Cisco amp threat grid Setup And Configuration Manual
|
Cisco amp threat grid, Cisco AMP Threat Grid Appliance Setup and Configuration Guide PLANNING 5 4. Once you take the snapshot you can either download it yourself as .tar .gz, or you can press Submit, which will automatically upload the snapshot to the Threat Grid snapshot server. PLANNING A Cisco AMP Threat Grid Appliance is a Linux server with Threat Grid software installed by Cisco Manufacturing prior to shipping. Once a new appliance is received, it must be set up and configured for your on-premises network environment. Before you begin,
Cisco amp threat grid, Cisco AMP Threat Grid Appliance Setup and Configuration Guide PLANNING 8 Threat Grid Appliance User Interfaces After the server has been correctly attached to the network and powered up, there are several user interfaces available for configuring the Threat Grid Appliance. Note that LDAP authentication is available for TGSH Dialog and OpAdmin with version 2.1.6. TGSH Dialog The first interface is the TGSH Dialog, which is used to configure the Network Interfaces. TGSH Dialog is displayed when the appliance successfully boots up. Reconn
Cisco amp threat grid, Cisco AMP Threat Grid Appliance Setup and Configuration Guide PLANNING 7 By default, DNS uses the Dirty interface. The Clean interface is used for FireAMP Private Cloud integrations. If the FireAMP Private Cloud hostname cannot be resolved over the Dirty interface, then a separate DNS server that uses the Clean interface can be configured in the OpAdmin interface. See the Threat Grid Appliance Administrator’s Guide for additional information. NTP Server Access The NTP server needs to be accessible via the Dirty network. Integrations – ESA/WSA/FireAMP etc. Addi
Cisco amp threat grid, Cisco AMP Threat Grid Appliance Setup and Configuration Guide INITIAL NETWORK CONFIGURATION – TGSH DIALOG 24 Figure 14 - Network Configuration - List of Changes Made 9. Select OK. The Network Configuration Console refreshes again and displays the IP addresses you entered:
Cisco amp threat grid, Cisco AMP Threat Grid Appliance Setup and Configuration Guide INSTALLING THREAT GRID APPLIANCE UPDATES 37 INSTALLING THREAT GRID APPLIANCE UPDATES After you complete the initial Threat Grid Appliance setup we recommend that you install any available updates before continuing. Threat Grid Appliance updates are applied through the OpAdmin Portal. 1. From the Operations menu, select Update Appliance. The updates page opens, displaying the current build of the appliance. 2. Click Check/Download Updates. The software checks to
Cisco amp threat grid, Cisco AMP Threat Grid Appliance Setup and Configuration Guide INITIAL NETWORK CONFIGURATION – TGSH DIALOG 25 Figure 15 - IP Addresses You have completed the network configuration of your appliance. Note: The URL for the Clean interface will not work until the OpAdmin portal configuration is complete. Next Setup Step: The next step in the appliance setup is to complete the remaining configuration tasks using the workflow in the OpAdmin portal, as described in the following section, OPADMIN PORTAL CONFIGURATION WIZARD.
Cisco AMP Threat Grid Appliance Setup and Configuration Guide PLANNING 10 Login Names and Passwords - Defaults Web UI Administrator Login: admin Password: "changeme" OpAdmin and Shell user Use the initial Threat Grid/TGSH Dialog randomly generated password, and then the new password entered during the first step of the OpAdmin configura
Cisco amp threat grid, Cisco AMP Threat Grid Appliance Setup and Configuration Guide INSTALLING THREAT GRID APPLIANCE UPDATES 40 Note: Updating from 1.0 to 1.0+hotfix2 takes approximately 15 minutes. Applying a full update from 1.0 to 1.3 (without data migration) takes about 30 minutes.
Cisco amp threat grid, Cisco AMP Threat Grid Appliance Setup and Configuration Guide SERVER SETUP 13 Figure 4 - Cisco UCS C220 M3 Rear View Details Note: For releases 1.0-1.2 a reboot may be needed if an interface was not plugged in at boot time. This is a pre-1.3 issue, except for any interface requiring an SFP, which will still needs to be plugged in at boot time post 1.3. The network cable plugged into the SFP may be hot-plugged safely.
Cisco amp threat grid, Cisco AMP Threat Grid Appliance Setup and Configuration Guide INTRODUCTION 2 What’s New For a full description of new features always check the Release Notes and other release documentation such as Migration Notes and Data Retention Notes. Major highlights are included here. Integration with 3rd Party Detection and Enrichment Services With version 2.2, OpenDNS, TitaniumCloud, and VirusTotal integrations can now be configured on the Appliance, in the new configuration page. In OpAdmin, select Configuration > Integrations to open this page. See
Cisco amp threat grid, Cisco AMP Threat Grid Appliance Setup and Configuration Guide APPLIANCE ADMINISTRATION 42 APPLIANCE ADMINISTRATION Once the Threat Grid Appliance has been setup and initial configuration is completed, it is ready for the appliance administrator. Release notes, Updates, SSL Certificates, adding users, and other administrator tasks and topics are documented in the Threat Grid Appliance Administrator's Guide.
