Skip to content

Crystal Eye Quick-Start Guide

Overview


The Crystal Eye XDR appliance has extended capabilities to offer protection against advanced cyber security threats. It implements high-end security policies that are meant to safeguard databases and computers running on the local area network (LAN).

Basic deployment of the Crystal Eye XDR requires a standard physical setup to be done and then the appliance needs to go through a registration process also known as the ‘first boot configuration’.

Basic Physical Setup


The CE XDR administrator must first connect the CE XDR appliance’s LAN ports to LAN networks and the WAN port to the internet.

CE XDR Placed Behind a Router

If you have an ISP router as the gateway network appliance for your network, then its recommended to have the router to be set to bridge mode. Then connect any of the LAN port of the router with the WAN port of the Crystal Eye XDR. Please note that in some cases your ISP will set a particular LAN port to bridge mode.

Once the WAN port of the CE XDR is connected to the internet, ensure that you connect your laptop with the CE XDR LAN1 port.

Once the physical set-up of the CE XDR has been done, the administrator must open the browser of a computer connected to the CE XDR appliance and access https://10.10.1.1:81. The administrator will then be directed to the CE XDR login page where the default user credentials must be entered to finally access the ‘First Boot Configuration Wizard’.

Note

The default credentials are username: admin and password: admin

The CE XDR administrator will now be presented with some configuration options. These options include various Network Based Settings, Appliance Registration with Red Piranha, Automatic Software Updates, Basic Configuration settings such as Date and Time, Storage Manager, Incident and Event Services (SIEM), and downloading of apps from the marketplace.

Video Resources


Step-by-Step Configuration


The Crystal Eye XDR appliance must have its LAN port connected to the computer in the LAN network and the WAN port connected to the internet (in some cases the CE XDR WAN port must be connected to the internet through the LAN port of the ISP router). By doing this the Crystal Eye appliance becomes the centre of your network providing flawless cyber security. Once the CE XDR is physically set-up, the administrator must access https://10.10.1.1:81 through the browser and then enter the default log in credentials. The default admin credentials are username – admin and password – admin.

The CE XDR administrator will now be directed to the web interface of the First Boot Configuration Wizard. This wizard would essentially help you to configure the Crystal Eye XDR appliance at the start level. The configuration options that the CE XDR administrator will come across in the first boot configuration wizard are Network Based Settings, Appliance Registration with Red Piranha, Automatic Software Updates, Basic Configuration settings such as Date and Time, Storage Manager, Incident and Event Services (SIEM), and downloading of apps from the marketplace.

The following steps explain the various configuration settings that is done by the CE administrator during the ‘First Boot Configuration Wizard’

Network Settings


The Network Settings is the first section of the wizard and allows the user to change the default admin password, and view various default network interface settings.

The Network Settings section has three sub-section pages namely:

  1. Getting Started: This page displays useful links and information of the CE XDR.

  2. Change Password: This page allows CE administrators to change the default passwords.

  3. Network Interfaces: This page allows CE XDR administrators to view the default network settings emphasizing details related to the LAN interface and the WAN interface.

  4. DNS Servers: This page provides information on the successful DNS lookup. You may also learn about Red Piranha’s DNS.Insure platform used by the Crystal Eye XDR.

Getting Started


Step 1: The first step of the wizard is to read the details provided in the Getting Started page. Read the **Getting Started page and click the Next button. crystal-eye-quick-start-guide145

Change Password


Step 2: Change the default admin password, click the Change Password button, and then click the Next button. crystal-eye-quick-start-guide245

Network Interface


Step 3: Network Interface page will show you current network status for the LAN & WAN interfaces under the Settings section. Click the Next button. crystal-eye-quick-start-guide345

DNS Servers


Step 4: You will now see the DNS Servers page. Please wait while the Crystal Eye runs a DNS test and once the test is completed, you will see a success message. Now, proceed to the next page by clicking the Next button. crystal-eye-quick-start-guide445

Registration


The Registration section allows the administrator to register the CE XDR appliance with the Red Piranha Store so that it has access to the Marketplace. The Marketplace is where the applications and its latest versions are found.

System Registration


Step 5: You will now be directed to the System Registration page where you’ll see the registration information loading. crystal-eye-quick-start-guide545

Step 6: Once the registration information is loaded click the Register System button. crystal-eye-quick-start-guide645

Step 7: You will now see the system registration form.

