IBM SP3001, Hardware Configuration Manual

Page 1: ...IBM Security IBM Security SiteProtector System SP3001 Hardware Configuration Guide V ersion 3 0 ...

Page 2: ...ion applies to Version 3 0 of the IBM Security SiteProtector System and to all subsequent releases and modifications until otherwise indicated in new editions Copyright IBM Corporation 1994 2013 US Government Users Restricted Rights Use duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp ...

Page 3: ...on 14 Installing and starting the SiteProtector Console 15 Installing the SiteProtector Console 15 Starting the SiteProtector Console and logging on 16 Chapter 4 Configuring the SiteProtector Console 17 SiteProtector Console configuration checklist 17 Installing license files 17 Securing SP3001 appliance passwords 18 Setting the Database Administrator password 18 Setting the Windows Administrator ...

Page 4: ...iv SiteProtector System SP3001 Hardware Configuration ...

Page 5: ...folio topic in the Software Support Handbook for information about the types of available support v Check IBM Technotes accessible through the IBM Support Portal If you are unable to find an answer or a solution in the Support portfolio or in the IBM Technotes check to be sure your company or organization has an active IBM maintenance contract and that you are authorized to submit a problem to IBM...

Page 6: ... APAR describes the problem in detail Whenever possible IBM Support provides a workaround that you can implement until the APAR is resolved and a solution is delivered to you IBM publishes resolved APARs on the IBM Support website daily so that other users who experience the same problem can benefit from the same resolution vi SiteProtector System SP3001 Hardware Configuration ...

Page 7: ...on prerequisites and procedures for configuring the IBM Security SiteProtector SP3001 appliance hardware Chapter 3 Connecting and configuring the SiteProtector SP3001 appliance on page 11 Contains procedures for configuring the SiteProtector SP3001 appliance hardware and for accessing the SiteProtector software on the SiteProtector SP3001 appliance from the SiteProtector Console To support less ex...

Page 8: ... Information Center at http pic dhe ibm com infocenter sprotect v2r8m0 index jsp License agreement For licensing information on IBM Security products download the IBM Licensing Agreement from http www 935 ibm com services us iss html contracts_landing html What is the SiteProtector SP3001 appliance The SiteProtector SP3001 appliance is a hardware implementation of SiteProtector that includes prein...

Page 9: ...manages the command and control activities of the Desktop Protection agents IBM Security Server Protection and Proventia Network MFS X Press Update Server and Event Archiver and it also facilitates data transfer from agents to the Event Collector Console The SiteProtector Console is the main interface to SiteProtector where you can perform most SiteProtector functions such as monitoring events sch...

Page 10: ...lar products more than once and allows users to manage the update process more efficiently v SiteProtector Web Access is a interface that provides easy access to SiteProtector for running reports and monitoring assets and security events SiteProtector Firmware SiteProtector firmware consists of the operating system and the database that runs on the SiteProtector SP3001 appliance hardware Standalon...

Page 11: ... activity which preserves evidence of the attack Firewall IBM Security Server Protection v provides powerful firewall capabilities that inspect all inbound and outbound traffic on the computer for unauthorized activity v can control network communication based on port IP address and protocol v blocks unauthorized activity without affecting normal traffic Buffer overflow exploit prevention IBM Secu...

Page 12: ...6 SiteProtector System SP3001 Hardware Configuration ...

Page 13: ...uthenticity COA that is affixed to the appliance or in the accessory box You will need the operating system Product Key if you need to restore the appliance to its factory defaults Additionally record the appliance s SQL Server license Product Key and Tracking IDs also found on the COA You will need the SQL Server license Product Key and Tracking IDs in the event of an RMA return The COA may becom...

Page 14: ...ion is configured to block suspicious activity and certain types of communication See the IBM Security Server Protection for Windows User Guide for more information To ensure that you can troubleshoot and monitor the SiteProtector SP3001 appliance remotely using widely accepted protocols the following types of traffic are allowed on the SiteProtector SP3001 appliance v ICMP traffic v Remote deskto...

Page 15: ... SP3001 appliance Example SP3001 h Your setting h DNS server name The IP address of the domain name server that the SiteProtector SP3001 appliance will use Example 192 168 1 1 h Your setting Cables required checklist You must use certain cables to connect the SiteProtector SP3001 appliance to the network and to a power source These cables are included with the SiteProtector SP3001 appliance U Item...

Page 16: ...10 SiteProtector System SP3001 Hardware Configuration ...

Page 17: ...els SP1001 and SP2001 management of the appliance was handled using the Console to configure various appliance settings Beginning with the SP3001 model many of the SiteProtector SP3001 appliance settings are managed with standard operating system tools that you can access using a Remote Desktop session on the appliance Note You can use the IBM Security SiteProtector System SP3001 Quick Start Guide...

