Skybox Securoty Appliance 8000 User manual
Skybox Appliance 8000
Quick Start Guide
10.1.200
CentOS Linux release 7.7.1908 (Core)
Proprietary and Confidential to Skybox Security. © 2020 Skybox Security,
Inc. All rights reserved.
Due to continued product development, the information contained in this
document may change without notice. The information and intellectual property
contained herein are confidential and remain the exclusive intellectual property of
Skybox Security. If you find any problems in the documentation, please report
them to us in writing. Skybox Security does not warrant that this document is
error-free.
No part of this publication may be reproduced, stored in a retrieval system, or
transmitted in any form or by any means—electronic, mechanical, photocopying,
recording, or otherwise—without the prior written permission of Skybox Security.
Skybox®, Skybox®Security, Skybox Firewall Assurance, Skybox Network
Assurance, Skybox Vulnerability Control, Skybox Threat Manager, Skybox
Change Manager, Skybox Appliance 5500/6000/7000/8000/8050, and the
Skybox Security logo are either registered trademarks or trademarks of Skybox
Security, Inc., in the United States and/or other countries. All other trademarks
are the property of their respective owners.
Contact information
Contact Skybox using the form on our website or by emailing
info@skyboxsecurity.com
Customers and partners can contact Skybox technical support via the Skybox
Support portal
Skybox version 10.1.200 3
Overview ............................................................................................... 5
Basic architecture.....................................................................................5
Related documentation..............................................................................5
Skybox Appliance specifications ................................................................ 6
Before you open the box ...........................................................................6
What’s in the box .....................................................................................6
Physical specifications ...............................................................................7
Environmental specifications ......................................................................7
MTBF estimates for Skybox Appliance .........................................................8
Front panel..............................................................................................9
Back panel connectors.............................................................................10
File system partitions..............................................................................10
Setting up Skybox Appliance ...................................................................11
Hardware installation ..............................................................................11
Starting Skybox Appliance .......................................................................11
System configuration ..............................................................................12
Configuring connection.......................................................................12
Setting up the Appliance for configuration ............................................17
First-time configuration......................................................................17
What’s next ...........................................................................................17
Configuring the Appliance .......................................................................19
Configuration and management options.....................................................19
Setting up network interface bonding........................................................21
Supported bond modes ......................................................................21
Setting up SNMP configuration .................................................................23
RADIUS authentication............................................................................23
LDAP authentication................................................................................24
Changing the TLS version ........................................................................25
Sending CentOS logs to a remote syslog server..........................................28
Customizing the syslog server .................................................................29
Setting up TCP and UDP listeners .............................................................29
How to work with syslog files ...................................................................29
Skybox Manager Installation....................................................................31
Skybox Manager system requirements ......................................................31
Contents
Skybox Appliance 8000 Quick Start Guide
Skybox version 10.1.200 4
Installing Skybox Manager.......................................................................32
Upgrading Skybox Manager .....................................................................32
Updating the operating system on Skybox Appliance ..................................34
ISO burning ..........................................................................................36
SSH hardening.......................................................................................37
Firmware updates for Skybox Appliance....................................................38
Checking your firmware revision via the console.........................................38
Checking your firmware revision via RMM..................................................39
Preparing to update ................................................................................41
Updating via the console .........................................................................42
Updating via RMM...................................................................................42
Updating the firmware........................................................................42
Configuring Java for login ...................................................................48
Adding your own certificate .....................................................................52
Exporting the Server certificate and private key from the Java keystore ........53
Restoring the Appliance to factory defaults................................................55
Monitoring SNMP....................................................................................56
Troubleshooting.....................................................................................58
Wiping the hard disk drive.......................................................................59
CIS benchmarks for CentOS 7 .................................................................60
Regulatory and safety information............................................................67
Product regulatory compliance .................................................................67
Safety compliance .............................................................................67
EMC compliance – Class A compliance..................................................67
Environmental requirements ...............................................................68
Regulatory compliance markings ..............................................................68
Electromagnetic compatibility notices for the server board...........................71
Skybox version 10.1.200 5
Chapter 1
Skybox®Appliance is a hardware solution that enables you to deploy Skybox
without the burden of maintaining your own server.
