manualshive.com logo in svg

ExtraHop Trace Admin UI, Руководство пользователя

"Pазработанный для администраторов, ExtraHop Trace Admin UI - это удобное и эффективное решение для отслеживания и анализа данных. Бесплатный инструктаж включен, и его можно загрузить с нашего сайта. Получите доступ к руководству пользователя прямо сейчас на manualshive.com."

Поделиться
Скачать
background image

ExtraHop 8.8 ExtraHop Trace Admin UI Guide    

25

Users and user groups

Users can access the ExtraHop system in three ways: through a set of pre-configured user accounts,

through local user accounts configured on the appliance, or through remote user accounts configured on

existing authentication servers, such as LDAP, SAML, Radius, and .

Local users

This topic is about default and local accounts. See 

Remote Authentication

 to learn how to configure remote

accounts.
The following accounts are configured by default on ExtraHop systems but do not appear in the list of

names on the Users page. These accounts cannot be deleted and you must change the default password

upon initial login.

setup

This account provides full system read and write privileges to the browser-based user interface and

to the ExtraHop command-line interface (CLI). On physical appliances, the default password for this

account is the service tag number on the front of the appliance. On virtual appliances, the default

password is 

default

.

shell

The 

shell

 account, by default, has access to non-administrative shell commands in the ExtraHop

CLI. On physical appliances, the default password for this account is the service tag number on the

front of the appliance. On virtual appliances, the default password is 

default

.

Note:

The default ExtraHop password for either account when deployed in Amazon Web Services

(AWS) and Google Cloud Platform (GCP) is the instance ID of the virtual machine.

Next steps

Add a local user account

Remote Authentication

The ExtraHop system supports remote authentication for user access. Remote authentication enables

organizations that have authentication systems such as LDAP (OpenLDAP or Active Directory, for example)

to enable all or a subset of their users to log in to the system with their existing credentials.
Centralized authentication provides the following benefits:

User password synchronization.

Automatic creation of ExtraHop accounts for users without administrator intervention.

Management of ExtraHop privileges based on user groups.

Administrators can grant access to all known users or restrict access by applying LDAP filters.

Next steps

Configure remote authentication through LDAP

Configure remote authentication through SAML 

Configure remote authentication through

Configure remote authentication through RADIUS

Remote users

If your ExtraHop system is configured for SAML or LDAP remote authentication, you can create an account

for those remote users. Preconfiguring accounts on the ExtraHop system for remote users enables you to

share dashboards and other system customizations with those users before they log in.
If you choose to auto-provision users when you configure SAML authentication, then the user is

automatically added to the list of local users when they log in for the first time. However, you can create

a remote SAML user account on the ExtraHop system when you want to provision a remote user before

that user has logged in to the system. Privileges are assigned to the user by the provider. After the user is

created, you can add them to local user groups.

Содержание Trace Admin UI

Страница 1: ...ExtraHop 8 8 ExtraHop Trace Admin UI Guide...

Страница 2: ...oduced translated or reduced to any machine readable form without prior written approval from ExtraHop Networks Inc For more documentation see https docs extrahop com Published 2022 03 22 ExtraHop Net...

Страница 3: ...15 Bond interfaces 16 Create a bond interface 16 Modify bond interface settings 16 Destroy a bond interface 17 Notifications 17 Configure email settings for notifications 17 Add a new notification em...

Страница 4: ...ific ICMPv6 Echo Reply messages 42 Services 43 Configure the SNMP service 43 Firmware 44 Upgrade the firmware on your ExtraHop system 44 Pre upgrade checklist 44 Upgrade the firmware on Command and Di...

Страница 5: ...ted and then reconnected to the same Trace appliance 56 For extended storage units configured on a device other than the Trace appliance 56 Reset Packetstore 56 Trace Cluster Settings 57 Manager 57 Pa...

Страница 6: ...gs After you have deployed your Trace appliance see the Trace Post deployment Checklist We value your feedback Please let us know how we can improve this document Send your comments or suggestions to...

