Fire-Eye ENDPOINT SECURITY HX 4502 Instruction Manual
ENDPOINT SECURITY
HARDWARE ADMINISTRATION GUIDE
HX 4502
FEI-012
ENDPOINT SECURITY / 2019
F I R E E Y E T E C H N I C A L D O C U M E N T A T I O N
FireEye and the FireEye logo are registered trademarks of FireEye, Inc. in the United
States and other countries. All other trademarks are the property of their respective
owners.
FireEye assumes no responsibility for any inaccuracies in this document. FireEye
reserves the right to change, modify, transfer, or otherwise revise this publication
without notice.
Copyright © 2019 FireEye, Inc. All rights reserved.
Endpoint Security Hardware Administration Guide
Revision 1
FireEye Contact Information:
Website:www.fireeye.com
Technical Support: https://csportal.fireeye.com
Phone (US):
1.408.321.6300
1.877.FIREEYE
Contents
CHAPTER 1: The HX 4502 5
The Front View 6
LEDs 6
Chassis 7
Buttons 7
The Rear View 8
Power Port 8
I/O Ports 8
Management Ports 8
Disabled Ports 8
CHAPTER 2: Deployment 9
CHAPTER 3: Installation 11
Before You Begin 11
Installation Site Guidelines 11
Rack Precautions 12
Server Precautions 13
Rack-Mounting Precautions 13
Power Requirements 13
Ventilation Requirements 14
Cabling Requirements 14
Rack Installation 14
Installing the Outer Rails on the Rack 14
Mounting the Appliance on the Rack 15
Attaching Cables to the Appliance 15
Turning On the Appliance 15
Contents
©2019 FireEye 3
CHAPTER 4: Replacements 17
Return Process 17
Removing and Replacing a Disk Drive 17
Removing and Replacing a Power Supply Unit 18
Appendices 19
Appendix 1: System Specifications 19
Appendix 2: Product Compliance Information 21
Technical Support 23
Documentation 23
Contents
4 ©2019 FireEye
CHAPTER 1: The HX 4502
The FireEye HX 4502 extends your ability to detect and block advanced malware on your
endpoints on or off your premises. It automates data collection among your endpoints to
correlate events, providing you with better insight for the remediation and prevention of
advanced attacks.
©2019 FireEye 5
Endpoint Security Hardware Administration Guide
The Front View
1) Bezel Release 4) LAN 2 LED
2) Universal Information LED 5) Device Activity LED
3) LAN 1 LED 6) PowerLED
lBezel Release: Slide the release tab to the right to remove the bezel from the
appliance to access the chassis.
LEDs
The front panel has LEDs that provide critical information about parts of the appliance.
The following table describes each LED.
LED Flashing Steady Off Normal
State
Universal
Information
Flashing once
per second and
red indicates
fan failure.
Flashing once
every four
seconds and
red indicates
power failure.
Flashing and
blue indicates
IPMI-activated
UID.
Solid and red indicates
overheating, which may be cause
by cables obstructing the airflow
in the appliance or the ambient
room temperature being too high.
Solid and blue indicates the local
UID button has been pressed.
Operating
normally
Off
LAN 1 Network
activity via
ether1 port
N/A No
activity
Flashing
Endpoint Security Hardware Administration Guide CHAPTER 1: The HX 4502
6 ©2019 FireEye
The Front View
LED Flashing Steady Off Normal
State
LAN 2 Network
activity via
pether2 port
N/A No
activity
Flashing
Device
Activity
Operating
normally
N/A No
activity
Flashing
Power N/A Operating normally Not
drawing
power
Steady
Chassis
1) Disk Drive Carrier 3) Reset Button
2) Unit Identifier Button 4) Power Button
lDisk Drive Carrier: Each carrier can house a hot-swappable disk drive.
Buttons
The chassis has one reset button, one power button, and one UID button.
lUnit Identifier Button: Pressing this button illuminates an LED on both the front
and rear of the chassis for easy system location. The LEDs remain on until the
button is pressed a second time.
lReset Button: Use the reset button to restart the appliance.
lPower Button: Use the power button to turn the appliance on or off. Turning off the
power with this button removes the main power but keeps the standby power
supplied to the appliance. Therefore, unplug the appliance before servicing.
©2019 FireEye 7
The Rear View
1) Power Port 6) ether1 (RJ45) Management 1 Port
2) Serial Console Port 7) ether2 (RJ45) Management 2 Port
3) IPMI/Serial over Ethernet Port 8) Video Port
4) USB 2.0 Ports 9) Disabled Port
5) USB 3.0 Ports 10) Disabled Port
Power Port
lPower: Connect your power source to this port to provide power to the appliance.
The appliance comes with one redundant power supply unit for use if the primary
unit fails.
I/O Ports
lVideo: Connect a monitor to this port to view the appliance's command-line
interface.
lUSB 2.0: These ports are USB 2.0 compliant.
lUSB 3.0: These ports are USB 3.0 compliant.
lSerial Console: Connect to this port to manage the appliance from your terminal.
Management Ports
lether (RJ45): Connect your LAN to this port to enable remote access to the CLI and
Web UI. The RJ45 connector is a 10/100/1000BASE-T port.
lIPMI: Connect for access to out-of-band management functions, including power
control, console redirection, and appliance health status. The connector is a
100BASE-T port.
Disabled Ports
These ports are disabled by design.
Endpoint Security Hardware Administration Guide CHAPTER 1: The HX 4502
8 ©2019 FireEye
CHAPTER 2: Deployment
The HX 4502 appliance is typically deployed in tandem with an HX 4502D appliance. The
HX 4502 appliance manages Endpoint Security Agents within the LAN. The HX 4502D
appliance resides within a DMZ and manages remote endpoints. The diagram below
illustrates the typical deployment of Endpoint Security appliances.
It is not a requirement to deploy the HX 4502D appliance in the same network as the
HX 4502 appliance. The HX 4502D can be deployed in another network with its own
Internet connection. As long as port HTTPS 6800 is open, the two Endpoint Security
appliances will be able to communicate securely.
Prerequisites
Before connecting the HX 4502 and HX 4502D appliances to your network, ensure that
your network device provides 10/100/1000BASE-T Ethernet output.
©2019 FireEye 9
Endpoint Security Hardware Administration Guide
Cabling
To connect the HX 4502 appliance to your network:
1. Connect one end of an Ethernet cable to the HX 4502 appliance’s ether1 port.
2. Connect the other end of the Ethernet cable to your LAN-facing switch.
To connect the HX 4502D appliance to your network:
1. Connect one end of an Ethernet cable to the HX 4502D appliance’s ether1 port.
2. Connect the other end of the Ethernet cable to your Internet-and-LAN-facing firewall.
Endpoint Security Hardware Administration Guide CHAPTER 2: Deployment
10 ©2019 FireEye
CHAPTER 3: Installation
This chapter provides information about the site requirements of your installation location.
Before You Begin
Follow the steps in this section before you install the appliance.
Before Opening the Box
lReview the Packing Slip contained in the plastic slip attached to the top of the box.
Ensure the shipment contains the correct appliance.
lEnsure the serial number listed on the Packing Slip matches the one specified on the
sticker located on one side of the box.
lIf there appears to be damage to the box, file a damage claim with the carrier who
delivered it.
Unpacking the Appliance
Carefully remove the appliance from the box in an area away from heat, electrical noise,
and electromagnetic fields.
Ensure your box contains:
lThe correct appliance model
lAn accessory kit
lOnline Documents Portal Referral
lA rail kit
Installation Site Guidelines
Follow these guidelines when you select an installation site:
©2019 FireEye 11
Endpoint Security Hardware Administration Guide Before You Begin
lLeave enough clearance in front of the rack for its door to open completely without
obstruction.
lAvoid environments that produce heat, electrical noise, and electromagnetic fields.
lOnly install the appliance in a restricted access location such as a service closet or
dedicated equipment room.
lMake sure the location is properly ventilated.
lMake sure there is sufficient space for air flow.
