codes

The hard-drive carriers have two indicatorsthe drive-activity indicator and the drive-status indicator.
In RAID configurations, the drive-status indicator lights to indicate the status of the drive.
A-4
Item
Description
Drive-status indicator (green and amber).
Green drive-activity indicator.

Here are the drive indicator patterns for RAID hard drives. Different patterns are displayed as drive
events occur in the system.
Item
Description
Condition
Drive-status indicator pattern.
Identify drive/preparing for

removal
Blinks green two times per second.
Drive ready for insertion or

removal
Off.
Drive predicted failure
Blinks green, amber, and off.
Drive failed
Blinks amber four times per second.
Drive rebuilding
Blinks green slowly.
Drive online
Steady green.
Rebuild aborted
Blinks green three seconds, amber three seconds, and off six
seconds.
A-5
Back Panel
Here is the back panel of the RSA enVision appliance:
A-6
Item
Description
Network interface card.
Power supplies (2).
System identification button.
System status indicator.
System status indicator connector.
Network interface connectors.
USB connectors (2).
Video connector.
Serial connector.
10
Remote access controller.
Power Indicators
The power button on the front panel controls the power input to the system's power supplies. The
power indicator lights green when the system is on.
The indicators on the redundant power supplies show whether power is present or whether a power
fault has occurred. Here are the redundant power supply indicators:
Indicator
Function
Power supply status. Green indicates that the power supply is operational.
Power supply fault. Amber indicates a problem with the power supply.
AC line status. Green indicates that a valid AC source is connected to the power
supply.
A-7
ES Appliance Model Specifications

Here are the models of the ES appliance:
A-8
560-ES
1060-ES
2560-ES
5060-ES
7560-ES
Sustained
Performance Per
Appliance (Events
Per Second)
Up to 500 EPS
Up to 1,000 EPS
Up to 2,500 EPS
Up to 5,000 EPS
Up to 7,500 EPS
Recommended Max
Devices per
Appliance
Up to 100
Up to 200
Up to 400
Up to 750
Up to 1,250
Max Simultaneous
Users
Up to 6
Up to 8
Up to 10
Up to 12
Up to 14
Max Simultaneous
users (Event
Explorer)
Up to 2
Up to 3
Up to 4
Up to 5
Base Storage
Internal
Internal
Internal
External
External
300 GB
300 GB
300 GB
2.5 TB
2.5 TB
Data Protection
Hardware accelerated RAID1 controller with auto-rebuild

and battery-backed 256MB on-controller cache
Hardware accelerated RAID5

controller with auto-rebuild, and
battery-backed 256MB on-controller
cache
Appliance Power
Options
Redundant, load sharing 400 watt power supplies. 120/240 volt auto-switching
Operating
Environment
Security hardened, embedded operating system featuring real-time data encryption to protect sensitive
event data
Application
Software
enVision with two-phase Real-Time Data Compression (RTDC)
Regulatory
Approvals
UL 1950, CSA22.2 no 950, EN 60950, FCC Part 15 - Class A, ICES-003 EN55024:1998,

EIN55022:1998, EN50082-1, VCCI V-3/2000.4, AS/NZS 3548
Recovery
DVD based recovery media provides fast in field re-imaging. EMC Retrospect backup and disaster
recovery program included for configuration backups
Hardware Warranty
3 year, next business day, advanced replacement
Software Warranty
90 day access to technical support for application setup assistance and bug fixes
LS Appliance Model Specifications

There are four models of collection (LC and RC) appliances: NIE-RC01-LS, NIE-RC02-LS,
NIE-LC05-LS, and NIE-LC10-LS. There is one model of application appliance (A-SRV):
NIE-A-SRV. There is one model of database appliance (D-SRV): NIE-D-SRV.
RC1
RC2
LC5
LC10
A-SRV
D-SRV
Remote
Collector
1,000 EPS
Up to 1,000
EPS
Remote
Collector
2,000 EPS
Up to 2,000
EPS
Local
Collector
5,000 EPS
Up to 5,000
EPS
Local
Collector
10,000 EPS
Up to 10,000
EPS
enVision
Application
Server
NA
LogSmart
Database Server
512
512
1,500
2,048
NA
Max
Simultaneous
Users
Max
Simultaneous
Users (Event
Explorer)
NA
NA
NA
NA
Up to 16
3,072*
(from
Collectors)
NA
NA
NA
NA
NA
Up to 15
NA
Operating
Environment
Security hardened, embedded operating system featuring real-time data encryption to protect
sensitive event data
Base Storage
3500 GB with NAS-3500
Data Protection
Hardware accelerated RAID5 controller with auto-rebuild and battery-backed 256MB on-controller
cache
Application
Software
enVision with two-phase Real-Time Data Compression (RTDC)
Regulatory
Approvals
UL 1950, CSA22.2 no 950, EN 60950, FCC Part 15 - Class A, ICES-003 EN55024:1998,

EIN55022:1998, EN50082-1, VCCI V-3/2000.4, AS/NZS 3548
Recovery
DVD based recovery media provides fast in field re-imaging. EMC Retrospect backup and disaster
recovery program included for configuration backups
Hardware
Warranty
90 day hardware warranty automatically extended to 5 years with active maintenance contract
Software
Warranty
90 day access to technical support for application setup assistance and bug fixes
Description
Sustained
Performance Per
Appliance
(Events Per
Second)
Max Devices
Possible
Up to 30,000
EPS(from
Collectors)
* Current licensing of the 60 series LS Data Server restricts the number of devices that can be
monitored by an LS Site to 3072. This may be lower than the cumulative device count license if the
site has more than one 60 Series Local Collector. This issue is being addressed by RSA enVision
engineering and updated license keys will be issued for all 60 series Data Servers at no additional cost
to allow for the management of the full device count of up to three Local Collectors per Data Server.
A-9
ES and LS Series RSA enVision Appliance Specifications