Страница 7: ...ace appliance The metrics on this page can help you troubleshoot problems and determine why the ExtraHop appliance is not performing as expected System Reports the following information about the syst...

Страница 8: ...is turned off Name Displays the Trace appliance settings that are stored on disk Options Displays the read write options for the settings stored on disk Size Displays the size in gigabytes for the ide...

Страница 9: ...expk file is encrypted and the contents are only viewable by ExtraHop Support However you can download the diag results complete manifest file to view a list of the files collected Run a custom suppor...

Страница 10: ...tions for your ExtraHop system In Reveal x Enterprise you can enable security only or security and performance detections In addition you can allow the ExtraHop Machine Learning Service to access pre...

Страница 11: ...to your sensor license 35 161 154 247 Portland U S A 54 66 242 25 Sydney Australia 52 59 110 168 Frankfurt Germany Open access to Cloud Recordstore For access to the ExtraHop Cloud Recordstore your se...

Страница 12: ...e Connectivity The Connectivity page contains controls for your appliance connections and network settings Interface Status On physical appliances a diagram of interface connections appears which upda...

Страница 13: ...e interfaces ping replies might not get back to the sender High Performance ERSPAN VXLAN Target Captures traffic forwarded from ERSPAN or VXLAN This interface mode enables the port to handle more than...

Страница 14: ...s we recommend that you contact ExtraHop Support for assistance to avoid reduced throughput Note EDA 4200 EDA 6200 EDA 8200 EDA 9200 and EDA 10200 appliances are not susceptible to reduced throughput...

Страница 15: ...DNS Search List DNSSL information according to router advertisements select RDNSS DNSSL 6 Click Save Global proxy server If your network topology requires a proxy server to enable your ExtraHop syste...

Страница 16: ...rs The bond interface must be destroyed and recreated Create a bond interface Modify a bond interface Destroy a bond interface Create a bond interface You can create a bond interface with at least one...

Страница 17: ...lected to retain the interface settings for the bond interface and all other member interfaces are disabled If no member interface is selected to retain the settings the settings are lost and all memb...

Страница 18: ...hen sending scheduled reports from a Command appliance or Reveal x 360 10 Select the Enable SMTP authentication checkbox and then type the SMTP server setup credentials in the Username and Password fi...

Страница 19: ...red network reports SNMP information is defined by third party management information bases MIBs that describe the structure of the collected data 1 Log in to the Administration settings on the ExtraH...

Страница 20: ...ote The pem file must not be password protected Note You can also automate this task through the REST API 1 In the Network Settings section click SSL Certificate 2 Click Manage certificates to expand...

Страница 21: ...ngton Country Code The two letter ISO code for the country where your organization is located US 6 Click Export The CSR file is automatically downloaded to your computer Next steps Send the CSR file t...

Страница 22: ...certificates you must also enable SSL TLS or STARTTLS encryption and certificate validation when configuring the settings for the external server 1 Log in to the Administration settings on the ExtraHo...

Страница 23: ...ministration settings After the setup user password is changed the button at the top of the page no longer appears Note The password must be a minimum of 5 characters 1 In the Administration settings...

Страница 24: ...ck Users 3 Click Add User 4 In the Personal Information section type the following information Login ID The username that users will log in to their ExtraHop appliances with which cannot contain any s...

Страница 25: ...machine Next steps Add a local user account Remote Authentication The ExtraHop system supports remote authentication for user access Remote authentication enables organizations that have authenticatio...

Страница 26: ...To view the members in the group click the group name Type Displays Local or Remote as the type of user group Members Displays the number of users in the group Shared Content Displays the number of u...

Страница 27: ...ly System Administration Reveal x 360 only Cloud Setup Reveal x 360 only Full Write Limited Write Personal Write Full Read Only Restricted Read Only Activity Maps Create view and load shared activity...

Страница 28: ...ers can access detections The privilege level of the user determines the level of access to detections View detections Y Y Y Y Y Y Y Y N Acknowledge Detections Y Y Y Y Y Y Y N N Modify detection statu...

