rsa envision 4.0 hardware guide - sys-g-rsa400

RSA enVision™ Hardware Guide

60 Series

RSA enVision 4.0 Hardware Guide 60 Series Copyright © 1996 - 2009 RSA Security Inc.

enVision, Enterprise Dashboard, and Internet Protocol Database (IPDB) are trademarks of RSA Security Inc. LogSmart is a registered trademark of RSA Security Inc.

All other trademarks, service marks, registered trademarks, registered service marks mentioned in this document are the property of their respective owners.

Information in this document is subject to change without notice. The software described in this document is furnished under a license agreement or nondisclosure agreement. No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or any means electronic or mechanical, including photocopying and recording for any purpose other than the purchaser’s personal use without the written permission of RSA Security Inc.

RSA Security Inc. 200 Lowder Brook Drive, Suite 2000 Westwood, MA 02090 U.S.A. 781.375.9000

Contents

1. INTRODUCTION ....................................................................................................1-1

Site Deployment......................................................................................................................................... 1-2

2. HARDWARE LAYOUT...........................................................................................2-1

Front Panel ................................................................................................................................................ 2-1 Hard-Drive Indicators ............................................................................................................................. 2-3

Back Panel.................................................................................................................................................. 2-5 Power Indicators ..................................................................................................................................... 2-6

3. SINGLE APPLIANCE SITE....................................................................................3-1

Single Appliance Site Hardware Set Up Tasks ....................................................................................... 3-2

4. MULTIPLE APPLIANCE SITE ...............................................................................4-1

Hardware in Multiple Appliance Site...................................................................................................... 4-1

Multiple Appliance Site Hardware Set Up Tasks................................................................................... 4-2

Multiple Appliance Site - Cabling Examples .......................................................................................... 4-4

Multiple Appliance Site with Enhanced Availability ............................................................................. 4-6

5. REMOTE COLLECTOR SITE ................................................................................5-1

RC Site Hardware Set Up Tasks.............................................................................................................. 5-1

APPENDIX A. HARDWARE SPECIFICATIONS ........................................................ A-1

Hardware Location .................................................................................................................................. A-1

ES Appliance Specifications .................................................................................................................... A-2

LS Appliance Specifications .................................................................................................................... A-3

ES and LS Series Appliance Specifications............................................................................................ A-4

ES Storage Array ..................................................................................................................................... A-6

LS Storage Array ..................................................................................................................................... A-7 EMC Celerra NS22 ................................................................................................................................ A-7 Network Switch ..................................................................................................................................... A-9

Rack......................................................................................................................................................... A-10

RSA enVision Hardware Guide 60 Series iii

Contents

RSA enVision Hardware Guide 60 Series iv

Safety and Regulatory Statements ........................................................................................................ A-11

APPENDIX B. REMEDIATION FOR DELL RAID CONTROLLER BATTERY ISSUE........................................................................................................ B-1

Dell RAID Controller Battery Issue ........................................................................................................B-1

Prevention of Powering Up an Appliance With a Depleted RAID Battery..........................................B-2

APPENDIX C. CUSTOMER-PROVIDED STORAGE ................................................. C-1

EMC Celerra Storage .............................................................................................................................. C-2 NAS Requirements .................................................................................................................................C-2 Network Configuration ...........................................................................................................................C-3 NAS Configuration .................................................................................................................................C-4

CIFS Server .........................................................................................................................................C-4 Local Users..........................................................................................................................................C-4 File Systems/CIFS Shares Combinations ............................................................................................C-5

Enhanced Availability.............................................................................................................................C-6

NetApp® FAS Series................................................................................................................................. C-7 CIFS Shares and Directory Structure ......................................................................................................C-8 Hardware Requirements..........................................................................................................................C-8 Setup Requirements ................................................................................................................................C-9 Connecting RSA enVision Appliances to the NetApp FAS .................................................................C-10 NetApp CIFS File Storage Authentication............................................................................................C-12 NetApp CIFS Configuration .................................................................................................................C-14

APPENDIX D. CHANGING PASSWORDS ON RSA ENVISION APPLIANCES ....... D-1

Changing Password on A-SRV and LC.................................................................................................. D-1

Changing Password on D-SRV................................................................................................................ D-2

Changing Passwords on NAS .................................................................................................................. D-2

Verifying Read/Write Permissions after Changing Passwords............................................................ D-4

Preface This guide contains information on setting up your RSA enVision™ appliance hardware. Use this guide in conjunction with the Configuration Guide.

Audience

The Hardware Guide is for system administrators who need to set up RSA enVision appliances for an enVision site.

Documentation Set

The enVision documentation set consists of the following:

Documentation Description

Hardware Guide Instructions on setting up your RSA enVision appliances. Intended audience is the system administrator.

Configuration Guide Instructions on configuring your RSA enVision site. Intended audience is the system administrator.

Migration Guide Instructions on migrating your data from a previous version of enVision to the current version.

Online Help Comprehensive online guide to setting up enVision processing options and using enVision analysis tools.

Go to https://knowledge.rsasecurity.com and log into RSA SecurCare Online to download all product documentation.

Conventions

This guide uses the following conventions:

Item Formatting

Literals (exact values that the user must type)

Bold font.

Example: Type New Report.

Variables (adjustable values that the user must type)

Bold, italicized font.

Example: Type user-name.

Fields, buttons, menu items, and so forth

Bold font. (Note: Screen names are not bold.)

Example: Type New Report in the Description field on the Report Setup window.

Keys (on the keyboard) Bold font.

Example: Press Enter.

RSA enVision Hardware Guide 60 Series v

https://knowledge.rsasecurity.com/

Preface

RSA enVision Hardware Guide 60 Series vi

Contact RSA

Contact RSA at:

200 Lowder Brook Drive Suite 2000 Westwood, MA 02090 U.S.A.

Telephone: 781.375.9000

Fax: 781.375.9100

World Wide Web: http://www.rsa.com

Sales

You can purchase enVision directly from RSA’s dedicated team of sales professionals or through RSA’s North American and international resellers. Call RSA at 781.375.9000.

Support and Service

You can contact Technical Support as follows:

By Telephone - Technical support is available during business hours via telephone at 800.995.5095.

