1. Manuals
  2. Brands
  3. RSA Manuals
  4. Network Hardware
  5. enVision 60 Series
  6. Setup and maintenance manual

RSA enVision 60 Series Setup And Maintenance Manual

Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
RSA enVision
Hardware Setup and Maintenance Guide
60 Series

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the enVision 60 Series and is the answer not in the manual?

Questions and answers

Related Manuals for RSA enVision 60 Series

Summary of Contents for RSA enVision 60 Series

  • Page 1 RSA enVision Hardware Setup and Maintenance Guide 60 Series...
  • Page 2 Trademarks RSA, the RSA Logo, RSA enVision, RSA Event Explorer and EMC are either registered trademarks or trademarks of EMC Corporation in the United States and/or other countries. All other trademarks used herein are the property of their respective owners.

  • Page 3: Table Of Contents

    Single Appliance Site Overview ..................21 Set Up a Single Appliance Site ..................21 Configure the RSA DAS 2000..................23 Configure Free Space on RSA enVision DAS-2000 ............24 Chapter 4: Multiple Appliance Site ..............27 Multiple Appliance Site Overview ................... 27 Set Up a Multiple Appliance Site ..................
  • Page 4 ES Storage Array Specifications..................78 LS Storage Array Specifications..................79 Rack Specifications for ENV-NAS53-1 and ENV-NAS53-2 ........82 Rack Specifications for RSA NAS 3500 and RSA NAS 7000........83 LS Network Switch Specifications ................... 84 Appliance Rack Specifications ..................85 Safety and Regulatory Statements ..................
  • Page 5 RSA enVision Hardware Setup and Maintenance Guide Verify Permissions on D-SRVs ................. 91 Verify Permissions on Collectors ................92 Verify Permissions on A-SRVs ................. 92 Additional Passwords......................93 Troubleshooting ........................ 94 Change Passwords that were Accidentally Updated Manually ......... 94 Glossary ..........................

  • Page 7: Preface

    Preface About This Guide This guide contains information on setting up and maintaining your RSA enVision hardware appliance. Use this guide in conjunction with the Configuration Guide. It is intended for system administrators who need to setup an enVision appliance.

  • Page 8: Related Documentation

    The RSA Secured Partner Solutions Directory provides information about third-party hardware and software products that have been certified to work with RSA products. The directory includes Implementation Guides with step-by-step instructions and other information about interoperation of RSA products with these third-party products.

  • Page 9: Before You Call Customer Support

    RSA enVision Hardware Setup and Maintenance Guide Before You Call Customer Support Make sure that you have direct access to the computer running the RSA enVision software. Please have the following information available when you call:  One of the following: On a 60-series appliance, the serial number of the appliance.

  • Page 11: Chapter 1: Introduction To Rsa Envision

    The enVision LogSmart Internet Protocol Database (IPDB) collects and protects all the data automatically, from any network device, without filtering or agents. RSA enVision gives you an accurate picture of how your network is being used, and by whom. It independently monitors your network to verify security policies, generates alerts for possible compliance breaches, and analyzes and reports on network performance.
  • Page 12 RSA enVision Hardware Setup and Maintenance Guide Multiple appliance site. The LS series appliances are designed to operate in a distributed installation. Each enVision component―Application, Collector, and Database―is on its own appliance. The appliances together form a site. Distributed multiple appliance sites allow multiple installations of any of the three appliance types to be deployed to manage the variety of network infrastructures found in production environments.

  • Page 13: Chapter 2: Appliance Layout

    The internal specifications of the ES and LS series appliance hardware differ. For information on hardware specifications, see Appendix A, “Hardware Specifications.” Front Panel The following figure shows the front panel of the RSA enVision appliance. Indicator, Item Button, or...
  • Page 14 RSA enVision Hardware Setup and Maintenance Guide Indicator, Item Button, or Icon Description Connector NMI button Use to troubleshoot software and device driver errors. Use this button only if directed to do so by Customer Support or by the operating system documentation.

  • Page 15: Lcd Panel Features

    RSA enVision Hardware Setup and Maintenance Guide LCD Panel Features The LCD panel provides system information and status messages to indicate that the system is operating correctly or that the system needs attention. The LCD backlight lights blue during normal operating conditions and lights amber to indicate an error condition.

