CiscoWorks 1160 Security Information Management Solution Engine 3.1 Installation and Configuration Guide - Installing and Configuring the Security Information Management Solution Engine [CiscoWorks Security Information Management Solution]

Table Of Contents

Installing and Configuring the Security Information Management Solution Engine

Quick Reference

Installing the SIMS Engine

Installing the SIMS Engine in a Rack

Connecting to the Power Source

Connecting Cables

Powering On the SIMS Engine

Configuring the SIMS Engine

Name Resolution

Configuring the SIMS Engine without a DNS Server

Verifying the Configuration

Configure the Browser

Verifying HTTP Connectivity

Installing and Configuring the Security Information Management Solution Engine

This chapter describes how to install and configure the SIMS Engine. It contains the following sections:

•Quick Reference

•Installing the SIMS Engine

•Connecting to the Power Source

•Connecting Cables

•Powering On the SIMS Engine

•Configuring the SIMS Engine

•Verifying the Configuration

•Verifying HTTP Connectivity

Quick Reference

Table 3-1 provides a high-level overview of the installation process.

Table 3-1 Quick Reference

Task

Steps

References

Install the SIMS Engine.

1. Attach the chassis support brackets to the chassis.

2. Attach the rack mount brackets to the rack.

3. Put the chassis into the rack.

4. Fasten the chassis in the rack.

Installing the SIMS Engine

Connect to a power source.

Connect to an AC power source.

Connecting to the Power Source

Connect cables.

1. Plug the network connection into the Ethernet 0 port.

2. Connect a terminal to the console port.

Connecting Cables

Power on the Security Information Management Solution Engine.

Press the power switch.

Powering On the SIMS Engine

Configure the Security Information Management Solution Engine.

1. Boot the SIMS Engine and log in.

2. Configure the SIMS Engine's connectivity by responding to the first set of prompts.

Configuring the SIMS Engine

Verify the configuration.

1. Log in at the system console.

2. If you are using name resolution, verify that the Security Information Management Solution Engine can resolve host names.

3. Verify that the SIMS Engine can communicate with the network.

4. Verify that the configuration is correct.

5. Verify that the system time and date are correct.

Verifying the Configuration

Configure the browser.

Refer to netForensics documentation for information about configuring a web browser to work with SIMS.

Configure the Browser

Verify HTTP connectivity.

Verify that you can connect to the SIMS Engine via HTTP.

Verifying HTTP Connectivity

Installing the SIMS Engine

This section provides instructions for installing the SIMS Engine in a rack. The rack must be properly secured to the floor, to the ceiling or upper wall, and where applicable, to adjacent racks. The rack should be secured using floor and wall fasteners and bracing specified or approved by the rack manufacturer or by industry standards. See the rack manufacturer's installation documentation for precautionary warnings and information before trying to install the SIMS Engine.

Before installing the SIMS Engine in a rack, read Preparing Your Site for Installation, page 2-8, to familiarize yourself with the proper site and environmental conditions. Failure to read and follow these guidelines could lead to an unsuccessful installation and possible damage to the system and components. Perform the steps below when installing and servicing the SIMS Engine:

•Disconnect all power and external cables before installing the system.

•Install the system in compliance with your local and national electrical codes:

–United States: National Fire Protection Association (NFPA) 70; United States National Electrical Code.

–Canada: Canadian Electrical Code, Part, I, CSA C22.1.

–Other countries: If local and national electrical codes are not available, see IEC 364, Part 1 through Part 7.

•Do not work alone under potentially hazardous conditions.

•Do not perform any action that creates a potential hazard to people or makes the equipment unsafe.

•Do not attempt to install the SIMS Engine in a rack that has not been securely anchored in place. Damage to the system and personal injury may result.

•Due to the size and weight of the computer system, never attempt to install the computer system by yourself.

Warning Before working on a system that has an on/off switch, turn OFF the power and unplug the power cord.

Warning Do not touch the power supply when the power cord is connected. For systems with a power switch, line voltages are present within the power supply even when the power switch is off and the power cord is connected. For systems without a power switch, line voltages are present within the power supply when the power cord is connected.

See Chapter 2, "Preparing for Installation," for additional safety information about installing the SIMS Engine.

Installing the SIMS Engine in a Rack

The server can be installed in a system 1U rack. A rack cabinet can accommodate up to 42 S12 servers.

The rack rail components are as follows (numbers in parentheses refer to Figure 3-1):

•Two server rails (1)

•Two telescopic rails (2)

•Four brackets (3)

•One bag containing:

–Silver colored bolts with 6MM heads

–Silver colored bolts with round heads

–Gold colored bolts with round heads

–Washers

–Nuts

Figure 3-1 Rack Rail Components

To install the Security Information Management Solution Engine in a rack, perform the following steps:

Step 1 Attach the brackets to the telescopic rails:

a. See Figure 3-2. Extend the server rail (1) as far as it will go.

b. Press the spring plate (2) and remove the server rail (1). (Set it aside for attaching to the server.).