Through the Internet - The RSA SecurCare Online support page contains answers to common questions and solutions to known problems. It also provides information on new releases, important technical news, device configuration guides, product documentation, and software downloads. You can visit the RSA SecurCare Online web site at https://knowledge.rsasecurity.com. You can visit RSA Technical Support web site at https://www.rsa.com/support.

https://knowledge.rsasecurity.com/

https://www.rsa.com/support

1. Introduction RSA enVision™ is a feature-rich compliance and security application. It allows you to capture and analyze log information automatically from your network, security, application, operating and storage environments. The enVision LogSmart® Internet Protocol Database (IPDB) provides the only architecture proven to collect and protect all the data automatically, from any network device, without filtering or agents. It gives you an accurate picture of how your network is being used, and by whom. It independently monitors your network to verify security policies, to generate alerts for possible compliance breaches, and to analyze and report on network performance.

enVision is tightly coupled with its underlying appliance operating system and hardware, and together they comprise a highly scalable platform that provides guaranteed levels of performance.

enVision is made up of three components:

Application – supports interactive users and runs the suite of analysis tools

Collector – captures incoming events

Database – manages access and retrieval of captured events

RSA enVision Hardware Guide 60 Series 1-1

1. Introduction


Site Deployment

enVision is deployed on a site basis. The enVision components are deployed based on the type of site you have. The two types of sites are:

Single appliance site. The ES series appliances are designed to operate in a stand-alone, nondistributed mode. They have all three enVision components―Application, Collector, and Database―installed on one appliance. The single appliance is a site. Some single appliance sites have an external storage system. See Chapter 3 “Single Appliance Site Hardware,” for information on a single appliance site.

Multiple appliance site. The LS series appliances are designed to operate in a distributed installation. Each enVision component―Application, Collector, and Database―is on its own appliance. The appliances together form a site. Distributed multiple appliance sites allow multiple installations of any of the three appliance types to be deployed to manage the variety of network infrastructures found in production environments. All multiple appliance sites have external storage systems. See Chapter 4 “Multiple Appliance Site Hardware” for information on a multiple appliance site.

See Chapter 5 “Remote Collector Site” for information on connecting a Remote Collector site with a multiple appliance site.

2. Hardware Layout The hardware layouts of the ES and LS series appliance hardware types are the same. This chapter describes the layout of the following:

Front panel

Hard-drive indicators

Back panel

Power indicators

The internal specification of the ES and LS series appliance hardware differ. See Appendix A “Hardware Specifications” for information on the hardware specifications.

Front Panel

Here is the front panel of the RSA enVision appliance:

Item Indicator, Button, or Connector

Icon Description

1 Power-on indicator, power button

Lights when the system power is on.

The power button has been disabled for security purposes.

2 NMI button Use to troubleshoot software and device driver errors when using certain operating systems.

Use this button only if directed to do so by qualified support personnel or by the operating system's documentation.

3 System identification button

Use to locate a particular system within a rack. When you push one of these buttons, the LCD panel on the front and the blue system status indicator on the back blink, so that you can easily locate the back of the appliance in a rack. The LCD panel and system status indicator blink until you push one of the buttons again.


2. Hardware Layout

Item Indicator, Button, or Connector

Icon Description

4 LCD panel Provides system ID, status information, and system error messages. The LCD lights during normal system operation. Both the systems management software and the identification buttons located on the front and back of the system can cause the LCD to flash blue to identify a particular system.

The LCD lights amber when the system needs attention, and the LCD panel displays an error code followed by descriptive text.

Note: If the system is connected to AC power and an error has been detected, the LCD lights amber regardless of whether the system has been powered on.

5 USB connectors (2)

Use to connect USB 2.0-compliant devices to the system.

6 Video connector

Use to connect a monitor to the system.

7 Hard drives (6) Six 3.5-inch hot plugs.

The appliance contains two disks.

8 Optical drive (CD/DVD)

One CD/DVD drive.


2. Hardware Layout

Hard-Drive Indicators

The hard-drive carriers have two indicators:

Drive-activity indicator

Drive-status indicator

Here are the hard-drive indicators:

Item Description

1 Drive-status indicator (green and amber)

2 Green drive-activity indicator


2. Hardware Layout

In RAID configurations, the drive-status indicator lights display different patterns as drive events occur in the system.

The drive indicator patterns for RAID hard drives are as follows:

Condition Drive-Status Indicator Pattern

Identify drive/preparing for removal

Blinks green two times per second

Drive ready for insertion or removal

Off

Drive predicted failure Blinks green, amber, and off

Drive failed Blinks amber four times per second

Drive rebuilding Blinks green slowly

Drive online Steady green

Rebuild aborted Blinks green three seconds, amber three seconds, and off six seconds


2. Hardware Layout

Back Panel

Here is the back panel of the RSA enVision appliance:

Item Description

1 Network interface card

2 Power supplies (2)

3 System identification button

4 System status indicator

5 System status indicator connector

6 Network interface connectors

7 USB connectors (2)

8 Video connector

9 Serial connector

10 Remote access controller


2. Hardware Layout

Power Indicators

The power button on the front panel controls the power input to the system power supplies. The power indicator lights green when the system is on.

The indicators on the redundant power supplies show whether power is present or whether a power fault has occurred. Here are the redundant power supply indicators:

Indicator Function

1 Power supply status. Green indicates that the power supply is operational.

2 Power supply fault. Amber indicates a problem with the power supply.

3 AC line status. Green indicates that a valid AC source is connected to the power supply.


3. Single Appliance Site The ES series appliances are designed to operate in a stand-alone, nondistributed mode. The ES appliances have all three enVision components―Application, Collector, and Database―installed on one appliance. The single appliance is a site.

The two enVision appliance series used for single appliance sites are:

ES Series with local storage. Designed for the unique requirements of the small/medium sized business, up to enterprise-wide installations. The ES series achieves the industry's lowest total cost of ownership (TCO) for organizations that need to manage up to 2,500 sustained events per second (EPS) from up to 256 source devices without sacrificing any of the real-time or historical analysis.

ES Series with external storage. Designed for the enterprise, where fleets of devices are often deployed to enforce, monitor, and manage security. The ES series with external storage has been architected to handle over 7,500 sustained EPS from up to 1,250 source devices while supporting up to 16 simultaneous online users and still have enough horsepower for real-time and historical event research and analysis. This translates into over 640 million events per day.

There are different models within each of these types. The appliance model you use depends on your needs.

See Chapter 2 “Single Appliance Site” in the Configuration Guide for information on configuring enVision on single appliance sites.


3. Single Appliance Site

Single Appliance Site Hardware Set Up Tasks

Important! Review the “Safety and Regulatory Statements” section in Appendix A. “Hardware Specifications” before you set up your hardware.

The hardware setup tasks for a single appliance site are as follows:

Task Activity

1 Plan the installation. Complete the Configuration Wizard Planning Worksheet - Single Appliance Site in Chapter 2, “Single Appliance Site” in the enVision Configuration Guide.

