4
TM First/Final Draft for Review - FireEye Confidential - August 17, 2013 FireEye Appliance Quick Start Inside this Card Before You Begin Installing the FireEye Appli- ance Quick Set-Up Using the Front Panel LCD Quick Set-Up Using the Serial Console Where to Go Next Use this quick start card to install the FireEye appliance in minutes. FireEye appliances can accurately identify malicious attacks, including targeted attacks specific to a particular enterprise network. After definitively confirming a targeted malware attack, the FireEye appliance can block the attack, quarantine the infected machine, and alert administrators about the incident. Before You Begin Inspect the package contents and verify that you have received all components listed in the packing list. Ensure that sufficient power is available. FireEye appliances consume approximately 2 amps (220 watts at 110 volts) continuously, with peaks slightly higher. Ensure a minimum of 6 inches clearance in the front and back of the chassis. Have a serial console cable and laptop or terminal server to serve as the console. Have two Ethernet cables. Installing the FireEye Appliance 1. Install the FireEye appliance in the network rack using one of the following methods: Use a rail kit (purchased from FireEye) to attach the rack and rails to the box. Follow the instructions in the rail kit box. Install a rack tray (purchased from FireEye) and place the appliance on the tray. Follow the instructions in the tray kit. NOTE: Mounting the FireEye appliance on the rack using only the front brackets is not recommended.

Fire Eye Appliance Quick Start

Embed Size (px)

Citation preview

Page 1: Fire Eye Appliance Quick Start

TM

First/Final Draft for Review - FireEye Confidential - August 17, 2013

FireEye™ Appliance Quick Start

Inside this Card

• Before You Begin

• Installing the FireEye Appli-ance

• Quick Set-Up Using the Front Panel LCD

• Quick Set-Up Using the Serial Console

• Where to Go Next

Use this quick start card to install the FireEye appliance in minutes. FireEye appliances can accurately identify malicious attacks, including targeted attacks specific to a particular enterprise network. After definitively confirming a targeted malware attack, the FireEye appliance can block the attack, quarantine the infected machine, and alert administrators about the incident.

Before You Begin

• Inspect the package contents and verify that you have received all components listed in the packing list.

• Ensure that sufficient power is available. FireEye appliances consume approximately 2 amps (220 watts at 110 volts) continuously, with peaks slightly higher.

• Ensure a minimum of 6 inches clearance in the front and back of the chassis.

• Have a serial console cable and laptop or terminal server to serve as the console.

• Have two Ethernet cables.

Installing the FireEye Appliance

1. Install the FireEye appliance in the network rack using one of the following methods:

• Use a rail kit (purchased from FireEye) to attach the rack and rails to the box. Follow the instructions in the rail kit box.

• Install a rack tray (purchased from FireEye) and place the appliance on the tray. Follow the instructions in the tray kit.

NOTE: Mounting the FireEye appliance on the rack using only the front brackets is not recommended.

Page 2: Fire Eye Appliance Quick Start

FireEye™ Appliance Quick Start

2. Attach Ethernet cables.

• Attach an Ethernet cable to the Management interface (port 1) and the other end to your LAN to enable remote access to the FireEye command-line interface (CLI) and graphical user interface (GUI).

• Attach an additional Ethernet cable to one of the monitoring interfaces (ports 3-6 on the FireEye appliance) and connect the other end of the cable to the SPAN/mirror port of the switch that you want to monitor.

3. (Optional) Attach a serial console cable to the serial port on the appliance and to a terminal.

• Configure the following settings on the terminal: 115200 bps, 8 data bits, one stop bit, no parity.

NOTE: You can use a serial console to configure the FireEye appliance without first configuring an IP address and to view all console log messages.

4. Connect power cables and turn the power on.

• Connect the power cable to the back of the appliance. Make sure that the power switch is in the OFF position when connecting the power cable.

5. Power on the appliance.

• Turn on the power supply switch on the back of the appliance.

• Press and hold the green check-mark button on the front panel LCD for 5 seconds to power on the appliance.

• Configure the appliance using one of the following methods:

- Quick Set-Up Using the Front Panel LCD

- Quick Set-Up Using the Serial Console

Serial portManagement

portMonitoringinterfaces

Power supply switch Front panel LCD

Page 3: Fire Eye Appliance Quick Start

FireEye™ Appliance Quick Start

Quick Set-Up Using the Front Panel LCD

Perform either the LCD panel set-up steps or the serial console set-up steps. FireEye recommends using the serial console method, if possible, as described on the next page.

NOTE: You may need to wait after powering on for the FireEye logo to disappear and the alternating status display to appear.