Cisco amp threat grid, Cisco AMP Threat Grid Appliance Setup and Configuration Guide TEST THE APPLIANCE SETUP - SUBMIT A SAMPLE 41 TEST THE APPLIANCE SETUP - SUBMIT A SAMPLE Once the Threat Grid Appliance is updated to the current version, the final test that your appliance has been configured properly is to submit a malware sample using the Threat Grid software. 1. Sign into the AMP Threat Grid Portal by visiting the address you configured as the Clean interface. The Threat Grid login page opens: Figure 26 - Threat Grid Portal Login Page 2. Enter the default Login and Password: admin/changeme 3. Click Login
Cisco AMP Threat Grid Appliance Setup and Configuration Guide SERVER SETUP 19 Note: If you want to configure this interface, press F8 after the memory check is completed, and follow the instructions provided in the section, CONFIGURING CIMC (Optional). The TGSH Dialog is displayed on the console when the server has successfully booted up and connected: Figure 9
Cisco amp threat grid, Cisco AMP Threat Grid Appliance Setup and Configuration Guide CONFIGURATION WIZARD - OPADMIN PORTAL 34 Figure 21 - Appliance is Installing 2. After successful installation, the State changes from the orange Running to a green Successful message confirming success. The Reboot button changes to green, and the configuration output is displayed:
Cisco amp threat grid, Cisco AMP Threat Grid Appliance Setup and Configuration Guide INITIAL NETWORK CONFIGURATION – TGSH DIALOG 22 Figure 12 - Network Configuration In-Progress (admin) 7. After you finish entering all the network settings, tab down and select Validate to validate your entries. If invalid values have been entered, you may see errors. If this is the case, then fix the errors and re- Validate. After validation, the Network Configuration Confirmation displays the values you've entered:
Cisco amp threat grid, Cisco AMP Threat Grid Appliance Setup and Configuration Guide CONTENTS i CONTENTS ! LIST OF FIGURES ........................................................................................................................................................ III! INTRODUCTION ............................................................................................................................................................ 1! "#$!%#&'!()&*+!&'!,$-!.........................................
Cisco amp threat grid, Cisco AMP Threat Grid Appliance Setup and Configuration Guide CONFIGURATION WIZARD - OPADMIN PORTAL 26 CONFIGURATION WIZARD - OPADMIN PORTAL The OpAdmin Portal is the Threat Grid administrator's portal on the appliance. It is a Web user interface that can be used once an IP address has been configured on the Admin interface. The OpAdmin Portal is the recommended tool for configuring your appliance, and in fact, much of the appliance configuration can only be done via the OpAdmin portal interface, including: • OpAdmin Portal administrator's password • Email servers • DNS servers • NTP servers • SSL Certificates •
Cisco AMP Threat Grid Appliance Setup and Configuration Guide INTRODUCTION 4 once (after November 14th, 2015), in order for your license to be accepted. The connection does not need to be ongoing or active at the time of the license validation. Required: The Dirty network needs to be up in order for this step to work. Figure 1 - OpAdmin Start a Live Supp
Cisco amp threat grid, Cisco AMP Threat Grid Appliance Setup and Configuration Guide SERVER SETUP 18 From To Protocol/Port Action Reason User network Clean interface TCP/9443 Allow Allow connectivity to the Threat Grid UI Glovebox Clean interface Corporate DNS server UDP/53 and TCP/53 Allow Optional, only required if Clean DNS is configured Clean interface FireAMP Private Cloud TCP/443 Allow Optional, only required if FireAMP Private Cloud integration is used Clean Interface LDAP Allow Optional, only required if LDAP is configured
Cisco amp threat grid, Cisco AMP Threat Grid Appliance Setup and Configuration Guide INITIAL NETWORK CONFIGURATION – TGSH DIALOG 21 Figure 11 - Network Configuration In-Progress (clean and dirty) 6. Leave the Dirty network DNS Name blank.