Figure 3-2 Removing the Server Rail

c. See Figure 3-3. Fix the bracket (5) to the front end of the telescopic outside rail (8) by firmly tightening the four (round head silver) bolts (1). (You will have to slide the inside rail (3) back and forth to do this.)

Figure 3-3 Attaching Bracket to Telescopic Rail Back

d. Extend the rails fully.

e. See Figure 3-4. Attach the bracket to the back end of the rail (2) using the four (round head, silver) bolts (1).

f. Repeat this process with the other rail and brackets.

Figure 3-4 Attaching Bracket to Telescopic Rail Front

Note Leaving some play between the bracket and the rail until you install the rail into the rack will make affixing the rail to the rack easier. After the rail is attached to the rack, you can tighten the screws.

Warning To prevent bodily injury when mounting or servicing this unit in a rack, you must take special precautions to ensure that the system remains stable. The following guidelines are provided to ensure your safety:

•This unit should be mounted at the bottom of the rack if it is the only unit in the rack.

•When mounting this unit in a partially filled rack, load the rack from the bottom to the top with the heaviest component at the bottom of the rack.

•If the rack is provided with stabilizing devices, install the stabilizers before mounting or servicing the unit in the rack.

Step 2 Attach the telescopic rails to the rack:

a. See Figure 3-5. Secure the front end of the rail to the front of the rack frame (1) with two (6MM head) bolts (3).

Figure 3-5 Securing Rail Front to Rack Frame

b. See Figure 3-6. Secure the back of the rail to the back of the rack frame (1) using two (6MM head) bolts (2).

c. Repeat this process with the other rail.

Figure 3-6 Securing Rail Back to Rack Frame

Step 3 Attach the chassis rail to the chassis:

a. See Figure 3-7. Align the first bolt hole on the front of the inside rail (2) with the first bolt hole on the side of the server. (The spring plate is facing out.)

b. Secure with four (6MM head) bolts (4).

c. Repeat this process with the other server rail.

Figure 3-7 Attaching Chassis to Rail

Connecting to the Power Source

Warning Never defeat the ground conductor or operate the equipment in the absence of a suitably installed ground conductor. Contact the appropriate electrical inspection authority or an electrician if you are uncertain that suitable grounding is available.

Connect the AC power receptacle to the AC power source with the provided power cable.

Connecting Cables

Use unshielded twisted pair (UTP) copper wire Ethernet cable, with standard RJ-45 compatible plugs, to connect the SIMS Engine to the network.

To connect the cables:

Step 1 Plug the network connection into the Ethernet 0 port. For the location of the Ethernet 0 port, see Figure 1-2.

Step 2 Connect a console to the console port:

a. Attach a DB-9 to RJ-45 adapter (provided) to the serial port of the console.

b. Attach a DB-9 to RJ-45 adapter (provided) to the console port of the SIMS Engine, on the rear panel.

c. Connect the console to the SIMS Engine using an RJ-45 cable (provided).

Warning Do not work on the system or connect or disconnect cables during periods of lightning activity.

Powering On the SIMS Engine

To turn the power on or off, press the power switch. The SIMS Engine takes up to 60 seconds to power off.

The system begins booting and sending messages to the console window. When the login prompt appears, you can configure the system.

Configuring the SIMS Engine

Configure the SIMS Engine when you boot the system for the first time, and whenever you manually erase the configuration using the erase config command. See erase config for details on how to use this command.

Press the Backspace key or the Delete key to delete characters when inputting a response to a prompt. You cannot edit a response after you press the Enter key. To change an entered response, you must exit the setup program, run erase config and enter your responses again in the setup program.

You can exit the setup program in two ways:

•Press Ctrl-c.

The login prompt appears. Log in as the user setup to run the setup program.

•Or enter no at the final prompt:
Would you like to save this configuration? [yes].
The setup program exits without saving the configuration, then restarts.

To configure the SIMS Engine, perform the following steps:

Step 1 Power on the SIMS Engine.

When the system finishes booting, a login prompt appears on the console.

Step 2 At the login prompt, enter setup.

When you boot the system for the first time, it is not configured. Logging in as setup allows you to configure the system.

Step 3 Enter responses to the first set of prompts to configure SIMS Engine connectivity. Table 3-2 describes how to respond to the prompts. After entering the required information, press Enter to proceed to the next prompt.

Table 3-2 General Configuration

Prompt

Response Description

Sample Response

login:

Enter setup

setup

host name:

System hostname.

