1. Manuals
  2. Brands
  3. skybox Manuals
  4. Server
  5. Appliance 5500
  6. Quick start manual

skybox Appliance 5500 Quick Start Manual

Hide thumbs
Table of Contents

Advertisement

Quick Links

Skybox Appliance 5500
Quick Start Guide
10.1.200
CentOS Linux release 7.7.1908 (Core)

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the Appliance 5500 and is the answer not in the manual?

Questions and answers

Related Manuals for skybox Appliance 5500

Summary of Contents for skybox Appliance 5500

  • Page 1 Skybox Appliance 5500 Quick Start Guide 10.1.200 CentOS Linux release 7.7.1908 (Core)

  • Page 2: Contact Information

    Skybox Security. If you find any problems in the documentation, please report them to us in writing. Skybox Security does not warrant that this document is error-free. No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means—electronic, mechanical, photocopying,...

  • Page 3: Table Of Contents

    Before you open the box ................6 What’s in the box ..................6 Physical specifications ................7 Environmental specifications ..............7 MTBF estimates for Skybox Appliance ............8 Front panel ....................9 Back panel connectors ................10 Port mapping ..................10 File system partitions ................
  • Page 4 Skybox Appliance 5500 Quick Start Guide Installing Skybox Manager ............... 29 Upgrading Skybox Manager ..............29 Updating the operating system on Skybox Appliance ........31 ISO burning ..................33 SSH hardening ..................34 Firmware updates for Skybox Appliance ............ 35 Checking your firmware revision via the console .........

  • Page 5: Overview

    Related documentation includes: › Skybox online help › Skybox documentation Note: If you are not using the latest version of Skybox, you can find the documentation for your version at http://downloads.skyboxsecurity.com/files/Installers/Skybox_Vi ew/<your major version/<your minor version>/Docs. For example, http://downloads.skyboxsecurity.com/files/Installers/Skybox_Vi ew/10.0/10.0.400/Docs...

  • Page 6: Skybox Appliance Specifications

    RJ45 to DB9 serial console cable › Skybox Quick Start Guide › 2 DVDs Skybox: Installs Skybox on the Appliance; it contains the Skybox • software and additional Appliance documentation Restore Appliance: Restores the Appliance to factory settings • Skybox version 10.1.200...

  • Page 7: Physical Specifications

    Chapter 2 Skybox Appliance specifications Physical specifications The physical features of Skybox Appliance 5500 are listed in the following table. Feature Description Form factor 1U rack Rack dimensions 1.70” x 17.24” x 27.93” (43.2mm x 438 mm x 709.37 (H x W x D) System weight: 35.8 lb (16.24 kg)

  • Page 8: Mtbf Estimates For Skybox Appliance

    490000 2041 Cooling fans (2-fixed fans) 77680 12873 Front panel board 8272282 Total without motherboard 58300 17138 Total with motherboard 50400 19830 Note: The estimates listed here are for Skybox Appliance in 40 C ambient air. ° Skybox version 10.1.200...

  • Page 9: Front Panel

    Chapter 2 Skybox Appliance specifications Front panel The Appliance front panel includes 2 USB connectors, a power button, and LEDs. Power button and LEDs Letter Feature System ID button with integrated LED NMI button (recessed; tool required for use) NIC-1 activity LED...

  • Page 10: Back Panel Connectors

    Back panel connectors The Appliance back panel includes the connectors shown in the following figure. PORT MAPPING The mappings between physical ports on the back panel of Skybox Appliance and logical ports are listed in the following table. Back panel...

  • Page 11: File System Partitions

    NIC2 / eno2 is enabled and configured as static with the IP address: 192.168.1.1 /24 You can change these values. File system partitions The Skybox Appliance file system is partitioned as follows: › SWAP: 4 GB › /tmp: 5% of the entire space ›...

  • Page 12: Setting Up Skybox Appliance

    Before installing the rack mount kit, observe these safety guidelines: 1 Turn off all peripheral devices connected to Skybox Appliance. 2 Turn off Skybox Appliance by pressing the Power button on the front of the chassis and then unplug the AC power cords from the chassis or wall outlet.