Form Factor
2U Rack mount
Operating System
Windows 2003 Server RC2 Standard 64-bit w/5 CALs
Processor
2 * Dual Core Xeon Processor 5130 4MB Cache, 2.00 GHz, 1333MHz FSB
Memory
8 GB memory (8 x 1GB Fully Buffered DIMMs)
Hard disks
300 GB HDD RAID 1, 180 GB usable (2 x 3.5 internal hot-pluggable 146GB

SAS, 10k-RPM)
RAID
PERC 5i 256MB cache
Optical drives
CD-RW/DVD
Connectors
Front
Two RJ-45 (for integrated 1-GB NICs)

9-pin, DTE, 16550-compatible
Two 4-pin, USB 2.0-compliant
15-pin VGA
Back
15-pin VGA
Two 4-pin, USB 2.0-compliant
Network
AC Power
Supply
Batteries
A-10
Motherboard
Dual embedded Broadcom NetXtreme II 5708 Gigabit Ethernet NIC
PCI
Intel PRO 1000PT Cu, Dual Port, PCIe NIC
Wattage
Redundant 750 W power supplies
Voltage
85-264 VAC, autoranging, 47-63 Hz
Maximum inrush
current
55 A per power supply for 10 ms or less
Power cables
2 x Power cable
Heat dispersion
2697 Btu/hr maximum
System battery
CR 2032 3.0 V lithium ion coin cell
RAID battery
4.1 V lithium ion
Dimensions
Temperature
Relative
Humidity
Maximum
Vibration
Maximum
Shock
Altitude
Height
3.4" (86.56 cm)
Width
17.6" (44.7 cm)
Depth
29.79" (75.68 cm)
Gross Weight
59lbs (26.76 kg)
Operating
10 to 35 C (50 to 95 F) with a maximum temperature gradation of 10C per

hour
Storage
40 to 65 C (40 to 149 F) with a maximum temperature gradation of 20C per

hour
Operating
20% to 80% (non-condensing) with a maximum humidity gradation of 10% per

hour
Storage
5% to 95% (non-condensing) with a maximum humidity gradation of 10% per hour
Operating
0.25 G at 3200 Hz for 15 min
Storage
0.5 G at 3200 Hz for 15 min
Operating
One shock pulse in the positive z axis (one pulse on each side of the system) of 41
G for up to 2 ms
Storage
Six consecutively executed shock pulses in the positive and negative x, y, and z
axes (one pulse on each side of the system) of 71 G for up to 2 ms
Operating
16 to 3048 m (50 to 10,000 ft)
Storage
16 to 10,600 m (50 to 35,000 ft)
Documentation
Getting Started Guide

V3 enVision Documentation CD
Rack mounting
kit
Network
cables
Appliance
bezel
A-11
ES Storage Array
The ES site with external storage uses the EMC CLARiiON storage array.
See the EMC CLARiiON documentation for complete information on the storage array. This section
contains specification information.
Storage connection
iSCSI
Dimensions
Height
3.415 (8.68 cm)
Width
17.72 (45.0 cm)
Depth
24.5 (62.3 cm)
Gross
Weight
48 lbs (21.8 kg)
Temperature
50-104 F (10-40 C)
Temperature
gradient
10 C/hr
Relative
humidity
20% - 80% (non-condensing)
Altitude
8,000 ft (2438.4 m) @ 104 F (40 C) max.
Operating
Environment
10,000 ft (3048 m) @ 98.6 F (37 C) max.

Power
A-12
Power
supplies per
Array
Frequency
47-63 Hz
AC voltage
90-264 Vrms, single phase
Power factor
0.96 (typical)
Power
consumption
360 VA, 326 W (maximum)
Heat
dissipation
1,110 BTU/hr (maximum)
Protection
10 A, internally fused (each supply)
AC circuits
Redundant, external AC circuits
Inlet type
Dual inlet, IEC210, C14, appliance coupler
LS Storage Array
The LS site uses the NAS 3500 (either NS352 or NS22) storage array. See the EMC Celerra
documentation for complete information on the storage array. This section contains specification
information.
EMC Celerra N352

Storage connection
Network attached storage
Dimensions
Height
10.5 (26.68cm)
Width
17.72 (45.0cm)
Depth
23.75 (60.33cm)
Gross Weight
217 lbs (97.72 kg)
Ambient temperature
10 to 40 C
Temperature gradient
10 C/hr
Relative humidity
20 80 (%, non-condensing)
Elevation
8,000 ft @ 40 C, 10,000 ft @ 37 C
AC line voltage
100 - 240 VAC +10%, single phase
Frequency
47 63 Hz, full auto-ranging
AC line current
5.9 A maximum at 100 V (fully configured)