SolutionEngine

domain name:

System domain name.

cisco.com

<admin> password:

Sets the password for the default user admin.

Characters you type do not appear on screen.

Note Default user admin is reserved and cannot be deleted or changed.

wq1Cvu2pl

confirm passwords

re-enter password to verify that you typed it correctly.

Characters you type do not appear on screen.

wq1Cvu2pl

eth0 ip address:

IP address of Ethernet 0 interface.

209.165.200.224

eth0 network mask:

Network mask of Ethernet 0 interface.

255.255.255.224

default gateway ip address:

IP address of default router that connects SIMS Engine to network.

209.165.200.224

DNS server ip address:

IP address of DNS server that SIMS Engine uses for name/address resolution.The setup program does not validate the IP address you enter.

If you are not using a DNS server, see the "Configuring the SIMS Engine without a DNS Server" section for instructions before proceeding.

209.165.201.1

Would you like to save this configuration? [yes]:

One of the following:

•Type yes and press Enter to save the configuration. The configuration is saved and system reboots.

•Type no and press Enter to exit without saving configuration and run the setup program again.

Enter

If you want to change the information in the setup configuration, use the following CLI commands:

•To change the hostname, use the hostname command.

•To change the domain name, use the ip domain-name command.

•To change the DNS server, or add up to 2 other DNS servers, use the ip name-server command.

•To configure or reconfigure an ethernet port, use the interface command.

If you want to change any other part of the SIMS Engine's setup configuration, use the erase config command to erase the previous configuration, and run the setup program again.

Name Resolution

The Security Information Management Solution Engine resolves hostnames by using a Domain Name System (DNS) server, or by using the import CLI command. If you are using a DNS server, register the system in DNS on a DNS server. Use the SIMS Engine's hostname as its DNS name.

The Security Information Management Solution Engine does not require name resolution, but if it is not used, the following problems are among those that will occur:

•Hostnames will not resolve.

•Connecting to the Security Information Management Solution Engine via Telnet will be slow. You will be able to connect to the Security Information Management Solution Engine only after name resolution on the client times out.

•Ping and traceroute commands will result in 100% packet losses in 4 out of 5 ICMP packets. This occurs because the Security Information Management Solution Engine times out when attempting reverse DNS lookup.

•IP addresses will appear in hostname columns.

Configuring the SIMS Engine without a DNS Server

If you are not using a DNS server, perform the same steps described in the "Configuring the SIMS Engine" section, with the following exceptions:

Step 1 At the DNS sever ip address: prompt, enter any IP address.

Step 2 After you finish configuring the SIMS Engine, erase the IP address you entered by entering the following CLI command:

no ip name-server ip-address

where ip-address is the IP address you entered at the DNS sever ip address: prompt. For more information, see "ip name-server" section.

Verifying the Configuration

While at the console, verify that the SIMS Engine is correctly configured by performing the following steps:

Step 1 At the system console, enter admin at the login prompt, and enter the password you created during setup at the password prompt.

If you cannot log in, see the "Cannot Log Into the System" section on page A-1 for troubleshooting information.

Step 2 Enter the following command to verify that the system can communicate with the network:
# ping ip-address
where ip-address is the IP address of a host that is accessible on the network. A DNS server is an excellent host to ping because it should always be running and accessible.

For information about the ping command, see the "ping" section.

If the system cannot communicate with the network, see the "SIMS Engine Cannot Connect to the Network" section on page A-2 for troubleshooting information.

Step 3 If you are using a DNS server, enter the following command to verify that the SIMS Engine can obtain DNS services from the network:
# nslookup dns-name
where dns-name is the DNS name of a host that is registered in DNS.

If the browser cannot obtain the IP address of the host from DNS, make sure that the hostname has been configured in the DNS server. Then use the ip name-server command to specify that DNS server for address resolution. See "ip name-server" section for information about this command.

Step 4 Enter the command show config to verify that the configuration is as you expected. See "show config" section for information about this command.

Step 5 Enter the show clock command to verify that the system time and date are correct in Coordinated Universal Time (UTC). If the time or date is incorrect, set the correct time and date. If your network uses network time protocol (NTP), configure the system to use NTP. The NTP server will set the date and time.

For more information about configuring time and date, see the "System Time or Date Is Incorrect" section on page A-5.

Step 6 Enter the exit command to log out of the system.

Configure the Browser

Refer to netForensics documentation for information about configuring a browser to work with SIMS.

Verifying HTTP Connectivity

To verify HTTP connectivity, enter the system IP address in a browser.

For example, if the system IP address is 209.165.202.128, enter http://209.165.202.128.

If a login dialog box appears, you have connectivity.

If you cannot connect to the SIMS Engine, see the "Cannot Connect to the SIMS Engine Using a Browser" section on page A-4.