1. Manuals
  2. Brands
  3. skybox Manuals
  4. Network Hardware
  5. 6000
  6. Quick start manual

skybox Appliance 6000 Quick Start Manual

Hide thumbs Also See for Appliance 6000:
Table of Contents

Advertisement

Quick Links

Skybox Appliance 6000
Quick Start Guide
11.6.110
CentOS Linux release 7.9.2009 (Core)
Skybox Security, Inc.
| 2077 Gateway Place, Suite 200, San Jose, CA 95110 USA | +1 866 675 9269 | skyboxsecurity.com

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the Appliance 6000 and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for skybox Appliance 6000

Summary of Contents for skybox Appliance 6000

  • Page 1 Skybox Appliance 6000 Quick Start Guide 11.6.110 CentOS Linux release 7.9.2009 (Core) Skybox Security, Inc. | 2077 Gateway Place, Suite 200, San Jose, CA 95110 USA | +1 866 675 9269 | skyboxsecurity.com...
  • Page 2 The information and intellectual property contained herein are confidential and remain the exclusive intellectual property of Skybox Security. If you find any problems in the documentation, please report them to us in writing. Skybox Security does not warrant that this document is error-free.

  • Page 3: Table Of Contents

    Sending CentOS logs to a remote syslog server Customizing the syslog server Setting up TCP and UDP listeners Working with syslog files Skybox Manager Installation Skybox Manager system requirements Installing Skybox Manager Upgrading Skybox Manager Updating the operating system on Skybox Appliance Skybox version 11.6.100...
  • Page 4 Skybox Appliance 6000 Quick Start Guide ISO burning SSH hardening Firmware updates for Skybox Appliance Checking your firmware revision via the console Checking your firmware revision via RMM Preparing to update Updating via the console Updating via RMM Adding your own certificate...

  • Page 5: Overview

    See the Skybox architecture topic in the Skybox Installation and Administration Guide . Related documentation Related documentation includes: Skybox online help Skybox documentation Note: If you are not using the latest version of Skybox, you can find the documentation for your version at https://downloads.skyboxsecurity.com/files/Installers/Skybox_ . For example, View/<major version/<minor version>/Docs https://downloads.skyboxsecurity.com/files/Installers/Skybox_...

  • Page 6: Skybox Appliance Specifications

    Inspect the shipping carton to ensure that the packaging is not damaged and verify that all tamper evident seals are intact. Verify that the Skybox Appliance serial number, purchase order number, and FedEx tracking number match the information provided by Skybox Customer Support.

  • Page 7: Physical Specifications

    Skybox Appliance 6000 Quick Start Guide Physical specifications The physical features of Skybox are listed in the following table. FEATURE DESCRIPTION Form factor 1U rack mount chassis Rack dimensions 1.70” x 17.245” x 27.93” (43.2 mm x 438 mm x 709.37 mm)

  • Page 8: Mtbf Estimates For Skybox Appliance

    Note: The estimates listed here are for Appliance in 35°C ambient air with a rise of up to 10°C at the Server Board. Front panel Skybox Appliance 6000 front panel includes 2 USB connectors, a power button, and LEDs. Skybox version 11.6.100...
  • Page 9 Skybox Appliance 6000 Quick Start Guide Power button and LEDs LETTER FEATURE System ID button with integrated LED NMI button (recessed; tool required for use) NIC1 activity LED NIC3 activity LED System cold reset button System status LED Power button with integrated LED...

  • Page 10: Back Panel Connectors

    Back panel connectors Skybox Appliance 6000 back panel includes the connectors shown in the following figure. Port mapping The mappings between physical ports on the back panel of Skybox Appliance and logical ports are listed in the following table. BACK PANEL CONNECTOR...

  • Page 11: File System Partitions

    Skybox Appliance 6000 Quick Start Guide You can change these values. File system partitions By default, the Skybox Appliance file system is partitioned as follows: /tmp partition – 5% / (root) partition – 10% /var partition – 30% Swap partition: The swap size is set to half the total RAM but no more than 8% of total storage /opt partition –...

  • Page 12: Setting Up Skybox Appliance

    Before installing the rack mount kit, observe these safety guidelines: 1. Turn off all peripheral devices connected to Skybox Appliance. 2. Turn off Skybox Appliance by pressing the Power button on the front of the chassis and then unplug the AC power cords from the chassis or wall outlet.

  • Page 13: Starting Skybox Appliance

    Starting Skybox Appliance To start Skybox Appliance 1. Connect the AC power cords to the AC connectors on the Skybox Appliance back panel and connect the other ends to a power supply. Note: You can use Skybox with either a 110- or 220-volt power supply.

  • Page 14: System Configuration

    Configuration via the RMM interface You can connect to Skybox Appliance via its RMM interface by connecting a network cable to the RMM port. The RMM interface is preconfigured to obtain an IP address via DHCP. Configuring the RMM administrator You must change the administrator password on RMM.
  • Page 15 To configure connection using a mouse, keyboard, and screen 1. Connect one end of a standard network cable to the NIC 1 (eno1) port on the Skybox Appliance back panel; connect the other end of the cable to a network socket.
  • Page 16 3. Press the Power button on the Skybox Appliance front panel and verify that the Power LED is green. 4. Log in to your Skybox Appliance as the root user. The default password for your 1st login is skyboxview. On the initial log in, you must change the default password.
  • Page 17 2. In your browser, connect via the IP address for eno2: https://192.168.1.1:444/ 3. Log in to your Skybox Appliance. The default user name is skyboxview; the default password is skyboxview. On the initial login, you are required to change the default password.

  • Page 18: What's Next

    However, almost all user functions are done in Skybox Web Client and not in Skybox Manager. Skybox Manager is a Java client and should be installed on a Windows PC. The Skybox Manager installer is obtained directly from the Support tab of Skybox Appliance Administration.

  • Page 19: Configuring Skybox Appliance

    Displays a summary of the Skybox Appliance configuration. Configuration Click Export to save this information to an HTML file. Summary System tab Date and Time Enables you to view and change the date and time in the Skybox Appliance’s Configuration time zone. Note: Skybox version 11.6.100...

  • Page 20: Setting Up Network Interface Bonding

    DESCRIPTION If you set this information manually, set the date and time and then the time zone for the location of Skybox Appliance, so that reports and other data are timestamped correctly. Automatic configuration synchronizes Skybox with an NTP server.
  • Page 21 Chapter 4 Configuring Skybox Appliance 3. Select the interface to add to a network bond and click Add to Network Bond. 4. In the Network Bond Setup dialog box, add a bond interface. 5. Select the interfaces to bond to the new interface (as slaves).

  • Page 22: Setting Up Snmp Configuration

    Setting up SNMP configuration Skybox Appliances can be configured for SNMP v2 or SNMP v3. Enabled SNMP v3 is backwards compatible with SNMP v2. SNMP v2 Configuration To use Skybox Appliance as an SNMP v2 Server 1.

  • Page 23: Radius Authentication

    This ID is generated automatically, using a combination of a pseudorandom number and the current time in seconds. This generated value is then stored in /var/lib/net-snmp/snmpd.conf in hexadecimal format, identified as oldEngineID. RADIUS authentication This topic explains how to configure RADIUS authentication for Skybox Appliance. Skybox version 11.6.100...

  • Page 24: Ldap Authentication

    9. Save and close the file. 10. Add the user on the operating system level: useradd <user1> You do not need to set the password; it comes from RADIUS. You can now log in to Skybox with the user credentials: (using the <user1> <password>...
  • Page 25 Chapter 4 Configuring Skybox Appliance Prerequisites To use LDAP authentication, the LDAP server must support either TLS/SSL or secure LDAP (LDAPS). To set up LDAP authentication 1. On the Security tab, click LDAP. 2. Define the authentication according to the fields shown in the following table.