Skybox®is an Automated Risk and Compliance Management (ARCM) platform
that helps enterprise IT departments to discover and resolve potential security
and compliance risks before they impact your organization.
Skybox is a multi-tier platform. Skybox Appliance runs the Skybox Server and
users run Skybox Managers (clients) that connect to the Skybox Server over the
network. Skybox also runs an additional Skybox component, the Skybox
Collector, which connects to data sources and imports the data to the Skybox
Server.
The Skybox Server and Collector are preinstalled on Skybox Appliance and run at
startup.
In this chapter
Basic architecture ................................................................. 5
Related documentation.......................................................... 5
Basic architecture
The Skybox platform consists of a 3-tiered architecture with a centralized server
(Skybox Server), data collectors (Skybox Collectors), and a user interface
(Skybox Manager). Skybox can be scaled to suit the complexity and size of any
infrastructure.
See the Skybox architecture topic in the Skybox Installation and Administration
Guide.
Related documentation
Related documentation includes:
›Skybox online help
›Skybox documentation
Note: If you are not using the latest version of Skybox, you can find the
documentation for your version at
http://downloads.skyboxsecurity.com/files/Installers/Skybox_Vi
ew/<your major version/<your minor version>/Docs. For example,
http://downloads.skyboxsecurity.com/files/Installers/Skybox_Vi
ew/10.0/10.0.400/Docs
Overview
Skybox version 10.1.200 6
Chapter 2
This chapter contains product specifications and packaging information for
Skybox Appliance 8000.
In this chapter
Before you open the box........................................................ 6
What’s in the box.................................................................. 6
Physical specifications ........................................................... 7
Environmental specifications .................................................. 7
MTBF estimates for Skybox Appliance...................................... 8
Front panel .......................................................................... 9
Back panel connectors......................................................... 10
File system partitions .......................................................... 10
Before you open the box
Inspect the shipping carton to ensure that the packaging has not been damaged
and verify that all tamper evident seals are intact. Verify that the Appliance serial
number, purchase order number, and FedEx tracking number match the
information provided by Skybox Customer Support.
What’s in the box
The following items are included in the shipping carton:
›Skybox Appliance
›Rack mount kit
›Front bezel
›2 AC power cords
›RJ45 to DB9 serial console cable
›Skybox Quick Start Guide
›2 DVDs
•
Skybox: Installs Skybox on the Skybox Appliance; it contains the Skybox
software and additional Appliance documentation
•
Restore Appliance: Restores the Skybox Appliance to factory settings
Skyb
ox Appliance specifications
Chapter 2 Skybox Appliance specifications
Skybox version 10.1.200 7
Physical specifications
The physical features of Skybox are listed in the following table.
Feature Description
Form factor 1U rack mount chassis
Rack dimensions
(H x W x D) 1.7” x 17.25” x 28” (43.2 mm x 438.15 mm x 712 mm)
Weight
•System weight: 27.1 lb (12.3 kg)
•Packaged weight: 47 lb (21.3 kg)
Power supply 750 W redundant AC
Data storage Embedded Software SATA RAID
•Intel®Rapid Storage Technology enterprise (RSTe) 4.1
•Intel®Embedded Server RAID Technology 2 (ESRT2)
1.41 with optional RAID 5 key support
System cooling
•6 managed 40 mm dual-rotor system fans
•2 power supply fans
Front panel
features
•1 power button with integrated LED
•1 system ID button with integrated LED
•1 system status LED
•2 NIC LEDs
•1 HDD activity LED
•1 system cold reset button
•2 USB 2.0 / 3.0 connectors
•DB-15 video connector
•Bezel with lock support
External I/O
connectors
(back panel)
•DB-15 video connector
•RJ45 serial port A connector
•Dedicated RJ45 server management NIC
•2 RJ-45 10000baseT network interfaces (10GB
Ethernet LAN): eno1 and eno2
•4 RJ-45 1000baseT network interfaces (1GB Ethernet
LAN): eno3, eno4, ens513f2 and ens51f3
•3 USB 2.0 / 3.0 Ports
Compliant
standards CE, UL, VCCI, BSMI, GS, ICES-003, FCC Part 15, IEC
60950-1, and more
For detailed information, see Regulatory and safety
information (on page 67).
Environmental specifications
Environmental specifications for Skybox are listed in the following table.
Property Limits
Operating
temperature
•ASHRAE Class A2: Continuous Operation. 10ºC to
35ºC (50ºF to 95ºF) with the maximum rate of change
not to exceed 10°C per hour
•ASHRAE Class A3: Includes operation up to 40ºC for
up to 900 hours per year
•ASHRAE Class A4: Includes operation up to 45ºC for
up to 90 hours per year
Shipping
temperature -40°C to +70°C (-40°F to 158°F)
Skybox Appliance 8000 Quick Start Guide
Skybox version 10.1.200 8
Property Limits
Non-operating
humidity 50% to 90%, non-condensing with a maximum wet bulb
of 28°C (at temperatures from 25°C to 35°C)
Shock
•Operating: Half sine, 2 g peak, 11 msec
•Unpackaged: Trapezoidal, 25 g, velocity change is
based on packaged weight
•Packaged: ISTA (International Safe Transit
Association) Test Procedure 3A 2008
Vibration
•Unpackaged: 5 Hz to 500 Hz, 2.20 g RMS random
•Packaged: ISTA (International Safe Transit
Association) Test Procedure 3A 2008
ESD
•Air Discharge: 12.0 kV
•Contact Discharge: 8.0 kV
System cooling
requirement
•2352.3 BTU/hour for 115-volt power
•2302.3 BTU/hour for 220-volt power
MTBF estimates for Skybox Appliance
The estimated mean time between failures (MTBF) and Failures in Time (FIT) for
Skybox Appliance 8000 are listed in the following table.
Component MTBF (hours) Estimated FIT
4” x 3.5” 12 Gb Hot Swap
Backplane – SATA/SAS 9579145 104
1-Slot Riser Card (per card) 20060338 50
Standard Front Panel 5053932 198
Intel®Server Board S2600WTT 230615 4336
AC 750W Platinum 537582 1860
Fan kit, 6 fans 50799 19685
Total FIT rate 26284
System MTBF hrs @ 40°C 38084
System MTBF hrs @ 35°C 48577
System MTBF hrs @ 25°C 63263
Model: Telcordia Issue 3*
Method 1 Case 3
Duty cycle 100%
Quality Level II
Note: The estimates listed here are for Appliance in 35°C ambient air with a rise
of up to 10°C at the Server Board.
Chapter 2 Skybox Appliance specifications
Skybox version 10.1.200 9
Front panel
The Appliance front panel includes 2 USB connectors, a power button, and LEDs.
Power button and LEDs
Letter Feature
A System ID button with integrated LED
B NMI button (recessed; tool required for use)
C NIC1 activity LED
D System cold reset button
E System status LED
F Power button with integrated LED
G Hard drive activity LED
H NIC2 activity LED
Front panel LED functions
LED Color / State Description
Power/Sleep
Green / on Power on
Green / blinking Sleep
Off Power off
NIC LEDs
Green / on Network link but no network activity
Green / blinking Network activity
Off No link
System Status
Green / on System ready/no alarm
Green / blinking System ready but degraded:
Redundancy lost (for example, a
power supply or fan failure); non-
critical temperature or voltage
threshold reached; battery failure; or
predictive power supply failure.
Skybox Appliance 8000 Quick Start Guide
Skybox version 10.1.200 10
LED Color / State Description
Amber / on Critical Alarm: Critical power modules
failure, critical fans failure, voltage
(power supply), critical temperature
and voltage
Amber / blinking Non-Critical Alarm: Redundant fan
failure, redundant power module
failure, non-critical temperature and
voltage
Off Power off: System unplugged
Power on: System powered off and in
standby, no prior degraded/non-
critical/critical state
Back panel connectors
The Appliance back panel includes the connectors shown in the following figure.
By default:
›NIC1 / eno1 is enabled and configured as DHCP
›NIC2 / eno2 is enabled and configured as static with the IP address:
192.168.1.1 /24
You can change these values.
File system partitions
The Skybox Appliance file system is partitioned as follows:
›SWAP: 4 GB
›/tmp: 5% of the entire space
›/: 20% of the entire space
›/var: 45% of the entire space
›/opt: All remaining space on the disk
Skybox version 10.1.200 11
Chapter 3
This chapter explains how to set up Skybox Appliance.
