Virtual Host Setup: Install NetWitness Platform Virtual Host in Virtual Environment

Document created by RSA Information Design and Development on Apr 10, 2019
Version 1Show Document
  • View in full screen mode
 

There are two main tasks that you must complete in the order listed below to install NetWitness Platform11.2

Task 1 - Install 11.3.0.0 on the NetWitness (NW) Server Host

Task 2 - Install 11.3.0.0 on Other Component Hosts

Task 1- Install 11.3.0.0 on the NW Server Host

On the host you have deployed for the NW Server, this task installs:

  • The 11.3.0.0 NW Server environmental platform.
  • The NW Server components (that is, Admin Server, Config Server, Orchestration Server, Integration Server, Broker, Investigate Server, Reporting Engine, Respond Server and Security server).
  • A repository with the RPM files required to install the other functional components or services.
  1. Deploy your 11.3.0.0 environment:

    1. Add new VM.
    2. Configure storage.
    3. Set up firewalls.
  2. Run the nwsetup-tui command. This initiates the Setup program and the EULA is displayed.

    Note: 1.) When you navigate through the Setup program prompts, use the down and up arrows to move among fields, use Tab key to move to and from commands (such as <Yes>, <No>, <OK>, and <Cancel>. Press Enter to register your command response and move to the next prompt.
    2.) The Setup program adopts the color scheme of the desktop or console you use access the host.
    3.) If you specify DNS servers during Setup program (nwsetup-tui) execution, they MUST be valid (valid in this context means valid during setup) and accessible for the nwsetup-tui to proceed. Any misconfigured DNS servers cause the Setup to fail. If you need to reach DNS server after setup that unreachable during setup, (for example, to relocate a host after setup that would have a different set of DNS Servers), see (Optional) Task 1 - Re-Configure DNS Servers Post 11.3 section in Post Installation Tasks.
    If you do not specify DNS Servers during nwsetup-tui , you must select 1 The Local Repo (on the NW Server) in the NetWitness Platform Update Repository prompt in step 12 (the DNS servers are not defined so the system cannot access the external repo).

    EULA is displayed.

  3. Tab to Accept and press Enter.
    The Is this the host you want for your 11.3 NW Server prompt is displayed.
    The Is this the host you want for your 11.3 NW Server prompt is displayed.
  4. Tab to Yes and press Enter.
    Choose No if you already installed 11.3 on the NW Server.

    Caution: If you choose the wrong host for the NW Server and complete the Setup, you must restart the Setup Program and complete (steps 2 -14) to correct this error.

    The Install or Upgrade prompt is displayed (Recover does not apply to the installation. It is for 11.3 Disaster Recovery).
    The Install or Upgrade prompt is displayed

  5. Press Enter. Install (Fresh Install) is selected by default.
    The Host Name prompt is displayed.
    The Host Name prompt is displayed.

    Caution: If you include "." in a host name, the host name must also include a valid domain name.

  6. Press Enter if want to keep this name. If not edit the host name, Tab to OK, and press Enter to change it.
    The Master Password prompt is displayed.
    The following list of characters are supported for Master Password and Deployment Password:
    • Symbols : ! @ # % ^ +
    • Numbers : 0-9
    • Lowercase Characters : a-z
    • Uppercase Characters : A-Z

    No ambiguous characters are supported for Master Password and Deployment Password. For example:

    space { } [ ] ( ) / \ ' " ` ~ ; : .< > -

    Enter a master password

  7. Type in Password and type it in, down arrow to Verify and retype the password, Tab to OK, and press Enter.
    The Deployment Password prompt is displayed.
    The Deployment Password prompt is displayed.
  8. Type in the Password, down arrow to Verify, retype the password, Tab to OK, and press Enter.
  9. One of the following conditional prompts is displayed.

    • If the Setup program finds a valid IP address for this host, the following prompt is displayed.
      YEs o rno prompt is displayed
      Press Enter if you want to use this IP and avoid changing your network settings. Tab to Yes and press Enter If you want to change the IP configuration found on the host.
    • If you are using an SSH connection, the following warning is displayed.

      Note: If you connect directly from the host console, the following warning will not be displayed.

      Warning prompt is displayed
      Press Enter to close warning prompt.

    • If the Setup Program found an IP configuration and you chose to use it, the Update Repository prompt is displayed. Go to step 12 to and complete the installation.
    • If the Setup Program did not find an IP configuration or if you choose to change the existing IP configuration, the Network Configuration prompt is displayed.
      The Network Configuration prompt is displayed.
  10. Tab to OK and press Enter to use Static IP.
    If you want to use DHCP, down arrow to 2 Use DHCP and press Enter.
    The Static IP Configuration prompt is displayed.
    The Static IP Configuration prompt is displayed.
  11. Down arrow to the network interface you want, tab to OK, and press Enter. If you do not want to continue, tab to Exit.
    The following Static IP Configuration prompt is displayed.
    The Static IP Configuration prompt is displayed.
  12.  Type the configuration values (using the down arrow to move from field to field), Tab to OK, and press Enter.
    If you do not complete all the required fields, an an All fields are required error message is displayed (Secondary DNS Server and Local Domain Name fields are not required.)
    If you use the wrong syntax or character length for any of the fields, an Invalid <field-name> error message is displayed.

    Caution: If you select DNS Server, make sure that the DNS Server is correct and the host can access it before proceeding with the install.

    The Update Repository prompt is displayed.
    The Update Repository prompt is displayed.

  13. Select the same repo you selected when you installed the NW Server Host for all hosts.
    Press Enter to choose the Local Repo on the NW Server. If you want to use an external repo, down arrow to External Repo, tab to OK, and press Enter. If you select 1 The Local Repo (on the NW Server) in the setup program, make sure that you have the appropriate media attached to the host (media that contains the ISO file, for example a Local Repo (on the NW Server) in the setup program, make sure that you have the appropriate media attached to the host (media that contains the ISO file, for example a build stick) from which it can install NetWitness Platform 11.3.0.0.
  1. Use the down and up arrows to select 2 An External Repo (on an externally-managed server).
    The External Update Repo URl prompt is displayed.
    Refer to Appendix B. Create External Repository for instructions to set up an external repository.

  2. Enter the base URL of the NetWitness Platform external repo from the instructions followed in Appendix B. Create External Repository (for example, http:/testserver/netwitness-repo) and click OK.
    URL of the external repo
    The Disable or use standard Firewall configuration prompt is displayed.

  3. Tab to No (default), and press Enter to use the standard firewall configuration. Tab to Yes,

    and press Enter to disable the standard firewall configuration.
    Disable firewall prompt

    • If you select Yes, confirm your selection or No to use the standard firewall configuration.
      Warning prompt

    The Start Install/Upgrade prompt is displayed.

  4. Press Enter to install 11.3.0.0 on the NW Server (Install Now is the default value).

    Note: Ignore the hash code errors similar to the errors shown in the following screen shot that are displayed when you initiate the nwsetup-tui command. Yum does not use MD5 for any security operations so they do not affect the system security.

    Hash error

Task 2 - Install 11.3 on Other Component Hosts

For a functional service, complete the following tasks on a non-NW Server host.

  • Install the 11.3.0.0 environmental platform.
  • Apply the 11.3.0.0 RPM files to the service from the NW Server Update Repository.
  1. Deploy 11.3.0.0 OVA.
  2. Run the nwsetup-tui command to set up the host..
    This initiates the Setup program and the EULA is displayed.

    Note: If you specify DNS servers during Setup program (nwsetup-tui) execution, they MUST be valid (valid in this context means valid during setup) and accessible for the nwsetup-tui to proceed. Any misconfigured DNS servers cause the Setup to fail. If you need to reach DNS server after setup that unreachable during setup, (for example, to relocate a host after setup that would have a different set of DNS Servers), see (Optional) Task 1 - Re-Configure DNS Servers Post 11.3 section in Post Installation Tasks.
    If you do not specify DNS Servers during nwsetup-tui , you must select 1 The Local Repo (on the NW Server) in the NetWitness Platform Update Repository prompt in step 12 (the DNS servers are not defined so the system cannot access the external repo).

    License agreement

  3. Tab to Accept and press Enter.
    The Is this the host you want for your 11.3 NW Server prompt is displayed.
    Is this Netwitness server yes or no prompt

    Caution: If you choose the wrong host for the NW Server and complete the installation, you must restart the step up program and complete (steps 2 - 17) of Task 1- Install 11.3.0.0 on the NW Server Host to correct this error.

  4. Press Enter (No).

    The Install or Upgrade prompt is displayed (Recover does not apply to the installation. It is for 11.3 Disaster Recovery).
    Install or upgrade prompt

  5. Press Enter. Install (Fresh Install) is selected by default).
    The Host Name prompt is displayed.
    Host name prompt

    Caution: If you include "." in a host name, the host name must also include a valid domain name.

