Cisco Stealthwatch Скачать руководство пользователя страница 10 | Manualshive

Страница: 10 / 91

Cisco Stealthwatch Скачать руководство пользователя страница 10

In a Stealthwatch deployment with a Data Store, the Data Store cluster sits between
your SMC and Flow Collectors. One or more Flow Collectors ingests and deduplicates
flows, performs analysis, and reports data and results directly to the Data Store,
distributing it roughly equally to all of the Data Nodes. The Data Store facilitates data
storage, keeps all of your traffic in that centralized location as opposed to spread across
multiple Flow Collectors, and offers greater storage capacity than multiple Flow
Collectors. See the following diagram for an example.

To resolve user-submitted queries, including graphs and charts, the SMC queries the
Data Store. The Data Store finds matching results in the columns relevant to the query,
then retrieves the matching rows and returns the query results to the SMC. The SMC
generates the graph or chart without needing to collate multiple result sets from multiple
Flow Collectors. This reduces the cost of querying, as compared to querying multiple
Flow Collectors, and improves query performance.

© 2021 Cisco Systems, Inc. and/or its affiliates. All rights reserved.

- 10 -

Data Store Concepts and Architecture

«
...
8
9
10
11
12
...
»

Содержание Stealthwatch

Страница 1: ...Cisco Stealthwatch Data Store Hardware Deployment and Configuration Guide 7 3 2 ...

Страница 2: ...s and Considerations 20 Data Store Communications Ports 21 Stealthwatch with a Data Store Deployment Overview 25 Data Store Installation 26 Stealthwatch Hardware Deployment and Considerations 26 SMC Configuration for Use with a Data Store 26 Data Store Initial Deployment and Configuration 27 Flow Collector Configuration for Use with a Data Store 29 Data Store Initialization and Configuration 30 UD...

Страница 3: ...Flow Collectors after you Initialize the Data Store 55 Data Store Deployment Troubleshooting 57 Hardware Deployment Troubleshooting 57 Data Store Troubleshooting 57 Appendix A Installation Preparation 60 Installation Warnings 60 Installation Guidelines 62 Safety Recommendations 64 Maintain Safety with Electricity 64 Prevent ESD Damage 65 Site Environment 65 Power Supply Considerations 65 Rack Conf...

Страница 4: ...e Configuration 78 Changing the Sysadmin User Password 82 Changing the Root User Password 82 Appendix C Configuring Your Appliances 84 Appliance Setup Tool Requirements 84 Managed 84 SMC Failover 84 Best Practices 84 Configuration Order 85 1 Log In 86 2 Configure the Appliance 86 3 Register the Stealthwatch Management Console 88 4 Add Appliances to Central Management 89 5 Confirm Appliance Status ...

Страница 5: ... on configuring Stealthwatch products please refer to the Stealthwatch System Configuration Guide How to Use This Guide In addition to this introduction we have divided this guide into the following chapters Chapter Description Data Store Concepts and Architecture Describes basic concepts underpinning the Data Store database and basic architecture related to Data Store deployment in relation to an...

Страница 6: ... Store Data Store Maintenance Describes Data Store maintenance tasks Data Store Deployment Troubleshooting Describes common issues seen during the Data Store installation process and suggested solutions Appendix A Installation Preparation Provides warnings for installing hardware Appendix B Stealthwatch Hardware Installation Provides an overview for installing Stealthwatch appliances and performin...

Страница 7: ...he Data Store cluster provides improved fault tolerance improved query response and quicker graph and chart population Data Store Storage and Fault Tolerance The Data Store collects data from Flow Collectors and distributes it equally across Data Nodes within the cluster Each Data Node in addition to storing a portion of your overall telemetry also stores a backup of another Data Node s telemetry ...

Страница 8: ...pair the downed connection or faulty hardware after you replace the faulty Data Node the Data Store restores that node s data from the existing backup stored on the adjacent Data Node and creates a backup of data on that Data Node See the following diagram for an example of how Data Nodes store telemetry 2021 Cisco Systems Inc and or its affiliates All rights reserved 8 Data Store Concepts and Arc...