Страница 29: ...N Metrics View metrics Y Y Y Y Y Y Y Y N Records Explore appliance View record queries Y Y Y Y Y Y Y Y N View record formats Y Y Y Y Y Y Y Y N Create modify and save record queries Y Y Y Y Y N N N N...

Страница 30: ...s Y Y N Y N N N N N Privilege options The following privilege options can be assigned to users with limited Web UI and API privileges Packet and Session Key Access View and download packets View and d...

Страница 31: ...an configure your ExtraHop system to authenticate users remotely with an existing LDAP server Note that ExtraHop LDAP authentication only queries for user accounts it does not query for any other enti...

Страница 32: ...e LDAPS This option specifies LDAP wrapped inside SSL StartTLS This option specifies TLS LDAP SSL is negotiated before any passwords are sent g Select Validate SSL Certificates to enable certificate v...

Страница 33: ...atus message appears near the bottom of the page If the test fails click Show details to see a list of errors You must resolve any errors before you continue 8 Click Save and Continue Next steps Confi...

Страница 34: ...users to view detections This setting is visible only when the global privilege policy for detections access control is set to Only specified users can view detections No access Full access 4 Click Sa...

Страница 35: ...m Plus TACACS for remote authentication and authorization Ensure that each user to be remotely authorized has the ExtraHop service configured on the TACACS server before beginning this procedure 1 Log...

Страница 36: ...rs to view detections This setting is visible only when the global privilege policy for detections access control is set to Only specified users can view detections No access Full access 11 Click Save...

Страница 37: ...e required to perform operations through the ExtraHop REST API Manage API key access Users with unlimited privileges can configure whether users can generate API keys for the ExtraHop system You can a...

Страница 38: ...You can paste the key into the REST API Explorer or append the key to a request header Privilege levels User privilege levels determine which ExtraHop system and administration tasks the user can perf...

Страница 39: ...d but you cannot perform any other administration tasks through the REST API Perform all GET operations through the REST API Delete dashboards and activity maps that you own Perform metric and record...

Страница 40: ...write personal write null metrics full metrics restricted detections full View detections in the ExtraHop system This is an add on privilege that can be granted to a user with one of the following pri...

Страница 41: ...appliance Reset Packetstore Delete all packets stored on the ExtraHop Trace appliance The Reset Packetstore page appears only on the Trace appliance Running Config The running configuration file speci...

Страница 42: ...oaded as a text file to your default download location Disable ICMPv6 Destination Unreachable messages You can prevent the ExtraHop system from generating ICMPv6 Destination Unreachable messages You m...

Страница 43: ...led checkbox appears Configure the SNMP service and download the ExtraHop MIB file Enable or disable SSH Access SSH access is enabled by default to enable users to securely log in to the ExtraHop comm...

Страница 44: ...cted to ExtraHop Cloud Services when a new firmware version is available Verify that your Reveal x 360 system has been upgraded to version 8 7 before upgrading your self managed sensors If you have mu...

Страница 45: ...ected Appliances page Connect to the appliance through the iDRAC interface Upgrade the firmware on Command and Discover appliances 1 Log in to the Administration settings on the ExtraHop system throug...

Страница 46: ...Hop system initiates the firmware upgrade You can monitor the progress of the upgrade with the Updating progress bar The appliance restarts after the firmware is installed 7 If you did not choose to a...

Страница 47: ...ch configured NTP server in the NTP Status table remote The host name or IP address of the remote NTP server you have configured to synchronize with st The stratum level 0 through 16 t The type of con...

Страница 48: ...DN for the time servers in the Time Server fields You can have up to nine time servers Tip After adding the fifth time server click Add Server to display up to four additional timer server fields 8 Cl...

Страница 49: ...is the string of characters that follow i but not i itself For a virtual appliance in GCP type the instance ID For all other virtual appliances type default 5 Click Log In 6 In the Appliance Settings...