In this chapter
Hardware installation .......................................................... 11
Starting Skybox Appliance ................................................... 11
System configuration .......................................................... 12
What’s next........................................................................ 17
Hardware installation
Before you start
Before installing the rack mount kit, observe these safety guidelines:
1Turn off all peripheral devices connected to Skybox Appliance.
2Turn off Skybox Appliance by pressing the Power button on the front of the
chassis and then unplug the AC power cords from the chassis or wall outlet.
3Label and disconnect all peripheral cables and all telecommunications lines
connected to I/O connectors or ports on the back of the chassis.
4Provide electrostatic discharge (ESD) protection by wearing an antistatic wrist
strap attached to a chassis ground—any unpainted metal surface—when
handling components.
Required tools and supplies
›Phillips (cross head) screwdriver (#1 bit and #2 bit)
›(Recommended) Antistatic wrist strap and conductive foam pad
Installation
To install your Skybox Appliance, refer to the installation instructions included
with the rack mount kit.
Starting Skybox Appliance
To start the Appliance
1Connect the AC power cords to the AC connectors on the Appliance back panel
and connect the other ends to a power supply.
Note: You can use Skybox with either a 110- or 220-volt power supply.
Setting up Skybox Appliance
Skybox Appliance 8000 Quick Start Guide
Skybox version 10.1.200 12
2On the Appliance front panel, press the Power button.
3Lock the front bezel in place using the key provided.
System configuration
Before running the Skybox Server, configure Skybox Appliance to be part of your
network and perform initial system configuration.
CONFIGURING CONNECTION
Before using the Skybox Appliance Administration, configure connection of
Skybox to your network locally using any of:
›The RMM interface on the Appliance
›A console (mouse, keyboard, and screen) connection
›A serial port connection
›A network connection via static NIC
Note: For a figure of the connectors used in the following procedures, see Back
panel connectors (on page 10).
Configuration via the RMM interface
You can connect to the Appliance via its RMM interface by connecting a network
cable to the RMM port.
The RMM interface is preconfigured with the DHCP server. However, you must
configure Java to work with RMM.
Configuring Java to work with RMM
This procedure configures Java security on your computer to recognize the RMM
interface of the Appliance machine so that you can log in to the RMM interface of
the Appliance machine from your computer.
Chapter 3 Setting up Skybox Appliance
Skybox version 10.1.200 13
To configure Java security on your Windows machine to work with RMM
1From the Windows Start menu, select Configure Java.
Skybox Appliance 8000 Quick Start Guide
Skybox version 10.1.200 14
2In the Java Control Panel dialog box, click the Security tab.
3In the Exception Site List field, add the URL of the RMM interface of the
Appliance machine.
Note: If you do not know the URL of the RMM interface, as root user on
the Appliance machine run ipmitool lan print 1
Configuring the RMM administrator
You must change the administrator password on RMM.
To change the RMM administrator password
1Reboot the Appliance.
2During the boot process, press F2 to open the BIOS setup.
3From the menu, select Server Management.
4Select BMC LAN configuration.
5Select User Configuration to configure the RMM user.
On the User Configuration page:
a. Click User ID and select an unused user ID to be the RMM user.
b. Configure the user:
Chapter 3 Setting up Skybox Appliance
Skybox version 10.1.200 15
—Privilege: Select Administrator.
—User Status: Select Enabled.
—User Name: Type the desired name. (Note: The name of the
anonymous user cannot be changed.)
—User Password: Type the desired password twice.
6When you are finished, press F10 to save and exit the configuration.
The Appliance boots with the RMM interface configured with the user that you
provided.
Troubleshooting the RMM IP address
To change the IP address of the RMM interface
1Reboot the Appliance.
2During the boot process, press F2 to open the BIOS setup.
3From the menu, select Server Management.
4Select BMC LAN configuration.
•
If you are using DHCP: The system assigns the host name of the RMM
interface and its IP address.
Note that you can configure the host name at the bottom of the page, in
the BMC hostname field.
•
If you are using a Static address: Provide the IP address, netmask, and
gateway IP address.
5When you are finished, press F10 to save and exit the configuration.
The Appliance boots with the RMM interface configured with the user that you
provided.
