Licensing: Register the NetWitness Server

Document created by RSA Information Design and Development on Sep 13, 2017Last modified by Scott Marcus on Oct 13, 2017
Version 6Show Document
  • View in full screen mode
  

This topic provides instructions for the first step in the NetWitness Suite entitlement process, registering the NetWitness Server and mapping entitlements to the Local License Server (LLS).

Prerequisites

A prerequisite for registering the NetWitness Server to Download Central is to have the License Server installed and running. This is required to tie entitlements to the server.

Verify That the License Server is Installed and Running

To verify the License Server is installed and running:

  1. Log on to the NetWitness Server at https://<NW-IP>, where <NW-IP> is the NetWitness Server IP address. You are prompted with a screen asking for your RSA Product License Number. You must enter the Serial Number of your NetWitness Server host in order to continue with the license installation process. This can be found through SSH by issuing the following command:

    dmidecode -s system-serial-number

    The following message may be displayed.

    Warning message stating that security certificate is not installed.

  2. If you receive a message that the certificate is not installed, click Proceed Anyway. A document describing how to update with a self-signed or CA certificate is available at:

    https://knowledge.rsasecurity.com/scolcms/knowledge.aspx#a58829.

    The NetWitness Suite user interface is displayed.

  3. Go to ADMIN > System.
  4. The Admin System view opens to display the Version Information in the Info panel.

  5. Under Version Information, locate the License Server ID.

    • If the field contains a value and the License Status is Enabled, the Local License Server (LLS) packages are installed and running. You can proceed with server registration.
    • If the field contains a value and the License Status is Disabled, the Local License Server (LLS) packages are installed but not running. Click Enable to enable the LLS before proceeding with server registration.
    • If there is no value for License Server ID, verify that the appropriate LLS packages are installed  and running using the following commands:

      rpm -qa | grep fneserver
      ps aux | grep fneserver

Register the Server

You can register the server in two ways:

  • Register the server online in the Download Central Portal.
  • Create an offline capability request in NetWitness Suite and upload the request to the Download Central Portal.

Register Online

To register the License Server ID online:

  1. Navigate to the Download Central Portal at https://download.rsasecurity.com/ and log on with your user credentials.

    The Download Central Menu is displayed.

    Download Central menu is displayed.

  2. Do one of the following:

    • If you have already entered a server, under Management select Search Servers and skip to Step 3.
    • If you have not entered the server information, under Appliance Management select Create Server.
    • The Create Server dialog is displayed.

      Create software license in Download Central is displayed.

  3. Complete these fields in the dialog:

    • Copy or enter (in uppercase letters) the License Server ID in the License Server ID field.
    • In the ID Type drop-down, select ETHERNET (the default value).
    • In the Type drop-down, select Ethernet (the default value).
    • (Optional) In the Alias field, type an alias to your Appliance ID.
  4. Click Create Server.

The server is registered and you can now map entitlements as described below.

Register Using an Offline Capability Request

If you do not want to register the NetWitness Server online, you can download an offline capability request in NetWitness Suite and upload that binary request to the Download Central Portal.

To register the server using an offline capability request:

  1. Log on to the NetWitness Server at https://<NW-IP>, where <NW-IP> is the NetWitness Server IP address.
  2. Go to ADMIN > System.

    License version is displayed.

    The Admin System view is displayed.

  3. Select the Settings tab.

    The Licensing panel is displayed.

    Licensing Notifications screen is displayed.

  4. In the Download Offline Request section, click Download Request.
    A file called OfflineCapabilityRequest.bin is downloaded to the local system. This file contains current licensing information for the NetWitness Server.
  5. Navigate to the Download Central Portal at https://download.rsasecurity.com/ and log on with your user credentials.

    The Download Central menu is displayed.

  6. Under Device Management, click Upload Capability Request.

    The Upload Capability Request dialog is displayed.

    Upload Capability Request dialog is displayed.

  7. Click Choose File and browse the local file system to find the file downloaded from the NetWitness Server. Select OfflineCapabilityRequest.bin.

    The filename is displayed next to the Choose File button.

  8. Click Send.

    The server is created in Download Central, and the server information is displayed in the View Server dialog. This information includes the data just entered as well as information about any entitlements that have been added to the NetWitness Server. If the server has just been added, there are no entries under Add-Ons.

    The server is registered and you can now map entitlements as described below.

Map Entitlements

Mapping entitlements involves choosing the quantity of available licensed appliance entitlements to pull to this NetWitness Server during synchronization. To map appliance entitlements to the server:

  1. In the View Server page, click Map Add-Ons.

    The Map Add-Ons section is displayed.

    Map Add-Ons section is displayed.

    The Add-On table lists all entitlements that are available for your account. The table has a row for each appliance entitlement, with the following information:

    • Add-On Name: The name of the entitlement; for example, SMC Concentrator or SMC Decoder.
    • Serial Number: The serial number associated with an order.
    • Expiration: For keys that are not permanent, the expiration information. The value in this field is a specific date (for example, 12/11/2017) or a time range (for example, 90 days). If the value is a time range, the expiration period begins when the add-on is mapped to a server.
    • Available Units in Line Item: The quantity of entitlements currently available in an add-on order. This quantity is the difference between the Total Units and the entitlements that have been pulled to a NetWitness Server for appliance licensing.
    • Total Units in Line Item: The total quantity of entitlements tied to a specific add-on order.
    • Quantity to Add: The number of entitlements tied to a specific add-on order.
  2. To designate the quantity of entitlements to pull to the NetWitness Server from an add-on order, type a quantity in the Units to Configure column.
  3. Click Map Add-Ons.

    The View Server page displays a message indicating that the entitlements were successfully mapped to the NetWitness Server.

    View Server page is displayed.

    Entitlements are now dedicated and set aside from an accounts pool. The message Waiting to add to appliance is displayed in the Status for each entitlement. The entitlements are not yet pulled to the server.

  4. (Optional) If you want to add more entitlements, use the Map Add-Ons option.
  5. (Optional) If you want to remove entitlements, use the Remove Add-Ons option.

Now you can synchronize to pull down the mapped entitlements to the NetWitness Server.

What Happens if No License is Installed

If you have not installed a NetWitness Suite Version 11.0.0.0 license, an Out-of-Compliance banner is displayed when you log in to the system at the end of 90 days.

The following Out of Compliance Acknowledgement message is displayed.

Out-of-Compliance Acknowledgement dialog is displayed.

Click Accept to continue using your product.

Note: In a multiple NetWitness Suite deployment where the services are connected to both primary and secondary NetWitness Suite and the services are licensed only with the primary NetWitness Suite, a license expiry message is shown for the same services on the secondary NetWitness Suite. You can ignore the message and continue using the product.

 

Previous Topic:Initial Set Up
You are here

Table of Contents > Initial Set Up > Register the Security Analytics Server

Attachments

    Outcomes