  • Page 26: Changing The Tls Version

    Allowed A comma-separated list of permitted groups. If empty, all groups are permitted. Groups After LDAP authentication is set up, permitted users can log in to Skybox Appliance Administration using their LDAP user name and password. Changing the TLS version...
  • Page 27 Chapter 4 Configuring Skybox Appliance # Default Security configuration for SSL. Oldest compatible clients: Firefox 27, Chrome 30, IE 11 on Windows 7, Edge, Opera 17, Safari 9, Android 5.0, and Java 8. SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1 SSLCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-...

  • Page 28: Sending Centos Logs To A Remote Syslog Server

    Skybox Appliance 6000 Quick Start Guide Sending CentOS logs to a remote syslog server To send the Skybox Appliance CentOS logs to a remote syslog server 1. On the System tab, click Syslog Server. 2. Select Send System Logs to Remote Syslog Server.

  • Page 29: Customizing The Syslog Server

    Chapter 5 Customizing the syslog server The syslog server in Skybox Appliance is preconfigured and is enabled by default. In this chapter Setting up TCP and UDP listeners Working with syslog files Setting up TCP and UDP listeners Skybox Appliance includes TCP and UDP listeners for the syslog server.
  • Page 30 <device name | IP address>_<time of creation>.log (Archived logs) <device name | IP address>_<time of creation>.zip How can the logs be imported into the Skybox model? Device logs can be imported using the following tasks: Change Tracking Events – Syslog Import Traffic Events –...

  • Page 31: Skybox Manager Installation

    Installing Skybox Manager Upgrading Skybox Manager Skybox Manager system requirements Skybox Manager is a Java client application that connects to the Skybox Server (through port 8443). You can install multiple Skybox Managers on 1 machine; this is useful when connecting to Skybox Servers of different versions.

  • Page 32: Upgrading Skybox Manager

    If the Skybox Manager installation file on your Skybox Appliance is outdated, you can download the new Skybox Manager installation file (or you might receive it from the Skybox product support team) to replace the old installation file. This way, when Skybox users install Skybox Manager from the Appliance, they are installing the latest version.

  • Page 33: Updating The Operating System On Skybox Appliance

    3rd party package. Before you start the update The Skybox model and important operating system files can be saved as part of the update procedure or you can save them manually. Changes that you made in Skybox settings files are not saved as part of the update;...
  • Page 34 Skybox Appliance 6000 Quick Start Guide Note: After the update finishes, a log of the process details is at /opt/skyboxview/utility/log/appliance_update_<patch>.log 9. (Optional) If something went wrong with the update process, you can: Restore settings files manually Restore the files together (overwriting the original files but preserving the original...

  • Page 35: Iso Burning

    ISO burning ISO burning Skybox Appliance ISO is larger than 4 GB and does not fit on a standard DVD+R. We recommend that you use either a DVD+R DL (Dual Layer) or a flash drive if you need to burn the ISO.

  • Page 36: Ssh Hardening

    AllowUsers root skyboxview AllowGroups root skyboxview This configuration is implemented as part of hardening the operating system of Skybox Appliance. Changing these settings is not recommended and may not persist through Appliance operating system updates.

  • Page 37: Firmware Updates For Skybox Appliance

    Chapter 10 Firmware updates for Skybox Appliance This chapter explains how to perform a firmware update for your Skybox Appliance. In this chapter Checking your firmware revision via the console Checking your firmware revision via RMM Preparing to update Updating via the console...

  • Page 38: Checking Your Firmware Revision Via Rmm

    Preparing to update. Checking your firmware revision via RMM Before you start You must have permission to log in to the RMM interface of Skybox Appliance from your local machine. For instructions, see Configuring Java for login. To check the firmware revision on your Skybox Appliance 1.
  • Page 39 Chapter 10 Firmware updates for Skybox Appliance Important: You must know the model number for the update. 5. From the System Information tab, on the Summary page, check the firmware revision number in the field BMC FW Rev. Skybox version 11.6.100...

  • Page 40: Preparing To Update

    Skybox Appliance 6000 Quick Start Guide 6. To determine whether your Skybox Appliance requires a firmware update, compare the Firmware/BMC version detected on your Appliance with the latest approved firmware versions listed in the following table. MODEL BMC FW REV 7000 1.16.11302...

