Configuring the DRAC on Arcsight Appliances

Configuring the DRAC on ArcSight Appliances

Background ArcSight provides limited support and assistance with the use of an embedded management feature, DRAC (Dell Remote Access Controller), which comes standard with select ArcSight appliances. This document describes the procedures for enabling, setting up and accessing the management feature. Since this feature is provided through the hardware vendor directly, no additional support or assistance from ArcSight other than what is described below should be implied.

DRAC functionality can only be accessed via the procedures outlined below and cannot be configured or administered through the ArcSight web interface.

Supported Models This feature is supported only on the following ArcSight products: L5100-SAN, N5100, C5100, L7100, M7100, E7100, L5200, E7200, L7200, N5200, C5200, and L3200.

Description of DRAC The DRAC on ArcSight appliances enables out-of-band management of ArcSight appliances. This capability can be helpful when physical access to the appliance is difficult, e.g. a remote location, or a data center with strict access restrictions.

The DRAC has a dedicated network interface, at the back side of the appliance. To use the DRAC, this network interface needs to be configured and assigned a valid network configuration. Furthermore, access to the DRAC is protected using a user name/password combination, which also needs to be configured by the user.

Once configured, the DRAC offers a variety of functionality. The following features are most relevant for ArcSight appliances:

• Power Management: Allows a user to control the power on the appliance. Turn on, off or reboot the appliance. • Remote Console: Allows a user to access the system console remotely and perform tasks that would normally require physically attaching a keyboard, monitor and mouse to the system.

ArcSight recommends configuring DRAC when the appliance is originally deployed, if you intend to use this troubleshooting and debugging functionality. This will ensure that it is available for use when you need it.

ArcSight Confidential 1 Configuring DRAC For the initial configuration of the DRAC on an appliance, a keyboard and monitor attached to the appliance are required. It is also necessary to reboot the appliance during this process.

1. Reboot the appliance, following the directions in the product documentation. 2. Closely watch the POST (Power On Self Test) on the monitor. 3. Once you see the following prompt, press Ctrl-E on the keyboard within 5 seconds.

4. When prompted for the Setup Password, enter “lifeli” (without quotes) for : L5100-SAN, N5100, C5100, L7100, M7100, and E7100. Enter “2oog3n” (without quotes) for: L5200, L7200, N5200, C5200, L3200, and E7200 . 5. In the Remote Access Configuration Utility, set the following as indicated:

ArcSight Confidential 2

a. IPMI over LAN: Off b. NIC Selection: Dedicated c. LAN Parameters, Advanced LAN Parameters: Configure according to your network and the selected IP address.

ArcSight Confidential 3

d. Virtual Media Configuration: Virtual Media Detached, Virtual Flash Disabled e. Smart Card Logon: Disabled f. LAN User Configuration (see table below): Account Access: Enabled

Account Privilege: Admin

User name/password Per your choice *

*(Note that a password must be assigned; otherwise access will not be permitted)

6. Once completed, press Esc and save the settings by selecting “Save Changes and Exit” 7. The appliance will continue to boot up

Accessing DRAC

To access the DRAC, make sure a browser supported for DRAC is used. Internet Explorer is the recommend browser. Note that the WebUI for the appliances may support a broader set of browsers than that of which are supported for DRAC.

1. Enter the IP address you assigned to the DRAC into your browser’s URL bar. 2. Confirm the SSL Security warning.

ArcSight Confidential 4 3. On the login prompt, enter the user name and password you assigned.

4. Select the Console tab and select Connect.

5. If connecting for the first time, installation of the Dell Virtual Keyboard Video and Monitor add- on will be required, as shown in the following example.

ArcSight Confidential 5

6. Close and connect again to launch the console redirection. You should see the console session to the appliance.

ArcSight Confidential 6 DRAC and Browser Compatibility These instructions are applicable for the ArcSight appliances in the X100 series (e.g. C5100, L5100 etc.).. The X200 series appliances(e.g. C5200, L5200 etc.) come with iDRAC6 which may exhibit different behavior from what is described below. The instructions below are provided as a courtesy only. ArcSight does not provide any additional support or assistance for making these changes.

The firmware that comes with the DRAC5 appliances requires a native browser plug-in (for Internet Explorer or Firefox) that is designed for older versions of these browsers and is only available for Windows operating systems. By updating the firmware for DRAC, a Java module becomes available in addition to the native plug-ins. Using the Java module removes the requirement to have a native browser plug-in installed. Updating the firmware will give users two options; installing and using the native browser plug-in or utilizing the embedded Java plug-in.

• Obtain the appropriate DRAC firmware package (example: RAC_FRMW_LX_R253040.BIN)

• Please refer to the Dell Support website for any further help

• Apply the firmware upgrade on the appliance

• Logon to the DRAC webpage

The following assumes that you have assigned an IP address to DRAC and connected the DRAC Ethernet port to the local network:

• Click on Console tab and select configuration and change from native to java

• Save changes

ArcSight Confidential 7 • Open Console and execute the Java webstart file

Power Management for DRAC Go to the Power Management tab to access the power management features of the DRAC. The current power status is displayed. Use the various options to turn the system on or off, or power cycle it. Using the RESET function may result in corrupting the database files if the system is busy. This function should be used with caution.

Further Information For further information, please refer to the Dell DRAC documentation, available online at:

http://support.dell.com/

The ArcSight 5100 series are based on the Dell PowerEdge 1950 III, and the ArcSight 7100 series are based on the Dell PowerEdge 2950 III.

______

Copyright © 2010 ArcSight, Inc. ArcSight, the ArcSight logo, ArcSight TRM, ArcSight NCM, ArcSight Enterprise Security Alliance, ArcSight Enterprise Security Alliance logo, ArcSight Interactive Discovery, ArcSight Pattern Discovery, ArcSight Logger, FlexConnector, SmartConnector, SmartStorage and CounterACT are trademarks of ArcSight, Inc. All other brands, products and company names used herein may be trademarks of their respective owners. Follow this link to see a complete statement of ArcSight's copyrights, trademarks, and acknowledgements: http://www.arcsight.com/company/copyright/ The network information used in the examples in this document (including IP addresses and hostnames) is for illustration purposes only. This document is ArcSight Confidential.

ArcSight Confidential 8