Cisco amp threat grid, Cisco AMP Threat Grid Appliance Setup and Configuration Guide APPENDIX A – CIMC CONFIGURATION (RECOMMENDED) 43 APPENDIX A – CIMC CONFIGURATION (RECOMMENDED) The first window displayed as the server is booting is the Cisco window, which allows you to enter the Cisco Integrated Management Controller (“CIMC”) Configuration Utility. The CIMC interface can be used for remote server management. You will need a monitor and keyboard attached directly to the appliance. 1. Power on the server. The Cisco screen opens: Figure 27 - The Cisco screen – F8 to enter the CIMC Configuration Utility 2. After the memory check is completed press F8 to enter
Cisco amp threat grid, Cisco AMP Threat Grid Appliance Setup and Configuration Guide INTRODUCTION 1 INTRODUCTION A Cisco AMP Threat Grid Appliance provides safe and highly secure on-premises advanced malware analysis, with deep threat analytics and content. Threat Grid Appliances provide the complete Threat Grid malware analysis platform, installed on a single UCS server (UCS C220-M3 or C220 M4). They empower organizations operating under various compliance and policy restrictions, to submit malware samples to the appliance. Many organizations that handle sensitive data
Cisco AMP Threat Grid Appliance Setup and Configuration Guide INITIAL NETWORK CONFIGURATION – TGSH DIALOG 23 Figure 13 - Network Configuration Confirmation 8. Select Apply to apply your configuration settings. Have patience. This step may take 10 minutes or more to complete. The console will become a blank grey box, and the screen may display scrolling configura
Cisco amp threat grid, Cisco AMP Threat Grid Appliance Setup and Configuration Guide PLANNING 6 Hardware Documentation Installation and Service Guide for Cisco UCS C220 M4 Server: http://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/c/hw/C220M4/install/C220M4.pdf Installation and Service Guide for Cisco UCS C220 M3 Server: http://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/c/hw/C220/install/C220.html Spec Sheet for Cisco UCS C220 M3 High-Density Rack Server (Small Form Factor Disk Drive Model): http://www.cisco.com/c/dam/en/us/products/collateral/servers-unified-computing/ucs-c-series-rack- serv
Cisco amp threat grid, Cisco AMP Threat Grid Appliance Setup and Configuration Guide Version 2.2 Last Updated: March 8, 2017 Cisco Systems, Inc. www.cisco.com Cisco has more than 200 offices worldwide. Addresses, phone numbers, and fax numbers are listed on the Cisco website at www.cisco.com/go/offices.
Cisco amp threat grid, Cisco AMP Threat Grid Appliance Setup and Configuration Guide CONFIGURATION WIZARD - OPADMIN PORTAL 30 Continue with the next section: License Installation After the networks are configured, you are ready to install the Threat Grid license. (In versions older than v1.4.4, you will need to start Support Mode in order for your license to be accepted. See Start Support Mode - License Workaround Prior to Version 1.4.4 for more information. 1. Click on License in the left column. The License page opens. No license has been inst
Cisco amp threat grid, Cisco AMP Threat Grid Appliance Setup and Configuration Guide SERVER SETUP 17 Firewall Rules Suggestions From To Protocol/Port Action Reason Dirty interface Internet SMTP Deny Prevent malware from spamming Dirty interface Internet TCP/19791 Allow Allow connectivity to Threat Grid support Dirty Interface Internet TCP/22 Allow Update and support snapshot services Dirty interface Internet IP/ANY Allow Allow outbound traffic from malware samples (To get accurate results it is required that malware be allowed to contact its comma
Cisco ASA 5512-X Firewall Quick start manual
ASA 5512-X |
Cisco CS-MARS-20-K9 - Security MARS 20 Firewall Operation & user’s manual
CS-MARS-20-K9 - Security MARS 20 |
Cisco ASA 5512-X Firewall Installation instructions manual
ASA 5512-X |
Cisco RV 120W Firewall Quick start manual
RV 120W |
Cisco LightStream 1010 Series Firewall Configuration note
LightStream 1010 Series |