  • Page 16: Hard Drive Indicators

    RSA enVision Hardware Setup and Maintenance Guide Hard Drive Indicators The hard drive carriers have two indicators: Drive-activity indicator • Drive-status indicator • The following figure shows the hard drive indicators. Item Description Drive-status indicator (green and amber) Drive-activity indicator (green) In RAID configurations, the drive-status indicator lights display different patterns as drive events occur in the system.

  • Page 17: Back Panel

    RSA enVision Hardware Setup and Maintenance Guide Back Panel The following figure shows the back panel of the RSA enVision appliance. Indicator, Item Button, or Icon Description Connector PCIe slot1 PCI Express x4-link (Generation 2) expansion slot (2.881 inch full-height, 12.2 inch length)
  • Page 18 RSA enVision Hardware Setup and Maintenance Guide Indicator, Item Button, or Icon Description Connector Ethernet Integrated 10/100/1000 NIC connectors labeled connectors (4) Gb1, Gb2, Gb3, Gb4 from left to right. System status Use to attach a system indicator extension cable indicator that is used on a cable management arm.

  • Page 19: Power Indicator Codes

    RSA enVision Hardware Setup and Maintenance Guide Power Indicator Codes An LED indicator on the power button indicates when power is supplied to the system and the system is operational. The power supplies have an indicator that shows whether power is present or whether a power fault has occurred.

  • Page 21: Chapter 3: Single Appliance Site

    For more information, see “ES Appliance Specifications” on page 74. Starting with RSA enVision 4.1, you can deploy a single appliance site on a Note: virtual infrastructure. For information, see the Virtual Deployment Guide. Set Up a Single Appliance Site Before you set up your hardware, review “Safety and Regulatory...
  • Page 22 4. If your ES appliance has an external DAS storage, connect the storage system to the ES appliance (through ethernet connector Gb2). Connect a cable from INF2 on the ES appliance to the MGMT port on the RSA DAS 2000. For instructions, see the following section“Configure the RSA DAS 2000.”...

  • Page 23: Configure The Rsa Das 2000

    RSA enVision Hardware Setup and Maintenance Guide Configure the RSA DAS 2000 If your ES appliance has a DAS 2000 external storage array, perform the following steps to configure the external DAS. This configuration deletes the existing data on the DAS 2000.

  • Page 24: Configure Free Space On Rsa Envision Das-2000

    Configure Free Space on RSA enVision DAS-2000 The DAS 2000 has additional free space that has not been pre-configured. You can configure and use the storage as needed for use with the RSA enVision appliance. To configure free space on RSA enVision DAS-2000: 1.
  • Page 25 RSA enVision Hardware Setup and Maintenance Guide c. Review the properties of the LUN and ensure that it is assigned to NIC. 5. You must format the new LUN for use with enVision. Perform the following steps on the enVision appliance: a.

  • Page 27: Chapter 4: Multiple Appliance Site

    Multiple Appliance Site Overview The LS series appliances are designed to operate in a distributed installation. Each RSA enVision component—Application, Collector, and Database—is on its own appliance. The appliances together form a site. Distributed multiple appliance sites allow multiple installations of any of the three appliance types to be deployed to manage the variety of network infrastructures found in production environments.
  • Page 28 RSA enVision Hardware Setup and Maintenance Guide 3. Connect the storage system. Note the IP address for the storage device in the Identify External Storage (NAS 3500/7000) section of the Configuration Wizard Planning Worksheet - Multiple Appliance Site in the chapter “Multiple Appliance Site”...
  • Page 29 RSA enVision Hardware Setup and Maintenance Guide 5. Connect each of the power cords to a different power circuit for increased reliability and availability. For powerline redundancy, the appliance and the switch have dual power supplies. 6. Power on the storage system. For instructions, refer to the storage system documentation.
  • Page 30 RSA enVision Hardware Setup and Maintenance Guide 7. Power on the network switch and LS appliances. The LS Typing Wizard starts automatically on the appliances. If you click Cancel at any time while using the wizard, you must restart the wizard to type the appliance.