2 Select a hardware setup location that meets the requirements for the current installation and for future growth. See Appendix A “Hardware Specifications” for location requirements. See the manufacturer’s documentation for information on installing the appliance. If your site has external storage, see the storage system documentation for information on installing the storage system.

3 Connect the ES appliance to the LAN.

4 If your ES appliance has external storage, connect the storage system to the ES appliance.

5 Connect each of the power cords to a different power circuit for increased reliability and availability.

6 Power on the storage appliance, if applicable. Wait 5 minutes before powering on the servers.

7 Power on the ES appliance.

8 Complete the enVision site configuration, using the enVision Configuration Wizard. See Chapter 2 “Single Appliance Site” in the Configuration Guide for complete information.


4. Multiple Appliance Site The LS series appliances are designed to operate in a distributed installation. Each enVision component - Application, Collector, and Database - is on its own appliance. The appliances together form a site. Distributed multiple appliance sites allow multiple installations of any of the three appliance types to be deployed in order to manage the variety of network infrastructures found in production environments. All multiple appliance sites use external storage systems.

See Chapter 3 “Multiple Appliance Site” in the Configuration Guide for a complete explanation of a multiple appliance site and multiple site deployments, and for instructions on configuring enVision on these sites.

Hardware in Multiple Appliance Site

Each multiple appliance site is comprised of the following hardware items:

RSA enVision appliances

Storage system

Network switch

Appliance rack

See Appendix A, “Hardware Specifications” for information on the hardware items.


4. Multiple Appliance Site

Multiple Appliance Site Hardware Set Up Tasks


The hardware setup tasks for a multiple appliance site are as follows:

Task Activity

1 Plan the installation. Complete the Configuration Wizard Planning Worksheet - Multiple Appliance Site in Chapter 3 “Multiple Appliance Site” in the Configuration Guide.

2 Select a hardware setup location that meets the requirements for the current installation and for future growth. See Appendix A “Hardware Specifications,” for location requirements.

3 Configure the storage system. Note the IP address for the storage device in the Identify External Storage (NAS 3500) section of the Configuration Wizard Planning Worksheet - Multiple Appliance Site in Chapter 3 “Multiple Appliance Site” in the Configuration Guide.

4 Connect each LS appliance in the site to the LAN.

Ignore any warning messages you may receive about IP conflicts when you are making the physical connections to the LAN.

5 Connect each of the rack power cords to a different power circuit for increased reliability and availability.

6 Power on the storage system (refer to the storage system documentation for instructions). Wait five minutes before powering on the servers.

7 Power on the network switch and LS appliances.


4. Multiple Appliance Site Hardware

Task Activity

8 The LS Typing Wizard starts automatically on the appliances. Assign the LS appliance type to each appliance in the site, as follows:

a. Connect to the appliance.

b. Select the LS check box.

c. Select the LS type for the appliance. The options are:

AS1 (Application Server) AS2 (Application Server) AS3 (Application Server) DS1 (Database Server) RC (Remote Collector) LC1 (Local Collector) LC2 (Local Collector) LC3 (Local Collector)

d. Click Next.

e. The wizard displays the Review Page window. Verify that the information is correct. Click Finish. If the Review page is not correct, click Cancel.

If you click Cancel at any time while using the wizard, you must restart the wizard to type the appliance. To restart the wizard, double-click the lsconfigurationwizard.exe file in the c:\windows\installations directory.

f. Apply the appropriate labels for the appliance type to the front and back of the appliance to identify it.

Repeat steps a - f for each appliance in your site.

9 Complete the enVision site configuration, using the enVision Configuration Wizard. See Chapter 3 “Multiple Appliance Site” in the Configuration Guide for complete information.



Multiple Appliance Site - Cabling Examples

This section contains two examples of multiple appliance sites, cabled in their racks.

The following diagram is an example of a multiple appliance site with an Application Server (A-SRV), a Database Server (D-SRV), and a Local Collector (LC), delivered pre-cabled in its rack.


4. Multiple Appliance Site Hardware

The following diagram is an example of a multiple appliance site with one Database Server (D-SRV), two Application Servers (A-SRV), and three Local Collectors (LC), delivered pre-cabled in its rack.




Multiple Appliance Site with Enhanced Availability

Optionally, you can set up enhanced availability (EA) for the Local Collectors (LCs). This allows you to define up to six cluster appliances (CAs) for a site to perform the LC roles.

The implementation of the enhanced availability feature for the Local Collectors is a Professional Service package. You can arrange for a Professional Service package by contacting RSA at 781.375.9000.

5. Remote Collector Site Each multiple appliance site has the option of having up to 16 Remote Collector (RC) server appliances. Each RC is considered a site. RCs capture incoming events remotely. Remote collectors forward data collected to the enVision site (using the NIC Forwarder Service). (The Administrator sets up the remote collector's Forwarder parameters on the Modify Collector Service window in enVision.)

The RCs use the LS series appliances. See Appendix A “Hardware Specifications” for the specifications for the LS series appliances.

Note: The total events per second (EPS) for all Collectors per site (per D-SRV) cannot exceed 30,000 EPS.

RC Site Hardware Set Up Tasks


Important! Before you configure the RC, make sure that its master is configured, and up and running.

The appliance setup tasks for an RC site are as follows:

Task Activity

1 Plan the installation. Complete the Configuration Wizard Planning Worksheet – Remote Collector Site in Chapter 3 “Multiple Appliance Site” in the Configuration Guide.

2 Select a hardware setup location that meets the requirements for the current installation and for future growth. See Appendix A “Hardware Specifications” for location requirements.

3 Connect the RC appliance to the LAN.

4 Connect the rack power cords to different power circuits for increased reliability and availability.

5 Power on the network switch and RC appliance.

6 Complete the enVision site configuration, using the enVision Configuration Wizard. See Chapter 4 “Remote Collector Site” in the Configuration Guide for complete information.


Appendix A. Hardware Specifications

Hardware Location

Select a hardware setup location that meets the requirements for the current installation and for future growth. The specific requirements for each hardware item are listed in this appendix. The following list summarizes the location requirements:

Proper temperature control: 10° to 35° C (50° to 95° F) with a maximum temperature gradation of 10°C per hour

Proper humidity control: 20% to 80% (non-condensing) with a maximum humidity gradation of 10% per hour

Adequate floor loading capacity. This depends on the rack and the number of hardware items in it.

Near appropriate AC outlets and Ethernet hubs or individual jacks (10/100/1000 Base-T cables cannot be longer than 100 meters)

Enough clearance in the front and the back of the rack to allow for sufficient airflow and to enable you to access appliance components

Important! Installation or operation of appliances stacked on a desktop table is not supported.