Страница 9: ...ding graphs and charts the SMC queries all of the managed Flow Collectors Each Flow Collector returns matching results to the SMC The SMC collates the information from the different result sets then generates a graph or chart displaying the results In this deployment each Flow Collector stores data on a local database See the following diagram for an example 2021 Cisco Systems Inc and or its affil...

Страница 10: ...ter storage capacity than multiple Flow Collectors See the following diagram for an example To resolve user submitted queries including graphs and charts the SMC queries the Data Store The Data Store finds matching results in the columns relevant to the query then retrieves the matching rows and returns the query results to the SMC The SMC generates the graph or chart without needing to collate mu...

Страница 11: ...re DS 6200 with 3 hardware Data Nodes alongside a hardware SMC and hardware Flow Collectors You cannot deploy a hardware Data Store with virtual appliances nor can you deploy a virtual Data Store with hardware appliances Stealthwatch Data Store Architecture Each Data Store is comprised of 3 or more Data Nodes Each hardware Data Node is its own chassis When you purchase a hardware Data Store you re...

Страница 12: ...t ingest and query communications one for the inter Data Node communications l optionally on hardware Data Nodes only for network redundancy and criticality of the inter Data Node communications an additional 10G connection and an additional switch for establishing a port channel on the Data Node See Data Store Deployment Requirements and Considerations for more detailed information on deployment ...

Страница 13: ...t with software cisco com you receive a license for the SMC VE Stealthwatch Hardware Compatibility and Networking Requirements The following table provides an overview for the hardware required to deploy Stealthwatch with a hardware Data Store Hardware Component Supported Capacity Data Store l Minimum of 3 Data Nodes DS 6200 l Additional sets of 3 Data Nodes to expand the Data Store maximum of 36 ...

Страница 14: ...r use with a Data Store For each SMC and Flow Collector that you deploy you must assign a public routable IP address to the eth0 management port When deploying a Data Store you can configure the use of a BASE T copper 1G 10G port or SFP twinax cable 10G port for the SMC and Flow Collector eth0 management port Cisco requires 10G throughput for the BASE T copper port for Data Store use Users not dep...

Страница 15: ...le provides an overview for the networking and switching considerations when deploying Stealthwatch with a Data Store Network Consideration Description Necessary Credentials For each Data Node Stealthwatch Management Console and Flow Collector l Configured during initial System Configuration root sysadmin l Configured using Appliance Setup Tool admin Configured during Data Store initialization dba...

Страница 16: ...itches to help ensure constant connectivity during switch outages and upgrades Due to the low latency required for inter Data Node communication Cisco recommends a redundant pair of switches where the 2 switches are interconnected and carry the Layer 2 VLAN across both switches Stealthwatch Appliance Communications l SSH and SSH root access required for SMC Data Nodes and Flow Collectors and confi...

Страница 17: ...eth2 or port channel containing eth2 and eth3 for improved throughput and performance Connect the Data Node eth2 port or port channel containing eth2 and eth3 to the switches for inter Data Node communication As part of the Data Store your Data Nodes communicate between and among each other You must assign the non routable IP addresses from the 169 254 42 0 24 CIDR block For hardware Data Nodes co...

Страница 18: ...cations with the SMC and Flow Collectors and an isolated LAN or VLAN for inter Data Node communications You can share these switches with other appliances but create separate LANs or VLANs for the additional appliance traffic See the following diagram for an example 2021 Cisco Systems Inc and or its affiliates All rights reserved 18 Data Store Deployment Prerequisites and Recommendations ...

Страница 19: ... 2021 Cisco Systems Inc and or its affiliates All rights reserved 19 Data Store Deployment Prerequisites and Recommendations ...

Страница 20: ...equirements and Considerations Place each Data Node so that it can communicate with all of your Flow Collectors your SMC and every other Data Node For best performance colocate your Data Nodes and Flow Collectors to minimize communication latency and Data Nodes and SMC for optimum query performance Cisco highly recommends placing the Data Nodes within your firewall such as within a NOC If the Data...