  • Page 31: Cabling Examples

    RSA enVision Hardware Setup and Maintenance Guide Cabling Examples This section shows examples of cabled multiple appliance sites. The following figure shows an example of a multiple appliance site with a Local Collector (LC), an Application Server (A-SRV), and a Database Server (D-SRV). The site is connected to the switch.
  • Page 32 The following figure shows an example of a multiple appliance site with a Local Collector (LC), an Application Server (A-SRV), and a Database Server (D-SRV). The site is connected to the switch. The switch is connected to the RSA NAS 3500 or RSA NAS 7000 (external storage).
  • Page 33 RSA enVision Hardware Setup and Maintenance Guide The following figure shows an example of a cabled multiple appliance site with one D-SRV, two A-SRVs, and three LCs. The site is connected to the switch. The switch is connected to the ENV-NAS 53-1 or ENV-NAS53-2 (external storage).
  • Page 34 The following figure shows an example of a cabled multiple appliance site with one D-SRV, two A-SRVs, and three LCs. The site is connected to the switch. The switch is connected to the RSA NAS 3500 or NAS 7000 (external storage). 4: Multiple Appliance Site...
  • Page 35 RSA enVision Hardware Setup and Maintenance Guide The following figure shows an example of a cabled multiple appliance site with three D-SRVs, two A-SRVs, and three LCs. The site is connected to the switch. The switch is connected to the ENV-NAS 53-1 or ENV-NAS53-2 (external storage).
  • Page 36 The following figure shows an example of a cabled multiple appliance site with three D-SRVs, two A-SRVs, and three LCs. The site is connected to the switch. The switch is connected to the RSA NAS 3500 or NAS 7000 (external storage). A-SRV1...

  • Page 37: Enhanced Availability

    Optionally, you can set up enhanced availability (EA) for the LCs. This allows you to define up to six cluster appliances (CAs) for a site to perform the LC roles. Contact RSA Professional Services to set up EA. 4: Multiple Appliance Site...

  • Page 39: Chapter 5: Remote Collector Site

    Remote Collector Site Overview Remote Collectors (RCs) capture incoming events remotely and forward the data collected to the D-SRV1 in an RSA enVision multiple appliance site using the NIC Forwarder Service. All RCs must be connected to the D-SRV1. The RCs use the LS series appliances. For specifications for the LS series appliance, see Appendix A, “Hardware Specifications.”...
  • Page 40 RSA enVision Hardware Setup and Maintenance Guide 3. Connect the RC appliance to the LAN (through ethernet connector Gb1). 4. Connect each of the power cords to a different power circuit for increased reliability and availability. 5. If you are using external storage, power on the storage appliance. Wait five minutes.

  • Page 41: Chapter 6: Adding An Appliance To An Existing Site

    “Update Files on D-SRV1” if needed. 5. If you add an appliance to a site that is upgraded from RSA enVision 3.7 or 4.0 to RSA enVision 4.1, you must upgrade the Configuration Wizard. Download the Configuration Wizard for RSA envision 4.1 from RSA SecurCare Online at https://knowledge.rsasecurity.com.

  • Page 42: Determine Whether To Update Files On D-Srv1

    To update the files on D-SRV1: 1. To download the files, follow these steps: a. Go to https://knowledge.rsasecurity.com/, and log on to RSA SecurCare Online. b. Click Products > RSA enVision. c. On the Version Upgrade tab, enter your enVision maintenance serial number, and click Submit.

  • Page 43: Add An Lc, A-Srv, Or D-Srv To A Site

    RSA enVision Hardware Setup and Maintenance Guide Open the downloaded .zip file, and, extract the files to the specified location on D-SRV1. RSA enVision Directory to Which to Files to Extract Version Extract Files CORE_RSA_WINDOWS4100b00xx.zip CORE_RSA_enVisionAPP4100b00xx.exe E:\nic\installables 3. Unzip the file in the C:\ directory, CORE_RSA_WINDOWS4100b00xx.zip...
  • Page 44 (select the next D-SRV in the site in the sequence of DS2, DS3, and DS4). 6. On D-SRV1, configure the new appliance as follows: a. To start the RSA enVision Configuration Wizard, double-click the lsconfigurationwizard.exe file in the C:\Windows\installations directory. b. When prompted, enter the master password.

