5 Replies Latest reply on Jun 21, 2017 2:06 PM by minki

    Usage of ESM Ethernet and Management Ports

    psk1965

      Hi What is the Best Practices to make use of Ethernet Ports and Management ports of ESM. e.g. Should we have separate LAN port to receive Event logs from ERC and another to access ESM using browser and PUTTY?

       

      If yes, how to do it?

       

      REgards

       

      Prashant

        • 1. Re: Usage of ESM Ethernet and Management Ports
          rgarrett

          If desired, you can use the second mgmt interface to communicate with the receivers.  You will need to add a gateway on mgmt 2

          • 2. Re: Usage of ESM Ethernet and Management Ports
            andy777

            Possible but not necessary. All data coming to the ESM could be considered "mgmt network". I'm not sure there's much benefit in breaking it out over multiple interfaces.

            • 3. Re: Usage of ESM Ethernet and Management Ports
              rlourenco

              Hi

              you could possibly have an environment or customer that wants to have separate networks. 

              So for examples:

               

              ESM Mgmt 1 --> GUI  (10.1.1.1)

              ESM Mgmt 2 --> SIEM comms (192.168.1.1)

              ELM Mgmt 1 --> Receiver and SIEM comms (192.168.1.2)

              Receiver Mgmt 1 --> Data sources (172.16.0.1)

              Receiver Mgmt 2 --> SIEM comms (192.168.1.3)

               

              This is just one example if you want to split network zones.  you could even split it further.  My suggestion however is to try and keep it as simple as possible.  because the above example also requires static routes, etc.

              • 4. Re: Usage of ESM Ethernet and Management Ports
                rth67

                Recently got new hardware to refresh old orange Gen3 equipment, setting up Mgmt1 and Mgmt2 with the same IP (NIC Bonding) connected to different switches, for fault tolerance. Also setup the IPMI port for console access in the event of various issues (similar to an HP iLO or Dell DRAC port). You can also use SNMP traps against the IPMI for system health alerts. If setting up IPMI I suggest you check the box requiring a secure (HTTPS) connection, otherwise you would be sending your root password over the wire in clear text.

                • 5. Re: Usage of ESM Ethernet and Management Ports
                  minki

                  Hi,

                   

                  If I put some static route entries under ESM network setting, would I be able to access ESM after making the changes.

                  For example my ESM as IP 10.10.10.2 and gw 10.10.10.1 and if I put some static route in ESM network setting like - IP-172.16.32.3 gw - 172.16.32.1 or couple of more subnets different then ESM - would it impact access to ESM console or I would be able to access the console as soon as network service get restarted.

                   

                  Thanks