  • Page 41: Updating Via The Console

    To shut down the Skybox Collector, run service sbvcollector stop Updating via the console If you are not using RMM on your Skybox Appliance, the following instructions explain how to perform the firmware update using the console. To update the firmware 1.

  • Page 42: Updating Via Rmm

    Skybox Appliance. If you have not activated RMM, refer to the directions in Updating via the console. Updating the firmware Before you start You must have permission to log in to the RMM interface of Skybox Appliance from your local machine. For instructions, see Configuring Java for login. To update the firmware 1.
  • Page 43 Chapter 10 Firmware updates for Skybox Appliance a. From the BMC Web Console, click Server Power Control. b. Select Reset Server and select Force-enter Bios Setup. c. Click Perform Action The machine reboots and the boot menu is displayed. 9. From the menu, select Boot Manager and press <Enter>.
  • Page 44 Skybox Appliance 6000 Quick Start Guide 10. From the Boot Manager, select Launch EFI Shell and press <Enter>. After about 5 seconds, the following screen appears. Skybox version 11.6.100...
  • Page 45 Chapter 10 Firmware updates for Skybox Appliance 11. Press <Enter>. When the procedure is almost finished, the screen displays the following. Skybox version 11.6.100...
  • Page 46 Skybox Appliance 6000 Quick Start Guide 12. Wait 2 minutes and log in again to the remote console. 13. Press 5 to exit the update. Skybox version 11.6.100...
  • Page 47 Chapter 10 Firmware updates for Skybox Appliance 14. Press any key to continue. Configuring Java for login This procedure enables you to log in to the RMM interface of the Skybox Appliance machine from your local machine. Skybox version 11.6.100...
  • Page 48 Skybox Appliance 6000 Quick Start Guide 1. From the Windows Start menu, select Configure Java. 2. In the Java Control Panel, click the Security tab. Skybox version 11.6.100...
  • Page 49 Chapter 10 Firmware updates for Skybox Appliance 3. Click Edit Site List. 4. Add the URL of the RMM interface of the Skybox Appliance machine. Skybox version 11.6.100...
  • Page 50 Skybox Appliance 6000 Quick Start Guide Skybox version 11.6.100...

  • Page 51: Adding Your Own Certificate

    To add your own certificate 1. Log in to the Skybox Server or Skybox Collector via SSH as the root user. 2. Transfer the private key to /etc/pki/tls/private The private key must not have a passphrase. If a passphrase is used in the private key,...

  • Page 52: Exporting The Server Certificate And Private Key From The Java Keystore

    Exporting the Server certificate and private key from the Java keystore To export the server certificate and private key from the Java keystore 1. Log in to the Skybox Server or the Skybox Collector as the root user. 2. Navigate to /opt/skyboxview/server/conf 3.
  • Page 53 7. When prompted Enter Import Password, enter skyboxview. 8. Remove the P12 keystore: rm server.keystore.p12 Important: Do not remove server.keystore 9. Continue to Adding your own certificate and use the exported server certificate and private key when required. Skybox version 11.6.100...

  • Page 54: Restoring Skybox Appliance To Factory Defaults

    The Skybox USB flash drive that comes in the Skybox Appliance package is for restoring Skybox Appliance to factory defaults. This USB drive might not contain the most current ISO for your Skybox Appliance. The latest ISO can be downloaded from https://downloads.skyboxsecurity.com/files/iso/. We recommend using Rufus (https://rufus.ie) to burn the ISO to a USB flash drive.

  • Page 55: Selecting The Server Installation

    Without user intervention, after several seconds Skybox Appliance boots from the local drive. Click the up or down arrow keys to select a different option before the boot. You have the option to install Skybox Appliance with modified parameters or as a specific type of server.

  • Page 56: Install Only The Skybox Collector

    Skybox Server. Install only the Skybox Collector You can install Skybox Appliance as a Skybox Collector without installing the Skybox Server. This option optimizes the partitioning scheme for Appliances to run as a Collector. A collector-only installation results in the following configuration: The operating system is installed from scratch;...

  • Page 57: Install Standalone Elasticsearch Node

    To install only the Skybox Collector: 1. Mount the ISO and start the server. 2. From the boot menu of the Skybox Appliance ISO, select Skybox Collector Installation. 3. The installation dialog appears, asking whether to run the default collector only installation.
  • Page 58 Install the Skybox Server in Standalone Elasticsearch mode A standalone Elasticsearch node must be connected to the master Skybox Server node. If you are using a 3-node cluster, all 3 nodes must be connected to the master Skybox Server node.

  • Page 59: Monitoring Snmp

    Chapter 14 Monitoring SNMP Skybox Appliance supports standard Linux OIDs. OIDs that you can monitor include: CPU load statistics 1 minute load: .1.3.6.1.4.1.2021.10.1.3.1 5 minute load: .1.3.6.1.4.1.2021.10.1.3.2 15 minute load: .1.3.6.1.4.1.2021.10.1.3.3 CPU statistics Percentage of user CPU time: .1.3.6.1.4.1.2021.11.9.0 Raw user CPU time: .1.3.6.1.4.1.2021.11.50.0...
  • Page 60 Skybox Appliance 6000 Quick Start Guide Java Memory Utilization Java Memory Utilization: .1.3.6.1.4.1.8072.1.3.2.3.1.2.19.49.46.51.46.54.46.49.46.52.46.49.46.49.5 7.55.54.56.46.52 Skybox Server and Skybox Collector In addition to the standard OIDs, the following OIDs are supported for Skybox components. Skybox Server status: .1.3.6.1.4.1.8072.1.3.2.3.1.4.19.49.46.51.46.54.46.49.46.52.46.49.46.49.5 7.55.54.56.46.49 Skybox Collector status: .1.3.6.1.4.1.8072.1.3.2.3.1.4.19.49.46.51.46.54.46.49.46.52.46.49.46.49.5 7.55.54.56.46.50...
  • Page 61 97.02 0.00 79.80 86.18 93.60 - 216 11.808 13 18.205 30.014 collector is up (pid=2075) (jstat -gcutil output) S0 S1 E O M CCS YGC YGCT FGC FGCT GCT 75.00 0.00 65.97 18.63 95.59 93.18 28 0.567 3 0.320 0.888 Skybox version 11.6.100...

  • Page 62: Troubleshooting

    Chapter 15 Troubleshooting Getting version information when Skybox Appliance Administration is unavailable If you need to know the version of Skybox Appliance (the image version ) and other information about Skybox Appliance when Skybox Appliance Administration is unavailable, run the get_ script from the CLI.

  • Page 63: Wiping The Hard Disk Drive

    You might need to wipe the internal SDD storage, destroying the data on it (for example, if you are sending the Skybox Appliance back to Skybox for replacement). Warning: This procedure wipes the SDD completely; it will not be bootable or function at all.