  • Page 45: Add An Rc To A Site

    RSA enVision Hardware Setup and Maintenance Guide 7. Apply the appropriate label to the front and back of the new appliance to identify RSA recommends that you install the latest enVision service pack on the new Note: appliances that you have added.
  • Page 46 7. Apply the appropriate label to the front and back of the new appliance to identify RSA recommends that you install the latest enVision service pack on the new Note: RC that you have added.

  • Page 47: Chapter 7: Nas Configuration

    RSA enVision multiple appliance sites (using LS series appliances) and high-end single appliance sites (ES 3060, ES 5060, and ES 7560) require external storage. For single appliance sites, RSA recommends using the RSA DAS 2000. For multiple appliance sites, recommended and supported storage arrays are listed below:...
  • Page 48 RSA enVision Hardware Setup and Maintenance Guide You must install and configure the storage system before you install the RSA enVision appliances and configure the enVision site. For information on configuring the enVision site, see the Configuration Guide. The complete VNX documentation is available to EMC Powerlink users at the site.

  • Page 49: Storage Specifications

    Storage Specifications The NAS must support local user authentication and a standalone CIFS server. The RSA enVision appliance includes four predefined local user accounts. The enVision appliance is designed to integrate with a NAS that includes the same four local users.

  • Page 50: Nas Configuration Values For Vnx

    Note: drives are not fast enough. NAS Configuration Values for VNX Refer to this section if your RSA enVision setup uses the ENV-NAS53 series. Note: This section describes, at a high level, the tasks that are involved in configuring the NAS to work with the enVision platform.

  • Page 51: Creation Of Storage Pools

    Informational Only Creation of the File Systems You must create the file systems required by your configuration of the RSA enVision platform. The D-SRV1 requires vol0, and the first Local Collector (LC1) requires vol1. A second Local Collector (LC2) would require vol2, and a third Local Collector would require vol3.

  • Page 52: Creation Of The Standalone Cifs Server

    Creation of the Standalone CIFS Server The RSA enVision platform requires a NAS that supports local user authentication and a standalone CIFS server. The enVision platform contains log data from many sensitive event sources on your network that must be protected.
  • Page 53 IP address must be changed to match the address specified in the enVision setup. Local Users and Passwords You must create the following users and passwords on the CIFS server to allow the RSA enVision platform to access the CIFS shares. master •...

  • Page 54: Creation Of The Cifs Shares

    “Changing Passwords” page 87. Creation of the CIFS Shares Depending on your RSA enVision platform configuration, you must create the following CIFS shares. The enVision Configuration Wizard, lsconfigwizard.exe, is hard-coded to expect these values: vol0 – used by the D-SRV •...
  • Page 55 RSA enVision Hardware Setup and Maintenance Guide Ensure that you select the CIFS server on which to make the share available, and do not let the system select ALL. Setting Value Vol0 Data Mover server_2 File System vol0 CIFS Server...

  • Page 56: Iscsi Configuration Settings

    This configuration is optional and required only if your setup uses enhanced Note: availability. If your RSA enVision site uses Enhanced Availability (EA), you must configure iSCSI. Prerequisites You must enable the DART iSCSI mode on the VNX before you configure the iSCSI.

  • Page 57: Enable E-Mail Connect Home

    Enable E-mail Connect Home RSA recommends that you enable the E-mail Connect Home feature on the VNX (or an equivalent feature for other NAS types). This feature automatically notifies EMC Customer Support (or another storage provider) if a failure occurs or if a failure is predicted.

  • Page 58: Nas Configuration Values For Celerra

    This section describes, at a high-level, the tasks that are involved in configuring the NAS to work with RSA enVision. For each task, this section provides the specific values that must be configured. Use the default values for settings that are not described in this document.

  • Page 59: Network Interface Configuration

    RSA enVision Hardware Setup and Maintenance Guide Network Interface Configuration You must configure an interface to which the copper media can connect. You can configure the values in the following table through the command line or in the Celerra Manager.
  • Page 60 RSA enVision Hardware Setup and Maintenance Guide Do not create the file systems with performance tuning options. Important: Setting Value Vol0 Data Mover server_2 Storage Pool clar_r5_performance Name vol0 Size (15 Fibre Channel drives) 1363148 MB Size (30 Fibre Channel drives)

  • Page 61: Creation Of The Standalone Cifs Server

    Creation of the Standalone CIFS Server RSA enVision requires a NAS that supports local user authentication and a standalone CIFS server. RSA enVision contains log data from many sensitive event sources on your network that must be protected.
  • Page 62 RSA enVision Hardware Setup and Maintenance Guide Setting Value Data Mover DNS 10.203.2.11 (Default back-end IP address of enVision D-SRV) 10.203.2.11 (Default back-end IP address of enVision D-SRV) CIFS Services Running CIFS Server Data Mover server_2 Interface 10.203.2.101 (cge0) Server Type...