Page 18: ...liance to communicate with the network on page 14 h 3 Download install and point the SiteProtector Console to the SiteProtector SP3001 appliance See Installing and starting the SiteProtector Console on page 15 The SiteProtector SP3001 appliance front panel The SiteProtector SP3001 appliance front panel consists of multiple features SiteProtector SP3001 appliance front panel The following figure sh...

Page 19: ...tor SP3001 appliance back panel The following figure shows the SiteProtector SP3001 appliance back panel Back panel features The following list describes the back panel features v A Cooling fans 3 v B Cooling fan status indicators 3 v C Power connections 2 v D Power supplies 4 Connecting the SiteProtector SP3001 appliance Follow these instructions to connect the SiteProtector SP3001 appliance Proc...

Page 20: ...uming and error prone process SP3001 LCD panel The following table describes the buttons on the LCD panel Use this button To do this Move left between digits Referred to as the LEFT button Move right between digits Referred to as the RIGHT button Move down or specify digits Referred to as the DOWN button Move up or specify digits Referred to as the UP button Enter information or confirm a selectio...

Page 21: ...t Cancel and then press ENTER 8 Select OK and then press ENTER to confirm The SiteProtector SP3001 appliance saves the configuration information you entered Note The SiteProtector SP3001 appliance restarts automatically if you change the IP address or the host name of the appliance What to do next You have now connected the SiteProtector SP3001 appliance to the network using the LCD panel so you a...

Page 22: ...e 1 On your computer open the SiteProtector Console 2 Right click the My Sites node in the left pane 3 Select New Site 4 Log in using the SiteProtector SP3001 appliance s IP address 5 Do the following In this Field Type the following User Name Administrator Password ISSADMIN Note Change this password as soon as possible See Securing SP3001 appliance passwords on page 18 6 Click OK 16 SiteProtector...

Page 23: ...sks in this chapter should be performed This order may not always be required Checklist Use the checklist in the following table as a guide to help you perform the tasks in this chapter As you perform tasks use the check boxes to check off the tasks that you have completed U Task Description h 1 Install the license files for the reporting correlation and security features See Installing license fi...

Page 24: ...ficant security vulnerability you must change these passwords as soon as possible The following table lists the default user names and passwords Account type Default user name Default password Database administrator sa ISSADMIN Windows administrator Administrator ISSADMIN Important For the best security practices IBM Security recommends that you use strong passwords and change these passwords freq...

Page 25: ...assword 8 Click OK 9 When you are finished close the Remote Desktop session Setting the date and time The SiteProtector SP3001 appliance uses Windows time synchronization to update its date and time settings by default However you should verify that these settings are correct and change these settings if necessary Procedure 1 Select the System view 2 Select the Appliance entry from the left pane 3...

Page 26: ...20 SiteProtector System SP3001 Hardware Configuration ...

Page 27: ...tector SP3001 appliance to turn it on again You cannot use the SiteProtector Console to turn on the SiteProtector SP3001 appliance Procedure 1 Start the SiteProtector Console and log in 2 Select the System view 3 In the left pane expand the site node for the SiteProtector SP3001 appliance site and then click the Appliance icon 4 Select the Click here to connect to appliance hyperlink Clicking the ...

Page 28: ...ane expand the site node for the SiteProtector SP3001 appliance site and then click the Appliance icon 4 Select the Click here to connect to appliance hyperlink Clicking the hyperlink establishes a Remote Desktop session with the SiteProtector SP3001 appliance 5 Log in to the Remote Desktop session on the appliance 6 Run the Services snap in by selecting Start Run and entering services msc 7 Use t...

Page 29: ...c Configure local groups including creating new groups deleting existing groups and changing group properties Run the Local Users and Groups snap in by running lusrmgr msc Configure folders including creating removing opening editing properties for and otherwise managing folders Windows Explorer Configure shares for existing or new folders including creating new shares deleting existing shares and...

Page 30: ...7 Close the Remote Desktop session 24 SiteProtector System SP3001 Hardware Configuration ...

Page 31: ...ets After you restore the SiteProtector SP3001 appliance you must completely reconfigure the SiteProtector SP3001 appliance Perform this procedure only when it is absolutely necessary to recover from a catastrophic failure Procedure 1 Restart the SiteProtector SP3001 appliance Note See Starting and shutting down the SiteProtector SP3001 on page 21 for details The SiteProtector SP3001 appliance res...

Page 32: ...26 SiteProtector System SP3001 Hardware Configuration ...

