® Threat Analysis Reporter QUICK START GUIDE Model: TAR MSA-004-004 Release: 1.1.15 / Updated: 02.29.
8e6 Enterprise Filter Quick Start Guide © 2008 8e6 Technologies. All rights reserved. This document may not, in whole or in part, be copied, photocopied, reproduced, translated, or reduced to any electronic medium or machine readable form without prior written consent from 8e6 Technologies. Every effort has been made to ensure the accuracy of this document.
Contents Threat Analysis Reporter Introduction. ...................................................1 About this Document..................................................................................................................... 2 Conventions Used in this Document............................................................................................ 2 Service Information...................................................................................3 Preliminary Setup Procedures...........
iv 8e6 Threat Analysis Reporter Quick Start Guide
Threat Analysis Reporter Introduction Thank you for choosing to evaluate the 8e6 Technologies Threat Analysis Reporter. This product addresses user-generated Web threats such as excessive use of bandwidth and inappropriate Internet usage, and provides network administrators tools to monitor such threats so management can enforce corporate Internet usage policies.
About this Document This document is divided into the following sections: • Introduction - This section is comprised of an overview of the Threat Analysis Reporter product and how to use this document • Service Information - This section provides 8e6 Technologies contact information • Preliminary Setup Procedures - This section includes instructions on how to physically set up the Threat Analysis Reporter unit in your network environment • Install the Server - This section explains how to configure t
Service Information The user should not attempt any maintenance or service on the unit beyond the procedures outlined in this document. Any initial hardware setup problem that cannot be resolved at your internal organization should be referred to an 8e6 Technologies solutions engineer or technical support representative. 8e6 Corporate Headquarters (USA) Local Domestic US International : : : 714.282.6111 1.888.786.7999 +1.714.282.
Preliminary Setup Procedures Unpack the Unit from the Carton Inspect the packaging container for evidence of mishandling during transit. If the packaging container is damaged, photograph it for reference. Carefully unpack the unit from the carton and verify that all accessories are included. Save all packing materials in the event that the unit needs to be returned to 8e6 Technologies.
Select a Site for the Server The server operates reliably within normal office environmental limits. Select a site that meets the following criteria: • Clean and relatively free of excess dust. • Well-ventilated and away from sources of heat, with the ventilating openings on the server kept free of obstructions. • Away from sources of vibration or physical shock.
Rack Mount the Server Rack Setup Precautions Warning: Before rack mounting the server, the physical environment should be set up to safely accommodate the server. Be sure that: • The weight of all units in the rack is evenly distributed. Mounting of the equipment in the rack should be such that a hazardous condition is not achieved due to uneven mechanical loading. • The rack will not tip over when the server is mounted, even when the unit is fully extended from the rack.
Rack Mount Instructions Optional: Install the Chassis Rails NOTE: If your chassis does not come with chassis rails, please follow the procedure listed on the last page of this sub-section to install the unit directly into the rack. CAUTION: Please make sure that the chassis covers and chassis rails are installed on the chassis before you install the chassis into the rack.
3. Locate the three holes on each side of the chassis and locate the three corresponding holes on each of the inner rail. 4. Attach an inner rail to each side of the chassis and secure the inner rail to the chassis by inserting three Type G screws through the holes on each side of the chassis and the inner rail. (See the diagram below for a description of the Type G screw.) 5. Repeat the above steps to install the other rail on the chassis.
Optional: Install the Traditional UP Racks After you have installed the inner rails on the chassis, you are ready to install the outer rails of rail assemblies to the rack. NOTE: The rails are designed to fit in the racks with the depth of 28” to 33”. • • Determine the placement of each component in the rack before you install the rails. Install the heaviest server components on the bottom of the rack first, and then work up. 1. In the package, locate a pair of front (short) and rear (long) brackets.
7. Slide the chassis into the rack as shown below. NOTE: The chassis may not slide into the rack smoothly or easily when installed the first time. Some adjustment to the slide assemblies might be needed for easy installation. 8. You will need to release the safety taps on both sides of the chassis in order to completely remove the chassis out of the rack.