Страница 21: ...restore running processes See the UCS C Series GUI Configuration Guide for more information on configuring the power restore policy in CIMC Data Store Communications Ports The following diagram shows an example Stealthwatch architecture with the communication ports that should be opened See the table for the ports associated with each callout 2021 Cisco Systems Inc and or its affiliates All rights...

Страница 22: ...Appliance Installation Guide for additional communication ports to open for your overall Stealthwatch deployment From Client To Server Port Protocol or Purpose 1 SMC Flow Collectors 22 TCP SSH required to initialize Data 2021 Cisco Systems Inc and or its affiliates All rights reserved 22 Data Store Deployment Prerequisites and Recommendations ...

Страница 23: ...ow Collectors SMC 443 TCP HTTPS required for secure communications between appliances 3 Data Nodes SMC 443 TCP HTTPS required for secure communications between appliances 4 NetFlow Exporters Flow Collectors NetFlow 2055 UDP NetFlow ingestion 5 Data Nodes all other Data Nodes 4803 TCP inter Data Node messaging service 6 Data Nodes all other Data Nodes 4803 UDP inter Data Node messaging service 7 Da...

Страница 24: ...service monitoring 10 sFlow Exporters Flow Collectors sFlow 6343 UDP sFlow ingestion 11 Data Nodes all other Data Nodes 6543 UDP inter Data Node messaging service 2021 Cisco Systems Inc and or its affiliates All rights reserved 24 Data Store Deployment Prerequisites and Recommendations ...

Страница 25: ...e with a Data Store Deploy and configure your Flow Collectors then install the latest version and rollup patch on each before you proceed 4 Data Store Initialization and Configuration Initialize the Data Store assigning Data Store user passwords 5 Flow Interface Statistics Retention Configuration Configure Data Store retention settings 6 Data Store Next Steps In addition see the following section ...

Страница 26: ... or Appendix A Installation Preparation and Appendix B Stealthwatch Hardware Installation for more information on individual appliance installation and configuration See the Stealthwatch System Configuration Guide for assistance with running Appliance Setup Tool on individual appliances Use the Stealthwatch Web App to monitor and configure your Stealthwatch installation if you deploy a Data Store ...

Страница 27: ...agement port Use Appliance Setup Tool to perform additional configuration including assignment of the admin user password and root and sysadmin user passwords if you did not assign them during System Configuration Stealthwatch domain configuration other network configuration DNS and NTP settings and installing Central Management on the SMC See the Stealthwatch System Configuration Guide or Appendi...

Страница 28: ...id not assign them during System Configuration Stealthwatch domain configuration other network configuration DNS and NTP settings and making the Data Node manageable by Central Management See the Stealthwatch System Configuration Guide or Appendix C Configuring Your Appliances for more information on using Appliance Setup Tool 3 Last update your Data Node to the latest version and patch See the up...

Страница 29: ... Data Store you cannot update the appliance s configuration to change this You must RFD the appliance if you select the wrong choice Enable this only if you plan to deploy a Data Store to your network 2 Next in a web browser navigate to the IP address that you assigned to the management port Use Appliance Setup Tool to perform additional configuration including assignment of the admin user passwor...

Страница 30: ...nfigure your SMC Data Nodes and Flow Collectors initialize and configure the Data Store Make sure that all of your SMCs Data Nodes and Flow Collectors are updated to the latest version and patch before your proceed Perform the following 1 First check Central Management to ensure that your SMC is managing the required appliances l all Data Nodes l all Flow Collectors l secondary SMC if you deployed...

Страница 31: ...Enable passwordless SSH across your Stealthwatch appliances Before You Begin l Log into the SMC console as root Procedure 1 From the command prompt enter SystemConfig and press Enter to access the System Configuration utility 2 Select Data Store 3 Select Passwordless SSH Wait several minutes for the system to enable passwordless SSH Make sure that all appliances are Up in Central Management before...

Страница 32: ...wing list _ l at least 8 characters no maximum length l only ASCII encoded characters Initialize the Data Store Before You Begin l Enable passwordless SSH in SystemConfig l Make sure that all appliances in Central Management are Up before you continue Procedure l From the Data Store menu in SystemConfig select Initialize Data Store Follow the steps in the wizard Note that it may take several minut...

