1. Manuals
  2. Brands
  3. skybox Manuals
  4. Server
  5. 6000
  6. Quick start manual

skybox 6000 Quick Start Manual

Automated risk and compliance management (arcm) platform
Hide thumbs Also See for 6000:
Table of Contents

Advertisement

Quick Links

Skybox Appliance 6000
Quick Start Guide
9.0.400
Revision: 11

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the 6000 and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for skybox 6000

Summary of Contents for skybox 6000

  • Page 1 Skybox Appliance 6000 Quick Start Guide 9.0.400 Revision: 11...
  • Page 2 Skybox Security. If you find any problems in the documentation, please report them to us in writing. Skybox Security does not warrant that this document is error-free. No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means—electronic, mechanical, photocopying,...

  • Page 3: Table Of Contents

    Before you open the box ................6 What’s in the box ..................6 Physical specifications ................7 Environmental specifications ..............7 MTBF estimates for Skybox Appliance ............9 Front panel ....................9 Back panel connectors ................11 Port mapping ..................11 File system partitions ................
  • Page 4 Skybox Appliance 6000 Quick Start Guide Installing Skybox Manager ............... 32 Upgrading the Manager ................32 Updating the operating system on Skybox Appliance ........33 Adding a customer certificate ..............35 Restoring the Appliance to factory defaults ..........36 Monitoring SNMP ..................37 Troubleshooting ..................

  • Page 5: Overview

    The Skybox platform consists of a 3-tiered architecture with a centralized server (Skybox Server), data collectors (Skybox Collectors), and a user interface (Skybox Manager). Skybox can be scaled easily to suit the complexity and size of any infrastructure. For additional information, see the Skybox architecture topic in the Skybox Installation and Administration Guide.

  • Page 6: Skybox Appliance Specifications

    RJ45 to DB9 serial console cable › Skybox Quick Start Guide › 2 DVDs Skybox: Installs Skybox on the Skybox Appliance; it contains the Skybox • software and additional Appliance documentation Restore Appliance: Restores the Skybox Appliance to factory settings •...

  • Page 7: Physical Specifications

    Chapter 2 Skybox Appliance specifications Physical specifications The physical features of Skybox are listed in the following table. Feature Description Form factor 1U rack Rack dimensions 1.70” x 17.24” x 27.93” (43.2mm x 438 mm x 709.37 (H x W x D) System weight: 31.8 lb (14.42 kg)
  • Page 8 Skybox Appliance 6000 Quick Start Guide Property Limits Shock, operating Half sine, 2 g peak, 11 msec Shock, Trapezoidal, 25 g, velocity change 136 inches/second unpackaged (≧40 lbs to <80 lbs) Shock, packaged Non-palletized free fall height: 24 inches (≧40 lbs to <80...

  • Page 9: Mtbf Estimates For Skybox Appliance

    Note: The estimates listed here are for Appliance in 35 C ambient air with a rise ° of up to 10 C at the Server Board. ° Front panel Skybox Appliance 6000’s front panel includes 2 USB connectors, plus a power button and LEDs. Skybox version 9.0.400...
  • Page 10 Skybox Appliance 6000 Quick Start Guide Power button and LEDs Letter Feature System ID button with integrated LED NMI button (recessed; tool required for use) NIC1 activity LED NIC3 activity LED System cold reset button System status LED Power button with integrated LED...

  • Page 11: Back Panel Connectors

    Skybox Appliance 6000’s back panel includes the connectors shown in the following figure. PORT MAPPING The mappings between physical ports on the back panel of Skybox Appliance and logical ports are listed in the following table. Back panel Logical port to which it is...

  • Page 12: Setting Up Skybox Appliance

    Before installing the rack mount kit, observe these safety guidelines: 1 Turn off all peripheral devices connected to Skybox Appliance. 2 Turn off Skybox Appliance by pressing the Power button on the front of the chassis, and then unplug the AC power cords from the chassis or wall outlet.

  • Page 13: System Configuration

    2 On the Appliance’s front panel, press the Power button. 3 Lock the front bezel in place using the key provided. System configuration Before running the Skybox Server, configure Skybox Appliance to be part of your network and perform initial system configuration. CONFIGURING CONNECTION...
  • Page 14 Skybox Appliance 6000 Quick Start Guide To configure Java security on your Windows machine to work with the 1 From the Windows Start menu, select Configure Java. Skybox version 9.0.400...
  • Page 15 Chapter 3 Setting up Skybox Appliance 2 In the Java Control Panel dialog box, click the Security tab. 3 In the Exception Site List field, add the URL for the RMM of the Appliance machine. Note: If you do not know the URL of the RMM, you can run the following...
  • Page 16 Skybox Appliance 6000 Quick Start Guide Privilege: Select Administrator. — User Status: Select Enabled. — User Name: Type the desired name. (Note: The name of the — anonymous user cannot be changed.) User Password: Type the desired password twice. —...
  • Page 17 Chapter 3 Setting up Skybox Appliance 5 If you are using DHCP, run ifconfig, and write down the IP address assigned to the Appliance. You will need it later. Configuration via serial port To configure connection using a serial port connection 1 Connect one end of the serial cable to a serial port on the management computer;...