Optional: Install the Open Racks After you have installed the inner rails on the chassis, you are ready to install the outer rails of rail assemblies to the rack. NOTE: The rails are designed to fit in the racks with the depth of 28” to 33”. • • Determine the placement of each component in the rack before you install the rails. Install the heaviest server components on the bottom of the rack first, and then work up. 1. In the package, locate a pair of front (short) and rear (long) brackets.
3. Attach the front (short) bracket to the front end of the rack, and secure it to the rack with two Type H screws and Type I washers as shown below. (See the previous page for descriptions of Type H and Type I hardware components.) 4. Attach the rear (long) bracket to the rear end of the rack, and secure it to the rack with two Type H screws and Type I washers as shown below. Repeat the same steps to install the other outer rail to the other side of rack. 5.
6. Slide the inner rails which are attached to the chassis into the outer rails on the rack.
Install the Chassis into the Rack CAUTION: Before installing the chassis into the rack: • • • • • • Make sure that the rack is securely anchored onto an unmovable surface or structure before installing the chassis into the rack. Unplug power cord(s) of the rack before installing the chassis into the rack. Make sure that the system is adequately supported. Make sure that all the components are securely fastened to the chassis to prevent components falling off from the chassis.
Check the Power Supply This server is equipped with a universal power supply that handles 100-240 V, 50/60 Hz. A standard power cord interface (IEC 950) facilitates power plugs that are suitable for most European, North American, and Pacific Rim countries. Power Supply Precautions Warning: • Use a regulating uninterruptible power supply (UPS) to protect the server from power surges, voltage spikes and to keep the server operating in case of a power failure.
General Safety Information Server Operation and Maintenance Precautions Warning: Observe the following safety precautions during server operation and maintenance: WARNING: If the server is used in a manner not specified by the manufacturer, the protection provided by the server may be impaired. WARNING: 8e6 Technologies is not responsible for regulatory compliance of any server that has been modified.
AC Power Cord and Cable Precautions Warning: • The AC power cord for the server must be plugged into a grounded, power outlet. • Do not modify or use a supplied AC power cord if it is not the exact type required in the region where the server will be installed and used. Replace the cord with the correct type. • Route the AC power cord and cables away from moving parts and foot traffic. • Do not allow anything to rest on the AC power cord and cables.
Motherboard Battery Precautions Caution: The battery on the motherboard should not be replaced without following instructions provided by the manufacturer. Only qualified service personnel should replace batteries. The battery contains energy and, as with all batteries, a malfunction can cause heat, smoke, or fire, release toxic materials, or cause burns. Do not disassemble, puncture, drop, crush, bend, deform, submerge or modify the battery. Do not incinerate or expose to heat above 140°F (60°C).
Install the Server Step 1: Initial Setup Procedures This step requires you to link the workstation to the Threat Analysis Reporter. You have the option of using the text-based step-by-step setup procedures described in Step 1A.
Serial Console Setup A. Using the serial port cable (and USB DB9 serial adapter, if necessary), connect the laptop to the rear of the chassis (see Fig. 1). B. Power on the laptop. C. Power on the Threat Analysis Reporter by pressing the large button on the front panel (see Fig. 2). Fig. 1 - Portion of chassis rear Fig. 2 - Diagram of chassis front panel, power button at far right Once the Threat Analysis Reporter is powered up, proceed to the instructions for HyperTerminal Setup Procedures.
HyperTerminal Setup Procedures If using a serial console, follow these procedures to create a HyperTerminal session on the serial console. A. Launch HyperTerminal by going to Start > Programs > Accessories > Communications > HyperTerminal: B.
C. At the Connect using field, select the COM port assigned to the serial port on the laptop (probably “COM1”), and then click OK to open the Properties dialog box, displaying the Port Settings tab: D. Specify the following session settings: • • • • • Bits per second: 9600 Data bits: 8 Parity: None Stop bits: 1 Flow control: Hardware E.