Страница 33: ...tion Guide and Stealthwatch System Configuration Guide Note that the Flow Sensor installation process is the same whether or not you deploy a Data Store You do not need to configure a Flow Sensor for use with a Data Store After you deploy and configure your Flow Sensor configure your secondary SMC as a failover SMC if you have one as described in the next section or configure your flow interface s...

Страница 34: ...pacity Note the following about Data Store flow interface statistics retention l After you update the data retention settings you do not need to restart any Stealthwatch appliance or the Data Store The settings take effect after a few minutes l When you change the retention to a longer period you must wait for the difference of time to expire before the data being stored corresponds exactly to the...

Страница 35: ... application x www form urlencoded Request Body username username password password Request Body Parameters l username REQUIRED SMC admin user l password REQUIRED password for the SMC admin user account Success response code and definition Response Description Response Code 200 Success Response Body The response body contains cookie information which you must pass in subsequent REST API calls for ...

Страница 36: ...200 Success Response Body The response body contains the current Data Store flow interface statistics retention settings If you have not changed them previously the default value is 7 days Update the Data Store flow interface statistics data retention settings Request resource information Resource Description URI https smc eth0 ip smc configuration rest v1 cds retentionsettings Description Update ...

Страница 37: ...data for as long as possible until maximum Data Store flow interface statistics capacity is reached before deleting it l REQUIRED The maximum number of days that the Data Store retains data before deleting it set to an integer between 1 3000 If you set interfaceRetentionType to FOREVER you must still pass an interfaceRetentionAmount which the system ignores It stores this value internally as 7 as ...

Страница 38: ...rd https smc eth0 ip token v2 authenticate 2 Replace username with an SMC admin username 3 Replace password with the SMC admin password 4 Replace smc eth0 ip with the SMC s eth0 IP address 5 Copy the updated command paste it into the command line and press Enter to authenticate on the SMC for REST API use Your session is valid for 20 minutes 6 Copy the following command and paste it into a plainte...

Страница 39: ...this even if you set type FOREVER In this case the system ignores this value and sets it as 7 internally 12 Replace smc eth0 ip with the SMC s eth0 IP address 13 Copy the updated command paste it into the command line and press Enter to update the retention settings After you update the retention settings you do not need to restart any Stealthwatch appliance or the Data Store The settings take eff...

Страница 40: ...h Report Builder app on your SMC to run reports on your Stealthwatch deployment and to view Data Store storage statistics See the release notes for more information l Help Review the Stealthwatch Web App online help for more information on how to use Stealthwatch 2021 Cisco Systems Inc and or its affiliates All rights reserved 40 Data Store Installation Next Steps ...

Страница 41: ...a Data Node issue the command to stop it then issue the command to restart it Stop then restart the Data Node Before You Begin l Log into a Data Node console as root Procedure 1 Enter su dbadmin and press Enter to run the following commands as the dbadmin user 2 Copy the following command and paste it in a plaintext editor opt vertica bin admintools t stop_node s data node hostname 3 Replace data ...

Страница 42: ... and passing data l Ensure that your SMC is not connected to the Data Store and querying or otherwise updating the Data Store l Log into a Data Node console as root Procedure 1 Enter su dbadmin and press Enter to run the following commands as the dbadmin user 2 You have the following options l From the command prompt enter opt vertica bin admintools t stop_db d sw and press Enter to stop the Data ...

Страница 43: ...less SSH access l Initialize the backup directory on the backup host l Backup the Data Store Estimate backup host storage requirements Before You Begin l Log into a Data Node s console as root Procedure 1 Copy the following command paste it into the command line and press Enter to connect to the database using vsql and execute the query Enter your password when prompted Note the results opt vertic...

Страница 44: ...nc you have installed You have the following options If rsync 3 0 5 is installed continue to step 7 Otherwise install rsync 3 0 5 Continue to step 5 5 Enter sudo apt get update and press Enter to download updated versions of packages including rsync Enter your password when prompted 6 Enter sudo apt get install rsync and press Enter to install rsync 7 From the command prompt enter getent passwd gr...