RSA enVision Hardware Guide 60 Series A-1


ES Appliance Specifications

The models of the ES appliance are as follows:

560-ES 1060-ES 2560-ES 5060-ES 7560-ES

Sustained Performance Per Appliance (Events Per Second)

Up to 500 EPS Up to 1,000 EPS

Up to 2,500 EPS Up to 5,000 EPS Up to 7,500 EPS

Recommended Maximum Devices per Appliance

Up to 100 Up to 200 Up to 400 Up to 750 Up to 1,250

Maximum Simultaneous Users

Up to 6 Up to 8 Up to 10 Up to 12 Up to 14

Maximum Simultaneous Users (Event Explorer)

1 Up to 2 Up to 3 Up to 4 Up to 5

Base Storage* Internal

300 GB

Internal

300 GB

Internal

300 GB

External

2.5 TB

External

2.5 TB

Data Protection Hardware-accelerated RAID1 controller with auto-rebuild and battery-backed 256MB on-controller cache

Hardware-accelerated RAID5 controller with auto-rebuild, and battery-backed 256MB on-controller cache

Appliance Power Options

Redundant, load sharing 400-watt power supplies; 120/240 volt auto-switching

Operating Environment

Security-hardened, embedded operating system featuring real-time data encryption to protect sensitive event data

Application Software

RSA enVision with two-phase Real-Time Data Compression (RTDC)

Regulatory Approvals

UL 1950, CSA22.2 no 950, EN 60950, FCC Part 15 - Class A, ICES-003 EN55024:1998, EIN55022:1998, EN50082-1, VCCI V-3/2000.4, AS/NZS 3548

Hardware Warranty

90-day hardware warranty, during which time RSA will remedy, replace, or provide a refund

Software Warranty

90-day access to technical support for application setup assistance and bug fixes

*Base storage of 300 GB is raw storage. Data storage for events is 220 GB, once you take out formatting, OS partition, and temp nugget partition.



LS Appliance Specifications

The four models of collection (LC and RC) appliances are: NIE-RC01-LS, NIE-RC02-LS, NIE-LC05-LS, and NIE-LC10-LS. The model of application appliance (A-SRV) is NIE-A-SRV. The model of database appliance (D-SRV) is NIE-D-SRV.

RC1 RC2 LC5 LC10 A-SRV D-SRV

Description Remote Collector 1,000 EPS

Remote Collector 2,000 EPS

Local Collector 5,000 EPS

Local Collector 10,000 EPS

enVision Application Server

LogSmart Database Server

Sustained Performance Per Appliance (Events Per Second)

Up to 1,000 EPS

Up to 2,000 EPS

Up to 5,000 EPS

Up to 10,000 EPS

NA Up to 30,000 EPS (from Collectors)

Maximum Devices Possible

512 512 1,500 2,048 NA 3,072* (from Collectors)

Maximum Simultaneous Users

NA NA NA NA Up to 16 NA

Maximum Simultaneous Users (Event Explorer)

NA NA NA NA Up to 15 NA


Security-hardened, embedded operating system featuring real-time data encryption to protect sensitive event data

Base Storage 3500 GB with NAS-3500

Data Protection Hardware-accelerated RAID5 controller with auto-rebuild and battery-backed 4GB on-controller cache

Application Software

enVision with two-phase Real-Time Data Compression (RTDC)

Regulatory Approvals

UL 1950, CSA22.2 no 950, EN 60950, FCC Part 15 - Class A, ICES-003 EN55024:1998, EIN55022:1998, EN50082-1, VCCI V-3/2000.4, AS/NZS 3548

Hardware Warranty

90-day hardware warranty, during which time RSA will remedy, replace, or provide a refund

Software Warranty

90-day access to technical support for application setup assistance and bug fixes

* Current licensing of the 60 series LS Data Server restricts the number of devices that can be monitored by an LS Site to 3072. This may be lower than the cumulative device count license if the site has more than one 60 Series Local Collector. Pending resolution of this licensing issue, updated license keys will be issued. Updated license keys will be issued for all 60 series Data Servers at no additional cost to allow for the management of the full device count of up to three Local Collectors per Data Server.



ES and LS Series Appliance Specifications

Form Factor 2U Rack mount

Operating System Windows 2003 Server R2 Enterprise 64-bit w/5 CALs

Processor Two Quad Core Xeon Processor E5410 12MB Cache, 2.33 GHz, 1333MHz FSB

Memory 8 GB memory (Eight 1GB Fully Buffered DIMMs)

Hard disks 300 GB HDD RAID 1, 180 GB usable (Two 3.5” internal hot-pluggable 300 GB SAS, 15k-RPM)

RAID PERC 6i 256MB cache

Optical drives CD-RW/DVD

Front Two RJ-45 (for integrated 1-GB NICs)

15-pin VGA

Two 4-pin, USB 2.0-compliant

15-pin VGA

Connectors

Back 9-pin, DTE, 16550-compatible

Two 4-pin, USB 2.0-compliant

Motherboard Dual embedded Broadcom NetXtreme II 5708 Gigabit Ethernet NIC Network

PCI Intel PRO 1000PT Cu, Dual Port, PCIe NIC

Wattage Redundant 750 W power supplies

Voltage 85–264 VAC, autoranging, 47–63 Hz

Maximum inrush current

55 A per power supply for 10 ms or less

Power cables Two Power cables

AC Power Supply

Heat dispersion 2697 Btu per hour maximum

System battery CR 2032 3.0 V lithium-ion coin cell Batteries

RAID battery 4.1 V lithium-ion



Height 3.4 in (8.656 cm)

Width 17.6 in (44.7 cm)

Depth 29.79 in (75.68 cm)

Dimensions

Gross Weight 59 lb (26.76 kg)

Operating 10° to 35° C (50° to 95° F) with a maximum temperature gradation of 10° C per hour

Temperature

Storage -40° to 65° C (-40° to 149° F) with a maximum temperature gradation of 20° C per hour

Operating 20% to 80% (noncondensing) with a maximum humidity gradation of 10% per hour

Relative Humidity

Storage 5% to 95% (noncondensing) with a maximum humidity gradation of 10% per hour

Operating 0.25 G at 3–200 Hz for 15 min Maximum Vibration

Storage 0.5 G at 3–200 Hz for 15 min

Operating One shock pulse in the positive z axis (one pulse on each side of the system) of 41 G for up to 2 ms

Maximum Shock

Storage Six consecutively executed shock pulses in the positive and negative x, y, and z axes (one pulse on each side of the system) of 71 G for up to 2 ms

Operating -16 to 3048 m (-50 to 10,000 ft) Altitude

Storage -16 to 10,600 m (-50 to 35,000 ft)



ES Storage Array

The ES single appliance site with external storage uses the EMC CLARiiON storage array.