Configuration via console
To configure connection using a mouse, keyboard, and screen
1Connect one end of a standard network cable to the NIC 1 (eno1) port on the
Appliance back panel; connect the other end of the cable to a network socket.
2Connect a mouse, keyboard, and screen to the connectors on the Appliance
back panel.
3Log in to the Appliance using the default user name (root) and the default
password (skyboxview).
4Configure a network interface with an IP address, netmask, and default
gateway:
a. Run the command set_appliance_network
b. Select a network interface to configure.
c. Select the IP mode (static or DHCP).
—If you select static mode, provide the IP address, netmask, and default
gateway.
Skybox Appliance 8000 Quick Start Guide
Skybox version 10.1.200 16
5If you are using DHCP, run ifconfig, and note the IP address assigned to
the Appliance. You need it later.
Configuration via serial port
To configure connection using a serial port connection
1Connect one end of the serial cable to a serial port on the management
computer; connect the other end to the serial port on the Appliance.
2On the management computer start a terminal emulation program, select the
port that you connected to in the previous step, and configure the following
port settings:
•
Bits per second: 9600
•
Data bits: 8
•
Parity: none
•
Stop bits: 1
•
Flow control: none
•
(If using PuTTY as your terminal emulator) Character set translation on
received data: UTF-8
3Press the Power button on the Appliance front panel and verify that the Power
LED turns green.
4Log in to the Appliance using the default user name (root) and the default
password (skyboxview).
5Configure a network interface with an IP address, netmask, and default
gateway:
a. Run the command set_appliance_network
b. Select a network interface to configure.
c. Select the IP mode (static or DHCP).
—If you select static mode, provide the IP address, netmask, and default
gateway.
6If you are using DHCP, run ifconfig, and note the IP address assigned to
the Appliance. You need it later.
Configuration via network port
You can connect to the Appliance via the preconfigured static network port
(eno2), whose IP address is 192.168.1.1 /24.
To configure connection via eno2
1Configure the IP address of the client side to a different IP address on the
same network. For example, 192.168.1.50 /24.
2In your browser, connect via the IP address for eno2:
https://192.168.1.1:444/
Chapter 3 Setting up Skybox Appliance
Skybox version 10.1.200 17
SETTING UP THE APPLIANCE FOR CONFIGURATION
To prepare for configuring the system remotely
1From a different machine on the network, open a browser to connect to the
Skybox Appliance Administration using the following URL (<Appliance IP
address> is the IP address of the Appliance that you configured in Configuring
connection (on page 12)):
•
https://<Appliance IP address>:444
2The default user name is skyboxview; the default password is skyboxview.
The Skybox Appliance Administration main page appears.
FIRST-TIME CONFIGURATION
You must change the passwords and configure the date and time before using
the Skybox Server. All other settings are optional; you can configure them later.
To change the passwords
1On the Security tab, select Appliance Passwords.
2To change the root password of the machine, click Change Root Password.
3To change the Appliance Administration password, click Change Skyboxview
Password.
To configure the date and time
1On the System tab, select Date and Time Configuration.
2To configure the date and time manually:
a. Select Manual Date and Time Configuration.
b. Click Change Date and Time; set the date and time for Skybox’s time
zone.
c. Click Change Time Zone; set the time zone for the location of the
Appliance, so that reports and other data are timestamped correctly.
3To set the date and time from NTP servers:
a. Select Automatic Date and Time Configuration Using NTP Server.
b. Click Change NTP Servers; add the IP address or DNS of up to 3 NTP
servers to use.
If you specify multiple NTP servers, the Appliance synchronizes to the
average time between the servers.
c. Click Change Time Zone; set the time zone for the location of the
Appliance, so that reports and other data are timestamped correctly.
What’s next
Skybox Manager is the client application that communicates with the Server.
After installing and configuring the Appliance, you must install Skybox Manager
on at least 1 remote machine (see Skybox Manager Installation (on page 31)).
Skybox Appliance 8000 Quick Start Guide
Skybox version 10.1.200 18
Using Skybox for change tracking
You can use Skybox to track changes on firewalls. Although much change
information can be collected directly from the firewalls, additional information
(including a timestamp and the user who made the change) is available only
from syslog change events that are sent to the syslog server in the Appliance.
You collect the change events using Change Tracking Events – Syslog Import
tasks.