  • Page 18: Setting Up The Appliance For Configuration

    2 To configure date and time manually: a. Select Manual Date and Time Configuration. b. Click Change Date and Time; set the date and time for Skybox’s time zone. c. Click Change Time Zone; set the time zone for the location where the Appliance is installed, so that reports and other data are timestamped correctly.
  • Page 19 Setting up Skybox Appliance Using Skybox for change tracking You can use Skybox to track changes on firewalls. Although much change information can be collected directly from the firewalls, additional information (including a timestamp and the user who made the change) is available only from syslog change events that are sent to the syslog server in the Appliance.

  • Page 20: Configuring The Appliance

    RADIUS authentication ............24 LDAP authentication ............25 Changing the TLS version ............. 27 Configuration and management options Skybox Appliance’s configuration options are described in the following table. Pane Description About tab System Provides information about Skybox configuration. Information Network tab Note that changes to the configuration information made in this tab are only saved after you click Save Network Configuration.
  • Page 21 Control tab Skybox Services Toggles the Server and Collector on and off. Note: Turning a Skybox service off stops the service and switches it to Manual mode. Turning the service on restarts the service and switches it back to Automatic mode.

  • Page 22: Setting Up Network Interface Bonding

    Skybox Manager Enables you to download the Manager for installation. Setting up network interface bonding Skybox Appliances support network interface bonding for redundancy and for higher bandwidth. To create a network interface bonding 1 On the Network tab, click Network Configuration.
  • Page 23 ARP replies sent by the local system on their way out and overwrites the source hardware address with the unique hardware address of a slave in the bond such that different peers use different hardware addresses for the server. Skybox version 9.0.400...

  • Page 24: Setting Up Snmp Configuration

    This topic explains how to configure RADIUS authentication for Skybox Appliance. Note: To use RADIUS authentication, the pam_radius package must be installed on the Skybox Server. You can check whether it is installed using the rpm –qa|grep pam_radius command. If you need help installing the package, contact Skybox Support.

  • Page 25: Ldap Authentication

    <user1> There is no need to set the password; it comes from RADIUS. You can now log in to Skybox with the user’s credentials: <user1> / <password> (using the password stored on the RADIUS server for this user). LDAP authentication This topic explains how to configure LDAP authentication for Skybox Appliance.
  • Page 26 Skybox Appliance 6000 Quick Start Guide Field Description Certification Certificate Authorities When using SSL certification, a list of all the CA chains needed Certificates to certify the LDAP servers. Start each certificate on a new line. Example: -----BEGIN CERTIFICATE----- -----END CERTIFICATE-----...

  • Page 27: Changing The Tls Version

    Note: Do not uncomment the title line itself (Medium Security or Low Security). # Medium Security configuration for SSL. Oldest compatible clients: Firefox 1, Chrome 1, IE 7, Opera 5, Safari 1, Windows XP IE8, Android 2.3, Java 7 #SSLProtocol all -SSLv3 Skybox version 9.0.400...
  • Page 28 Skybox Appliance 6000 Quick Start Guide #SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES12 8-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDH E-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384 :ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:E CDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE -ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128 -SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDH E-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384 :AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS # Low Security configuration for SSL. Oldest compatible clients: Windows XP IE6, Java 6. #SSLProtocol all #SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128- GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE- ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256 :kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AE S128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256- SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DH E-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256...

  • Page 29: Customizing The Syslog Server

    Chapter 5 Customizing the syslog server The syslog server in Skybox Appliance is preconfigured and is enabled by default. › Setting up TCP and UDP listeners (on page 29) for the syslog server › How to work with syslog files...
  • Page 30 (New logs) <host name | IP address>_<time of creation>.log • (Archived logs) <host name | IP address>_<time of creation>.zip How can the logs be imported into Skybox? Device logs can be imported using the following tasks, depending on the information that are looking for: ›...

  • Page 31: Skybox Manager Installation

    Chapter 6 Skybox Manager Installation You can install Skybox Manager from the DVD included with Skybox or you can download it from the Skybox Appliance over HTTP using the Appliance’s IP address (https://<appliance IP address>:444/manager). For additional information, see Installing Skybox Manager (on page 32).

  • Page 32: Installing Skybox Manager

    Manager installation file (or you might receive it from Skybox Security’s product support team) to replace the old installation file. This way, when Skybox users install the Manager from the Appliance, they are installing the latest version.