See the EMC CLARiiON documentation for complete information on the storage array. This section contains specification information.

Storage connection iSCSI


Width 17.5 in (44.45 cm)

Depth 20 in (50.8 cm)

Dimensions

Gross Weight

57 lb (25.86 kg)

Temperature 50 to 104° F (10 to 40° C)

Temperature gradient

10° C per hour

Relative humidity

20% to 80% noncondensing


Altitude 8,000 ft (2438.4 m) at 104° F (40° C) maximum

10,000 ft (3048 m) at 98.6° F (37° C) maximum

Power supplies per Array

2

Frequency 47–63 Hz

AC voltage 100–240 Vrms, single phase

Power factor 0.98 (typical)

Power consumption

450 W (maximum)

Heat dissipation

1,535 Btu per hour (maximum)

Protection 12 A, internally fused (each supply)

AC circuits Redundant, external AC circuits

Power

Inlet type Dual inlet, rack-mount: IE320-C14 appliance coupler



LS Storage Array

The LS multiple appliance site uses the NAS 3500 (NS22) storage array. See the EMC Celerra documentation for complete information on the storage array. This section contains specification information.

EMC Celerra NS22

Storage connection Network attached storage

Height 12.25 in (31.36 cm)

Width 18.92 in (48.06 cm)

Depth 31.58 in (80.21 cm)

Dimensions

Gross Weight 203.3 lb (92.4 kg)

Ambient temperature 50 to 104° F 10° to 40° C

Temperature gradient 18° F per hour 10° C per hour

Relative humidity 20 to 80 % noncondensing


Elevation 8,000 ft (2,438.4 m) at 104° F (40° C) 10,000 ft (3,048 m) at 98.6° F (37° C)



AC line voltage 100 – 240 VAC +10%, single phase

Frequency 47–63 Hz, full auto-ranging

AC line current 14A A maximum at 100 V (configured with 15 disks) 7.5A A maximum at 200 V (configured with 15 disks)

Power consumption 1,229 VA (1,168 W) maximum (configured with 15 disks)

Startup surge current 59A peak (configured with 15 disks) at any line voltage

Power factor 0.98 minimum at full load, 100 VAC

Heat dissipation 3,422 KJ per hour (3,236 Btu per hour) estimate configured with 15 disks

In-rush current 116A peak estimate for ½ line cycle per power supply @ 240 VAC 65A peak estimate for ½ line cycle per power supply @ 120 VAC

AC protection 10A internal fuse (non-serviceable)

AC inlet type IEC320-C14 appliance coupler

Ride-through 30 ms minimum at full load

AC Power and Dissipation

Current sharing 60% maximum, 40% minimum between power supplies



Network Switch

The multiple-appliance site uses a network switch.

See the vendor documentation for complete information on the network switch. This section contains the requirements for the network switch.


Width 17.24 in (43.8 cm)

Depth 7.24 in (18.4 cm)

Dimensions

Gross Weight 7.94 lb (3.60 kg)

Operating Temperature 0° to 40° C (32° to 104° F) Operating Environment

Operating Humidity 5% to 8%

AC Power Line voltage 220/110V AC 50/60 Hz



Rack

See the vendor documentation for complete information on the rack. This section contains the requirements for a rack.


Width 24.0 in (61.1 cm)

Depth 36.0 in (91.6 cm)

Dimensions

Gross Weight (empty)

300 lb (136 kg)

Operating Voltage/Frequency

200–240 VAC

50–60 Hz

Power Cord Connector

AC Power

Service Type Two 30-amp services, single phase



Safety and Regulatory Statements

WARNING: Power supplies can contain over 240 volts. If mishandled, this high voltage can cause serious injury or death. Do not touch or handle a power cable or power supply unless you have been trained and prepared to perform this task. Always remove the power cord before attempting to remove or work on a Power Unit.

WARNING: Electronic components are sensitive to damage from Electrostatic Discharge (ESD). Observe appropriate precautions at all times when handling the RSA enVision appliance and EMC Celerra or its subcomponents.

CAUTION: Do not attempt to connect an Ethernet cable, regular or cross-over, between the EMC Celerra and the RSA enVision appliance. Connect the EMC Celerra through a GigE switch, the same as any other networked device.

CAUTION: When installing disk shelves and a storage system into a movable cabinet or rack, install from the bottom up for best stability.

WARNING: To reduce the risk of personal injury or equipment damage, allow internal components time to cool before touching them and ensure that the equipment is properly supported or braced when installing options.

WARNING: This equipment is designed for connection to a grounded outlet. The grounding type plug is an important safety feature. To avoid the risk of electrical shock or damage to the equipment, do not disable this feature.

WARNING: This equipment has one or more replaceable batteries. There is danger of explosion if the battery is incorrectly replaced. During the hardware warranty period the batteries can only be replaced by RSA. Dispose of used batteries according to the manufacturer’s instructions.

WARNING: If your storage system or disk shelf has more than one power supply cord, disconnect all power supply cords before servicing to reduce the risk of electrical shock.


Appendix B. Remediation for Dell RAID Controller Battery Issue

This appendix describes a scenario with the Dell PowerEdge Expandable RAID Controller (PERC) battery that can cause the RSA enVision appliance to malfunction and the steps to follow if this issue occurs. Steps you can follow to prevent the issue from occurring are also included.

Note: This scenario is inherent in RAID controller design, which is intended to protect systems from data loss during operational state (the system is up and running). Similar issues can occur on any server using RAID technology.

Dell RAID Controller Battery Issue

The Dell PERC controller uses a battery to maintain cache state following a power failure. When a power failure or uncontrolled shutdown of the unit occurs, the battery maintains cache state for 72 hours. After this time the battery is depleted and you must recharge it.

With a controlled shutdown, a minimal battery draw exists, which results in battery discharge after an extended unpowered shelf life.

Due to the characteristics of all Lithium-Ion batteries, RSA recommends that you do not leave any unit in a fully discharged state (such as after an uncontrolled shutdown) for an extended period of time.

If the enVision appliance has been powered down for a long period of time, or has maintained the RAID cache state for more than 72 hours, the RAID controller battery may have lost its electrical charge.