2.9 A maximum at 200V (fully configured)
Power consumption
590 VA (578 W) maximum (fully configured)
Startup surge current
15 A peak (10.6 Arms) maximum 100 ms, at any line voltage
Power factor
0.98 minimum at full load, 100 VAC
Heat dissipation
2,070 KJ/hr (1,975 Btu/hr) maximum estimate
In-rush current
25 A peak estimate for line cycle per power supply @ 240 VAC
AC protection
10 A internal fuse (non-serviceable)
AC inlet type
IEC320-C14 appliance coupler
Current sharing
60% maximum, 40% minimum between power supplies
Operating
Environment
AC Power and
Dissipation
A-13
EMC Celerra NS22

Storage connection
Network attached storage
Dimensions
Height
12.25 (31.36 cm)

7 NEMA units (U)
Width
18.92 (48.06 cm)

Mounting bars fit standard 19-inch NEMA cabinets
Depth
Chassis to rear: 31.58 (80.21 cm)
Gross Weight
203.3 lbs (92.4 kg)
Ambient temperature
50-104 F
10 to 40 C
Temperature gradient
18 F/hr
10 C/hr
Relative humidity
20 80 (%, non-condensing)
Elevation
8,000 ft (2,438.4 m) @ 104 F (40 C)

10,000 ft (3,048 m) @ 98.6 F (37 C)
AC line voltage
100 - 240 VAC +10%, single phase
Frequency
47 63 Hz, full auto-ranging
AC line current
14.0 A maximum at 100 V (configured with 15 disks)

7.5 A maximum at 200V (configured with 15 disks)
Power consumption
1,229 VA (1,168 W) maximum (configured with 15 disks)
Startup surge current
59 A peak (configured with 15 disks)m at any line voltage
Power factor
0.98 minimum at full load, 100 VAC
Heat dissipation
3,422 KJ/hr (3,236 Btu/hr) estimate configured with 15 disks
In-rush current
AC protection
10 A internal fuse (non-serviceable)
AC inlet type
IEC320-C14 appliance coupler
Ride-through
30 ms minimum at full load
Current sharing
60% maximum, 40% minimum between power supplies
Operating
Environment
AC Power and
Dissipation
A-14
Network Switch
The multiple-appliance site uses a network switch.
See the vendor documentation for complete information on the network switch. This section contains
specification information.
Dimensions
Operating
Environment
AC Power
Height
1.73 (44 mm)
Width
17.32 (440 mm)
Depth
10.03 (255 mm)
Gross Weight
21.7 lbs (9.84 kg)
Operating Temperature
0 to 40 C (32 to 104 F)
Operating Humidity
10% - 90% (non-condensing)
Line voltage
220/110V AC 50/60 Hz to 5V DC at 5A, 12V DC at 3A
A-15
Rack
See the vendor documentation for complete information on the rack. This section contains
specification information.
Dimensions
AC Power
Height
75.0 (190.8 cm)
Width
24.0 (61.1 cm)
Depth
36.0 (91.6 cm)
Gross Weight
(empty)
300 lbs (136 kg)
Operating
Voltage/Frequency
200-240 V AC
50/60 Hz
Power Cord
Connector
Service Type
A-16
2 * 30-amp service,
single phase
Multiple Appliance Site - Cabling Examples

This section contains two examples of multiple appliance sites, cabled in their racks.
Here is an example of a multiple appliance site with an Application Server (A-SRV), a Database
Server (D-SRV), and a Local Collector (LC), delivered pre-cabled in its rack.
A-17

Here is an example of a multiple appliance site with one Database Server (D-SRV), two Application
Servers (A-SRV) and three Local Collectors (LC), delivered pre-cabled in its rack.
A-18
Safety and Regulatory Statements

WARNING: Power supplies can contain over 240 volts. If mishandled, this high voltage can
cause serious injury or death. Do not touch or handle a power cable or power supply unless you have
been trained and prepared to perform this task. Always remove the power cord before attempting to
remove or work on a Power Unit.
WARNING: Electronic components are sensitive to damage from Electrostatic Discharge

(ESD). Observe appropriate precautions at all times when handling the RSA enVision appliance and
EMC Celerra or its subcomponents.
CAUTION: Do not attempt to connect an Ethernet cable, regular or cross-over, between the
EMC Celerra and the RSA enVision appliance. Connect the EMC Celerra through a GigE switch, the
same as any other networked device.
CAUTION: When installing disk shelves and a storage system into a movable cabinet or rack,
install from the bottom up for best stability.
WARNING: To reduce the risk of personal injury or equipment damage, allow internal
components time to cool before touching them and ensure that the equipment is properly supported or
braced when installing options.
WARNING: This equipment is designed for connection to a grounded outlet. The grounding
type plug is an important safety feature. To avoid the risk of electrical shock or damage to the
equipment, do not disable this feature.
WARNING: This equipment has one or more replaceable batteries. There is danger of
explosion if the battery is incorrectly replaced. Replace the battery only with the same or equivalent
type recommended by the manufacturer. Dispose of used batteries according to the manufacturers
instructions.
WARNING: If your storage system or disk shelf has multiple power cords and you need to turn
the unit off, heed the following warning:
This unit has more than one power supply cord. To reduce the risk of electrical shock, disconnect all
power supply cords before servicing.
A-19
Appendix B. Connect to the Appliance Using KVM
Appendix B. Connect to the Appliance Using a