Rack Precautions
FireEye recommends that you mount the appliance in a standard 19-inch rack. The vertical
hole spacing on the rack rails must meet standard ANSI/EIA-310-C requirements.
Consider the following before installing your appliance in the rack:
lEnsure the leveling jacks on the bottom of the rack are fully extended to the floor
with the full weight of the rack resting on them.
lIn a single-rack installation, stabilizers should be attached to the rack.
lIn a multiple-rack installation, the racks should be coupled together to increase their
stability.
lAlways make sure the rack is stable before extending a component from the rack.
lOnly extend one component from the rack at a time—extending two or more
simultaneously may cause the rack to become unstable.
lEnsure your rack meets the safety requirements of UL 60950-1.
STABILITYHAZARD: The rack may tip over causing serious personal
injury. To prevent injury:
lBefore extending the rack to the installation position, read the
installation instructions.
lDo not put any load on the slide-rail mounted equipment when the
rails are extended in the installation position.
lDo not leave the slide-rail mounted equipment with the rails
extended in the installation position.
Endpoint Security Hardware Administration Guide CHAPTER 3: Installation
12 ©2019 FireEye
Server Precautions
Server Precautions
FireEye recommends reviewing the electrical and general safety precautions that came with
each component you intend to install in the rack.
Review the following before installing the appliance in the rack:
lDetermine the placement of each component in the rack.
lEnsure there is a minimum clearance of six inches behind the chassis to allow for
easy cable management.
lInstall the heaviest component at the bottom of the rack first, then move up.
lAllow hot-swappable power supply units, disk drives, and transceivers to cool
before handling them.
lUse a regulating uninterruptible power supply to protect your components from
voltage spikes, power surges, and failure during a power outage.
lKeep all of the rack's doors and panels closed when you are not servicing the
components.
Rack-Mounting Precautions
Consider the following safety precautions when you install the appliance in the rack:
lMake sure the appliance is grounded at all times to prevent damage from
electrostatic discharge.
lUse an electrostatic wrist guard when handling the appliance.
lAt least two technicians should be involved to install the appliance safely.
lFireEye recommends only individuals with rack-mounting experience should install
the appliance.
lInstall the appliance in an environment compatible with the manufacturer's
maximum recommended ambient temperature (TMRA) for each component in your
rack.
Power Requirements
The HX uses a 750 W power supply unit with an input rating of 100-240 VAC (±10%), 8-
4.5 A at 50-60 Hz.
©2019 FireEye 13
Ensure your power source has sufficient electrical overload protection. In North America,
connect the rack to a power source with over-current protection that complies with UL 489.
In Europe, the over-current protection must comply with IEC standards.
Ventilation Requirements
Ventilation and optimal location are essential to the proper operation of the Endpoint
Security appliance. Give the unit at least six inches of space around ventilation openings
so that adequate ventilation is possible.
The Endpoint Security appliance draws air through the front and expels it out the back.
Note the direction of the air intake and exhaust of the other components in the rack to
ensure safe ventilation of all components involved.
Cabling Requirements
The HX ships with the following cables:
l(2) 6 ft AC power cord, SVT, 60oC, 3x18AWG (0.824mm2)
l(1) 6 ft null modem DB9 female serial cable
You must provide any additional cables required to connect your system to the network
and other devices. Do not exceed the maximum run length of the additional cables you
provide.
Rack Installation
This section explains how to install your appliance in a standard 19-inch wide rack with
the equipment provided. Because various rack units are available, the assembly procedure
may differ slightly from the following instructions. Refer to the installation instructions
that came with your rack.
Installing the Outer Rails on the Rack
1. Attach a short bracket to the front end of the right outer rail and a long bracket to
the rear end of the right outer rail.