Syslog server
The syslog server in the Appliance is preconfigured and is enabled by default.
Updates to the configuration files of the syslog server and syslog log file rotation
are included (when necessary) as part of Skybox updates.
For information about customizing the syslog server, see Customizing the syslog
server (on page 29).
Skybox version 10.1.200 19
Chapter 4
This chapter explains how to configure the Appliance.
In this chapter
Configuration and management options................................. 19
Setting up network interface bonding.................................... 21
Setting up SNMP configuration ............................................. 23
RADIUS authentication ........................................................ 23
LDAP authentication............................................................ 24
Changing the TLS version .................................................... 25
Sending CentOS logs to a remote syslog server...................... 28
Configuration and management options
Skybox Appliance configuration options are described in the following table.
Pane Description
About tab
System
Information Provides information about Skybox configuration.
Network tab
Note that configuration changes made in this tab are only saved after you
click Save Network Configuration.
Network
Configuration Enables you to configure network settings (connection
method, IP address, netmask, and gateway) and
bonding for each network interface connection, and to
configure the DNS servers.
Note: For non-virtual Appliances, this pane includes a
link to a figure of the back panel to help you to
understand the connections.
Network
Configuration
Summary
Displays a summary of the Appliance configuration.
Click Export to save this information to an HTML file.
Configuring the Appliance
Skybox Appliance 8000 Quick Start Guide
Skybox version 10.1.200 20
Pane Description
System tab
Date and Time
Configuration Enables you to view and change the date and time in
the Appliance’s time zone.
Notes:
•
If you set this information manually, set the date and
time and then the time zone for the location of the
Appliance, so that reports and other data are
timestamped correctly.
•Automatic configuration synchronizes Skybox wit
h an
NTP server. Provide the IP address or DNS of the NTP
server to use. (You can use up to 3 NTP servers.)
Set the time zone after setting the NTP server.
Syslog Server
•Enables sending CentOS logs automatically from the
Appliance to a remote syslog server (see Sending
CentOS log to a remote syslog server (on page 28)).
•Starts or stops the Appliance syslog server service
and enables you to configure TCP and UDP listeners
(see Customizing the syslog server (on page 29)).
Host Name Enables you to change the name of the Appliance.
Change System
Mode Toggles between Server mode (the Appliance functions
as both the Skybox Server and a Skybox Collector) and
Collector mode (the Appliance functions only as a
Skybox Collector).
SNMP Select Enable SNMP Service to set up SNMP
configuration, host configuration, and sending traps
(see Setting up SNMP configuration (on page 23)).
You can also download the Appliance MIBs.
Security tab
Appliance
Passwords Enables you to change the root password for the
Appliance, the password for the Appliance
Administration, and the RMM password.
LDAP Enables you to set up the Appliance to support
authentication via LDAP (see LDAP authentication). (on
page 24)
SSH Toggles the SSH service on and off and enables the root
user to log in via SSH.
Control tab
Skybox Services Toggles the Skybox Server and Skybox Collector on and
off.
Note: Turning a Skybox service off stops the service
and switches it to Manual mode. Turning the service on
switches it back to Automatic mode.
Appliance
Operations Enables you to reboot or shut down the Appliance.
Support tab
Logs Enables you to view Skybox Server, Skybox Collector,
and other logs of the Appliance.
Get Packlogs: Runs the packlogs utility and saves the
Table of contents
Popular Server manuals by other brands
DIGITAL YACHT
DIGITAL YACHT NAVLINK2 Installation and instruction manual
AC&T System
AC&T System ETOS-XP Series user guide
Sun Microsystems
Sun Microsystems Sun SPARC Enterprise M8000 manual
Dell
Dell PowerVault LTO4-120HH manual
Intermec
Intermec 6950 user guide
Compaq
Compaq BL10e - HP ProLiant - 512 MB RAM Technology overview
Prioris
Prioris ZX 6000MP Series user manual
Kontron
Kontron NSW1U Configuration guide
Intergraph
Intergraph InterServe 650 ?anual Setup manual
Lenovo
Lenovo ThinkServer TD230 Informações sobre Garantia e Suporte
HP
HP 117755-003 - ProSignia - 740 Technical white paper
Dell
Dell KY0730481 Installation and startup guide