Keyboard, Monitor, and Mouse (KVM)
The first time you work with an appliance you must connect using a Keyboard, Video and Mouse
(KVM). You can connect from either the front panel (see item 5 and 6 under Front Panel below) or
back connections (see items 7 and 8 under Back Panel below). You can continue to work using the
KVM or set up the Remote Access Controller (DRAC) Utility (Appendix C) and subsequently use it to
access the appliance.
To connect to the appliance via KVM:
1.
Connect the keyboard, monitor, and mouse to the appliance:
2.
If the appliance is off, turn on the power using the front panel.
B-1
Front Panel
Here is the front panel of the RSA enVision appliance:
Item
Indicator,
Button, or
Connector
Power-on
indicator,
power button
The power-on indicator lights when the system power is on.
NMI button
Use to troubleshoot software and device driver errors when

using certain operating systems.
Icon
Description
The power button has been disabled for security purposes.
Use this button only if directed to do so by qualified support

personnel or by the operating system's documentation.
3
System
identification
button
Use to locate a particular system within a rack. When one of

these buttons is pushed, the LCD panel on the front and the
blue system status indicator on the back blink until one of the
buttons is pushed again.
LCD panel
Provides system ID, status information, and system error

messages. The LCD lights during normal system operation.
Both the systems management software and the identification
buttons located on the front and back of the system can cause
the LCD to flash blue to identify a particular system.
The LCD lights amber when the system needs attention, and
the LCD panel displays an error code followed by descriptive
text.
Note: If the system is connected to AC power and an error has
been detected, the LCD lights amber regardless of whether the
system has been powered on.
B-2
USB
connectors (2)
Connects USB 2.0-compliant devices to the system.
Item
Indicator,
Button, or
Connector
Icon
Description
Video
connector
Connects a monitor to the system.
Hard drives (2)
Six 3.5-inch hot plugs
Optical drive
(CD/DVD)
One CD/DVD drive
Back Panel
Here is the back panel of the RSA enVision appliance:
Item
Description
Network interface card.
Power supplies (2).
System identification button.
System status indicator.
System status indicator connector.
Network interface connectors.
USB connectors (2).
Video connector.
Serial connector.
10
Remote access controller.
B-3
Appendix C. Dell Remote Access Controller (DRAC) Utility
Appendix C. Dell Remote Access Controller

Utility (DRAC)
This section tells you how to configure enVision on your appliance from a remote location. To do this
you must:
First, set up the Remote Access Controller utility.
Second, access the appliance from a remote location using an internet browser and configure
enVision.
Ports Used by enVision for DRAC (Dell Remote Access

Control) Utility
Item
DRAC
Port
HTTP 80
HTTPS 443
VNC proxy server 5900
Service
Terminal Server (part of
the appliance OS)
Direction
Inbound and
Outbound
Appliance Type
All
Dell Remote Access Card

for OOB Management
Video VNC Port 5901

A random number larger
than 32768 - RAC FW
update through RAC GUI
C-1
Appendix C. Remote Access Controller Utility
Set Up the Remote Access Controller (Utility)

To set up the Remote Access Controller utility:
1.
Reboot the machine and wait until the system prompts you to:
Press Ctrl-E for Remote Access Setup
2.
Press Ctrl-E.
The system displays the initial Remote Access Controller (Set Up Utility) screen with
several options. You only need to be concerned with the options discussed in these
instructions to configure enVision.
3.
Highlight NIC Selection and press the spacebar to set NIC Selection to Dedicated.
4.
Highlight the LAN Parameters option and click on <ENTER>.

The setup utility opens a smaller screen with RCMP+ Encryption Key as the first option.
5.
Highlight the IP Address Source option and use the + and keys to select DHCP or Static
for its value.
If you are going to select DHCP, please attach your network cable to a network that has
DHCP or contact your network administrator.
a.
If you choose DHCP, the rest of the values are completed by the utility and you cannot
change them.
b.
If you choose Static, the values for MAC Address VLAN ID are completed by the
utility and you cannot change them, but you must specify a value for these options, as
follows:
i.
Highlight Ethernet IP Address and type in a value in the right column.
ii. Highlight Subnet Mask and type in a value in the right column.
iii. Highlight Default gateway and type in a value in the right column.
iv. Highlight VLAN Enable and press the spacebar to set VLAN Enable to Off.
6.
Press the Esc key to close the smaller screen.
7.
Highlight the Advanced LAN Parameters option and click on <ENTER>.

The setup utility opens the smaller DNS Configuration Options screen.
C-2
Appendix C. Dell Remote Access Controller (DRAC) Utility

8.
9.
In the IP Address Source option above , if you chose:
DHCP, the DNS Configuration Options values are completed by the utility and you
cannot change them.
Static, the DNS Server from DHCP option is set to Off by the utility and you cannot
change it, but you must enter a value for the following options:
DNS Server1
DNS Server2
Register RAC Name (defaults to Off)
Domain name from DHCP (defaults to Off)
Press the Esc key twice.

The setup utility asks you to either:
Save Changes + Exit,
Discard Changes + Exit or
Return to Setup.
10. Highlight Save Changes + Exit and click on <ENTER>.

The setup utility finishes the boot process.
C-3
Appendix C. Remote Access Controller Utility
Access the Appliance from a Remote Location

To access the appliance remotely:
1.
Start an internet browser and go to the Ethernet IP Address you specified in step 5 b of the
Setting Up the Remote Access Controller Utility procedure above.
The system asks you if you want to proceed.
2.
Click Yes.
The system displays the Remote Access Login window.
3.
To login in:
a.
Type root for username (all lower case letters).
b.
Type calvin for password (all lower case letters)
c.
Click OK.
(Change your password as soon as you can for security purposes.)
The utility displays the Remote Access Controller window.
4.
Click on the Console tab at the top of the window.