  • Enter the Red Piranha account e-mail (Please note that only a authorised account holder can register a new Crystal Eye XDR device)
  • Enter Password
  • Enter the System Name
  • Click the Register System button and then click the Next button crystal-eye-quick-start-guide745

Step 8: You will now see the License Status page where you would have to activate the license. Review the system registration details, select the relevant license type, and click the Activate License button. crystal-eye-quick-start-guide845

Step 9: You will now see the license activated. Click the Next button. crystal-eye-quick-start-guide945

Configuration


The Configuration section allows the administrator to manage critical settings such as assigning date and time, managing storage of user data, setting incident and event services (SIEM), and detecting risks.

Date and Time


The Date and Time setting plays vital role in rolling out time specific functionalities of applications and services in the Crystal Eye XDR. The configuration process includes setting up the correct time zone information and an accurate clock. The administrator can easily select the time zone from the relevant dropdown and enable automatic synchronization of the date and time.

Step 10: In the Settings Section of the Date and Time page, select the Time Zone from the dropdown, click the Update button and click the Next button. crystal-eye-quick-start-guide1045

Storage Manager


Crystal Eye XDR requires significant storage space for user data. The Storage Manager provides a way to isolate this user data on a separate partition in the Crystal Eye XDR appliance.

Note

After the previous step you will see an initializing message where the storage manager initializes the External Storage. crystal-eye-quick-start-guide1145

Step 11: After the initializing process is completed, you will see the External Storage and System Storage details. Review the Devices section to know the size of the storage and know whether its in use. crystal-eye-quick-start-guide1245

Note

Click the View Details button to know more details about the storage device such as its model, size, file system etc. In the screenshot below we have clicked the View Details button next to External Storage.crystal-eye-quick-start-guide1345

Incident and Event Services (SIEM)


The Incident and Event Services (SIEM) section of the first boot configuration wizard helps to manage various settings that defines the levels of security analysis done by Red Piranha’s Security Operations Team. The Crystal Eye XDR offers three security service levels namely, Level – 1 Silver, Level 2 - Gold and Level 3 - Platinum. The system would also prompt the user to feed in the primary and secondary contact details which would be used to contact the users by Red Piranha Security Operations Team for various security related correspondences.

Step 11: In the Incident and Event Services (SIEM) section, select appropriate SIEM Level according to your subscription, click the Update button. crystal-eye-quick-start-guide1445

Note

The Incident and Event Services (SIEM) application allows administrators to select the service levels of the SIEM. Based on these service levels selected by the user, various types of security related analytical services (as per service level agreement) are provided by Red Piranha’s Security Operations Team. The Crystal Eye XDR offers three service levels namely, Level – 1 Silver, Level 2 - Gold and Level 3 - Platinum. The SIEM agent (installed in the Crystal Eye XDR appliance) analyses data from system log files and forwards it real time to the SIEM Server for further analysis and action. However, this process may vary according to the service levels opted which could either be Silver, Gold or Platinum.

Step 12: Enter the Primary Contact Information, Secondary Contact Information, select the Preferred Method of Contact, click the Submit button and then click the Next button. crystal-eye-quick-start-guide1545

Marketplace


The Marketplace section is where you can add new apps and services to your system. Apps available in the Marketplace have gone through a stringent quality control process to ensure the quality and security of each submission.

App Selection


The Marketplace section is where you can add new apps and services to your system. Apps available in the Marketplace have gone through a stringent quality control process to ensure the quality and security of each submission.

Step 13: You will now see the Application Selection page. Click the Select for Install button under the applications of your choice and click the Next button. You may explore the applications for installation under five categories namely, System Configuration, Security Configuration, Network Control, Compliance Controls and Reports. crystal-eye-quick-start-guide1645

App Review


In this section, you will see an installation table for all the apps that you have selected. You may review the apps that you want to install here.

Step 14: In the Application Review page under the App Install List, click the Download and Install button to proceed with the installation of the apps. crystal-eye-quick-start-guide1745

Step 15: You will now see the Marketplace Order Processing message. crystal-eye-quick-start-guide1845

Download and Install


Step 16: You will now see the Application downloading in progress. crystal-eye-quick-start-guide1945

Step 17: You will now see the Installation Completed message after the installation is completed. Click the Next button. crystal-eye-quick-start-guide2045

Note

If you click the Return to Marketplace button in the step above you will be directed to the App Selection page. crystal-eye-quick-start-guide2145

Step 18: Click the Next button. You will see the confirmation message. Click the Confirm button to proceed further. crystal-eye-quick-start-guide2245

You will be directed to the System Dashboard. Start the services that are not running in the CE XDR from the Apps Status section.crystal-eye-quick-start-guide2345