Cisco C220 M3 Скачать руководство пользователя страница 7

Страница: 7 / 10

Clean Interface Inbound

Note

Action

Port

Protocol

Destination

Source

Allow SSH conectivity to the
tgsh-dialog.

Allow

TCP

Clean Interface

User Subnet

Appliance API and Threat
Grid user interface. This will
redirect to HTTPS TCP/443.

Allow

TCP

Clean Interface

User Subnet

Appliance API and Threat
Grid user interface.

Allow

443

TCP

Clean Interface

User Subnet

Allow connectivity to the
Threat Grid UI Glovebox.

Allow

9443

TCP

Clean Interface

User Subnet

Admin Interface Outbound (Optional)

The following depends on what services are configured.

Note

Action

Port

Protocol

Destination

Source

Optional, only required if
Threat Grid appliance is
configured to send backups to
an NFSv4 share.

Allow

2049

TCP

NFSv4 Server

Admin
Interface

Admin Interface Inbound

Note

Action

Port

Protocol

Destination

Source

Allow SSH connectivity to the
TGSH Dialog.

Allow

TCP

Admin Interface

Admin
Subnet

Allow Access to the OpAdmin
Portal interface. This will
redirect to HTTPS TCP/443.

Allow

TCP

Admin Interface

Admin
Subnet

Allow Access to the OpAdmin
Portal interface.

Allow

443

TCP

Admin Interface

Admin
Subnet

Dirty Interface for Non Cisco-Validated/Recommended Deployment

Note

Action

Port

Protocol

Destination

Source

Update, support snapshot, and
licensing services.

Allow

TCP

Internet

Dirty
Interface

Allow outbound DNS.

Allow

TCP/UDP

Internet

Dirty
Interface

Allow outbound NTP.

Allow

123

UDP

Internet

Dirty
Interface

Server Setup

Firewall Rules

Содержание C220 M3

Страница 1: ...nfigured you can use a remote KVM See CIMC Configuration Refer to the server product documentation for detailed hardware and environmental setup information See Product Documentation Network Interface Connections Setup The SFP modules must be connected to the chassis before the appliance is powered on for the session in which the configuration wizard is going to be run However wiring the SFP up to...

Страница 2: ...e two SFP ports and three Ethernet ports on the back of the appliance and attach the network cables as illustrated in Figure 4 Reserved is the non Admin SFP port that is reserved for future use Figure 1 Cisco UCS C220 M3 SFF Rack Server Figure 2 Cisco UCS C220 M3 Rear View Details Server Setup 2 Server Setup C220 M3 Rack Server Setup ...

Страница 3: ... plugged into the SFP may be safely hot plugged Note C220 M4 Rack Server Setup The interfaces must be properly connected and configured for the appliance to operate Use port 3 Slot 2 for the optional Clust interface The details for your appliance may differ from the illustrations Contact support threatgrid com if you have any questions Note Figure 3 Cisco UCS C220 M4 SFF Rack Server Server Setup 3...

Страница 4: ...logical and recommended setup for a Threat Grid Appliance However each customer s interface setup is different Depending on your network requirements you may decide to connect the Dirty interface to the inside or the Clean interface to the outside with appropriate network security measures in place for example Server Setup 4 Server Setup Network Interface Setup Diagram ...

Страница 5: ...port 8443 of the assigned clean IP Note Firewall Rules This section provides suggested firewall rules Implementing a restrictive outgoing policy on the Dirty interface for ports 22 and 19791 requires tracking updates over time and spending more time maintaining the firewall See the required destinations in the configuration sections Note Using IPv4LL address space 168 254 0 16 for the Dirty interf...

Страница 6: ...TP connections to the configured mail server Allow 25 TCP SMTP Servers Clean Interface Clean Interface Outbound Optional Note Action Port Protocol Destination Source Optional only required if Clean DNS is configured Allow 53 TCP UDP Corporate DNS Server Clean Interface Optional only required if AMP for Endpoints Private Cloud integration is used Allow 443 TCP AMP Private Cloud Clean Interface Allo...

Страница 7: ...id appliance is configured to send backups to an NFSv4 share Allow 2049 TCP NFSv4 Server Admin Interface Admin Interface Inbound Note Action Port Protocol Destination Source Allow SSH connectivity to the TGSH Dialog Allow 22 TCP Admin Interface Admin Subnet Allow Access to the OpAdmin Portal interface This will redirect to HTTPS TCP 443 Allow 80 TCP Admin Interface Admin Subnet Allow Access to the...

Страница 8: ...nnect with third party detection and enrichment services Allow 443 TCP TitaniumCloud Dirty Interface Power On and Boot Up Appliance Once you have connected the server peripherals network interfaces and power cables turn on the appliance and wait for it to boot up The Cisco screen is briefly displayed Figure 6 Cisco Screen During Bootup If you want to configure this interface press F8 after the mem...

Страница 9: ...ections are not yet configured and the OpAdmin Portal cannot be reached yet to perform this task The TGSH Dialog displays the initial administrator Password which will be needed to access and configure the OpAdmin Portal interface later in the configuration Make a note of the Password in a separate text file copy and paste Important Server Setup 9 Server Setup Power On and Boot Up Appliance ...

Страница 10: ...Server Setup 10 Server Setup Power On and Boot Up Appliance ...

Результаты поиска

Содержание C220 M3

Отзывы:

Похожие инструкции для C220 M3

Бренды по названию

Популярные бренды

Cisco C220 M3, Настройка

Результаты поиска

Содержание C220 M3

Отзывы:

Похожие инструкции для C220 M3

Бренды по названию

Популярные бренды