Page 33: ...certain conditions To avoid these hazards ensure that your system electrical requirements do not exceed branch circuit protection requirements Refer to the information that is provided with your device or the power rating label for electrical specifications D002 DANGER If the receptacle has a metal shell do not touch the shell until you have completed the voltage and grounding checks Improper wiri...

Page 34: ...signal cables v Never turn on any equipment when there is evidence of fire water or structural damage v Disconnect the attached power cords telecommunications systems networks and modems before you open the device covers unless instructed otherwise in the installation and configuration procedures v Connect and disconnect cables as described in the following procedures when installing moving or ope...

Page 35: ...o provide the correct power connection to a rack refer to the rating labels located on the equipment in the rack to determine the total power requirement of the supply circuit v For sliding drawers Do not pull or install any drawer or feature if the rack stabilizer brackets are not attached to the rack Do not pull out more than one drawer at a time The rack might become unstable if you pull out mo...

Page 36: ...ct you must first become familiar with the related safety information in the booklet You should also refer to the booklet any time you do not clearly understand any safety information in the US English publications Laser safety information The following laser safety notices apply to this product CAUTION This product may contain one or more of the following devices CD ROM drive DVD ROM drive DVD RA...

Page 37: ...los propietarios de equipos a reciclar sus productos de TI Se puede encontrar información sobre las ofertas de reciclado de productos de IBM en el sitio web de IBM http www ibm com ibm environment products prp shtml Notice This mark applies only to countries within the European Union EU and Norway Appliances are labeled in accordance with European Directive 2002 96 EC concerning waste electrical a...

Page 38: ...um nickel metal hydride and other battery packs from IBM equipment For information on proper disposal of these batteries contact IBM at 1 800 426 4333 Please have the IBM part number listed on the battery available prior to your call For Taiwan Please recycle batteries For the European Union Notice This mark applies only to countries within the European Union EU Batteries or packing for batteries ...

Page 39: ...oducts intended for use with this product will appear in their accompanying manuals Federal Communications Commission FCC Statement Note This equipment has been tested and found to comply with the limits for a Class A digital device pursuant to Part 15 of the FCC Rules These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commer...

Page 40: ...76 Fax 0049 0 711 785 1283 e mail tjahn de ibm com EC Declaration of Conformity In German Deutschsprachiger EU Hinweis Hinweis für Geräte der Klasse A EU Richtlinie zur Elektromagnetischen Verträglichkeit Dieses Produkt entspricht den Schutzanforderungen der EU Richtlinie 89 336 EWG zur Angleichung der Rechtsvorschriften über die elektromagnetische Verträglichkeit in den EUMitgliedsstaaten und häl...

Page 41: ...022 Klasse A update 2004 12 07 People s Republic of China Class A Compliance Statement This is a Class A product In a domestic environment this product may cause radio interference in which case the user may need to perform practical actions Japan Class A Compliance Statement This product is a Class A Information Technology Equipment and conforms to the standards set by the Voluntary Control Counc...

Page 42: ...36 SiteProtector System SP3001 Hardware Configuration ...

Page 43: ...lectual Property Law IBM Japan Ltd 19 21 Nihonbashi Hakozakicho Chuo ku Tokyo 103 8510 Japan The following paragraph does not apply to the United Kingdom or any other country where such provisions are inconsistent with local law INTERNATIONAL BUSINESS MACHINES CORPORATION PROVIDES THIS PUBLICATION AS IS WITHOUT WARRANTY OF ANY KIND EITHER EXPRESS OR IMPLIED INCLUDING BUT NOT LIMITED TO THE IMPLIED...

Page 44: ...tes other countries or both UNIX is a registered trademark of The Open Group in the United States and other countries Microsoft and Windows are trademarks of Microsoft Corporation in the United States other countries or both Privacy policy considerations IBM Software products including software as a service solutions Software Offerings may use cookies or other technologies to collect product usage...

Page 45: ...n damage to or misuse of your systems including for use in attacks on others No IT system or product should be considered completely secure and no single product service or security measure can be completely effective in preventing improper use or access IBM systems products and services are designed to be part of a comprehensive security approach which will necessarily involve additional operatio...

Page 46: ...40 SiteProtector System SP3001 Hardware Configuration ...

Page 47: ...ty 25 P password administrator 18 Product Key important consideration for rack mounted appliances 7 R remote desktop 8 S safety notices 27 securing LCD settings 22 SecurityFusion module 4 impact analysis 4 shutting down the SiteProtector SP3001 21 Simple Network Management Protocol 22 23 Site Database 3 SiteProtector SP3001 shutting down 21 starting 21 SNMP 8 SP Core 3 SP3001 appliance v SP3001 ba...

Page 48: ...42 SiteProtector System SP3001 Hardware Configuration ...

Page 49: ......

Page 50: ... Printed in USA ...