Страница 45: ...mand paste it into the command prompt and press Enter to copy the dbadmin SSH authorized key to the backup host 4 Copy the following command and paste it into a plaintext editor ssh dbadmin hostname 5 Replace hostname with the backup host s hostname 6 Copy the updated command paste it into the command prompt and press Enter to verify that you can log into the remote host s console over SSH without...

Страница 46: ...you must also update the password stored in the pw ini backup password file or your backup fails See Update the Data Store dbadmin and readonlyuser passwords after initialization for more information 9 Copy the following lines to a plaintext editor Passwords dbPassword dbadmin password 10 Update dbadmin password to the Data Store dbadmin password 11 Copy the updated lines and paste them into the p...

Страница 47: ...en press Enter to exit and save your changes 21 Enter vbr t init c config ini and press Enter to initialize the home dbadmin backups directory on the backup host to receive Data Store backups Backup the Data Store database Before You Begin l As root log into the console of the Data Node from which you initialized the backup host directory as described in Initialize the backup directory on the back...

Страница 48: ... and SMC are not connected and making changes l The backup and the Data Store have identical node names and the same number of nodes Stop the Data Store Before You Begin l Ensure that your Flow Collectors are not connected to the Data Store and passing data l Ensure that your SMC is not connected to the Data Store and querying or otherwise updating the Data Store l Log into a Data Node console as ...

Страница 49: ...prompt enter vbr task restore config file config file ini and press Enter to restore the Data Store from the backup host Start the Data Store Before You Begin l Log into a Data Node console as root Procedure 1 Enter su dbadmin and press Enter to run the following commands as the dbadmin user 2 From the command prompt enter opt vertica bin admintools t start_db d sw and press Enter to start the Dat...

Страница 50: ... Services for assistance with planning and implementing these tasks You can expand your hardware Data Store in increments of three Data Nodes or multiples of three Data Nodes If you want to expand the number of Data Nodes in your Data Store perform the following tasks Preparing the Data Store for Adding Data Nodes and Rebalancing Before you add a Data Node perform the following l Back up the Data ...

Страница 51: ...the Data Nodes including assigning a routable eth0 management IP address and a non routable IP address for the second port from the SMC use SystemConfig to add the Data Node to the Data Store Add Data Nodes to the Data Store Before You Begin l Log into the SMC console as root Procedure 1 From the command prompt enter SystemConfig and press Enter to access the System Configuration utility 2 Select ...

Страница 52: ...a Node from the Data Store Contact Cisco Professional Services for assistance with planning and implementing these tasks If you want to remove a Data Node from the Data Store note the following l The Data Store must be running l Run a backup first See Creating a Data Store Backup for more information l You must have at least 3 nodes in the Data Store because of the fault tolerance settings If you ...

Страница 53: ...Node If Vertica is still running on the Data Node that you want to replace stop Vertica Then replace the prior Data Node with the new Data Node and distribute the necessary configuration to the new Data Node Remove the prior Data Node and restart the new Data Node Stop Vertica on a Data Node If the Data Node that you want to remove is still running Vertica stop Vertica on that Data Node If that Da...

Страница 54: ...ost name that you want to add as a replacement to the Data Store 5 Copy the updated command paste it into the command prompt and press Enter to replace the prior Data Node with the new Data Node 6 Copy opt vertica bin admintools t distribute_config_ files paste it into the command prompt and press Enter to distribute configuration files to the new Data Node 7 Copy the following command and paste i...

Страница 55: ...re and add them to your deployment Procedure 1 RFD your appliance as per the instructions in the System Configuration Guide You can choose to keep or discard your current network settings If you discard them you must reconfigure these network settings 2 Follow the steps in SMC Configuration for Use with a Data Store and Flow Collector Configuration for Use with a Data Store to deploy your SMC or F...

