Escolar Documentos
Profissional Documentos
Cultura Documentos
1 Installation Guide
Contact Information
Go to the RSA corporate web site for regional Customer Support telephone and fax numbers: www.rsa.com
Trademarks
RSA and the RSA logo are registered trademarks of RSA Security Inc. in the United States and/or other countries. For the most up-to-date listing of RSA trademarks, go to www.rsa.com/legal/trademarks_list.pdf. EMC is a registered trademark of EMC Corporation. All other goods and/or services mentioned are trademarks of their respective companies. enVision, Enterprise Dashboard, and Internet Protocol Database (IPDB) are trademarks of RSA Security Inc. LogSmart is a registered trademark of RSA Security Inc. All other trademarks, service marks, registered trademarks, registered service marks mentioned in this document are the property of their respective owners.
License agreement
This software and the associated documentation are proprietary and confidential to RSA, are furnished under license, and may be used and copied only in accordance with the terms of such license and with the inclusion of the copyright notice below. This software and the documentation, and any copies thereof, may not be provided or otherwise made available to any other person. No title to or ownership of the software or documentation or any intellectual property rights thereto is hereby transferred. Any unauthorized use or reproduction of this software and the documentation may be subject to civil and/or criminal liability. This software is subject to change without notice and should not be construed as a commitment by RSA.
Third-party licenses
This product may include software developed by parties other than RSA. The text of the license agreements applicable to third-party software in this product may be viewed in the thirdpartylicenses.pdf file.
Distribution
Limit distribution of this document to trusted personnel.
RSA notice
Information in this document is subject to change without notice. The software described in this document is furnished under a license agreement or nondisclosure agreement. No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or any means electronic or mechanical, including photocopying and recording for any purpose other than the purchasers personal use without the written permission of RSA Security Inc.
Contents
Preface................................................................................................................................... 5
About This Guide................................................................................................................ 5 RSA enVision Event Explorer Documentation .................................................................. 5 RSA enVision Documentation............................................................................................ 5 Getting Support and Service ............................................................................................... 5
Chapter 1: RSA enVision Event Explorer ........................................................ 7 Chapter 2: Requirements for Using RSA enVision Event Explorer 9
RSA enVision Compatibility .............................................................................................. 9 License Requirements ......................................................................................................... 9 User Permission Requirements ......................................................................................... 10 Client Requirements.......................................................................................................... 10 Port Requirements............................................................................................................. 12
Chapter 3: Installing RSA enVision Event Explorer ................................ 13 Chapter 4: Using RSA enVision Event Explorer ....................................... 15
Specifying an RSA enVision Appliance During Your Initial Logon ............................... 15 Logging On to RSA enVision Event Explorer.................................................................. 16 Setting Up RSA enVision Event Explorer ........................................................................ 17 Logging Off RSA enVision Event Explorer ..................................................................... 17
Contents
Preface
About This Guide
This guide describes how to install the RSA enVision Event Explorer module. It is intended for system administrators, security officers, end users, or anyone who needs to install Event Explorer on a client computer.
RSA SecurCare Online offers a knowledgebase that contains answers to common questions and solutions to known problems. It also offers information on new releases, important technical news, and software downloads.
Preface
The RSA Secured Partner Solutions Directory provides information about third-party hardware and software products that have been certified to work with RSA products. The directory includes Implementation Guides with step-by-step instructions and other information about interoperation of RSA products with these third-party products.
Preface
appliances.
License Requirements
To use Event Explorer, you must have: A valid enVision license key. For information on the enVision license key, see the enVision Help topic License Key. Enough user licenses for each user to log on concurrently. Event Explorer allows up to 15 licensed users to log on per Application Server (A-SRV) based on the Event Explorer license you purchased.
Important: An administrator can force a log out for an Event Explorer user from
within the enVision application. For more information, see the enVision Help topic Force User Log Out.
Client Requirements
The following table describes client configurations for PCs running under Microsoft Windows XP or Windows Vista, based on how you intend to use Event Explorer. If you do not follow these recommendations, you may experience poor performance when you carry out simultaneous tasks, such as running more than one event trace.
Item Task Triage and Light Event Trace Usage Moderate Event Trace Usage Heavy Event Trace Usage
Microsoft Windows XP or Microsoft Windows Vista Pentium 4 or higher 2 GB RAM 1 CPU (minimum) 2 Ghz 7,200 7,200 10,000 RAID 2 GB RAM 2 CPUs (minimum) 3 GB RAM 4 CPUs (minimum)
100 MB of free disk space for the Event Explorer application ( the amount of space you will require for persisted databases is need-based)
10
Item
100baseTX network event trace to the enVision appliances (minimum) 1024x768 at 16-bit color (minimum)
Port Requirements
To use Event Explorer, you must be able to connect to various ports on each enVision appliance as described in the following table.
On Appliance Type (For Multiple Appliance Sites Only) A-SRV
Usage
Ports
Authentication of Event HTTP 8080 HTTPS 8443 Explorer user Event Explorer access to IPDB Event Explorer connection to the NIC App Server Service TCP 2010
NIC Server Service Inbound and Outbound NIC App Server Service Inbound and Outbound
D-SRV
A-SRV
11
1. Download the Event Explorer installation file, as follows: a. Go to https://knowledge.rsasecurity.com, and log on to RSA SecurCare Online. b. Under Browse By Product Family, click RSA enVision. c. Click the Downloads tab. d. Under Latest Event Explorer Downloads, click RSA Event Explorer 4.0.1. e. Click Software Update for Windows. f. When prompted, specify the directory into which you want to download the file.
2. Double-click the file to execute it. 3. Complete the installation wizard. The wizard creates a shortcut on your desktop for Event Explorer, and the installation is complete. If you chose to launch Event Explorer when completing the wizard, Event Explorer will start now.
13
The first time that you launch Event Explorer after a new installation, it displays the following message: Welcome to Event Explorer Please enter the information below for the enVision server that you would like to log into.
Note: This message does not appear if you upgraded Event Explorer from an earlier
version.
To log on to Event Explorer for the first time:
1. In the Protocol field, select the protocol (http:// or https://) with which to connect to the enVision appliance. 2. In the Hostname or IP Address field, enter the host name or IP address. 3. In the Port field, select or enter the port to which to connect. 4. Click OK. Event Explorer opens the Event Explorer Login window that you will see in all subsequent sessions. 5. Log on to Event Explorer. For instructions, see the following section, Logging On to RSA enVision Event Explorer.
15
1. Click Start > Programs > Network Intelligence > Event Explorer > Event Explorer. 2. Select or edit an enVision appliance as follows.
Goal Select an appliance from the list. Add an appliance to the list. Action to Take Click the appliance to select it. 1. Click New. 2. From the Protocol drop down list, select a protocol. 3. In the Hostname or IP Address field, enter the host name or IP address. 4. In the Port field, select or enter a port. 5. Click OK. 1. Click the appliance to select it. 2. Click Del.
Edit the properties of an appliance that 1. Click the appliance to select it. appears in the list. 2. Click Edit. 3. Edit the fields that you want to change, and click OK.
3. Enter your enVision user name and password in the Username and Password fields for the server that you selected in step 2. 4. Click Log In. The logon process starts by authenticating to the selected enVision appliances with the user name and password that you entered. A progress bar indicates logon status. When the authentication is complete and successful, the Event Explorer window opens.
16
3. Set up trace views to define which information to display and how to display it within Event Explorer. For information on setting up and using Event Explorer, see the Event Explorer Help.
enVision Automatic timeout option. Event Explorer does not disconnect users when they are idle for any amount of time.
17