If this is your first time accessing the Remote Access Controller utility, the system prompts
you to load the Console Redirection Plug-in.
C-4
5.
Click Connect to access the enVision Configuration wizard.
6.
Complete the configuration instructions for your type of appliance site as described in one of
the following chapters:
Chapter 2. Single Appliance Site
Chapter 3. Multiple Appliance Site
Chapter 5. Remote Collector Site.
Appendix D. Changing Private enVision Network IPaddresses
Appendix D. Changing Private enVision

Network IP Addresses
This appendix only applies to multiple appliance sites where you are installing enVision on a preexisting Celerra hardware and you want to maintain you IPaddress structure for this hardware.
To change the IPaddresses in accordance with enVisons automatic IPaddress
assignments, you must:
1.
Rename the IPaddress for each appliance after factory typing and before you start the set up
tasks.
2.
Change the IPaddresses in the lsconfigurationwizard.cfg file to match the addresses you
renamed on the appliances.
D-1
Rename IPaddress for Each Appliance before Setting Up

Your Site
To rename the IPaddresses for each enVision appliance at your site:
1.
Access the appliance with a KVM (Appendix B) or from a remote location (Appendix C).
2.
In Windows, select Network Connections/SWITCH/Internet Protocol Settings and click

on properties (SWITCH is the name of the interface).
3.
Change the C class of the IPaddress (for example: change 10.203.2 to 10.0.0).
You can use whatever you like for the C class of the IPaddress, but enVision appends a value
to each IPaddress as illustrated in the diagram below:
D-2
Change IPaddresses in enVision Configuration Wizard to

Match Renamed Appliance Addresses
Factory and system typing of your appliance is done before delivery. However, if you are re-imaging
your appliance, you must do this before you change IPaddresses in enVision configuration wizard to
match renamed appliance addresses.
To update the enVision configuration wizard for the renamed IPaddresses:
1.
Start the appliance setup tasks (see Multiple Appliance Setup Tasks in Chapter 3. Multiple
Appliance Site) and stop after your complete task 8.
The enVision configuration wizard starts automatically.
2.
Click Cancel to stop the enVision configuration wizard.
3.
Go to C:\WINDOWS\system32\drivers\etc.
This folder contains the lsconfiguration.cfg file (enVision configuration wizard).
4.
Edit the SwIpBase=10.203.2 IPaddress in the lsconfiguration.cfg file so that the enVision
appliances IPaddresses match the newly renamed addresses.
For example, change SwIpBase=10.203.2 to SwIpBase=10.0.0
5.
Save the edited lsconfiguration.cfg file.
6.
Double click on E:\nic\3500\servername\bin lsconfiguratiuonwizard.exe to restart the

configuration wizard so you can finish configuring enVision with the renamed IPaddresses.
7.
Ping each machine to make sure that the renamed IPaddresses are correct.
D-3
Appendix E. Customer-Provided Storage

You can use the following storage arrays with a multiple appliance site:
EMC Celerra
NetApp FAS (Network Appliance Fabric-Attached Storage) Series
The audience for this appendix is anyone that specifies storage requirements for RSA enVision log
storage and engineers performing installation and configuration of servers.
E-1
EMC Celerra Storage

This section gives you the requirements and configuration steps you need to add customer-provided
Network Attached Storage (NAS 3500) to RSA enVision for data storage.
RSA enVision limits you to the following certified platforms for customer provided storage:
EMC Celerra NS Series / Integrated
EMC Celerra NS Series / Gateway
EMC Celerra NSX Gateway
You must connect NAS 3500 to the RSA enVision storage network switch and configure NAS 3500
prior to configuring enVision.
NAS 3500 Requirements

Here are the minimum requirements for NAS 3500 hardware to function as RSA enVision storage, per
LS site:
Minimum number of Data Movers = 1 (dedicated to RSA enVision storage)
Recommended number of Data Movers = 2 (1 active, 1 failover)
Minimum of 15 FC HDDs1. HDD capacity depends on the data storage capacity required.
Dedicated 1 Gb network interface per Data Movers
The I/O workload generated by RSA enVision consists of simultaneous reads and writes. For the most part,
the reads are random. This workload is not suitable for ATA drives. You should use Fibre Channel drives due
to the random nature of the workload.
E-2
Network Configuration
To set up the appropriate network connections between RSA enVision and the network attached
storage, you must:
1.
Connect the primary Data Mover to the storage network switch.
2.
Connect the failover Data Mover to the storage network switch.

This is a recommended connection that increases data availability.
3.
Set up the network connections to the RSA enVision appliance according to the enVision
documentation. The following diagram shows you how to connect the enVision appliance to
the customer LAN and storage network switch:
RSA enVision 3.7.x Getting Started Guide 60 Series
E-3
NAS 3500 Configuration

To configure network attached storage, you set up a CIFS Server, local users2 and file systems/ CIFS
shares combinations.
CIFS Server
Use the following parameters to create the CFIS server:
IP address = 10.203.2.101 (Must be connected to the private switch)
Subnet = 255.255.255.0
DNS Server = 10.203.2.11 (D-SRV IP address)
CIFS Server authentication = Local users
NTP3 Server = 10.203.2.11 (D-SRV IP address)
Local Users
Username
Password
NIC_System
n!0A6y_7tbE9z3
Master
themaster01
NIC_sshd
1937Partanna1985
NIC_sftp
1937Partanna1985
You need local user authentication to ensure that the RSA enVision local collectors can authenticate through
to NAS 3500 when the Window domain controller is not available; otherwise data collection may be
interrupted.
3
You must have time synchronization between NAS 3500 and the RSA enVision appliances. This time
synchronization is essential for CIFS.
E-4
File Systems/CIFS Shares Combinations