Страница 56: ...tup Tool 2 Log into the primary SMC console as root 3 From the command prompt enter SystemConfig and press Enter to access the System Configuration utility 4 Select Data Store 5 Select Passwordless SSH Wait several minutes for SystemConfig to enable passwordless SSH across your appliances Check Central Management to ensure that all appliances are Up before continuing 6 From the Data Store menu sel...

Страница 57: ...Data Store to continue running the Data Store continues ingesting data from the Flow Collectors However you need to restart the Data Node as soon as possible to allow it to rejoin the Data Store retrieve missed data from adjacent Data Nodes and catch up with the rest of the Data Nodes In this situation log into the Data Node and force a manual Vertica restart which deletes corrupted data and allow...

Страница 58: ...ause Vertica restores the affected Data Node s information from adjacent Data Nodes if these Data Nodes ingested a large amount of flow traffic while the affected Data Node was down it may take a period of time for the affected Data Node to recover What to Do Next l Review Cisco s recommendations for supplying power to your Data Nodes in Data Store Deployment Requirements and Considerations Data S...

Страница 59: ...pt enter opt vertica bin admintools t start_db d sw and press Enter to start the Data Store If you attempt to restart the Data Store database and the console notes Data Nodes that could not be reached by SSH enable SSH for these Data Nodes then try this procedure again 2021 Cisco Systems Inc and or its affiliates All rights reserved 59 Data Store Deployment Troubleshooting ...

Страница 60: ... its translation in the translated safety warnings that accompanied this device SAVE THESE INSTRUCTIONS Statement 1005 Circuit Breaker This product relies on the building s installation for short circuit overcurrent protection Ensure that the protective device is rated not greater than USA 120 15 A EU 250V 16A Statement 1004 Installation Instructions Read the installation instructions before using...

Страница 61: ...iring regulations Statement 1021 SELV Circuit To avoid electric shock do not connect safety extra low voltage SELV circuits to telephone network voltage TNV circuits LAN ports contain SELV circuits and WAN ports contain TNV circuits Some LAN and WAN ports both use RJ 45 connectors Use caution when connecting cables Statement 1024 Ground Conductor This equipment must be grounded Never defeat the gr...

Страница 62: ...ation must be accessible at all times because it serves as the main disconnecting device Statement 1005 Circuit Breaker This product relies on the building s installation for short circuit overcurrent protection Ensure that the protective device is rated not greater than USA 120 15 A EU 250 V 16 A Statement 1074 Comply with Local and National Electrical Codes Installation of the equipment must com...

Страница 63: ...p of the chassis which could result in overheating higher fan speeds and higher power consumption We recommend that you mount your chassis on rail kits when you are installing them into the rack because these rails provide the minimal spacing required between the chassis No additional spacing between the chassis is required when you mount them using rail kits l Ensure that the air conditioning can...

Страница 64: ...Maintain Safety with Electricity Before working on a chassis be sure the power cord is unplugged Follow these guidelines when working on equipment powered by electricity l Do not work alone if potentially hazardous conditions exist anywhere in your work space l Never assume that power is disconnected always check l Look carefully for possible hazards in your work area such as moist floors unground...

Страница 65: ...ocations carefully If you are currently experiencing shutdowns or unusually high error rates with your existing equipment these considerations may help you isolate the cause of failures and prevent future problems Power Supply Considerations When installing the chassis consider the following l Check the power at the site before installing the chassis to ensure that it is free of spikes and noise I...

Страница 66: ...d rack with a ventilation fan in the top heat generated by equipment near the bottom of the rack can be drawn upward and into the intake ports of the equipment above it in the rack Ensure that you provide adequate ventilation for equipment at the bottom of the rack l Baffles can help to isolate exhaust air from intake air which also helps to draw cooling air through the chassis The best placement ...

Страница 67: ... l The front panel indicators can be read easily l Access to ports on rear panel is sufficient for unrestricted cabling l The rear panel power inlet is within reach of a conditioned AC power source l Airflow around the appliance and through the vents is unrestricted Hardware Included with the Appliance The following hardware is included with Stealthwatch appliances l AC power cord l Access keys fo...

