Add Insights Nodes

Use Security Director Insights to detect suspicious hosts and servers under attack, by analyzing events that are not severe enough to block. In order for Security Director to discover Security Director Insights virtual machine (VM), you must add nodes.

Procedure

To configure a standalone or primary node:

  1. Select Security Director>Administration >Insights Management>Insights Nodes.

    The Insights Nodes page appears.

  2. Complete the configuration according to the guidelines provided in Table 402.
  3. Click Save.

    If the details provided are valid, the Security Director Insights node is added successfully. Click Reset to modify the configured data.

Table 402: Fields on the Insights Nodes Page

 

Setting

Guidelines

IP Address

Enter the IP address of the Security Director Insights virtual machine. (This is the IP address you configured during the Security Director Insights VM installation).

Username

The username to access the virtual machine is always ‘admin’. You cannot modify this field.

Password

Enter the password to access the Security Director Insights virtual machine. (This is the same password you use to login to the VM CLI with your admin credentials).

You can deploy Security Director Insights as a single node or two nodes with High Availability (HA).

Procedure

To configure the secondary node details:

  1. Enable the Enable HA option.

    The HA Setup page appears.

  2. Complete the configuration according to the guidelines provided in Table 403.
  3. Click Save & Enable.

    You are taken to the Insights Nodes page. The status of the secondary node activation is shown here.

  4. Click Refresh Data to check the status of the secondary node configuration.

    Once the configuration is successful, you will see the respective IP addresses appearing in the Data/Management Virtual IP and Monitoring Virtual IP columns.

    Note Keep clicking the Refresh Data option until you see that secondary node is configured successfully and all the other errors disappear, if any.

Table 403: Configure HA Setup

 

Setting

Guidelines

Secondary Node Details

Secondary system IP

Enter the IP address of the secondary node or a standby node.

Username

The username to access the virtual machine is always ‘admin’. You cannot modify this field.

Password

Enter your SSH password of the CLI admin to access the secondary node. (This is the same password you use to login to the VM CLI with your admin credentials).

HA Settings

Data Virtual IP/Netmask

Enter the virtual IP address for data traffic between active and standby nodes.

HA monitor Virtual IP/Netmask

Enter the virtual IP address for HA monitoring traffic between active and standby nodes.

Ping IPs

(Optional) Enter a list of IP addresses for ping tests.

In the Node Status section, you can see the complete configuration details of the active and standby nodes.

You can take the following actions: