Вы находитесь на странице: 1из 4

Quick Start Card

Arbor Networks APS 2600 Appliance ®

This card provides instructions for the connection and initial Environmental
configuration of the Arbor Networks® APS 2600 appliance. These Temperature, operating: 50ºF to 95ºF (10ºC to 35ºC)
procedures represent the minimum required setup.
Humidity, operating: 95%, non-condensing, at temperatures of 73ºF
to 95ºF (23ºC to 35ºC). Designed to meet or exceed Telcordia GR-63
Package Contents and ETSI EN 300 019 humidity requirements for operating, transport,
and storage environments.
Verify that your package contains the following items:
Temperature, non-operating: -40ºF to 158ºF (-40ºC to 70ºC)
55
Item Humidity, non-operating: 95%, non-condensing, at temperatures of
……
APS 2600 appliance 73ºF to 104ºF (23ºC to 40ºC)
……
2 Ethernet patch cables Airflow direction: Front to back. For proper airflow, ensure that
the air intake is positioned in a cold aisle and the air exhaust is
……
2 power cords
positioned in a hot aisle.
……
1 rail kit with extensions
Heat dissipation: 1075 BTU/hr @315 W
……
License key on shipping label
……
Legal documentation
Compatibility: Monitoring
Integrates with management consoles that support SNMPv2 or
……
Return shipping instructions
SNMPv3

Interface Options Compatibility: Web-based UI


Compatible with the following browsers:
Every APS 2600 appliance has the following interface options:
• Internet Explorer
• 4 x 10 GbE fiber (SR or LR)
• Google Chrome
• 4 x 10 GbE fiber (SR or LR) + 4 x 1 GbE copper or fiber (SX or LX)
• Firefox
• 4 x 10 GbE fiber (SR or LR) + 8 x 1 GbE copper or fiber (SX or LX)
• Safari
• 4 x 1 GbE copper or fiber (SX or LX)
See the Arbor Networks® APS Release Notes for the supported browser
• 8 x 1 GbE copper or fiber (SX or LX)
versions.
• 12 x 1 GbE copper or fiber (SX or LX)

Appliance Specifications Before You Begin


First, decide whether to place the appliance inline (inline mode) or
The following list describes the specifications for the APS 2600
out-of-line through a span port or network tap (monitor mode). Also
appliance:
decide which deployment scenario is best for your network.
Power Options For more information, see the section about the APS deployment
850 W AC or DC hot-swap, redundant power supplies scenarios in the Arbor Networks® APS User Guide. You can view and
AC: 100 to 240 VAC, 50 to 60 Hz, 12/6 A max download this guide from the Arbor Technical Assistance Center web
DC: -40 to -72 VDC, 28/14 A max site at the following address: support.arbor.net

Physical Dimensions
Chassis: 2U rack
Height: 3.45 in (8.76 cm)
Width: 17.14 in (43.53 cm)
Depth: 20 in (50.8 cm)
Weight: 36.95 lb (16.76 kg)
Collecting Information
Collect the information that applies to your appliance, and document it on the following worksheet:
• Appliance hostname — The unique name that identifies the • Default gateway IP address — The IP address and netmask for
appliance on the network. the management default route and any additional routes that
• License key — Your APS license key number, which appears on are required for the device to access the management interface.
the appliance shipping label or in your license key email. • Physical connections — The switch or router port mappings
• Administrative user name and password — The user name and to connect to the APS protection ports. See the “About the
password for administrative access to the appliance. The default Protection Ports” section of this card.
user name is admin and the default password is arbor. You must • Network connectivity mode — The method that you plan to use
change the default password to start the APS services. to connect the APS appliance within your network (inline or out-
• IP address and network mask — The management IP address of-line through a span port or network tap).
and the network mask for the appliance’s management interface. • Appliance access mode — The method that you plan to use to
• NTP Server (optional) — The IP address for the server that access and configure the APS appliance (VGA or serial console).
synchronizes the network time.

Back Panel, APS 2600 Appliance


This diagram* shows the back panel of an APS 2600 appliance with 10 GbE fiber interfaces and 1 GbE copper interfaces:

1
6
ext0 int0 ext1 int1 ext2 int2 ext3 int3
7 2
ext4 int4 ext5 int5

5 4 3

1 2 3 4 5 6 7 8 9 10 11

1 VGA connector 9 Two ground studs for DC-input system


2 USB0 and USB1 (1 on the top, 0 on the bottom) 10 Power supply 2 (DC module is shown). The pins are numbered 1,
3 (Not supported) Remote Management NIC 2, and 3 from the bottom to the top. Pin 1 (bottom) is the ground,
pin 2 (middle) is the -48 Vdc terminal, and pin 3 (top) is the return
4 USB2 and USB3 (3 on the top, 2 on the bottom)
terminal.
5 Management port 0 (GbE NIC 1 connector)
11 Power supply 1 (AC module is shown)
6 Management port 1 (GbE NIC 2 connector)
7 1 GbE (fiber or copper) or 10 GbE fiber protection ports Note: Both types of power supplies are shown for illustration
purposes. Each appliance has either two AC power supplies or two
8 1 GbE protection ports. Copper ports are shown, but these ports
DC power supplies.
can be copper or fiber.
For details about the configuration of protection ports, see the *Your APS appliance might be different from this diagram,
“About the Protection Ports” section of this card. depending on the model that you purchased.

Front Panel, APS 2600 Appliance


This diagram shows the port, buttons, and LEDs on the front panel of the APS 2600 appliance.
1 2 3 4 5 6 7 NMI button
13
8 Chassis ID button
9 NIC1/NIC 2 activity LED
10 HDD activity LED
11 Power alarm LED
12 Minor alarm LED

7 8 9 10 11 12 13 RJ45 serial console port

1 Power button An alarm LED that is blinking green, solid amber, or solid red
2 System reset button indicates an error. To determine the cause of an error, review the
3 Chassis information LED Active Alerts section on the Summary page in the APS UI.
4 Fan status LED
5 Critical alarm LED
6 Major alarm LED
About the Protection Ports 6. (Optional) Repeat Step 4 and Step 5 for each additional
protection port pair that you want to connect.
A network path to be protected can be connected to any two like-
Note: To balance traffic, Arbor recommends that you connect
numbered interfaces (for example, ext0 and int0). The “ext” interface
protection port pairs that are on different physical NICs.
always faces an external internet connection, and the “int” interface
always faces your internal network, as shown in the following figure: 7. C
 onnect to the appliance for configuration by using one of the
following methods (the serial console is easier to use):
Do not send outbound traffic from your internal network to an “ext”
interface. APS treats all traffic on “ext” interfaces as external. Serial Console
In an inline deployment, APS acts as a physical cable between the • P
 lug the RJ45 end of an Ethernet patch cable into the serial
internet and your protected network. Connect the upstream network console port on the front of the appliance.
equipment to an “ext” interface on APS. Connect the matching “int” • C
 onnect the other end of the Ethernet patch cable to a serial
interface on APS to your downstream network equipment. console server or computer.
• C
 onfigure your console server or computer with the following
If you connect more than one pair of protection ports, Arbor
settings:
recommends that you balance the traffic that APS processes across
the physical NICs. For example, if you need to connect two pairs of • Baud rate: 9600
protection ports, connect ext0/int0 and ext2/int2 because they are • Data bits: 8
on different NICs. • Stop bits: 1

Important: If you connect APS to interfaces that do not support • Parity: None
Auto MDI selection, use the correct combination of straight-through • Flow control: None
or crossover cables. It is important to maintain the link through an
VGA
inline APS when bypass mode is engaged.
• Connect a VGA monitor to the VGA connector on the appliance.
In monitor mode, APS is deployed out-of-line through a span port or • Connect a keyboard to one of the USB ports on the appliance.
network tap. Connect the monitor port that receives internet traffic
to an “ext” interface on APS. You can connect the matching “int”
interface on APS to the monitor port that sends traffic to the internet, Installing APS
but this connection is not required. Tip: Before you begin, get the appliance license key from the
Note: APS expects the first protection ports (ext0 and int0 in inline shipping label.
mode or ext0 in monitor mode) to be connected. If they are not
The quick installation script prompts you to enter the information
connected, APS generates system alerts in the web UI. For example,
that is required to install APS. To respond to the prompts, type the
if you connect to ports ext2 and int2 to use the fiber SX interface,
requested information, and then press enter. To accept a default
system alerts will indicate that interfaces ext0 and int0 are down. You
entry, which is displayed in brackets, press enter without typing a
can disable alerting for the ext0 and int0 interface pair in the UI.
response.

Connecting the Appliance Command syntax Description


Use the appliance diagrams as references for connecting your APS command Items that you must type as shown.
appliance.
variable Placeholder for which you must supply
Before you begin, ensure that you have an Ethernet patch cable for a value.
each protection port pair. {option1 | option2} A set of choices, one of which is
required. Do not type the vertical bar
To connect the APS appliance: or braces.
1. Connect
 the power supplies on the back of the appliance to the
power source. For power supply redundancy in case of a power Note: If the installation script does not appear, or if you need to
loss, use a different electrical circuit for each cord. reinstall APS, see the instructions for installing and reinstalling APS in
the Arbor Networks® APS User Guide.
2. Plug one end of an Ethernet patch cable into an Ethernet switch,
and plug the other end into management port mgt0 on the back To install APS:
of the appliance.
1. Turn on the APS appliance.
Note: Do not plug the patch cable into the port labeled MNGT on
• If you connected to the appliance through a serial console, the
the back panel.
installation starts automatically. Go to Step 6.
3. (Optional) Repeat Step 2 to connect to management port mgt1. • Otherwise, go to Step 2.

4. Plug one end of an Ethernet patch cable into an “ext” protection 2. When the prompt that tells you to Press any key to
port on the appliance. Plug the other end of the Ethernet patch continue appears, press a key within five seconds.
cable into your upstream network equipment or to a span port or Important: If the system continues before you can press a key,
network tap that receives traffic from the internet. turn off the appliance and start over.
5. Plug one end of an Ethernet patch cable into the matching “int” 3. At the GRUB menu, press the up arrow key or down arrow key to
port on the appliance. Plug the other end of the Ethernet patch stop the 10-second countdown.
cable into your downstream equipment or to a span port or
Important: If the system continues before you can stop the
network tap that sends traffic to the internet.
countdown, turn off the appliance and start over.
4. Select the following option on the GRUB menu and then press Important: When the system restarts, do not press a key or respond
enter: to any other prompts until the login prompt appears.
(re)install from on-board flash (VGA) 7. At the login prompt, enter the default user name of admin.
5. In response to the following prompt, enter y: 8. At the password prompt, enter the default password of arbor.
Do you want to begin the install process? Important: You must change the default administrator password
This will remove all current data and before you can start the APS services.
configuration [n]
9. To change the administrator password, follow these steps:
The installation initializes the system, installs the software, and
builds the databases. These processes take some time. • Enter / services aaa local password admin interactive
• Enter the new password.
6. When the installation processes finish, respond to the prompts
• Re-enter the new password.
as follows:
Important: The license key commands are case sensitive. Enter the
Prompt Response model and license key exactly as they appear on the shipping label or
Enable FIPS mode? in your license key email, including any spaces and punctuation.
Enter y to enable FIPS (Federal Information
Processing Standard) mode, otherwise 10. Enter / system license set Pravail “model” license_key
enter n. In FIPS mode, APS supports only model = the APS model, such as PRA-APS-2600-15 for a licensed
FIPS-compliant algorithms. rate limit of 15 Gbps
System hostname? Enter the APS appliance’s hostname as This argument might take additional parameters, such as the
a simple host name or a fully qualified expiration date for an evaluation license.
domain name. For example: license_key = your APS license key
host.example.com
11. If you subscribed to the AIF, enter / system license set ASERT
IP address for Enter this management port’s IP address. “model” license_key
interface mgt0 For example: 198.51.100.2 or 2001:DB8::2
model = the model, or level, of your AIF license plus the
Netmask for (IPv4 addresses only) Enter the netmask expiration date time stamp; for example: PRA-APS-AIF-STANDARD
interface mgt0 in dotted-quad format. For example: expires: 1437749737
255.255.255.0 license_key = your AIF license key
Prefix for (IPv6 addresses only) Enter the prefix length 12. Enter / services aps mode set {inline | monitor}
interface mgt0 of this management port’s address. For
inline | monitor = Enter inline if you placed the appliance
example: /64
inline in your network. Enter monitor if you placed it out-of-line
IP address for Respond to the prompts to configure mgt1 through a span port or network tap.
interface mgt1 or press enter to skip the configuration.
13. Enter / reload
Default route Enter the default gateway’s IP address. For Important: You must reload APS before you can start the APS
example: 198.51.100.1 or 2001:DB8::1 services.
{https | ping | At each of these prompts, enter the address 14. Enter / services aps start
cloudsignal | range from which you want to allow
ssh} access from communications to a service. For example: 15. To complete the installation, enter the following commands, one
which network? 198.51.100.0/24 or 2001:DB8::/32 at a time:
• config write
To skip a prompt, press enter.
• exit
After you pass through these prompts, a
new SSH host key file is generated.
Finishing the Configuration
DNS server IP Enter the IP address for your DNS server or
You complete the APS configuration in the APS web UI. For
address press enter to skip this prompt.
information about configuring APS settings, see the Arbor Networks®
Current time and Accept the default or enter a new time and APS User Guide.
date date in the format mmddHHMMyyyy.SS
(month, day, hour, minutes, year, seconds).
NTP server IP Enter the IP address of your NTP server or
address skip this prompt.

© 2015-2017 Arbor Networks, Inc. All rights reserved.


APS-QSC-2600-2017/05
www.arbornetworks.com