Страница 68: ... and database so they function as a single appliance Because of this the installation slightly differs from other appliances First connect them together directly by a 10G SFP DA Cross Connect cable Then connect to your network To connect your appliance to your network 1 Connect an Ethernet cable to the management port at the rear of the appliance 2 Connect at least one monitor port for Flow Sensor...

Страница 69: ...r network s switch 4 Connect the power cords to the power supply Some appliances have two power connections Power Supply 1 and Power Supply 2 2021 Cisco Systems Inc and or its affiliates All rights reserved 69 Appendix B Stealthwatch Hardware Installation ...

Страница 70: ...ompletely Do not interrupt the boot up process You may need to remove the front panel to apply power The power supply fans turn on for some models while the system is not powered on Check that the LED on the front panel is on Be sure to connect the appliance to an uninterruptible power supply UPS The power supply requires power or else the system displays an error 3 Connect the keyboard l If you h...

Страница 71: ...ess You may need to remove the front panel to apply power The power supply fans turn on for some models while the system is not powered on Check that the LED on the front panel is on Be sure to connect the appliance to an uninterruptible power supply UPS The power supply requires power or else the system displays an error 4 On the laptop make a connection into the appliance You can use any availab...

Страница 72: ...th3 port channel for Data Node communications See the Stealthwatch Data Store Hardware Deployment and Configuration Guide for more information on installing the SMC 2210 FC 4210 and Data Node appliances After you configure IP addresses and ports change the user passwords The first time you enter System Configuration the First Time Setup wizard launches and guides you through the initial appliance ...

Страница 73: ...iguring any other appliance type sysadmin and then press Enter root permissions are required to properly configure the Data Store and Data Store compatibility l When the password prompt appears type lan1cope and then press Enter l At the next prompt type SystemConfig and then press Enter 2 If this is the first time you entered System Configuration on this appliance First Time Setup starts Otherwis...

Страница 74: ...and deploy a Data Store you can optionally configure eth0 as an SFP DAC port instead of the default BASE T copper port For these appliances this is the first configuration in First Time Setup Before You Begin l If you are configuring a Data Node or Data Store compatible SMC or Flow Collector see the Stealthwatch specification sheet for your appliance for information on the supported SFP and BASE T...

Страница 75: ...o confirm your selection What to Do Next l Configure the eth0 management port s IP address and management information See the next procedure Configure the appliance s IP address and management information You configure your appliance s eth0 management IP address and related information in First Time Setup For Data Store compatible appliances this configuration occurs after configuring the eth0 phy...

Страница 76: ...What to Do Next l Configure the appliance for use without a Data Store See the next procedure for more information Configure Data Store use Configure your SMC 2210 or FC 4210 to work with a Data Store Your Flow Collectors will connect to the Data Store and your SMC will query the Data Store After you choose to configure your SMC or Flow Collector for use with a Data Store you cannot update the app...

Страница 77: ... Analytics and Logging On Prem to use your Stealthwatch deployment to store Firepower event information Your Flow Collector will ingest Firepower event information and send it to the Data Store for storage You can then query this Firepower event information from your Stealthwatch Management Console or Firepower Management Center If you configure Security Analytics and Logging On Prem you must also...

Страница 78: ...You cannot ingest firewall event information from your Firepower deployment 3 Select OK to confirm your selection This is the last configuration option in First Time Setup Your appliance restarts and implements the changes On completion the Login page opens Data Node Configuration For Data Nodes First Time Setup displays the following configuration 1 Configure the eth0 management physical port 2 C...

Страница 79: ...isplays Port Order configuration Skip to step 5 Otherwise the System Configuration menu opens Select Management and then press Enter 3 From the System Configuration menu select Network and then press Enter 4 Select Port Order then press Enter 5 You have the following options l Select SFP to configure your appliance to use an SFP fiber port for eth0 l Select LOM to configure your appliance for use ...

Страница 80: ...s Select Management and then press Enter 3 Enter an IP address for this appliance 4 Enter a Netmask for the network 5 Enter a Gateway address for this appliance s IP address 6 Enter a Broadcast address for the appliance 7 Enter a Hostname for your appliance 8 Enter a Domain for your appliance 9 Select Select then select Yes to confirm your entries What to Do Next l Configure the Data Node communic...

