Raritan CC-NOC Quick Installation And Setup Manual

Thank you for purchasing Raritan's CommandCenter NOC (CC-NOC). The primary function of a CC-NOC is to man-
age nodes in your network. Nodes are discovered automatically if their IP address is within the
managed range of addresses. In addition to network discovery, a CC-NOC also provides service management, a data-
base of network information, a rules engine, a notification engine, and a web server. A CC-NOC can also be instructed
to collect statistics from your Windows systems, monitor network traffic for intrusion attempts and bandwidth perform-
ance, and scan your systems for vulnerabilities.
Identify Hardware and Software in Your Network
You may need to identify the software and hardware in your network for software auditing or compliance reporting. With
CC-NOC, you can. With a few clicks, you can find out the number of Microsoft Office XP Professional licenses that have
been installed or the manufacturer of all your equipment.
Monitor Outage and Network Availability
A CC-NOC continuously monitors your dynamic network and keeps the people (admins) who need to know informed of
important network changes and events. DBAs want to know if mission critical database servers go down. A notification
will go out only to the pertinent DBAs. Therefore, a network event is closely mapped to relevant IT expertise.
Identify Security "Hot Spots" and Improve Network Security
To help you plan for improved security or assist in compliance activities (for example, Sarbanes-Oxley), you can run
intrusion detection reports to identify potential "hot spots" in your network or to ensure that your most mission-critical or
key infrastructure machines (those with financial data) have not been attacked. Once identified, you can then increase
security by adding firewall rules to those machines or changing the settings to be more restrictive.
Identify Vulnerabilities on Your Systems
Once configured, a CC-NOC looks for vulnerabilities on specified nodes in the network and works in conjunction with
the authentication credentials used by Windows Management. Using the Vulnerability Browser, trends can be identified.
Links to the public Common Vulnerabilities and Exposure List database http://www.cve.mitre.org are provided to pro-
vide more information about the vulnerabilities. With a few clicks, you can install Microsoft patches on machines that
have vulnerabilities.
Capacity Planning and Traffic Analysis
With CC-NOC, you can analyze your traffic to help with capacity planning of your networks or to determine the reason
for spikes in your network. Using traffic analysis will help in identifying the source host if you are experiencing a slow-
down in your network. Traffic summaries can be analyzed to identify potential problems in your network or to prevent
problems from ever occurring.
Access CommandCenter Secure Gateway (CC-SG)
Associating a CommandCenter Secure Gateway (CC-SG) with a CC-NOC allows your users more flexibility when solv-
ing issues by giving them direct KVM (Keyboard, Video, Mouse) access to problem devices. CC-NOC users can be
authenticated remotely by CC-SG to provide an enhanced seamless mode of operation and Single Sign-on (SSO)
access to CC-SG targets. With one-click access to CC-SG and SSO access to targets, a CC-NOC user can move eas-
ily between systems.
View Syslog Events on CC-NOC
A syslog receiver is registered on a CC-NOC. To forward syslog events to a CC-NOC appliance, enter the IP address
of the CC -on a wireless router (e.g., Netgear, Linksys) that is connected to your Unix, Linux machines. The syslog
severities are mapped to corresponding severities on the CC-NOC.
Questions? Contact Raritan Support: 1-800-724-8090, press 6, press 1.
FAX: 732-764-8887 email: tech-ccnoc@raritan.com
http://www.raritan.com
I. Planning and Preparation
Client PC Planning
- DNS Addresses: CC-NOC must know
the DNS servers used for host resolution.
Access CC-NOC through a serial port on a
- Timezone: Specify the correct time
PC with a terminal emulation program
zone for accurate reporting.
(Hyper Terminal, Tera Term, etc.) for initial
- Email Communication Requirements:
setup. Additional configuration is carried out
CC-NOC must be able to send SMTP traffic
through a web browser. The browser must
to send notifications of events.
have Javascript enabled to function correct-
Secondary Information
ly. These browsers and operating systems
are supported on the client PC:
You should also consider:
- ISP Gateway: Monitor your ISP connec-
Browser OS
IE 6.0 Win2K tion, supply the ISP Gateway address.