If the appliance is powered up with a depleted RAID battery, the system LCD displays the following error message:

E1211 ROMB battery failures

To charge the battery:

1. Power off the unit and unplug it.

2. Wait 10 minutes. Plug the unit in but do not power it up.

3. Leave the unit plugged in with the power off for 48 hours to allow the battery to fully charge.

4. After 48 hours, power on the unit. You can now start using it.

RSA enVision Hardware Guide 60 Series B-1

Appendix B. Remediation for Dell RAID Controller Battery Issue

RSA enVision Hardware Guide 60 Series B-2

Prevention of Powering Up an Appliance With a Depleted RAID Battery

If an appliance is powered up with a depleted RAID battery and the error is displayed, customers in two situations can be affected:

A New Installation. In this case, you must delay the installation for about two days to clear the problem and proceed with a clean system that is fully functional.

When Using a Cold Spare Appliance. In this case, RSA recommends that you ignore the error message and continue to use the unit. At the same time, prepare another unit that will be fully functional.

To prevent this problem from occurring, do one of the following:

Keep the units plugged in at all times. This option has the following advantages:

The units are always ready to be used to replace failed units.

You can periodically, (for example, once a month) power up the unit and verify that it initializes without a problem and that it is in prime status to replace any failed unit.

Forty-eight hours before a new installation, plug the unit into the power without powering up the appliance, to ensure the RAID battery is fully charged.

Appendix C. Customer-Provided Storage You can use the following storage arrays with a multiple appliance site:

EMC Celerra

NetApp® FAS (Fabric-Attached Storage) Series

The audience for this appendix is anyone who specifies storage requirements for RSA enVision log storage, and engineers performing installation and configuration of servers.

RSA enVision Hardware Guide 60 Series C-1

Appendix C. Customer-Provided Storage

EMC Celerra Storage

This section describes the requirements and configuration steps to add customer-provided Network Attached Storage (NAS) to enVision for data storage.

RSA enVision supports customer-provided storage on the following certified platforms:

EMC Celerra NS Series / Integrated

EMC Celerra NS Series / Gateway

EMC Celerra NSX Gateway

You must connect NAS to the enVision storage network switch and configure NAS before configuring enVision.

NAS Requirements

For each multiple appliance site, the minimum requirements for NAS hardware to function as enVision storage are:

Minimum number of active Data Movers: 1 (dedicated to enVision storage).

Recommended number of failover Data Movers: 1.

Minimum of 15 FC HDDs: 15 for 3,000 devices, 30 for 6,000 devices.

Note: The I/O workload generated by enVision consists of simultaneous reads and writes. For the most part, the reads are random. Because of the random nature of the workload, you should use Fibre Channel drives. The workload is not suitable for ATA drives.

One dedicated 1GB network interface for each Data Mover.



Network Configuration

To set up the appropriate network connections between enVision and the NAS:

1. Connect the primary Data Mover to the storage network switch.

2. If you are using a failover Data Mover, connect it to the storage network switch.

RSA recommends this connection to increase data availability.

3. Set up the network connections to the enVision appliance according to the enVision documentation.

The following diagram shows how to connect the enVision appliance to the customer LAN and storage network switch:



NAS Configuration

To configure network attached storage, you set up a CIFS Server, local users, and file systems/CIFS shares combinations.

CIFS Server

Use the following parameters to create the CIFS server:

IP address: 10.203.2.101 (Must be connected to the private switch)

Subnet: 255.255.255.0

DNS Server: 10.203.2.11 (D-SRV IP address)

CIFS Server authentication: Local users

NTP Server: 10.203.2.11 (D-SRV IP address)

Note: You must have time synchronization between NAS and the RSA enVision appliances. This time synchronization is essential for CIFS.

Local Users

You need local user authentication to ensure that the RSA enVision local collectors can authenticate through to NAS when the Window domain controller is not available; otherwise data collection may be interrupted.

Username Password

NIC_System n!0A6y_7tbE9z3

Master themaster01

NIC_sshd 1937Partanna1985

NIC_sftp 1937Partanna1985



File Systems/CIFS Shares Combinations

The minimum requirement for enVision is the vol0 and vol1 file systems/CIFS shares combinations (for enVision D-SRV and LC1 respectively). If you use additional Local Collectors, you must create the vol2 and vol3 file systems/CIFS shares combinations. The following table contains an example of the file systems/CIFS shares combinations you must set up if you use additional Local Collectors.

File system name CIFS share name

vol0 vol0

vol1 vol1

vol2 vol2

vol3 vol3

For RSA enVision 3.5.0 and later, the number of files created has been significantly reduced and only a single file system is needed for all three Local Collectors.

Note: For RSA enVision 3.5.0 and later, a maximum of 10,240 files per day per Local Collector are created.



Enhanced Availability

Within enVision, you can configure Enhanced Availability (EA) for the Local Collector appliances. For EA, data storage continues to use the CIFS protocol. In addition, you must fulfill an iSCSI LUN storage requirement.

Note: EA is supported in RSA enVision 3.5.0 and later.

Complete the following tasks to configure NAS to support iSCSI for the enVision EA system. (See the NAS documentation for detailed instructions.)

1. Configure the iSCSI service to run over the same IP address as CIFS.

2. Configure NAS to have one iSCSI volume of 1024 MB.

3. Configure the iSCSI volume to have one target, at LUN 0.

4. Configure the iSCSI service to support discovery on port 3260.

5. Configure the iSCSI service to support multiple logins.

6. Add the following IQN names to allow them access to the iSCSI LUN 0:

iqn.2006-01.nic.niceacluster:CA1.niceacluster.nic








iqn.2006-01.nic.niceacluster:DS1.niceacluster.nic

iqn.2006-01.nic.niceacluster:DS2.niceacluster.nic



NetApp® FAS Series

The following graphic illustrates the suggested IP addressing scheme and wiring for the NetApp FAS:



CIFS Shares and Directory Structure

Use the default directory structure on the NetApp storage array by adding the directory structure that suits your needs shown below.

For each node that stores data on the storage array, you configure the storage location within enVision in the Manage Storage Location window within enVision. See the enVision online Help on Event Storage Locations for more information.

RSA enVision Appliances

CIFS Directory Shares

D-SRV \\10.203.2.101\vol0

LC1 \\10.203.2.101\vol1

LC2 \\10.203.2.101\vol2

LC3 \\10.203.2.101\vol3

Hardware Requirements

The minimum requirements for NetApp FAS to function as an enVision log storage location, in an enVision multiple appliance site, are as follows:

Hardware Minimum Requirements (for each enVision multiple appliance site)

NetApp FAS

Minimum NetApp Filer: 1 active NetApp FAS270 or equivalent (dedicated to enVision storage).

Recommended: 1 failover NetApp FAS270 or equivalent.