  • Page 63: Creation Of The Cifs Shares

    RSA enVision Hardware Setup and Maintenance Guide Creation of the CIFS Shares Depending on your enVision configuration, you must create the following CIFS shares. The RSA enVision Configuration Wizard, lsconfigwizard.exe, is hard-coded to expect these values: vol0 – used by the D-SRV •...

  • Page 64: Iscsi Configuration Settings

    RSA enVision Hardware Setup and Maintenance Guide Setting Value Vol3 Data Mover server_2 File System vol3 CIFS Server NICELERRA CIFS Share Name vol3 iSCSI Configuration Settings If your enVision site uses Enhanced Availability (EA), you must configure iSCSI. Configure iSCSI with the settings in the following table.
  • Page 65 RSA enVision Hardware Setup and Maintenance Guide Setting Value Grant List for LUN iqn.2006-01.nic.niceacluster:CA1.niceacluster.nic Access (Set “Enable iqn.2006-01.nic.niceacluster:CA2.niceacluster.nic Multiple Access”) iqn.2006-01.nic.niceacluster:CA3.niceacluster.nic iqn.2006-01.nic.niceacluster:CA4.niceacluster.nic iqn.2006-01.nic.niceacluster:CA5.niceacluster.nic iqn.2006-01.nic.niceacluster:CA6.niceacluster.nic iqn.2006-01.nic.niceacluster:CA7.niceacluster.nic iqn.2006-01.nic.niceacluster:CA8.niceacluster.nic iqn.2006-01.nic.niceacluster:DS1.niceacluster.nic iqn.2006-01.nic.niceacluster:DS2.niceacluster.nic iSCSI Configuration Verification Verify that your configuration is correct by comparing your Windows to the examples that follow.
  • Page 66 RSA enVision Hardware Setup and Maintenance Guide Compare your iSCSI target properties to the properties shown in the following figure. Compare your iSCSI LUN Mask to the properties shown in the following figure. 7: NAS Configuration...

  • Page 67: Enable Celerra Connect Home

    RSA enVision Hardware Setup and Maintenance Guide Enable Celerra Connect Home RSA recommends that you enable the Celerra Connect Home feature on the NAS (or an equivalent feature for other NAS types). This feature automatically notifies EMC Customer Support (or another storage provider) if a failure occurs or if a failure is predicted.

  • Page 69: Chapter 8: Factory Reimaging And Typing

    You can reimage the appliance by using the DVD that was shipped to you along with the appliance. If the DVD is not compatible with your hardware, contact RSA Customer Support to obtain the correct version.

  • Page 70: Reimage The Appliances

    RSA enVision Hardware Setup and Maintenance Guide To disable a virtual drive: 1. Restart the enVision appliance. 2. During the initial boot phase, press CTRL+E to access the Remote Access Configuration utility. 3. When prompted for a password, type rsabios, and press ENTER.

  • Page 71: Factory Type The Appliances

    RSA enVision Hardware Setup and Maintenance Guide Repeat this procedure for each appliance in the site. Factory Type the Appliances To factory type an appliance: 1. Double-click C:\Windows\installations\lsconfigwizard.exe to start the Factory Typing wizard. 2. From the list of license types, select the appropriate one of the following types: •...

  • Page 73: Appendix A: Hardware Specifications

    RSA enVision Hardware Setup and Maintenance Guide Hardware Specifications Hardware Location Requirements • ES Appliance Specifications • LS Appliance Specifications • Appliance Specifications • ES Storage Array Specifications • LS Storage Array Specifications • Appliance Rack Specifications • Safety and Regulatory Statements •...

