Lic: Step 1: Register the Security Analytics Server

Document created by RSA Information Design and Development on Jul 27, 2016
Version 1Show Document
  • View in full screen mode
 

This topic provides instructions for the first step in the Security Analytics entitlement process, registering the Security Analytics server and mapping entitlements to the Local License Server (LLS).

Prerequisites

A prerequisite for registering the Security Analytics server to Download Central is to have the License Server installed and running. This is required to tie entitlements to the server.

Verify That the License Server is Installed and Running

To verify the License Server is installed and running:

  1. Log on to the Security Analytics server at https://<SA-IP>, where <SA-IP> is the Security Analytics server IP address. You are prompted with a screen asking for your RSA Product License Number. You must enter the Serial Number of your Security Analytics server appliance in order to continue with the license installation process. This can be found through SSH by issuing the following command:

    dmidecode -s system-serial-number

    The following message may be displayed.

    certnotrusted.png

  2. If you receive a message that the certificate is not installed, select Proceed Anyway. (A document describing how to update with a self-signed or CA certificate is available at: https://knowledge.rsasecurity.com/scolcms/knowledge.aspx#a58829.)

    The Security Analytics user interface is displayed.

  3. In the Security Analytics menu, select Administration > System.
  4. The Administration System view opens to display the Version Information in the Info panel.

    info_pnl.png

  5. Under Version Information, locate the License Server ID.

    • If the field contains a value and the License Status is Enabled, the Local License Server (LLS) packages are installed and running. You can proceed with server registration.
    • If the field contains a value and the License Status is Disabled, the Local License Server (LLS) packages are installed but not running. Click Enable to enable the LLS before proceeding with server registration.
    • If there is no value for License Server ID, verify that the appropriate LLS packages are installed  and running using the following commands:

      rpm -qa | grep fneserver
      ps aux | grep fneserver

Register the Server

You can register the server in two ways:

  • Register the server online in the Download Central Portal.
  • Create an offline capability request in Security Analytics and upload the request to the Download Central Portal.

Register Online

To register the License Server ID online:

  1. Navigate to the Download Central Portal at https://download.rsasecurity.com/ and log on with your user credentials.

    The Download Central Menu is displayed.

    DownloadCentralMenu.png

  2. Do one of the following:

    • If you have already entered a server, under Management select Search Servers and skip to Step 3.
    • If you have not entered the server information, under Appliance Management select Create Server.

      The Create Server dialog is displayed.

      103-SP2-DLC_Create_Server_Page.png

  3. Complete these fields in the dialog:

    • Copy or enter (in upper case letters) the License Server ID in the License Server ID field.
    • In the ID Type drop-down, select ETHERNET (the default value).
    • In the Type drop-down, select Ethernet (the default value).
    • (Optional) In the Alias field, type an alias to your Appliance ID.
  4. Click Create Server.

    The server is registered and you can now map entitlements as described below.

Register Using an Offline Capability Request

If you do not want to register the Security Analytics server online, you can download an offline capability request in Security Analytics and upload that binary request to the Download Central Portal.

To register the server using an offline capability request:

  1. Log on to the Security Analytics server at https://<SA-IP>, where <SA-IP> is the Security Analytics server IP address.
  2. In the Security Analytics menu, select Administration > System.
    The Administration System view is displayed.
  3. Select the Settings tab.

    The Licensing panel is displayed.

    Settings_Tab.png

  4. In the Download Offline Request section, select Download Request.
    A file called OfflineCapabilityRequest.bin is downloaded to the local system. This file contains current licensing information for the Security Analytics server.
  5. Navigate to the Download Central Portal at https://download.rsasecurity.com/ and log on with your user credentials.

    The Download Central menu is displayed.

    DownloadCentralMenu.png

  6. Under Device Management, click Upload Capability Request.

    The Upload Capability Request dialog is displayed.

    CapabilityRequestUpload.png

  7. Click Choose File and browse the local file system to find the file downloaded from the Security Analytics Server. Select OfflineCapabilityRequest.bin.
    The filename is displayed next to the Choose File button.
  8. Click Send.
    The server is created in Download Central, and the server information is displayed in the View Server dialog. This information includes the data just entered as well as information about any entitlements that have been added to the Security Analytics server. If the server has just been added, there are no entries under Add-Ons.
    The server is registered and you can now map entitlements as described below.

Map Entitlements

Mapping entitlements involves choosing the quantity of available licensed appliance entitlements to pull to this Security Analytics server during synchronization. To map appliance entitlements to the server:

  1. In the View Server page, click Map Add-Ons.

    The Map Add-Ons section is displayed.

    The Add-On table lists all entitlements that are available for your account. The table has a row for each appliance entitlement, with the following information:

    • Add-On Name: The name of the entitlement; for example, SMC Concentrator or SMC Decoder.
    • Serial Number: The serial number associated with an order.
    • Expiration: For keys that are not permanent, the expiration information. The value in this field is a specific date (for example, 12/11/2015) or a time range (for example, 90 days). If the value is a time range, the expiration period begins when the add-on is mapped to a server.
    • Available Units in Line Item: The quantity of entitlements currently available in an add-on order. This quantity is the difference between the Total Units and the entitlements that have been pulled to a Security Analytics server for appliance licensing.
    • Total Units in Line Item: The total quantity of entitlements tied to a specific add-on order.
    • Quantity to Add: The number of entitlements tied to a specific add-on order.
  2. To designate the quantity of entitlements to pull to the Security Analytics server from an add-on order, type a quantity in the Units to Configure column.
  3. Click Map Add-Ons.

    The View Server page displays a message indicating that the entitlements were successfully mapped to the Security Analytics server.

    LicensingViewServerSucces.png

    Entitlements are now dedicated and set aside from an accounts pool. The message Waiting to add to appliance is displayed in the Status for each entitlement. The entitlements are not yet pulled to the server.

  4. (Optional) If you want to add more entitlements, use the Map Add-Ons option.
  5. (Optional) If you want to remove entitlements, use the Remove Add-Ons option.
    Now you can synchronize to pull down the mapped entitlements to the Security Analytics server. 

What Happens if No License is Installed

If you have not installed a Security Analytics Version 10.5 license, you will see the following banner when you log in to the system at the end of 90 days:

unlicbanner.png

You will also see the following Out of Compliance Acknowledgement message:

unlic_eula.png

Click Accept to continue using your product.

Note: In a multiple Security Analytics deployment where the services are connected to both primary and secondary Security Analytics and the services are licensed only with the primary Security Analytics, a license expiry message is shown for the same services on the secondary Security Analytics. You can ignore the message and continue using the product.

You are here: Initial Set Up > Step 1. Register the Security Analytics Server

Attachments

    Outcomes