F. In the HyperTerminal session window, go to File > Properties to open the Properties dialog box, displaying the Connect To and Settings tabs: G. Click the Settings tab, and at the Emulation menu select “VT100”. H. Click OK to close the dialog box, and to go to the login screen. NOTE: If using a HyperTerminal session, the login screen will display with black text on a white background.
Step-by-Step Initial Setup Procedures For these step-by-step setup procedures, you will need your network administrator to provide you the LAN 1 and LAN 2 IP address and subnet mask, gateway IP address, DNS server IP address(es), host name of the server, and IP address for the Web interface (if using a NAT device). Login screen, password prompts The login screen displays after powering on the Threat Analysis Reporter unit using a monitor and keyboard, or after creating a HyperTerminal session.
E. At the Press the number of your selection prompt, press 2 to display the Administrator Password Entry screen: F. At the Enter the administrator password prompt, re-enter your password: #s3tup#r3k G. Press Enter to display the Administration menu where you can begin the step-bystep initial setup process using the configuration screens: H. At the Press the number of your selection prompt, press 2 to select the “Initial Setup step-by-step” process.
Configure Network Interface screen A. At the Enter interface LAN1 (eth0) IP address field, enter the IP address for the LAN 1 (Ethernet 0) interface, and then press Enter to go to the next screen. B. At the Enter interface LAN1 (eth0) netmask field, enter the subnet mask for the LAN 1 (Ethernet 0) interface using the dotted decimals notation format. Press Enter to display the confirmation prompt.
C. Press Y for “Yes” to confirm and save your entries for the LAN1 (eth0) interface, and to go to the next screen. D. At the Enter interface LAN2 (eth1) IP address field, enter the IP address for the LAN 2 (Ethernet 1) interface, and then press Enter to go to the next screen. E. At the Enter interface LAN2 (eth1) netmask field, using the dotted decimals notation format, enter the subnet mask for the LAN 2 (Ethernet 1) interface. Press Enter to display the confirmation prompt. F.
Configure default gateway screen A. At the Enter default gateway IP field, enter the IP address for the default gateway. Press Enter to display the confirmation prompt. B. Press Y for “Yes” to confirm and save your entry for the gateway IP address, and to go to the Configure Domain Name Servers screen.
A. At the Enter first DNS server IP field, enter the IP address for the primary Domain Name Server. Press Enter to go to the next screen. B. At the Enter (optional) second DNS server IP field, if you have a secondary Domain Name Server you wish to use, enter the IP address for that server. Press Enter to display the confirmation prompt. C. Press Y for “Yes” to confirm and save your entries for the domain name servers, and to go to the Configure Host Name screen.
A. At the Enter host name field, enter the host name of the server. Press Enter to display the confirmation prompt. B. Press Y for “Yes” to confirm and save your entry for the host name, and to go to the Time zone regional configuration screen. Time zone regional configuration screen A. Use the up and down arrows in your keyboard to select your region.
B. Use the up and down arrows in your keyboard to select your region. After selecting your locality, press Y for “Yes” to confirm and save your regional selection, and to go to the Configure Wizard user screen. Configure Wizard user screen A. At the Enter wizard user name field, enter the username that will be used to access the setup wizard in the Threat Analysis Reporter interface. Press Enter to display the confirmation prompt. B.
C. At the Enter wizard password field, enter the password that will be used to access the setup wizard in the Threat Analysis Reporter interface. Press Y for “Yes” to confirm and save your entry and to go to the Setup Wizard Confirmation screen. Setup Wizard Confirmation screen Press Y for “Yes” to save all your wizard entries and to return to the Administration menu. NOTE: When saving your entries, there may be a 4-10 second delay before the Administration menu displays.