NOTE: If DHCP is yes, go to step 8. If DHCP is no, go to step 3.

1. Access the LCD menu interface.

Access the menu system.

Access the Network menu.

2. Configure DHCP.

View DHCP status.

Enter modify mode.

and Set DHCP status to yes or no.

Accept the displayed value.

3. Configure a static IP address.

View the Static IP Addr menu.

Enter modify mode.

and Change values.

and Move between digits in the address.

Save when the correct address is displayed.

4. Configure the network mask.

View the Netmask menu.

Enter modify mode.

Repeatedly to increment the netmask and to dec-rement it. Example: to set netmask of 255.255.255.0 (/24) when displayed value is 0.0.0.0, press 24 times.

Save when the correct netmask is displayed.

5. Configure the gateway.

View the Gateway menu.

Enter modify mode.

and Change values.

and Move between digits in the address.

Save when the correct address is displayed.

NOTE: Changes do not take effect until you perform step 9, even though the LCD may appear to reflect the desired configuration settings.

6. Configure the primary DNS server (optional).

View the Primary DNS menu.

Enter modify mode.

and Change values.

and Move between digits in the address.

Save when the correct address is displayed.

7. Configure the appliance domain name (optional).

View the Domain Name menu.

Enter modify mode.

and Change values.

and Move between digits in the name.

Save when the correct name is displayed.

8. Configure the appliance hostname (optional).

View the hostname menu.

Enter modify mode.

and Change values.

and Move between characters in the hostname.

Save the correct hostname.

9. Save settings.

Return to status display mode.

Access the menu system.

Access save settings menu.

Enter modify mode.

Select Yes.

Save settings.

Page 4: Fire Eye Appliance Quick Start

FireEye™ Appliance Quick Start

Quick Set-Up Using the Serial Console

Perform either the LCD panel set-up steps or the serial console set-up steps. FireEye recommends using the serial console method, if possible, as described on this page.

1. Make sure that the appliance is installed and powered on and that the console terminal is properly configured and active (page 1).

2. Log in to the console with user name admin and no password.3. Enter yes to use the configuration wizard, and then respond as shown below.

4. After all the questions are answered, the wizard summarizes the answers. To change an answer, enter the step number. To save changes and exit, press <enter>.

Where to Go Next

You can now access the FireEye appliance management GUI using any of the following methods:• Web browser using HTTPS. Open a web browser (Firefox or Internet Explorer), and enter https://[appliance IP address

or hostname]. Log in with the user name admin and the password that was entered during set-up (default admin).• Serial console or Management port CLI using SSH.

For more information, see the following documents:• FireEye Appliance Operator’s Guide—Contains information on configuring and monitoring FireEye appliances.• FireEye CMS Operator’s Guide—Contains a product overview and information about how to use the FireEye Central

Management System (CMS) to configure and administer the FireEye appliance. • FireEye Appliance CLI Command Reference Guide—Contains a description of the commands that make up the CLI of the

FireEye appliance.

1. Hostname? Enter the hostname for the appliance.2. Use DHCP on ether1 inter-

face?Enter yes to use DHCP or no to manually configure your IP address and network settings. If DHCP is selected, you will be immediately sent to step 8.

3. Primary IP address? Enter the IP address for the management interface.4. Netmask? Enter the network mask in A.B.C.D format.5. Default gateway? Enter the gateway IP address for the management interface.6. Primary DNS server? Enter the DNS server IP address.7. Domain name? Enter the domain for the management interface.8. Enable NTP? Enter yes to use default public Network Time Protocol (NTP) servers (pool.ntp.org or time.nist.gov) to set the

system time or no to configure the time manually at a later time.9. Admin password? Enter a new administrator password. Press <Enter> to keep the default admin. 10. Product license key? Enter the license key or press <Enter> to use an evaluation license.11. Enable MAX

security-contents updates?Enter yes to enable download of new security content from the FireEye Malware Analysis and Exchange Net-work (MAX) network.

12. Enable MAX security-contents uploads?

Enter yes to enable uploading of security statistics and content to the MAX network.

13. MAX user name? Enter a user name for access to the MAX network.14. MAX password? Enter and then confirm a password for access to the MAX network. Press <Enter> to leave unchanged.

FireEye, Inc. 1390 McCarthy Boulevard Milpitas, CA 95035www.fireeye.com

Part Number 230-QS4000-A6© 2008-2009 FireEye, Inc. All rights reserved.

FireEye and the FireEye logo are either trademarks or trade names of FireEye, Inc. All other trademarks are the property of their respective owners.TM