Cisco M170 Firewall Quick start manual
M170 |
Cisco PIX 520 - PIX Firewall 520 Firewall Online help manual
PIX 520 - PIX Firewall 520 |
Cisco PIX 506 - Firewall Firewall Quick start manual
PIX 506 - Firewall |
# | Manufacturer | Model | Document Type | File | Updated | Pages | Size |
---|---|---|---|---|---|---|---|
1 | Toyota | Sienna 2002 | Operating manual | toyota/sienna-2002-P1V.pdf | 22 Aug 2022 | 327 | 3.75 Mb |
2 | Haier | HLTD7 | Instruction manual | haier/hltd7-882.pdf | 15 Feb 2024 | 32 | 2.87 Mb |
3 | Haier | AD362AMBEA | Instruction manual | haier/ad362ambea-W1L.pdf | 18 Dec 2022 | 34 | 0.53 Mb |
4 | ClearSounds | PHONE A1600 | Setup manual | clearsounds/phone-a1600-VTE.pdf | 04 Nov 2022 | 2 | 1.27 Mb |
5 | Viper | 5002 | Owner's manual | viper/5002-7A4.pdf | 13 Sep 2022 | 61 | 1.64 Mb |
6 | Xerox | PHASER 5400 | Quick install manual | xerox/phaser-5400-4F3.pdf | 19 Oct 2023 | 40 | 0.69 Mb |
ei3
Amphion S14 S14-H (green box) S14-N (red box) S14-C (black box) User Guide ei3 Part Numbers IAA-254-H-S14 IAA-30-N-S14 IAA-30-C-S14 © 2019 ei3 Corporation Version 2.0
…
Amphion S14 Series(26 pages) |
Cisco
Getting Started GuideGetting Started Guide for theCatalyst Express 500 SwitchesINCLUDING LICENSE AND WARRANTYCatalyst Express 500 SERIES211X2XPOWER OVER ETHERNET11X12X4365871091211141313X14X23X24X1615181720192221242325252626SYSTEMALERTPoESETUP
…
Catalyst Express 500(24 pages) |
Cisco
Americas HeadquartersCisco Systems, Inc.170 West Tasman DriveSan Jose, CA 95134-1706 USAhttp://www.cisco.comTel: 408 526-4000800 553-NETS (6387)Fax: 408 527-0883Cisco AnyConnect VPN Client Administrator GuideVersion 2.0 Updated May 12, 2010Customer Order Number: OL-12950-012
…
5505 - ASA Firewall Edition Bundle(118 pages) |
Forcepoint
Quick Start PosterForcepoint V5000TRITON AP-DATA Appliance (HTTP monitor only)Bezel (faceplate)Power CableEthernet Cables (4)21Rack InstallationContact Forcepoint Technical Support if any items are missing.4Connect Input Device & Power On567Installation StepsGetting the Latest UpdatesConfiguration OverviewVerify ContentsInstall the TRITON management ser …
V5000(2 pages) |
Watchguard
WatchGuard® Technologies, Inc.WatchGuard® XCS PlatformAppliance Models: 280 and 580Quick Start GuideGuide de démarrage rapide Kurzanleitung Guida introduttivaGuía Rápida
…
XCS 580(19 pages) |
D-Link
DFL-1100INSTALLATION GUIDEPackage Contents• D-Link® DFL-1100 NETDEFEND™ Network Security Firewall• CAT5 UTP Straight-Through Ethernet Cable• CAT5 UTP Crossover Cable• RS-232 Console Interface Cable• CD-ROM (Containing Manual)• Power CordSystem Requirements• Computer with an Ethernet adapter and a Windows, Mac, or Unix based operating system. …
DFL-1100 - Security Appliance(24 pages) |
broda Wheelchair 785 Tilt ReclinerWheelchair Operating instructions manual (broda 785 Tilt Recliner) 785 Tilt Recliner, 37 |
ViewSonic Monitor VA1931waPDF Guide (@M77ELW), ViewSonic VA1931wa Monitor (25.11.2023) VA1931wa, 1 |
Yard Works Power Pump YW1100TPGuide: Yard Works YW1100TP (5B73GH, Upd.Sat 09.2023) YW1100TP, 15 |
True Fitness Display Case TCGDUser Manual: True Fitness TCGD (44XU69, Upd.Friday 03-11-2023) TCGD, 15 |
Zojirushi Boiler CD-JUC22User Manual: Zojirushi CD-JUC22 (WJIO35, Upd.Thu 01.2024) CD-JUC22, 20 |
Dolmar Lawn Mower PM-4660 S1PDF Guide (@J6VZG8), Dolmar PM-4660 S1 Lawn Mower (04/11/2023) PM-4660 S1, 132 |
Overland Storage Storage NEOs StorageLoader#NGY9V3: NEOs StorageLoader Storage Quick start manual NEOs StorageLoader, 2 |
Zanussi Freezer ZFX31400WAPDF User Manual (@TWC8Q3), Zanussi ZFX31400WA Freezer (Monday 13-11-2023) ZFX31400WA, 68 |
Honda Automobile Accord Coupe 2000Automobile Owner's manual (Honda Accord Coupe 2000) Accord Coupe 2000, 329 |
Max Motorized Toy Car NAVIGATOR QUAD GYROOperation & user’s manual for Max NAVIGATOR QUAD GYRO Motorized Toy Car NAVIGATOR QUAD GYRO, 14 |
Sineoji Extender PL500EWSineoji Extender PL500EW Operation & user’s manual PL500EW, 14 |
Monte Carlo Fan Company Fan 5NCR56Monte Carlo Fan Company 5NCR56 Fan Owner's manual 5NCR56, 6 |