System Status Screen The System Status screen contains the following information: • • • • • • • LAN1 (eth0) interface for web access and R3000 communications: LAN1 (eth0) IP address and netmask specified in screen 3 (Configure Network Interface), and current status (“Active” or “Inactive”) LAN2 (eth1) interface for bandwidth monitoring: LAN2 (eth1) IP address and netmask specified in screen 4 (Configure Network Interface), and current status (“Active” or “Inactive”) Default gateway IP address specified in
Physically Connect the Unit to the Network After performing initial setup procedures for the Threat Analysis Reporter, the unit should be physically connected to the network. This step requires a standard CAT-5E cable to connect the unit to the network. An additional CAT-5E cable is required if the Ethernet Tap unit will be installed for bandwidth monitoring. A. Plug one end of a standard CAT-5E cable into the Threat Analysis Reporter’s LAN 1 port, the port on the left. Portion of chassis rear B.
Step 2: Wizard Setup Procedures For this step, you will need your network administrator to provide you the following information: • • • IP range and netmask of machines on the network the Threat Analysis Reporter server will be monitoring R3000 IP address, port number to be used between the R3000 and Threat Analysis Reporter, and type of authentication method to be used (IP group or LDAP) 8e6 Enterprise Reporter server IP address and server name, if an ER unit is connected to the R3000 Access the Threat A
D. After reading the End User License Agreement, you have the option to do either of the following: • Click No to close both the EULA Agreement dialog box and the Threat Analysis Reporter interface. You will not be able to enable the Threat Analysis Reporter for use in your environment. • Click Yes to close the EULA Agreement dialog box and to open the Login dialog box: Proceed to the next sub-section: Log in to the Threat Analysis Reporter Administrator Console.
Step 1: Register administrator Step 1 is performed in the left side of the first screen of the wizard: A. Enter the username the global administrator will use when logging into the Threat Analysis Reporter Administrator console. The global administrator has the highest level of permissions in the Threat Analysis Reporter interface. B. Enter the password to be used with that username, and enter the same password again in the confirm password field. C.
D. Click the [+] Add tab beow to open the IP Range Information dialog box: E. Enter the IP address range for the bandwidth the Threat Analysis Reporter will monitor. F. Enter the Netmask for the IP range to be monitored, using the dotted decimals notation format. G. Click OK to close the dialog box and to display your entries in the list box: NOTE: Additional IP address ranges can be included by clicking the [+] Add tab again and making the entries described in steps E through G above.
To modify an IP address range, double-click the entry in the list box to highlight it and to display the [-] Remove tab to the left of the [+] Add tab: • To modify the entries made for the IP address range, click the [+] Add tab to reopen the IP Range Information dialog box and edit information, as necessary. Click OK to close the dialog box and to display the modified information in the list box. • To remove the entry for the IP address range from the list box, click the [-] Remove tab.
Step 2: Register R3000 & ER Step 2 is performed in the right side of the first screen of the wizard. R3000: Specify information for the R3000 to be used with the Threat Analysis Reporter: A. Click the [+] Add tab above the R3000 list box to open the R3000 Information dialog box: B. Enter the IP address of the R3000 server to be used with the Threat Analysis Reporter. In our example, this is: 200.100.160.74, which is the Ethernet 1 IP address of the R3000 server. C.
E. Click OK to close the dialog box and to display your entries in the list box: NOTE: Additional R3000 servers can be included by clicking the [+] Add tab again and making the entries described in steps A through E above.
• To modify the IP address and Server Name for the R3000 server, click the [+] Add tab to re-open the R3000 Information dialog box, and edit information as necessary. Click OK to close the dialog box and to display the modified information in the list box. • To designate an R3000 as the Master R3000 server, click the entry for the R3000 server in the list box to highlight it, and then click the Set as Master tab to display “Master” in the Master column for that entry in the list box.
ER: Respond to the question “Do you have an Enterprise Reporter?” by clicking the radio button corresponding to either “Yes” or “No”. • If “No” was selected, click NEXT > at the bottom right of the screen to go to Step 3. • If “Yes” was selected, the IP address and Server Name fields display in place of the radio buttons. The < Back button displays above the Server Name field.
Step 3: Register Gauges Step 3 requires you to specify settings for default gauges to be monitored by the Threat Analysis Reporter. These gauges will display in the Threat Analysis Reporter interface upon logging into the Administrator console. NOTE: Return to Step 1 or Step 2 by clicking the < BACK button in the lower left corner of this wizard screen.