  • Page 74: Es Appliance Specifications

    Application Software http://www.dell.com/downloads/global/corporate/environ/comply/pedge_r710.pdf Regulatory Approvals 90-day hardware warranty, during which time RSA will remedy, replace, or provide a Hardware Warranty refund 90-day access to technical support for application setup assistance and bug fixes Software Warranty Base storage of 300 GB is raw storage. Data storage for events is 220 GB, once you take out formatting, OS partition, and temp nugget partition.

  • Page 75: Ls Appliance Specifications

    RSA enVision with two-phase Real-Time Data Compression (RTDC) Application Software http://www.dell.com/downloads/global/corporate/environ/comply/pedge_r710.pdf Regulatory Approvals 90-day hardware warranty, during which time RSA will remedy, replace, or provide Hardware Warranty a refund 90-day access to technical support for application setup assistance and bug fixes Software Warranty A: Hardware Specifications...

  • Page 76: Appliance Specifications

    RSA enVision Hardware Setup and Maintenance Guide Appliance Specifications The following table describes several aspects for the ES and LS Series appliances. Category Description Form Factor 2U Rack mount Operating System Windows 2003 Server R2 Enterprise 64-bit w/5 CALs Processor Two Quad Core Intel Xeon E5504, 4 MB Cache, 2.00 GHz,...
  • Page 77 RSA enVision Hardware Setup and Maintenance Guide Category Description Batteries System battery CR 2032 3.0-V lithium-ion coin cell RAID battery 4.1-V lithium-ion Dimensions Height 8.64 cm (3.40 inch) Width 44.31 cm (17.44 inch) Depth 68.07 cm (26.80 inch) Gross weight 26.1 kg (57.54 lb)

  • Page 78: Es Storage Array Specifications

    ES Storage Array Specifications The ES single appliance site with external storage uses the EMC CLARiiON storage array for the RSA DAS 2000. For complete information on the storage array, see the EMC CLARiiON documentation. The following table contains specification information.

  • Page 79: Ls Storage Array Specifications

    RSA enVision Hardware Setup and Maintenance Guide LS Storage Array Specifications The LS multiple appliance site uses the EMC VNX as the ENV-NAS53-1 or ENV-NAS53-2 storage array. For complete information on the storage array, see the EMC VNX documentation. The following table contains specification information.
  • Page 80 RSA enVision Hardware Setup and Maintenance Guide Category Description AC Power and AC line voltage 100–240 VAC ±10%, single phase Dissipation Frequency 47–63 Hz, full auto-ranging AC line current • 4.8 A maximum at 100 V (configured with 15 disks) •...
  • Page 81 RSA enVision Hardware Setup and Maintenance Guide The LS multiple appliance site uses the EMC Celerra as the RSA NAS 3500 or NAS 7000 storage array. For complete information on the storage array, see the EMC Celerra documentation. The following table contains specification information.

  • Page 82: Rack Specifications For Env-Nas53-1 And Env-Nas53-2

    RSA enVision Hardware Setup and Maintenance Guide Rack Specifications for ENV-NAS53-1 and ENV-NAS53-2 The ENV-NAS53-1 and ENV-NAS53-2 are shipped in a rack provided by EMC. The following table contains the environmental details of the rack. Category Description Dimensions Height 91.90 m (75 in.) Width 0.60 m (24 in.)

  • Page 83: Rack Specifications For Rsa Nas 3500 And Rsa Nas 7000

    RSA enVision Hardware Setup and Maintenance Guide Rack Specifications for RSA NAS 3500 and RSA NAS 7000 The NAS 3500 and NAS 7000 are shipped in a rack provided by EMC. The following table contains the environmental details of the rack.

  • Page 84: Ls Network Switch Specifications

    The multiple appliance site uses a network switch. For complete information on the network switch, see the vendor documentation. RSA enVision requires a dedicated switch with all ports set to 1 Gbps. If the connection cannot automatically negotiate the connection speed, it will decrease to 100 MB full duplex.

  • Page 85: Appliance Rack Specifications

    RSA enVision Hardware Setup and Maintenance Guide Appliance Rack Specifications For complete information on the rack, see the vendor documentation. The following table contains the requirements for a rack. To add the LS storage array to your own rack, see the installation guides for...

  • Page 86: Safety And Regulatory Statements

    • explosion if the battery is incorrectly replaced. During the hardware warranty period, the batteries can only be replaced by RSA. Dispose of used batteries according to the manufacturer’s instructions. If your storage system or disk shelf has more than one power supply cord, •...