  • Page 33: Updating The Operating System On Skybox Appliance

    Both the Skybox model and important operating system files can be saved as part of the update procedure, or you can save them manually beforehand. Changes that you made manually in any Skybox settings files are not saved as part of the update, so you must back them up manually.
  • Page 34 Skybox Appliance 6000 Quick Start Guide Note: After the update finishes, a log of the process details is available in: /opt/skyboxview/utility/log/appliance_update_<patch>.log 9 (Optional) If something went wrong with the update process, you can either restore specific settings files manually or restore all the files at once...

  • Page 35: Adding A Customer Certificate

    To connect to the Appliance Administration via a customer certificate 1 Locate (or generate) the validated certificate and key files. 2 Upload the certificate files to the directory /etc/httpd/conf.d on the Skybox Server SSLCertificateFile must be your certificate file (for example, <your •...

  • Page 36: Restoring The Appliance To Factory Defaults

    Chapter 9 Restoring the Appliance to factory defaults The Restore Appliance DVD that comes in the Appliance 6000 package is for restoring the Appliance to factory defaults. Warning: Restoring the Appliance erases all data on the Appliance. To restore the Appliance to factory defaults 1 Insert the DVD in the DVD-ROM drive.

  • Page 37: Monitoring Snmp

    Total RAM shared: .1.3.6.1.4.1.2021.4.13.0 › Total RAM buffered: .1.3.6.1.4.1.2021.4.14.0 › Total cached memory: .1.3.6.1.4.1.2021.4.15.0 System uptime › System uptime: .1.3.6.1.2.1.1.3.0 Skybox Server and Collector In addition to the standard OIDs, the following OIDs are supported for Skybox components. Skybox version 9.0.400...
  • Page 38 Skybox Appliance 6000 Quick Start Guide › Skybox Server status: .1.3.6.1.4.1.8072.1.3.2.3.1.4.19.49.46.51.46.54.46.49.46.52.46.49.46.49.57 .55.54.56.46.49 › Skybox Collector status: .1.3.6.1.4.1.8072.1.3.2.3.1.4.19.49.46.51.46.54.46.49.46.52.46.49.46.49.57 .55.54.56.46.50 Skybox version 9.0.400...

  • Page 39: Troubleshooting

    If there is a hardware issue on the Appliance (usually indicated by the system status LED turning amber or blinking): 1 Run getlogs as the root user. The diagnostic log file, diagnostic_<timestamp>.log, is in the <Skybox_Home>/server/log directory. 2 Open a support case and attach the (most recent) diagnostic file. Skybox version 9.0.400...

  • Page 40: Wiping The Hard Disk Drive

    In some cases, you need to wipe the hard disk drive (HDD), completely destroying the data on it. This might be required, for example, if you are sending the Appliance back to Skybox Security for replacement. Caution: This procedure wipes the HDD completely. Afterwards, it will not be bootable or function at all.

  • Page 41: Regulatory And Safety Information

    Chapter 13 Regulatory and safety information This chapter includes regulatory and safety information for Skybox Appliance 6000’s hardware. In this chapter Product regulatory compliance ..........41 Product regulatory compliance markings ........ 42 Electromagnetic compatibility notices for the server board ..45...

  • Page 42: Emc Compliance - Class A Compliance

    Skybox Appliance 6000 Quick Start Guide › IRAM Certification (Argentina) › BSMI CNS14336 Emissions (Taiwan) EMC COMPLIANCE – CLASS A COMPLIANCE › FCC /ICES-003 – Emissions (USA/Canada) Verification › CISPR 22 – Emissions (International) › EN55022 – Emissions (Europe) ›...
  • Page 43 This device complies with Part 15 of the FCC (Class A) Rules. Operation of this device is subject to the following two conditions: (1) This device may not cause harmful interference, and (2) This device must accept interference receive, Skybox version 9.0.400...
  • Page 44 Skybox Appliance 6000 Quick Start Guide Regulatory Region Marking Compliance including interference that may cause undesired operation Nordic Ground Multiple Line 1: “WARNING:” Swedish on line 2: “Apparaten skall anslutas till jordat uttag, när den ansluts till ett nätverk.” Finnish on line 3: “Laite on liitettävä...

  • Page 45: Electromagnetic Compatibility Notices For The Server Board

    Increase the separation between the equipment and the receiver. › Connect the equipment to an outlet on a circuit different from that to which the receiver is connected. › Consult the dealer or an experienced radio/TV technician for help. Skybox version 9.0.400...
  • Page 46 Skybox Appliance 6000 Quick Start Guide Any changes or modifications not expressly approved by the grantee of this device could void the user’s authority to operate the equipment. The customer is responsible for ensuring compliance of the modified product. All cables used to connect to peripherals must be shielded and grounded.
  • Page 47 4 Date of Manufacturer: Refer to date code on product 5 Manufacturer/Nation: Intel Corporation/Refer to country of origin marked on product CNCA (CCC-China) The CCC Certification Marking and EMC warning is located on the outside rear area of the product. Skybox version 9.0.400...

Table of Contents