You can add a Malware Analysis host and service to NetWitness Platform. Your NetWitness Platform environment determines how you add a host. Refer to the basic instructions for adding a host (Add or Update a Host) in the Host and Services Getting Started Guide. Use the procedure in this section only if you need to add a Malware Analysis host manually.
- Add Malware Analysis host if there is a physical or virtual Malware Analysis appliance.
To add a host and service in NetWitness Platform, the operations setup must be complete and an instance of NetWitness Platform must be installed and running.
To manually add a Malware Analysis host to NetWitness Platform:
- Log in to NetWitness Platform.
- In the main menu, select Administration > Hosts. The Administration > Hosts view is displayed.
- In the Hosts panel toolbar, click .
The Add Host dialog is displayed.
- In the Name field, enter a name for the Malware Analysis host. In the Hostname field, enter the host name, the virtual IP address, or IP address on the Malware Analysis. Click Save.
- In the toolbar, select Services.
- In the Services panel toolbar, click and select Malware Analysis in the resulting drop-down list of available services.
- Enter the following information:
In the Name field, enter a name for the Malware Analysis service.
In the Host field, enter the host name, the virtual IP address, or IP address on the Malware Analysis.
In the Port field, enter 60007.
(Optional) Under Options, select Entitle Service.
Click Test Connection.
While adding the service, NetWitness Platform sends ICMP packets to the service to verify if the hostname and ip address entered is valid for a successful test connection. The result of the test is displayed in the Add Service dialog. If the test is unsuccessful, edit the service information and retry.
- When the result is successful, click save. The Add Service dialog closes and the Malware Analysis service is available to NetWitness Platform.(Optional) Verify the status of the Malware Analysis service. In the Administration Services view, select the Malware Analysis service and select View > System. Below is a sample of the information available for a Malware Analysis service.
The Add Service dialog is displayed with the service type Malware Analysis
- If the service is not licensed, navigate to the Administration > System > Licensing panel, and select Refresh Licenses in the Licensing Actions menu.