The minimum requirement for RSA enVision are the vol0 and vol1 file systems/CIFS shares
combinations (for enVision D-SRV and LC1 respectively). If you use additional Local Collectors, you
must create the vol2 and vol3 file systems/CIFS shares combinations. Here is an example of the file
systems/CIFS shares combinations you must set up if you additional Local Collectors.
File system name
CIFS share name
vol0
vol0
vol1
vol1
vol2
vol2
vol3
vol3
For RSA enVision 3.3.x, RSA recommends that you use a separate file system for each CIFS Share.
There is a daily potential of 122,8804 files that each Local Collector could write to NAS 3500 resulting
in a total of 368,6405 files per day.
For RSA enVision 3.7.x, the number of files6 created has been significantly reduced and a single file
system for all 3 Local Collectors will suffice.
This is for RSA enVision 3.3.x, with 1024 devices

This is for RSA enVision 3.3.x.
6
For RSA enVision 3.7.x, the number of files created per day has a maximum of 10240 for a single Local
Collector.
5
E-5
enVision 3.7.x and EA

Within RSA enVision 3.7.x, you can configure Enhanced Availability (EA) for the Local Collector
appliances. For EA, data storage continues to use the CIFS protocol. In addition, you must fulfill an
iSCSI LUN storage requirement.
You must complete the following steps to configure NAS 3500 to support iSCSI for the enVision EA
system. The details behind each step are NAS 3500-specific:
1.
Configure the iSCSI service to run over the same IP address as CIFS.
2.
Configure NAS 3500 to have one iSCSI volume of size 1024 MB.
3.
Configure iSCSI volume to have one target, at LUN 0.
4.
Configure the iSCSI service to support discovery on port 3260.
5.
Configure the iSCSI service to support multiple logins.
6.
Add the following IQN names to allow them access to the iSCSI LUN 0:
iqn.2006-01.nic.niceacluster:CA1.niceacluster.nic
iqn.2006-01.nic.niceacluster:DS1.niceacluster.nic
iqn.2006-01.nic.niceacluster:DS2.niceacluster.nic
E-6
NetApp FAS Series

Here is the suggested IP addressing scheme and wiring:
E-7
CIFS shares and Directory Structure

Use the default directory structure on the NetApp storage array by adding the directory structure that
suits your needs shown below.
For each node that stores data on the storage array, the storage location within enVision should be
configured using Manage Storage Location window within enVision. See the enVision online Help for
Event Storage Locations for more information.
RSA enVision
appliances
CIFS Directory Shares
D-SRV
\\10.203.2.101\vol0
LC1
\\10.203.2.101\vol1
LC2
\\10.203.2.101\vol2
LC3
\\10.203.2.101\vol3
Hardware Requirements
The minimum requirements for NetApp FAS to function as an enVision log storage location, per
enVision multiple appliance site, are as follows:
Hardware
Minimum Requirements (per enVision multiple appliance site)
NetApp FAS
Minimum NetApp Filer = 1 NetApp FAS270 or equivalent (dedicated to

RSA enVision storage)
Recommended = 2 NetApp FAS270 or equivalent (dedicated to RSA

enVision storage, 1 active, 1 failover)
Dedicated 1 * Gb network interface per NetApp Filer
Disk drive requirements per NetApp Filer
Network Switch
minimum 15 * FC drives (number and capacity of drives can be

increased per customer data retention requirements)
RAID DP
Layer 2 GbE network switch

o
1 * GbE port per enVision appliance
1 * GbE port per NetApp Filer
The minimum hardware requirements, stated above, have been certified for RSA enVision data storage
up to 30,000 EPS.
E-8
Setup Requirements
Here are the setup requirements for the NetApp FAS:
NetApp Filer IP address: 10.203.2.101
Time: Time synchronization to the NetApp Filer and RSA enVision appliances should
exist, based on the same time source. This ensures that time sync is maintained between
the NetApp FAS Filer and enVision appliance. This time synchronization is essential for
CIFS.
CIFS: The following CIFS Shares must be created on the NetApp Filer, each on a
separate file system, one for each enVision collector:
vol0 (used for Common Storage Directory, CSD)
vol1 (used for RSA enVision Local Collector 1)
E-9
Connecting RSA enVision Appliances to the NetApp FAS

The NetApp FAS connects to a multiple or single appliance site through a network switch. Each
enVision appliance connects to the network switch and the NetApp FAS connects to the network
switch.
The network connections between the appliances, switch and storage array are as follows:
To connect enVision appliance to the NetApp FAS:
E-10
1.
Connect network cables from the enVision appliances to switch and storage array to switch.
2.
Connect the network connection from the enVision appliance through the network interface
named SWITCH.