One dedicated 1GB network interface for each NetApp Filer.

Disk drive requirements for each NetApp Filer.

o Minimum of 15 FC drives (number and capacity of drives can be increased per customer data retention requirements).

o RAID DP.

Network Switch Layer 2 GbE network switch:

o 1 GbE port for each enVision appliance.

o 1 GbE port for each NetApp Filer.

These minimum hardware requirements have been certified for RSA enVision data storage up to 30,000 EPS.



Setup Requirements

Here are the setup requirements for the NetApp FAS:

NetApp Filer IP address: 10.203.2.101.

Time: Time synchronization between the NetApp Filer and enVision appliances is required for CIFS.

CIFS: The following CIFS Shares must be created on the NetApp Filer, each on a separate file system, one for each enVision collector:

vol0 (used for Common Storage Directory, CSD)

vol1 (used for enVision Local Collector 1)





Connecting RSA enVision Appliances to the NetApp FAS

The NetApp FAS connects to a multiple or single appliance site through a network switch. Each enVision appliance connects to the network switch and the NetApp FAS connects to the network switch.

The network connections between the appliances, switch, and storage array are as follows:

To connect the enVision appliances to the NetApp FAS:

1. Connect network cables from the enVision appliances to the switch and from the storage array to the switch.

2. Connect the network connection from the enVision appliance through the network interface named SWITCH.



The IP addresses on the SWITCH network interface are based on the appliance type.

Appliance IP Address

D-SRV 10.203.2.11

A-SRV1 10.203.2.21

A-SRV2 10.203.2.22

LC1 10.203.2.31

LC2 10.203.2.32

LC3 10.203.2.33



NetApp CIFS File Storage Authentication

You can authenticate the NetApp FAS can to the enVision appliance using one of the following three methods:

Local user authentication using existing enVision users (recommended)

NetApp Multistore authentication

Authentication of the NetApp FAS to the enVision appliance by adding the NetApp FAS to the enVision Windows Domain

Local User Authentication Using Existing enVision Users

The enVision appliance ships with four users that enVision needs to run:

Master

NIC_System user

NIC_sshd

NIC_sftp

If you create these users on the NetApp FAS with the same password as stored in the enVision systems, Windows ensures that the local user has the rights to storage. If the password changes on the enVision appliances, you must reset the password on the NetApp FAS. RSA recommends this authentication method.

To authenticate the NetApp FAS to the enVision appliance using existing enVision users:

1. Add the following four existing users to the EMC Celerra NS22 CIFS server:

Username Password

Master themaster01




2. Ensure that these four users have full control to the appropriate CIFS share.

NetApp Multistore Authentication

NetApp Multistore allows a single NetApp appliance to authenticate and share multiple domains. Multistore allows the creation of separate private logical partitions in the filer network and storage resource. Each virtual storage partition maintains absolute separation from every other storage partition. This separation allows multiple domains to exist on a single NetApp Filer.

Call your NetApp sales representative for details on using the NetApp Multistore product.



Authentication By Adding the NetApp FAS to the RSA enVision Windows Domain

You can authenticate the NetApp FAS to the enVision appliance by adding the NetApp FAS to the enVision Windows Domain. RSA does not recommend this method because you may experience unknown side effects when you add the NetApp into the enVision Windows domain.

Warning: Unknown side effects may occur if you use this method.

The domain must first exist before you can add the NetApp FAS to the enVision Windows Domain.

To authenticate the NetApp FAS to the enVision appliance by adding the NetApp FAS to the enVision Windows domain:

1. Set IiWaitForCelerraConfiguration=YES in the lsconfigurationwizard.cfg file.

2. Run the lsconfigurationwizard.exe enVision configuration wizard.

The wizard:

Creates the Windows domain

Restarts the appliances

Displays the message: The Celerra configuration flag has been set. Configure your Celerra device now and then click OK to proceed.

3. Use the NetApp FAS Control Station to add the previously created CIFS Server to the enVision Windows domain.

4. Complete the enVision configuration wizard.

5. Reconfigure the enVision NIC Packager and NIC Collector services so that they operate with the network attached storage. By default, the NIC Packager Service is run by a local user account which you must reconfigure to be run by a domain user account.

6. Perform the following steps on each Local Collector (LC) appliance:

a. In the Start menu select Run, type services.msc and click OK.

b. Complete the following for the NIC Packager Service:

i. Right-click on NIC Packager Service and select Properties.

ii. In the NIC Packager Properties window, click the Log On tab.

iii. Under the This Account, parameter, replace .\NIC_System with enVision Windows domain name\NIC_System. For example, if testemc.nic is the Windows domain name of the enVision appliances, you would enter testemc.nic\NIC_System.

iv. Type n!0A6y_7tbE9z3 in the Password and Confirm password fields. Click OK.

v. Stop and start the NIC Packager Service.



c. Complete the following for the NIC Collector Service:

i. Right-click on NIC Collector Service and select Properties.

ii. In the NIC Collector Properties window, click the Log On tab.

iii. Under the This Account parameter replace .\NIC_System with enVision Windows domain name\NIC_System. For example, if testemc.nic is the Windows domain name of the enVision appliances, you would enter testemc.nic\NIC_System.

iv. Type n!0A6y_7tbE9z3 in the Password and Confirm password fields. Click OK.

v. Stop and start the NIC Collector Service.

NetApp CIFS Configuration

You must configure the network share, CIFS, on the NST Storage Array to authenticate against the pre-configured enVision appliance domain.

To configure the CIFS network share:

1. Connect to the NetApp storage array using telnet from the enVision D-SRV appliance (which is connected to the network switch, with a default IP address of 10.203.2.100).

2. At the Username prompt, type root.

3. At the Password prompt, type your factory default password.

4. At the NIappStor prompt, type date CCyymmddhhmm (where CCyy is the year, mm is the month, dd is the date, hh is the hour, and mm is the minute) to set the time and time zone.

For example, type 200903281521 for a date/time of March 28 2009 15:21.

5. At the NIappStor prompt, type timezone timezone to set the Windows domain. (For more information see Appendix B in the Data ONTAP 7.0 Software Setup Guide.).

6. At the NIappStor prompt, type options dns.domainname Windows domain name (where Windows domain name is your unique NIC domain name) to set the Windows DNS domain.

7. At the NIappStor prompt, type cifs terminate.

8. At the NIappStor prompt, type cifs setup to enable CIFS access to the filer from a Windows system.

9. Type the responses shown in bold text when the following series of prompts is displayed. (Type ? for help at any prompt and Ctrl-C to exit without saving changes.)