2. Adjust the length of the right outer rail to the size of the rack.
Endpoint Security Hardware Administration Guide CHAPTER 3: Installation
14 ©2019 FireEye
Attaching Cables to the Appliance
3. Attach the right outer rail to the right side of the rack using the screws provided.
4. Repeats steps 1-3 with the left outer rail.
Mounting the Appliance on the Rack
1. Align the rear of the inner rails installed on the appliance with the front channels of
the outer rails installed on the rack.
2. Slide the appliance about halfway into the rack.
3. Press the rail-release notches down on both rails and slide the appliance fully into
the rack.
4. (Optional) Further secure the appliance to the rack by inserting screws through the
ears of the appliance and fastening them to the rack.
Attaching Cables to the Appliance
1. Connect the HX Series appliance to one or more network devices using the cables
appropriate to the deployment of your choice.
2. Connect the power cable or cables to the power port or ports on the back of the
appliance.
Turning On the Appliance
Power on the appliance by pressing the power button behind the bezel.
©2019 FireEye 15
Endpoint Security Hardware Administration Guide CHAPTER 3: Installation
16 ©2019 FireEye
CHAPTER 4: Replacements
Return Process
If you believe you have a defective part or system, you must first contact FireEye Technical
Support, who will validate the claim. If the part or system is defective, Technical Support
will initiate a Return Materials Authorization (RMA) and guide you through the process.
For more information, visit www.fireeye.com/legal.
Replacing the HX appliance requires manual configuration of the HX Bookmark
ID to retrieve relevant IOCs in a timely manner from the CM. See the Endpoint
Security Deployment Guide for more information.
Removing and Replacing a Disk Drive
Perform the following steps to remove and replace a disk drive:
1. Slide the bezel release tab to the right to unlatch it from the chassis.
2. Gently remove the bezel from the appliance to reveal the disk drives.
3. Locate the disk drive carrier that contains the failed disk drive.
4. Push the maroon button to release the latch handle.
5. Carefully pull the latch handle forward.
6. Pull the handle to slide the disk drive from its slot.
7. Slide the new drive into the empty slot. When the drive is fully inserted into the slot,
push the latch handle in until it clicks.
©2019 FireEye 17
Endpoint Security Hardware Administration Guide Return Process
Removing and Replacing a Power Supply
Unit
Perform the following steps to remove and replace a power supply unit (PSU):
1. At the rear of the appliance, remove the power cable from the failed PSU.
2. Press the release lever toward the handle in a pinching gesture to unlatch the unit
and, while continuing to squeeze, pull out the PSU.
3. Insert the replacement PSU in the slot and slide it in until it clicks into place.
Endpoint Security Hardware Administration Guide CHAPTER 4: Replacements
18 ©2019 FireEye
Appendices
Appendix 1: System Specifications
The table below provides the technical specifications for the FireEye HX 4502.
Component HX 4502 Specifications
Form Factor 1U rack-mount
Weight of Appliance 30 lbs (13.6 kg)
Weight of Packaged Appliance 41 lbs (18.6 kg)
Dimensions
(W x D x H)
17.2 x 25.6 x 1.7 inches
(437 x 650 x 43.2 mm)
Enclosure 1 RU, fits 19-inch rack
Management Interfaces (2) 10/100/1000BASE-T ports
Processor Intel® E3-1240 v5, 4-core@ 3.50 GHz
Memory 64 GB (4 x 16 GB)
Drive Capacity (4) 4 TB HDD,
RAID 10,
3.5 inch,
FRU
AC Power Supply Redundant (1+1),
FRU,
750 W @ 100-240 VAC (±10%)
8-4.5 A, 50/60 Hz
IEC60320-C14 inlet
Maximum Power Consumption 245 W
©2019 FireEye 19
Endpoint Security Hardware Administration Guide Appendix 1: System Specifications
Component HX 4502 Specifications
Operating Temperature 10° to 35° C
Maximum Thermal Dissipation 836 BTU/hour
Endpoint Security Hardware Administration Guide Appendices
20 ©2019 FireEye
Table of contents