Mozilla 1.7 Win 2K, Win XP, Solaris 10
- SNMP Community Strings: Receive
Mozilla 1.7 RedHat9
traps and gather performance information
Mozilla Firefox 1.0 Win 2K, Win XP, Solaris 10
from SNMP-enabled node, supply commu-
Mozilla Firefox 1.0 RedHat9
nity strings for the systems you want to col-
Netscape 7.2 Win 2K, Win XP, Solaris 10
lect performance data for.
Netscape 7.2 RedHat9
- NTP Server: Synchronize clocks over a
Primary Information
network using NTP protocol, install a NTP
Prior to setup, collect this information:
server.
- IP address of CC-NOC: CC-NOC must
CommandCenter Secure Gateway
have a static IP.
If you plan on using a CC-SG in conjunction
- IP address of Discovered Devices:
with a CC-NOC, you must know the IP
Identify the addresses (or range) that
address of the CC-SG. If using a CC-NOC
should be managed by a CC-NOC.
5.2 with CC-SG, the time settings on both
II. Physical Installation (all models)
CC-NOC ships with: 2. Mount the appliance safely in a rack or
place on a desktop/shelf.
- (1) Appliance, 1U, rack-mountable
3. Plug a Category 5 ethernet cable into
- (1) Standard US power cord
the Management port (labeled LAN 1). Plug
- (1) Null-modem cable
the other end of this cable into an ethernet
If any pieces are missing, please contact
hub/switch that can communicate with the
Raritan Support.
network to be managed.
4. Plug a second ethernet cable into the
1. Record the serial number for later use.
Monitor port (LAN 2). Plug the other end of
The number begins with CPP and can be
this cable into a "promiscuous port" (often
found on the bottom of the unit.
called "spanned" or "mirrored" port) on the
SERIAL:___________________________ switch or any port on a shared-media hub.
Please see Raritan's CC-NOC User Guide
10 8
2 1
5
Diagram Key
1. Serial Port 4. LAN2 7.
2. USB 5. Power Inlet 8.
3. LAN1 6. Power Button 9.
For more detailed instructions, please consult the Administrator Guide found on the enclosed CD-ROM or on the web at www.raritan.com. Rev. B May 2006 255-80-5320
systems must be configured to use an NTP
server for synchronization.
Windows Proxy
You must have a proxy to collect Windows
Management Instrumentation (WMI) data.
Note: Both CC-NOC 100 and CC-NOC 250
require configuration of an external proxy,
but if you are using a CC NOC 2500M in a
distributed environment, you can use the
internal proxy of the CC-NOC 2500M.
Spanned/Mirrored Ports
Devices must be able to see packets pass-
ing on a network in order for intrusion detec-
tion and network performance to function
properly. They require configuration of a
spanned or mirrored port.
Ethernet TAP
Instead of using a spanned or mirrored port,
an Ethernet tap could be used that may be
considered a more secure method in which
to listen to network traffic than a spanned
port. Place the Ethernet tap on the Ethernet
cable in the same location where an
Ethernet hub would be used.
for details on spanned ports.
Note: Step 4 applies only to CC-NOC
100/250 or CC-NOC 2500S.
5. Plug the power cord into the power inlet
on the CC-NOC unit. Plug the other end of
the power cord into a nearby power source.
6. Power ON the unit.
7. The system will boot and the power LED
on the front of the appliance will illuminate.
Wait approximately five minutes for the sys-
tem to complete initial startup tasks before
proceeding.
9
3 4
15 13 7
14 12 11
Power LED 10. Keyboard, Mouse Ports 13. LAN1 LED
Printer Port 11. Reset Button 14. LAN2 LED
Monitor Port 12. Disk Access LED 15. CPU Overheat LED
6