  • Page 64: Cis Benchmarks For Centos 7

    Chapter 17 CIS benchmarks for CentOS 7 All new Skybox Appliances meet the following CIS benchmark recommendations for CentOS 7. Appliances updated to the new ISO also meet the recommendations. RECOMMENDATION SCORED DESCRIPTION ü 1.1.1.1 – 1.1.1.8 Ensure that mounting of the following file systems is...
  • Page 65 Skybox Appliance 6000 Quick Start Guide RECOMMENDATION SCORED DESCRIPTION ü 1.4.2 Ensure that the bootloader password is set. Setting the boot loader password requires that anyone rebooting the system must enter a password before being able to set command line boot parameters...
  • Page 66 ü 4.1.8 -4.1.9 Ensure that login and logout events are collected; Ensure that session initiation information is collected. The file Skybox version 11.6.100...
  • Page 67 Skybox Appliance 6000 Quick Start Guide RECOMMENDATION SCORED DESCRIPTION /var/log/lastlog maintain records of the last time a user successfully logged in. The /var/run/failock directory maintains records of login failures via the pam_ faillock module. The file /var/run/utmp file tracks all currently logged in users.
  • Page 68 SSH server. ü 5.2.6 Ensure that SSH IgnoreRhosts is enabled. The IgnoreRhosts parameter specifies that .rhosts and .shosts files are not used in RhostsRSAAuthentication or HostbasedAuthentication. Rationale: Setting this parameter forces users to enter a Skybox version 11.6.100...
  • Page 69 Skybox Appliance 6000 Quick Start Guide RECOMMENDATION SCORED DESCRIPTION password when authenticating with SSH. ü 5.2.7 Ensure that SSH HostbasedAuthentication is disabled. The HostbasedAuthentication parameter specifies whether authentication is permitted through trusted hosts via the user of .rhosts, or /etc/hosts.equiv, along with successful public key client host authentication.
  • Page 70 /etc/gshadow /etc/passwd- /etc/shadow- /etc/group- /etc/gshadow- Rationale: It is critical to ensure that these files are protected from unauthorized access. Although they are protected by default, the file permissions could be changed either inadvertently or through malicious actions. Skybox version 11.6.100...
  • Page 71 Skybox Appliance 6000 Quick Start Guide RECOMMENDATION SCORED DESCRIPTION ü 6.1.10 Ensure that no world writable files exist. Unix-based systems support variable settings to control access to files. World writable files are the least secure. See the chmod (2) man page for more information.

  • Page 72: Regulatory And Safety Information

    Chapter 18 Regulatory and safety information This chapter includes regulatory and safety information for Skybox Appliance 6000 hardware. In this chapter Product regulatory compliance Regulatory compliance markings Electromagnetic compatibility notices for the server board Product regulatory compliance Intended application This product is to be evaluated and certified as Information Technology Equipment (ITE), which may be installed in offices, schools, computer rooms, and similar commercial type locations.

  • Page 73: Regulatory Compliance Markings

    Skybox Appliance 6000 Quick Start Guide EMC compliance - Class A compliance FCC /ICES-003 – Emissions (USA/Canada) Verification CISPR 22 – Emissions (International) EN55022 – Emissions (Europe) EN55024 – Immunity (Europe) EN61000-3-2 – Harmonics (Europe) EN61000-3-3 – Voltage Flicker (Europe) CE –...
  • Page 74 (1) This device may not cause harmful interference, and (2) This device must accept interference receive, including interference that may cause undesired operation Nordic Ground Multiple Line 1: “WARNING:” Swedish on line 2: “Apparaten skall anslutas till jordat uttag, Skybox version 11.6.100...
  • Page 75 Skybox Appliance 6000 Quick Start Guide REGULATORY REGION MARKING COMPLIANCE när den ansluts till ett nätverk.” Finnish on line 3: “Laite on liitettävä suojamaadoituskoskettimilla varustettuun pistorasiaan.” English on line 4: “Connect only to a properly earth grounded outlet.” WEEE (Waste...

  • Page 76: Electromagnetic Compatibility Notices For The Server Board

    Increase the separation between the equipment and the receiver. Connect the equipment to an outlet on a circuit different from that to which the receiver is connected. Consult the dealer or an experienced radio/TV technician for help. Skybox version 11.6.100...
  • Page 77 Skybox Appliance 6000 Quick Start Guide Any changes or modifications not expressly approved by the grantee of this device could void the user’s authority to operate the equipment. The customer is responsible for ensuring compliance of the modified product. All cables used to connect to peripherals must be shielded and grounded. Operation with cables, connected to peripherals that are not shielded and grounded may result in interference to radio and TV reception.
  • Page 78 4. Date of Manufacturer: Refer to date code on product 5. Manufacturer/Nation: Intel Corporation/Refer to country of origin marked on product CNCA (CCC-China) The CCC Certification Marking and EMC warning is located on the outside rear area of the product. Skybox version 11.6.100...

This manual is also suitable for:

60008050Appliance 7000

Table of Contents