The IP addresses on the SWITCH network interface is based on the appliance type
Appliance IP Addresses
Appliance
IP address
D-SRV
10.203.2.11
A-SRV1
10.203.2.21
A-SRV2
10.203.2.22
LC1
10.203.2.31
LC2
10.203.2.32
LC3
10.203.2.33
E-11
NetApp CIFS File Storage Authentication

There are three options for authenticating NetApp FAS to the enVision appliance:
Local user authentication method using existing enVision users (recommended)
NetApp Multistore authentication using method
Authentication of the EMC Celerra NS352 or NS22 to the enVision appliance through adding
the EMC Celerra NS352 or NS22 to the enVision Windows Domain (not the recommended)
Local User Authentication Method using Existing enVision Users

The enVision appliance ships with four users that enVision needs to run:
master
nic_system user
nic_sshd
nic_sftp
If you create these users on the NetApp FAS with the same password as stored in the enVision
systems, Windows ensures that the local user has the rights to storage. If the password changes on the
enVision appliances, the password must be reset on the NetApp FAS. This is the recommended
authentication method.
To use the local user authentication method using existing enVision users:
1.
2.
Add the following four users to the EMC Celerra NS352 or NS22 CIFS server, previously
created:
Username
Password
master
themaster01
NIC_System
n!0A6y_7tbE9z3
nic_sshd
1937Partanna1985
nic_sftp
1937Partanna1985
Ensure that these four users have full control to the appropriate CIFS share.
Details on adding the users to the NetApp FAS are detailed below:
NetApp Multistore Authentication Method
NetApp Multistore is a product from NetApp that allows a single NetApp appliance to authenticate and
share to multiple domains. MultiStore allows the creation of separate private logical partitions in filer
network and storage resource. Each virtual storage partition maintains absolute separation from every
other storage partition. The result is that multiple domains can exist on a single NetApp Filer.
Call your NetApp sales representative for details on using the NetApp Multistore product.
E-12

Authentication of the NetApp FAS to the enVision Appliance through Adding the
NetApp FAS to the enVision Windows Domain
You can perform authentication of the NetApp FAS to the enVision appliance by adding the NetApp
FAS to the enVision Windows Domain but is not the recommended method.
In order for the NetApp FAS to be added to the enVision Windows Domain, the domain first needs to
exist.
To use the authentication of the NetApp FAS to the enVision appliance by adding the NetApp
FAS to the enVision Windows domain method:
1.
Prior to running the enVision configuration wizard, set

IiWaitForCelerraConfiguration=YES in the lsconfigurationwizard.cfg file.
2.
Run the enVision configuration wizard lsconfigurationwizard.exe.
3.
During the wizard process, the Windows domain is created and the appliances restart. The
wizard displays the following message:
The Celerra configuration flag has been set. Configure your Celerra device now
and then click OK to proceed
Use the NetpApp FAS Control Station to add the previously created CIFS Server to the
enVision Windows domain.
Complete the enVision configuration wizard.
4.
Re-configure the enVision NIC Packager and NIC Collector services so that they operate with
the network attached storage. By default, the NIC Packager Service is run by a local user
account which you must reconfigure to be run by a domain user account.
On each Local Collector (LC) appliance, perform the following:
a.
In the Start menu select Runtservices.msc.
b.
Complete the following for the NIC Packager Service:

i.
Right-click on NIC Packager Service and select Properties.
ii.
On the NIC Packager Properties window, click the Log On tab.
iii.
Under the parameter This Account replace .\NIC_System with

enVision Windows domain name\NIC_System.
For example, testemc.nic\NIC_System, where testemc.nic is the Windows domain
name of the enVision appliances.
iv.
Type n!0A6y_7tbE9z3 in the Password and Confirm password fields. Click OK.
Here is the NI
v.
Stop and start the NIC Packager Service.
E-13

c.
Complete the following for the NIC Collector Service:

i.
Right-click on NIC Collector Service and select Properties.
ii.
On the NIC Collector Properties window, click the Log On tab.
iii.
Under the parameter This Account replace .\NIC_System with

enVision Windows domain name\NIC_System.
For example: testemc.nic\NIC_System, where testemc.nic is the Windows domain
name of the enVision appliances.
iv.
Type n!0A6y_7tbE9z3 in the Password and Confirm password fields. Click OK.
Here is the NI
v.
E-14
Stop and start the NIC Collector Service.
NetApp CIFS Configuration

You must configure the network share, CIFS, Common Internet File System, on the NST Storage
Array to authenticate against the pre-configured enVision appliance domain.
1.
Connect to the NetApp storage array using telnet from the enVision D-SRV appliance (which
is connected to the network switch, with a default IP address of 10.203.2.100).
2.
At the Username prompt type root.
3.
At the Password prompt type your factory default password.
4.
Set the time and timezone. The NetApp server must be set to the same time and timezone as
the D-SRV by setting both devices to the same NTP time source.
At the NIappStor prompt type date CCyymmddhhmm (where CCyy is the year, mm is the
month, dd id the date, hh is the hour, and mm is the minute. For example, 200603281521 for
a date/time of March 28 2006 15:21.
5.
Set the Windows domain. At the NIappStor prompt type timezone timezone (for more
information see the Data ONTAP 7.0 Software Setup Guide, Appendix B.).
6.
Set the Windows DNS domain. At the NIappStor prompt type options dns.domainname
Windows domain name (where Windows domain name is your unique NIC domain name).
7.
At the NIappStor prompt type cifs terminate.
8.
At the NIappStor prompt type cifs setup.

This process enables CIFS access to the filer from a Windows system. (Type ? for help at any
prompt and Ctrl-C to exit without committing changes.)
The following prompts display (type the responses shown in red text):
a.
This filer is currently a member of the Windows-style workgroup WORKGROUP.