Страница 81: ...ation port configuration You have the following options l Select Yes to aggregate eth2 and eth3 as a port channel for inter Data Node communications l Select No to use eth2 for inter Data Node communications 4 Enter a non routable IP address from the 169 254 42 0 24 CIDR block for eth2 or the eth2 eth3 port channel 5 Enter a Netmask of 255 255 255 0 for this IP address 6 Enter a Gateway address fo...

Страница 82: ...ars below the menu 2 Type the current password and then press Enter The prompt for a new password appears 3 Type the new password and then press Enter The password must be between 8 and 30 alphanumeric characters in length with no spaces You also may use the following special characters _ 4 Type the password again and then press Enter 5 When your password is accepted press Enter again to return to...

Страница 83: ...ess Enter A second prompt appears 8 Retype the new root password and then press Enter 9 When your password change is successful press Enter You have now changed both of your default sysadmin and root passwords This returns you to the System Configuration Console menu 10 Select Cancel and press Enter The System Configuration Console closes and the root shell prompt appears 11 Type exit and press En...

Страница 84: ...anaged by your Stealthwatch Management Console SMC you can use Central Management to edit appliance configurations update software reboot shut down and more SMC Failover If you have more than one Stealthwatch Management Console SMC you can set up an SMC failover pair so that one of them serves as backup console to the other l Use the Appliance Setup Tool to configure each individual SMC l Plan whi...

Страница 85: ...ce Order Appliance Details 1 Primary SMC Your primary SMC is your Central Manager Make sure the SMC is shown as Up before you start configuring the next appliance in the system 2 UDP Directors also known as FlowReplicators 3 Data Nodes 4 Flow Collector 5000 Series Database Make sure the Flow Collector 5000 series database is shown as Up before you start the engine configuration 5 Flow Collector 50...

Страница 86: ...address of the appliance l Primary SMC Configure the primary SMC first l Up Confirm each appliance is Up before you start configuring the next appliance in your cluster l Order Make sure you configure your appliances in order so they communicate correctly 2 Enter the following credentials to log in l User Name admin l Password lan411cope 2 Configure the Appliance When you log in to the appliance f...

Страница 87: ...ings are correct Click Next l Changes To change this information confer with your network administrator and refer to Troubleshooting l IPv6 optional To enable IPv6 click IPv6 Check the Enable IPv6 check box and complete the fields 3 Host Name and Domains Enter the host name and network domain name Click Next l Host Name A unique host name is required for each appliance If you assign the same host ...

Страница 88: ...rce pool ntp org is a good public source for NTP Add or Delete NTP Servers optional l Add Click the icon l Delete Click the check box to select the NTP server Click the icon 6 If the appliance is an SMC go to 3 Register the Stealthwatch Management Console If the appliance is not an SMC go to 4 Add Appliances to Central Management 3 Register the Stealthwatch Management Console 1 Review Your Setting...

Страница 89: ...nfigure your Data Store Return to the Stealthwatch Data Store Deployment Overview to review the deployment process 4 Add Appliances to Central Management The Appliance Setup Tool continues to guide you through the appliance configuration with Central Management Some of the steps may vary depending on the appliance Follow the on screen prompts 1 On the Central Management tab enter the IP address of...

Страница 90: ...nfirm the appliance is shown in the inventory l Confirm the status for the appliance is shown as Up Make sure the primary SMC and each appliance is shown as Up before you start configuring the next appliance in your cluster using the configuration order and details 3 To configure the next appliance in your system go to 1 Log In and complete the procedures through 5 Confirm Appliance Status If you ...

Страница 91: ...ntries To view a list of Cisco trademarks go to this URL https www cisco com go trademarks Third party trademarks mentioned are the property of their respective owners The use of the word partner does not imply a partnership relationship between Cisco and any other company 1721R 2021 Cisco Systems Inc and or its affiliates All rights reserved ...

Отзывы:

Нет отзывов

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды