MA: Step 2: Add Malware Analysis Host and Service

Document created by RSA Information Design and Development on Jul 29, 2016
Version 1Show Document
  • View in full screen mode
 

Your Security Analytics environment determines how you add a host. Refer to Add or Update a Host, in the Hosts and Services Getting Started Guide. Use the procedure in this section only if you need to add a Malware Analysis host manually.

  • For co-located Malware Analysis on the Security Analytics Server, the Security Analytics Server is already added as a host, and you need to add the Malware Analysis service on the server.
  • Only add Malware Analysis host if there is a physical or virtual Malware Analysis appliance (not co-located Malware Analysis service on the Security Analytics Server).

Prerequisite

To add a host and service in Security Analytics, the operations setup must be complete and an instance of Security Analytics must be installed and running.

To manually add a Malware Analysis host to Security Analytics:

  1. Log on to Security Analytics.
  2. In the Security Analytics menu, select Administration > Hosts.
    The Administration > Hosts view is displayed.
  3. In the Hosts panel toolbar, click Icon-Add.png.
    The Add Host dialog is displayed.
    AdHst.png
  4. In the Name field, enter a name for the Malware Analysis host. In the Hostname field, enter the host name, the virtual IP address, or IP address on the Malware Analysis. Click Save.
  5. In the Security Analytics toolbar, select Services.
  6. In the Services panel toolbar, click Icon-Add.png and Malware Analysis in the resulting drop-down list of available services.
    The Add Service dialog is displayed with the service type Malware Analysis.
    AdSvce.png
  7. Enter the following information:
    In the Name field, enter a name for the Malware Analysis service.
    In the Host field, enter the host name, the virtual IP address, or IP address on the Malware Analysis.
    In the Port field, enter 60007.
    (Optional) Under Options, select Automatically Entitle Service.
  8. Click Test Connection.
    While adding the service, Security Analytics sends ICMP packets to the service to verify if the hostname and ip address entered is valid for a successful test connection. The result of the test is displayed in the Add Service dialog. If the test is unsuccessful, edit the service information and retry.
  9. When the result is successful, click Save.
    The Add Service dialog closes and the Malware Analysis service is available to Security Analytics.
  10. (Optional) Verify the status of the Malware Analysis service. In the Administration Services view, select the Malware Analysis service and select ic-actns.png > View > System. Below is a sample of the information available for a Malware Analysis service.
    SvcsInfo.png
  11. In the Services grid, select the Malware Analysis service and select Licenses > Activate in the toolbar.
You are here: Basic Setup > Step 2: Add Malware Analysis Host and Service

Attachments

    Outcomes