  • Page 13: System Configuration

    2 On the Appliance front panel, press the Power button. 3 Lock the front bezel in place using the key provided. System configuration Before running the Skybox Server, configure Skybox Appliance to be part of your network and perform initial system configuration. CONFIGURING CONNECTION...
  • Page 14 Skybox Appliance 5500 Quick Start Guide Configuration via serial port To configure connection using a serial port connection 1 Connect one end of the serial cable to a serial port on the management computer; connect the other end to the serial port on the Appliance.

  • Page 15: Setting Up The Appliance For Configuration

    2 To configure the date and time manually: a. Select Manual Date and Time Configuration. b. Click Change Date and Time; set the date and time for Skybox’s time zone. c. Click Change Time Zone; set the time zone for the location of the Appliance, so that reports and other data are timestamped correctly.

  • Page 16: Syslog Server

    Skybox Appliance 5500 Quick Start Guide Using Skybox for change tracking You can use Skybox to track changes on firewalls. Although much change information can be collected directly from the firewalls, additional information (including a timestamp and the user who made the change) is available only from syslog change events that are sent to the syslog server in the Appliance.

  • Page 17: Configuring The Appliance

    RADIUS authentication ............21 LDAP authentication ............22 Changing the TLS version ............ 23 Configuration and management options Skybox Appliance configuration options are described in the following table. Pane Description About tab System Provides information about Skybox configuration. Information Network tab Note that configuration changes made in this tab are only saved after you click Save Network Configuration.

  • Page 18: Security Tab

    Enables you to change the name of the Appliance. Change System Toggles between Server mode (the Appliance functions Mode as both the Skybox Server and a Skybox Collector) and Collector mode (the Appliance functions only as a Skybox Collector). SNMP...

  • Page 19: Setting Up Network Interface Bonding

    Skybox Manager Enables you to download Skybox Manager for installation. Setting up network interface bonding Skybox Appliances support network interface bonding for redundancy and for higher bandwidth. To create a network interface bonding 1 On the Network tab, click Network Configuration.
  • Page 20 Skybox Appliance 5500 Quick Start Guide mode=1 (active-backup) Active-backup policy: Only a single slave in the bond is active. A different slave becomes active if, and only if, the active slave fails. The bond’s MAC address is externally visible on a single port (network adapter) to avoid confusing the switch.

  • Page 21: Setting Up Snmp Configuration

    This topic explains how to configure RADIUS authentication for Skybox Appliance. Note: To use RADIUS authentication, the pam_radius package must be installed on the Skybox Server. To check whether the package is installed, run rpm –qa | grep pam_radius If you need help installing the package, contact Skybox Support.

  • Page 22: Ldap Authentication

    <user1> There is no need to set the password; it comes from RADIUS. You can now log in to Skybox with the user credentials: <user1> / <password> (using the password stored on the RADIUS server for this user). LDAP authentication This topic explains how to configure LDAP authentication for Skybox Appliance.

  • Page 23: Changing The Tls Version

    Appliance web or SSH interfaces using their LDAP user name and password. Changing the TLS version The Apache HTTP Server module mod_ssl provides an interface to the OpenSSL library, which provides Strong Encryption using the Secure Sockets Layer and Transport Layer Security (TLS) protocols. Skybox version 10.1.200...
  • Page 24 Skybox Appliance 5500 Quick Start Guide There are 3 possible configurations for TLS: › Default (High) Security configuration for SSL: TLS versions 1.2 and higher are enabled Supported browsers are: Firefox 27, Chrome 30, Internet Explorer 11 on Windows 7, Edge, Opera 17, Safari 9, Android 5.0, Java 8, and higher.
  • Page 25 # Low Security configuration for SSL. Oldest compatible clients: Windows XP IE6, Java 6. #SSLProtocol all #SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20- POLY1305:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE- RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM- SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE- ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA- AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA- AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128- SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE- RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM- SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256- SHA:AES:DES-CBC3- SHA:HIGH:SEED:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!RSAPSK:!aDH:!aECDH :!EDH-DSS-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!SRP 5 Save the file. 6 Restart httpd by running: systemctl restart httpd Skybox version 10.1.200...