Do you want to continue and change the current filer account information? [n]: y
Your filer does not have WINS configured and is visible only to clients on the same
subnet.
b.
Do you want to make the system visible through WINS? [n]: n

This filer is currently configured as an NTFS-only filer.
c.
Would you like to reconfigure this filer to be a multiprotocol filer? [n]: n

The default name for this CIFS server is NIAPPSTOR.
d.
Would you like to change this name? [n]: n
E-15

e.
Data ONTAP CIFS services support four styles of user authentication.

Choose the one from the list below that best suits your situation.
(1) Active Directory domain authentication (Active Directory domains
only)
(2) Windows NT 4 domain authentication (Windows NT or Active
Directory domains)
(3) Windows Workgroup authentication using the filers local user accounts
(4) /etc/passwd and/or NIS/LDAP authentication
f.
Selection (1-4)? [1]: 1
g.
Do you want to configure the filers DNS resolver service? [y]: y

Note: To operate correctly within an Active Directory-based Windows domain,
CIFS must use the DNS resolver service. That service is currently not configured on
the filer. You must either configure DNS resolver services or choose a different
authentication style.
h.
What is the filers DNS domain name? [ENVISION.nic]: unique NIC domain name
i.
What are the IPv4 address(es) of your authoritative DNS name server(s)?:
10.203.2.50
j.
Would you like to specify additional DNS name servers? [n]: n
k.
What is the name of the Active Directory domain? [ENVISION.NIC]: press Enter
(accepts default which is your unique domain)
Note: To create an Active Directory machine account for the filer, you must supply
the name and password of a Windows account with sufficient privileges to add
computers to the ENVISION.NIC domain.
l.
Enter the name of the Windows user [Administrator@ENVISION.NIC]: master
m. Password for master: your unique master username password

CIFS - Logged in as master@ENVISION.NIC.
n.
The user that you specified has permission to create the filers machine account in
several (x) containers. Please choose where you would like this account to be
created.
(1) CN=computers
(2) OU=Domain Controllers
(3) None of the above
Selection (1-3)? [1]: 1
E-16

9.
The following message displays:

CIFS - Starting SMB protocol...
Welcome to the ENVSION.NIC (ENVISION) Active Directory(R) domain.
CIFS local server is running.
10. At the NIappStor prompt press CTRL-D.
E-17

RSA EnVision 3.5.x Getting Started Guide 60 Series

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

RSA EnVision 3.5.x Getting Started Guide 60 Series

Uploaded by

Copyright:

Available Formats

RSA enVision

Getting Started Guide

Copyright 1996 - 2007 RSA Security Inc.

End-User License Agreement

Grant of License. The Software is licensed, not sold, and the

only in accordance with this EULA.

Title and Copyright. Except for the rights expressly granted

You may receive the Software in more than one medium.

U.S. Government Restricted Rights. The Software and

Governing Law and Jurisdiction.

a) Limited Software Warranty. RSA warrants that the

The following license provisions shall apply for use of the

Other rights and limitations. You may not Reverse engineer,

b) Hardware Warranty. For hardware products purchased

MAKES NO OTHER WARRANTIES, EXPRESS, IMPLIED OR

Confidentiality. You agree to hold the Software and

14. Entire Agreement. This EULA constitutes the entire agreement

Software and Hardware Maintenance Agreement

Support Access. Qualified personnel will: (1) Aid in the

Standard Coverage: Monday through Friday, 8:30 a.m.

Premium Coverage: Twenty-four (24) hours a day,

Software Updates. We shall make available all bug fixes,

Hardware Support Services.

Material Defect. If a material defect is identified in the

Advance Replacement. Solely on the approval of a RSA

Cooperation. During the term of this SHMA, you agree to:

Designated Contact. You shall designate a contact person

End-User License Agreement. During the term of this SHMA,

Intellectual Property Rights. We and you agree that

Fees, Term and Termination for Software and Hardware

Initial Term. The Initial Term of this Agreement, covering

commence on the first day the Product is registered with

Renewal Term. Your current Maintenance Support shall

Limited Warranty and Limitation of Liability.

Standard of Care. We warrant that the Support Services will

Limitation of Liability. RSAS LIABILITY IN CONTRACT,

Force Majeure. In the event that either party is prevented from

Governing Law and Jurisdiction. This SHMA shall be

Entire Agreement. This SHMA constitutes the entire agreement

2. Single Appliance Site....................................................................................................... 2-1

3. Multiple Appliance Site ................................................................................................... 3-1

4. Multiple Appliance Site with Enhanced Availability ...................................................... 4-1

RSA enVision Getting Started Guide

6. Next Steps ........................................................................................................................ 6-1

Appendix A. Hardware Specifications and Requirements ................................................... A-1

Hard-Drive Indicator Codes.................................................................................. A-4

Power Indicators ................................................................................................... A-7

Appendix C. Dell Remote Access Controller Utility (DRAC)..............................................C-1

Appendix D. Changing Private enVision Network IP Addresses......................................... D-1

Appendix E. Customer-Provided Storage..............................................................................E-1

RSA enVision Getting Started Guide

Local User Authentication Method using Existing enVision Users ....................E-12

RSA enVision Getting Started Guide

Instructions on configuring your enVision site.

Instructions on migrating your data from a previous version of

Comprehensive online guide to setting up enVision processing

Literal values (values that the user

Fields, buttons, menu items, and so

Bold font. (Note: Screen names are not bold.)

Keys (on the keyboard)

Example: Type New Report.

Example: Type New Report in the Description field on the Report

RSA enVision Getting Started Guide

download all product documentation.