View, Edit Gauge Components To view gauge components for a specified gauge, highlight and double-click the gauge name to populate the the fields to the right of the Gauge Groups list box. The following gauge criteria can be edited: • Name: The displayed gauge name to be used in the interface can be modified by making an entry in this field.
Step 4: Server Settings In Step 4, the following R3000 server information displays: Active Directory Settings, SMTP Server Settings, Patch Server Settings, PROXY Server Settings, NTP Server Settings: NOTE: Return to Step 3 by clicking the < BACK button in the lower left corner of this wizard screen. After reviewing the information in this screen, the following actions can now be performed: • To print this information, click the Print button.
Conclusion Congratulations; you have completed the Threat Analysis Reporter quick start procedures. Now that the Threat Analysis Reporter is running on your network, the next step is to set up user groups or administrator groups. You will set up and configure gauges thereafter. Obtain the latest Threat Analysis Reporter User Guide from our Web site at http:// www.8e6.com/docs/tar_ug.pdf.
LED Indicators and Buttons MSA Units Front LED Indicators and Buttons for Hardware Status Monitoring LED indicators and buttons for hardware status monitoring display on the front panel, located on the right side of the chassis (see diagram below). LED Indicator Key Button Key A = Power F = Reset B = HDD Activity G = Power C = LAN 1 Chassis control panel D = LAN 2 E = Overheat LED indicators alert you to the status of a feature on the unit while buttons let you perform a function on the unit.
Regulatory Specifications and Disclaimers Declaration of the Manufacturer or Importer Safety Compliance USA: UL 60950-1 2nd ed.
EC Declaration of Conformity European Community Directives Requirement (CE) Declaration of Conformity Manufacturer’s Name: 8e6 Technologies Manufacturer’s Address: 828 W.
Tap Installation Appendix: Optional Ethernet Tap Installation This appendix pertains to the optional installation of the Ethernet Tap unit for bandwidth monitoring. Preliminary Setup Procedures Unpack the Ethernet Tap Unit from the Box Open the NetOptics Ethernet Tap box and verify that all accessories are included. Save all packing materials in the event that the unit needs to be returned to 8e6 Technologies.
Tap Installation Install the Ethernet Tap Unit Diagram showing TAR Ethernet Tap installation on the network This step is a continuation from Physically Connect the Unit to the Network in Step 1A or following setup in Step 1B. The procedures outlined in this step require the use of a CAT-5E cable. A. Provide power to the Ethernet Tap by connecting both power cords from the unit to the power source. AC power in rear panel of NetOptics 10/100BaseT Tap B.
Tap Installation C. Using a crossover cable, connect one end to the Switch’s port configured to be the destination port of the Port Mirror. If adding a Threat Analysis Reporter to an existing installation, this port would be the port that was originally occupied by the listening interface of the R3000. D. Connect the other end of the crossover cable to the Ethernet Tap’s Network A port. Ports in front panel of NetOptics 10/100BaseT Tap E.
Index C crossover cable 51, 53 E EMC 49, 50 F FCC 49 H HyperTerminal Setup 21 I ICES-003 49 Install TAP 51 L Login screen 24 LVD 49 M MSA 20, 48, 50 P Power Supply Precautions 15 R R3000 1, 19, 35, 40, 41, 42, 46, 52, 53 Rack Setup Precautions 6 RoHS compliant 50 S serial port cable 19, 20 U UL 49 54 8e6 Threat Analysis Reporter Quick Start Guide
8e6 Corporate Headquarters (USA): 828 West Taft Avenue Orange, CA 92865-4232 • Tel: 714.282.6111 or 888.786.7999 Fax: 714.282.6116 (Sales/Technical Support) • 714.282.6117 (General Office) Satellite Office: 8e6 Taiwan: 7 Fl., No. 1, Sec. 2, Ren-Ai Rd., Taipei 10055, Taiwan, R.O.C.