  • Page 26: Customizing The Syslog Server

    Chapter 5 Customizing the syslog server The syslog server in Skybox Appliance is preconfigured and is enabled by default. In this chapter Setting up TCP and UDP listeners .......... 26 How to work with syslog files ..........26 Setting up TCP and UDP listeners Skybox Appliance includes TCP and UDP listeners for the syslog server.
  • Page 27 (New logs) <device name | IP address>_<time of creation>.log • (Archived logs) <device name | IP address>_<time of creation>.zip • How can the logs be imported into Skybox? Device logs can be imported using the following tasks, depending on the information that you are looking for: ›...

  • Page 28: Skybox Manager Installation

    Chapter 6 Skybox Manager Installation You can install Skybox Manager from the DVD included with Skybox or you can download it from the Skybox Appliance over HTTP using the Appliance IP address (https://<Appliance IP address>:444/manager). For additional information, Installing Skybox Manager (on page 29).

  • Page 29: Installing Skybox Manager

    Chapter 6 Skybox Manager Installation Note: The use of Skybox Manager on 4K screens is not supported. Some on- screen elements do not display as expected on these screens due to limitations of Java Runtime Environment at high resolutions. Hardware The hardware requirements for Skybox Manager are listed in the following table.
  • Page 30 Skybox Appliance 5500 Quick Start Guide 2 Delete any other files in this directory, including any previous installation file; the directory must contain only the new installation file. Skybox version 10.1.200...

  • Page 31: Updating The Operating System On Skybox Appliance

    2 Both the Skybox model and important operating system files can be saved as part of the update procedure or you can save them manually. Changes that you made in any Skybox settings files are not saved as part of the update; back them up manually before updating CentOS.
  • Page 32 Skybox Appliance 5500 Quick Start Guide 7 Install the update by running: sudo /bin/sh Skybox_<patch>.appliance_update The update procedure begins. 8 We recommend that, when asked where to save the files, you select either a location on the file sharing system (as opposed to on the Appliance server) or an external drive.

  • Page 33: Iso Burning

    ISO. Note: For flash drives, we recommend using Rufus to burn the ISO (https://rufus.ie). To boot from the ISO › During startup, select <F6> and then select the device (DVD or flash drive) from which to boot. Skybox version 10.1.200...

  • Page 34: Ssh Hardening

    Chapter 9 SSH hardening Starting in version 9.0.600, security hardening was added to prevent local users from logging in via SSH. The following lines were added to /etc/ssh/sshd_config: › AllowUsers root skyboxview › AllowGroups root skyboxview Skybox version 10.1.200...

  • Page 35: Firmware Updates For Skybox Appliance

    Chapter 10 Firmware updates for Skybox Appliance This chapter explains how to perform a firmware update for your Skybox Appliance. In this chapter Checking your firmware revision via the console ..... 35 Checking your firmware revision via RMM ......36 Preparing to update ............

  • Page 36: Checking Your Firmware Revision Via Rmm

    Skybox Appliance 5500 Quick Start Guide 3 Check this number against the BMC version that you see in the link for your Appliance version (in Preparing to update (on page 38)), such as the following: Checking your firmware revision via RMM...
  • Page 37 Chapter 10 Firmware updates for Skybox Appliance Important: You must know the model number for the update. 5 From the System Information tab, on the Summary page, check the firmware revision number in the field BMC FW Rev. Skybox version 10.1.200...

  • Page 38: Preparing To Update

    › Physical access to the Appliance machine Before updating Make sure that Skybox is not running on the Appliance machine before performing the update. › To shut down the Skybox Server, run the command service sbvserver stop Skybox version 10.1.200...

  • Page 39: Updating Via The Console

    Chapter 10 Firmware updates for Skybox Appliance › To shut down the Skybox Collector, run the command service sbvcollector stop Updating via the console If you are not using RMM on your appliance, the following instructions explain how to perform the firmware update using the console.
  • Page 40 Skybox Appliance 5500 Quick Start Guide To update the firmware 1 Open the ZIP file and copy the entire content of the package file to the root directory of a USB flash drive. 2 Connect the USB flash drive to the back panel of the Appliance machine.
  • Page 41 8 In the next Security Warning, select I accept... and click Run. A console window opens. 9 Log in as root. 10 Make sure that Skybox is not running on the Appliance machine before performing the update. a. To shut down Skybox Server, run the command service sbvserver stop b.
  • Page 42 Skybox Appliance 5500 Quick Start Guide 12 When the system starts, press F2 until you get the menu for booting. 13 From the menu, select Boot Manager and press <Enter>. 14 From the Boot Manager, select Launch EFI Shell and press <Enter>.
  • Page 43 Chapter 10 Firmware updates for Skybox Appliance After about 5 seconds, the following screen appears. 15 Press <Enter>. Skybox version 10.1.200...
  • Page 44 Skybox Appliance 5500 Quick Start Guide When the procedure is almost finished, the screen displays the following. 16 Wait 2 minutes and log in again to the remote console. Skybox version 10.1.200...