  • Page 87: Appendix B: Changing Passwords

    Troubleshooting • This appendix describes how to change the passwords on the RSA enVision appliances and the NAS in a multiple appliance site. The procedures described in this document are limited to those components that interact directly with RSA enVision appliances and the NAS.

  • Page 88: Change Passwords On The Nas

    If you have set a minimum age for NAS password expiration, ensure that the NAS passwords meet the password policy criteria specified for the RSA enVision user accounts. If you change the default NAS password policy ensure that the NAS passwords meet the password policy criteria specified for the RSA enVision user accounts in the Password Manager page.

  • Page 89: Change Passwords On The Envision Appliance Using The Password Manager Utility

    Change Passwords on the enVision Appliance Using the Password Manager Utility You must use the Password Manager Utility in the RSA enVision appliance to change the password for the enVision appliance. To change the passwords in a multiple appliance site, you must run the Important: Password Manager Utility on each of the appliances.
  • Page 90 RSA enVision Hardware Setup and Maintenance Guide To change passwords using the Password Manager Utility: Do not stop or terminate the script when it is running. This may result in CAUTION: the system behaving in an inconsistent manner. 1. In the appliance, open a new command shell, and change directories to E:\nic\4100\node-name\password\update scripts.

  • Page 91: Verify Remote Collector Connectivity

    RSA enVision Hardware Setup and Maintenance Guide Verify Remote Collector Connectivity This section describes how to verify that the RC can transfer event data. This confirms that the NIC_sshd password was reset correctly. To verify Remote Collector connectivity: 1. Log on to the Remote Collector.

  • Page 92: Verify Permissions On Collectors

    RSA enVision Hardware Setup and Maintenance Guide 4. Double-click vol0. 5. To ensure that the D-SRV has the correct privileges to read and write data to the NAS, in the right pane, right-click the desktop, and select New > Text Document.

  • Page 93: Additional Passwords

    In addition to recommending that you change the passwords of the four key users for the RSA enVision appliance and the NAS, RSA recommends that you change other default passwords to protect the RSA enVision appliance, the NAS, and the switch.

  • Page 94: Troubleshooting

    RSA enVision Hardware Setup and Maintenance Guide Password Description Reference Switch Password Default password and the RSA provides an unconfigured For information, see the documentation Web Management IP switch. You must change the default that RSA provided with your switch, the Address.
  • Page 95 RSA enVision Hardware Setup and Maintenance Guide 4. Re-enter the passwords for the enVision user accounts: a. NIC_System b. NIC_SSHD c. NIC_SFTP Ensure that the passwords meet the password policy criteria specified for RSA enVision user accounts. B: Changing Passwords...

  • Page 97: Glossary

    The administrator defines alerts for each view. Alert History tool The RSA enVision tool that is used to display alerts from the events database. Alerts module The RSA enVision module that provides tools to monitor, display, and configure alerts.
  • Page 98 RSA enVision Hardware Setup and Maintenance Guide attribute category A group of categories defined by the RSA enVision platform for device and asset attributes. The nine categories are properties, location, organization, owner, physical, function, importance, vulnerability, and zone. Users can define custom categories.
  • Page 99 RSA enVision Hardware Setup and Maintenance Guide device type (dtype) An assigned internal name for an event source that is used by RSA enVision tools and utilities. The dtype value is displayed on the enVision interface, reports, and queries. See Enhanced Availability.
  • Page 100 NIC domain A group of multiple appliance sites that constitute an organization's entire deployment of the RSA enVision platform. One site acts as the NIC domain master site. NIC message ID A number that identifies a message. This number may or may not be the same as the vendor message ID.
  • Page 101 An RSA enVision site in which all enVision components (Application, Collector, and Database) are on one appliance. site The basis on which the RSA enVision platform is deployed. Each site consists of three main components: Application Server, Collector, and Database Server. site name The name of the site, defined during the configuration of the RSA enVision platform.
  • Page 102 RSA enVision Hardware Setup and Maintenance Guide vulnerability and asset management A feature that provides unified management of assets and vulnerability incident analysis. Vulnerability Knowledge Database (VDB) An embedded repository of vulnerability information derived from the National Vulnerability Database (NVD).

Table of Contents