  6. If want to keep this name, press Enter. If you want to change this name, edit it, tab to OK, and press Enter

    Caution: If you change the deploy_admin user password in the NetWitness Platform User Interface (ADMIN>Security >Select deploy-admin - Reset password),
    Reset password
    you must:
    1. SSH to the NW Server host.
    2. Run the (/opt/rsa/saTools/bin/set-deploy-admin-password script.
    3. Use the new password when installing any new non-NW Server hosts.
    4. Run (/opt/rsa/saTools/bin/set-deploy-admin-password script on all non-NW Server hosts in your deployment.
    5. Write down the password because you may need to refer to it later in the installation.

    The Deployment Password prompt is displayed.
    Enter a deploy password

    Note: You must use the same deployment password that you used when you installed the NW Server.

  7. Type in the Password, down arrow to Verify, retype the password, tab to OK, and press Enter.
  8. One of the following conditional prompts is displayed.

    • If the Setup program finds a valid IP address for this host, the following prompt is displayed.
      Ip address for the host
      Press Enter if you want to use this IP and avoid changing your network settings. Tab to Yes and press Enter If you want to change the IP configuration found on the host.
    • If you are using an SSH connection, the following warning is displayed.
      SSH warning
      Press Enter to close warning prompt.

    Note: If you connect directly from the host console, the above warning will not be displayed.

    • If the Setup Program found an IP configuration and you chose to use it, the Update Repository prompt is displayed. Go to step 11 to and complete the installation.
    • If no IP configuration was found or If you chose to change the existing IP configuration, the Network Configuration prompt is displayed.
      network configuration
  9. Down arrow to the network interface you want, Tab to OK, and press Enter. The Network Configuration prompt is displayed.
    If you do not want to continue, Tab to Exit
    Network configuration
  10. Tab to OK and press Enter to use Static IP.
    If you want to use DHCP, down arrow to 2 Use DHCP and press Enter.
    The Static IP Configuration prompt is displayed.
    static ip configuration
  11. Type the configuration values (using the down arrow to move from field to field), Tab to OK, and press Enter.
    If you do not complete all the required fields, an an All fields are required error message is displayed (Secondary DNS Server and Local Domain Name fields are not required.)
    If you use the wrong syntax or character length for any of the fields, an Invalid <field-name> error message is displayed.

    Caution: If you select DNS Server, make sure that the DNS Server is correct and the host can access it before proceeding with the install.

    The Update Repository prompt is displayed.

  12. Use the down and up arrows to select 2 An External Repo (on an externally-managed server), tab to OK, and press Enter.
    The External Update Repo URL prompt is displayed.
    The repositories give you access RSA updates and CentOS updates.
  13. Enter the base URL of the NetWitness Platform external repo used to setup NW server in the previous section (for example, http://testserver/netwitness-repo) and click OK.
    External update repo url
    The NW Server IP Address is displayed.
  14. Type the IP address of the NW Server, tab to OK, and press Enter
    Nw server IP address
    The Disable or use standard Firewall configuration prompt is displayed.
  15. Tab to No (default), and press Enter to use the standard firewall configuration. Tab to Yes, and press Enter to disable the standard firewall configuration.
    Disable firewall prompt

    • If you select Yes, confirm your selection.
      Confirmation prompt
    • If you select No, the standard firewall configuration is applied.

    The Start Install prompt is displayed.

  16. Press Enter to install 11.3.0.0 on the non-NW Server (Install Now is the default value).
    Start install or upgrade
    When Installation complete is displayed, you have a generic host with an operating system compatible with NetWitness Platform 11.3.0.0.
  17. Install a component service on the non-NW Server host.
    1. Log into NetWitness Platform and click ADMIN > Hosts.
      The New Hosts dialog is displayed with the Hosts view grayed out in the background.

      Note: If the New Hosts dialog is not displayed, click Discover in the Hosts view toolbar.

    2. Select the host (host UUID) in the New Hosts dialog and click Enable.
      The New Hosts dialog closes and the host is displayed in the Hosts view.
    3. Select that host (for example, Event Stream Analysis) and click
      The Install Services dialog is displayed.
    4. Select the appropriate host type (for example, ESA Primary) in Host Type and click Install.
      Select the appropriate host

    You have completed the installation of the non-NW Server host in NetWitness Platform.

  18. Complete licensing requirements for installed services.
    See the NetWitness Platform 11.3 Licensing Management Guide for more information. Go to the Master Table of Contents to find all NetWitness Platform Logs & Network 11.x documents.
  19. Complete steps 1 through 16 for the rest of the NetWitness Platform non-NW Server components.

You are here
Table of Contents > Install SA Virtual Host in Virtual Environment > Step 4. Installation Tasks

Attachments

    Outcomes