  • Page 45: Configuring Java For Login

    Chapter 10 Firmware updates for Skybox Appliance 17 Press 5 to exit the update. 18 Press any key to continue. CONFIGURING JAVA FOR LOGIN This procedure enables you to log in to the RMM interface of the Appliance machine from your local computer.
  • Page 46 Skybox Appliance 5500 Quick Start Guide 1 From the Windows Start menu, select Configure Java. 2 The Java Control Panel appears. Skybox version 10.1.200...
  • Page 47 Chapter 10 Firmware updates for Skybox Appliance 3 Click the Security tab. Skybox version 10.1.200...
  • Page 48 Skybox Appliance 5500 Quick Start Guide 4 Click Edit Site List. 5 Add the URL of the RMM interface of the Appliance machine. Skybox version 10.1.200...

  • Page 49: Adding Your Own Certificate

    (on page 50) before continuing below. To add your own certificate 1 Log in to the Skybox Server or Collector via SSH as the root user. 2 Transfer the private key to /etc/pki/tls/private The private key must not have a passphrase. If a passphrase is used in the private key, the following errors will be seen in the log file /etc/httpd/logs/webadmin-error_log.

  • Page 50: Exporting The Server Certificate And Private Key From The Java Keystore

    Java keystore To export the server certificate and private key from the Java keystore 1 Log in to the Skybox Server or Collector as root. 2 Navigate to /opt/skyboxview/server/conf 3 Create a P12 keystore using the following command, replacing <alias> with the alias you chose when you generated the private key in the "Generating...
  • Page 51 8 Remove the new P12 keystore by executing rm server.keystore.p12 Important: Make sure that you do not mistakenly remove server.keystore. 9 Continue to Adding your own certificate (on page 49) and use the exported server certificate and private key when required. Skybox version 10.1.200...

  • Page 52: Restoring The Appliance To Factory Defaults

    1 Insert the DVD in the DVD-ROM drive. 2 Reboot the Appliance. 3 As soon as you see the Skybox Installation Menu window, press any key. Note: If you do not press a key within a few seconds, the Appliance boots from the local drive.

  • Page 53: Monitoring Snmp

    Total RAM buffered: .1.3.6.1.4.1.2021.4.14.0 › Total cached memory: .1.3.6.1.4.1.2021.4.15.0 System uptime › System uptime: .1.3.6.1.2.1.1.3.0 Skybox Server and Collector In addition to the standard OIDs, the following OIDs are supported for Skybox components. › Skybox Server status: .1.3.6.1.4.1.8072.1.3.2.3.1.4.19.49.46.51.46.54.46.49.46.52.46.49.46.49.57 .55.54.56.46.49 Skybox version 10.1.200...
  • Page 54 Skybox Appliance 5500 Quick Start Guide › Skybox Collector status: .1.3.6.1.4.1.8072.1.3.2.3.1.4.19.49.46.51.46.54.46.49.46.52.46.49.46.49.57 .55.54.56.46.50 Skybox version 10.1.200...

  • Page 55: Troubleshooting

    If there is a hardware issue on the Appliance (usually indicated by the system status LED turning amber or blinking): 1 Run getlogs as the root user. The diagnostic log file, diagnostic_<timestamp>.log, is in the <Skybox_Home>/server/log directory. 2 Open a support case and attach the (most recent) diagnostic file. Skybox version 10.1.200...

  • Page 56: Wiping The Hard Disk Drive

    In some cases, you need to wipe the hard disk drive (HDD), completely destroying the data on it. This might be required, for example, if you are sending the Appliance back to Skybox for replacement. Caution: This procedure wipes the HDD completely. Afterwards, it will not be bootable or function at all.

  • Page 57: Cis Benchmarks For Centos 7

    Chapter 16 CIS benchmarks for CentOS 7 Starting from version 9.0.800, all new Skybox Appliances meet the following CIS benchmark recommendations for CentOS 7. Appliances updated to the new ISO also meet the recommendations. Recommend Scored Description ation 1.1.1.1 –...
  • Page 58 Skybox Appliance 5500 Quick Start Guide Recommend Scored Description ation boot parameters Rationale: Requiring a boot password on execution of the boot loader prevents an unauthorized user from entering boot parameters or changing the boot partition. This prevents users from weakening security (for example, turning off SELinux at boot time).
  • Page 59 ‘session’. The file /var/log/btmp keeps track of failed login attempts and can be read by entering the command /usr/bin/last -f /var/log/btmp. All audit records are tagged with the identifier ‘logins’. Rationale: Monitoring login and logout events could provide a Skybox version 10.1.200...
  • Page 60 Skybox Appliance 5500 Quick Start Guide Recommend Scored Description ation system administrator with information associated with brute force attacks against user logins. Monitoring session information files for changes could alert a system administrator to logins occurring at unusual hours, which could indicate intruder activity (for example, a user logging in at a time when they do not normally log in).
  • Page 61 Numeric user IDs are not recognized with this variable. If a system administrator wants to restrict user access further by only permitting these users to log in from a particular host, the entry can be specified in the form of user@host. Skybox version 10.1.200...
  • Page 62 Skybox Appliance 5500 Quick Start Guide Recommend Scored Description ation AllowGroups: The AllowGroups variable gives the system • administrator the option of permitting specific groups of users to SSH into the system. The list consists of space separated group names. Numeric group IDs are not recognized with this variable.
  • Page 63 Rationale: A new user who is assigned the deleted user’s user ID or group ID may then end up ‘owning’ these files, and thus have more access on the system than was intended. Note: For additional information, refer to CIS CentOS 7 Linux Benchmark, v2.1.1 Skybox version 10.1.200...

  • Page 64: Regulatory And Safety Information

    Chapter 17 Regulatory and safety information This chapter includes regulatory and safety information for Skybox Appliance 5500’s hardware. In this chapter Product regulatory compliance ..........64 Regulatory compliance markings ........... 65 Electromagnetic compatibility notices for the server board ..68...

  • Page 65: Emc Compliance - Class A Compliance

    Management Practices for Perchlorate Materials › China – Restriction of Hazardous Substances (China RoHS) › WEEE Directive (Europe) › Packaging Directive (Europe) › REACH Directive (Europe) Regulatory compliance markings The server is typically marked with the following regulatory marks. Skybox version 10.1.200...
  • Page 66 Skybox Appliance 5500 Quick Start Guide Regulatory Region Marking Compliance Ctick Australia/ CE Mark Europe NRTL (National USA/Cana Recognized Test Laboratory) CANADA ICES-003 CLASS A EMC Marking Canada (Class A) GS Mark Germany VCCI Marking Japan (Class A) KC Mark (Korean...
  • Page 67 Perchlorate material. Safety – Multiple Internatio Power Cord English: This unit has more than one power supply cord. To reduce the risk of electrical shock, disconnect (2) two power supply cords before servicing. Skybox version 10.1.200...

  • Page 68: Electromagnetic Compatibility Notices For The Server Board

    Skybox Appliance 5500 Quick Start Guide Regulatory Region Marking Compliance German: Dieses Geräte hat mehr als ein Stromkabel. Um eine Gefahr des elektrischen Schlages zu verringern trennen sie beide (2) Stromkabeln bevor Instandhaltung. Safety – Standby Internatio Power button Safety – Rack...
  • Page 69 Install and use the equipment according to the instruction manual. BSMI (Taiwan) The BSMI Certification Marking and EMC warning is located on the outside rear area of the product. Skybox version 10.1.200...
  • Page 70 Skybox Appliance 5500 Quick Start Guide RRL (Korea) Following is the RRL certification information for Korea. English translation of this notice: 1 Type of Equipment (Model Name): On License and Product 2 Certification No.: On RRL certificate. Obtain certificate from local Intel...

This manual is also suitable for:

7000

Table of Contents