This filer is currently a member of the Windows-style workgroup ‘WORKGROUP’. Do you want to continue and change the current filer account information? [n]: y



Your filer does not have WINS configured and is visible only to clients on the same subnet.

Do you want to make the system visible through WINS? [n]: n.

This filer is currently configured as an NTFS-only filer

Would you like to reconfigure this filer to be a multiprotocol filer? [n]: n

The default name for this CIFS server is ‘NIAPPSTOR’.

Would you like to change this name? [n]: n

10. Data ONTAP CIFS services support four styles of user authentication. Type the style number from the list below that best suits your situation. (In this example, the user chose 1.)

(1) Active Directory domain authentication (Active Directory domains only)

(2) Windows NT 4 domain authentication (Windows NT or Active Directory domains)

(3) Windows Workgroup authentication using the filer’s local user accounts

(4) /etc/passwd and/or NIS/LDAP authentication

Selection (1-4)? [1]: 1

11. Type the responses shown in bold to the following series of prompts. (Type ? for help at any prompt and Ctrl-C to exit without saving changes.)

Do you want to configure the filer’s DNS resolver service? [y]: y

Note: To operate correctly within an Active Directory-based Windows domain, CIFS must use the DNS resolver service. That service is currently not configured on the filer. You must either configure DNS resolver services or choose a different authentication style.

What is the filer’s DNS domain name? [ENVISION.nic]: unique NIC domain name

What are the IPv4 address(es) of your authoritative DNS name server(s)?: 10.203.2.50

Would you like to specify additional DNS name servers? [n]: n

What is the name of the Active Directory domain? [ENVISION.NIC]: unique domain name

12. Press Enter to accept the default, which is your unique domain.

Note: To create an Active Directory machine account for the filer, you must supply the name and password of a Windows account with sufficient privileges to add computers to the ENVISION.NIC domain.

13. Type the responses shown in bold text in response to the following series of prompts. (Type ? for help at any prompt and Ctrl-C to exit without saving changes.)

Enter the name of the Windows user [[email protected]]: master

Password for master: your unique master username password




The system displays: CIFS - Logged in as [email protected].

The user that you specified has permission to create the filer’s machine account in several (x) containers.

14. Choose where you would like this account to be created.

(1) CN=computers

(2) OU=Domain Controllers

(3) None of the above

Selection (1-3)? [1]: 1

The system displays the following message: CIFS - Starting SMB protocol... Welcome to the ENVSION.NIC (ENVISION) Active Directory(R) domain. CIFS local server is running.

15. At the NIappStor prompt press ctrl-d.

mailto:[email protected]

Appendix D. Changing Passwords on RSA enVision Appliances

The RSA enVision appliance and the NAS have four key users. The following table displays these usernames and their respective passwords:

Username Password


Master themaster01



New passwords must:

Not contain more than two consecutive characters of the user’s account name or parts of the user’s full name.

Be at least ten characters in length.

Contain at least one uppercase letter.

Contain at least one number.

Changing Password on A-SRV and LC

To change the local user passwords:

1. Log in to the system as - username: master / password: themaster01.

2. Click StartSettingsControl PanelAdministrative ToolsComputer Management.

3. In the left pane, click on the plus sign next to Local Users and Groups and click on users.

4. Right-click on the username you want to change (for example, master), click Set Password and click Proceed.

5. Enter the new password.

6. If you changed the password for master, log out of the system and make sure that you can successfully log in with the new password.

7. Repeat Steps 1 to 6 for all collectors in the site.

RSA enVision Hardware Guide 60 Series D-1


Changing Password on D-SRV

Because the D-SRV is a domain controller, you must change the user password in Active Directory.

To change the user password in Active Directory:

1. Log in to the D-SRV as - username: master / password: themaster01.

2. Click Start SettingsControl PanelAdministrative ToolsActive Directory Users and Computers.

3. In the left pane, click on the plus sign next to the site name, then click on users.

4. Right-click on the username you want to change (for example, master) and click Reset Password.

5. Enter the new password.

6. If you changed the password for master, log out of the D-SRV and make sure that you can successfully log in with the new password.

7. Repeat Steps 1 to 6 for all D-SRVs in the site.

Changing Passwords on NAS

To change the local user passwords:

1. Log in to all collectors and stop the collector and packager services:

a. Click StartRun.

b. Type services.msc and click OK.

The system displays the Services (Local) window.

c. Stop the service named NIC Collector and NIC Packager.

2. Log in to all D-SRVs and stop the packager service:

a. Click StartRun.

b. Type services.msc and click OK.

The system displays the Services (Local) window.

c. Stop the service named NIC Packager.



3. From the D-SRV, perform a [Ctrl] – [Alt] – [Del].

The system displays the Windows Security screen:

4. Click Change Password.

The system displays the Change Password window.

5. Complete this window according to the following table and click OK.

In this field Enter Description

Username: username Username that you want to change.

Log on to: CIFS-server-IP-address CIFS server IP address (for example, 10.203.2.101).

New Password: password Password you used for the user in the steps for changing the password on the LS site.

Confirm New Password:

password Re-enter the new password to confirm it.

Here is an example of a completed Change Password window:

After the system changes the password, it displays a confirmation indicating you have successfully changed the password.

6. Click Cancel to exit the Windows security window.



7. Repeat Steps 3 through 6 for each additional user’s password that you want to change.

8. Start the Packager Service on all D-SRVs.

9. Start the Packager and the Collector services on all collectors.

Verifying Read/Write Permissions after Changing Passwords

To verify permissions:

1. Reboot all appliances in the site.

2. Log in to the D-SRV.

3. Click StartRun, type \\10.203.2.101 and click OK.

The system displays a window that shows the NAS storage mount points (vol0, vol1, vol2, vol3).

4. Double-click on vol0.

5. In the right pane, right-click and select NewText Document.

This ensures that the D-SRV has the correct privileges to read and write data to the NAS.

6. Delete the newly created text document and close the window.

7. Repeat steps 3 through 6 for vol1, vol2, and vol3.

8. Log out of the D-SRV.

9. Repeat steps 2 through 8 for all D-SRVs in the site.

10. Log into the collector.





This ensures that the collector has the correct privileges to read and write data to the NAS.



16. Log out of the collector.

17. Repeat steps 10 through 16 for all collectors in the site.

18. Log into the A-SRV.








This ensures that the collector has the correct privileges to read and write data to the NAS.



24. Log out of the A-SRV.

rsa envision 4.0 hardware guide - sys-g-rsa400

Documents

accelerated

professional

network infrastructures

updated license

application

maximum humidity

active directory

multiple appliance