Страница 50: ...availability of your new license as shown in the following figure 3 Click Apply new license The capture process restarts which might take a few minutes Note If your license is not automatically update...

Страница 51: ...ypt the packetstore disk For more information see the Encrypt the packetstore disk section Direct Connected Disks Displays information about the SD memory cards The memory cards have the following rol...

Страница 52: ...encryption key Option Description If you entered an encryption passphrase Type a passphrase into the Passphrase field If you selected an encryption key file Click Choose File and then browse to an enc...

Страница 53: ...nstall the extended storage unit in your data center with the included rack mounting kit The mounting kit supports most four post racks with either round or square holes 2 Connect the power cables to...

Страница 54: ...the blue pull tab oriented on the top of the connector Attach the SAS cable to the HBA on the Trace appliance with the blue pull tab oriented on the bottom of the connector To remove the SAS cable pu...

Страница 55: ...d green indicating they are healthy If any disk is unhealthy yellow contact ExtraHop Support 8 Repeat steps 6 and 7 for any additional extended storage units 9 Optional If the packetstore is locked yo...

Страница 56: ...or IP address admin 2 In the Appliance Settings section click Disks 3 Click Extended Storage Units 4 Click Import foreign packetstore disks and then click OK 5 In the RAID Info section click Unconfig...

Страница 57: ...iance Click Remove Manager to remove the Command appliance as the manager Note The Trace appliance can be managed by only one Command appliance Connected Appliances Displays a table of all Discover an...

Страница 58: ...direct connection from the Command appliance is not possible because of firewalls or other network restrictions Before you begin Note This procedure only enables you to perform management functions f...

Отзывы:

Нет отзывов

Похожие инструкции для Trace Admin UI

D-Link DSL-504T Manual preview
DSL-504T
Бренд: D-Link Страницы: 99
D-Link DI-804V Datasheet preview
DI-804V
Бренд: D-Link Страницы: 5
D-Link DES-1210-08P Manual preview
DES-1210-08P
Бренд: D-Link Страницы: 15
D-Link AirPro DWL-6000AP Manual preview
AirPro DWL-6000AP
Бренд: D-Link Страницы: 65
D-Link DXS-3610-54S Quick Installation Manual preview
DXS-3610-54S
Бренд: D-Link Страницы: 38
D-Link DWL-3150 Install Manual preview
DWL-3150
Бренд: D-Link Страницы: 8
D-Link DSS-8+ Manual preview
DSS-8+
Бренд: D-Link Страницы: 22
D-Link DSS-5+ Manual preview
DSS-5+
Бренд: D-Link Страницы: 20
D-Link DSS-24+ Technical Specifications preview
DSS-24+
Бренд: D-Link Страницы: 2
D-Link DSS-24+ Manual preview
DSS-24+
Бренд: D-Link Страницы: 16
D-Link DI-804V Quick Install Manual preview
DI-804V
Бренд: D-Link Страницы: 12
D-Link DIR-615 - Wireless N Router Installation Manual preview
DIR-615 - Wireless N Router
Бренд: D-Link Страницы: 13
D-Link Cobra DSL-5300 User Manual preview
Cobra DSL-5300
Бренд: D-Link Страницы: 124
D-Link Web Smart DES-1210-28P Selection Manual preview
Web Smart DES-1210-28P
Бренд: D-Link Страницы: 6
D-Link 2Voice + 4SW VoIP Router DVG-1402S User Manual preview
2Voice + 4SW VoIP Router DVG-1402S
Бренд: D-Link Страницы: 57
D-Link xStack Storage DSN-4000 Series Manual preview
xStack Storage DSN-4000 Series
Бренд: D-Link Страницы: 23
D-Link Express EtherNetwork DI-604 Brochure preview
Express EtherNetwork DI-604
Бренд: D-Link Страницы: 7
D-Link xStack Storage DSN-4000 Series Cli User'S Manual preview
xStack Storage DSN-4000 Series
Бренд: D-Link Страницы: 97

Бренды по названию

Популярные бренды

Загрузить еще бренды