You can add a Malware Analysis host and service to NetWitness Suite. Your NetWitness Suite environment determines how you add a host. Refer to the basic instructions for adding a host (Add or Update a Host) in the Host and Services Getting Started Guide. Use the procedure in this section only if you need to add a Malware Analysis host manually.
- For co-located Malware Analysis on the NetWitness Server, the NetWitness Server is already added as a host, and you need to add the Malware Analysis service on the server.
- Only add Malware Analysis host if there is a physical or virtual Malware Analysis appliance (not co-located Malware Analysis service on the NetWitness Server).
To add a host and service in NetWitness Suite, the operations setup must be complete and an instance of NetWitness Suite must be installed and running.
To manually add a Malware Analysis host to NetWitness Suite:
- Log in to NetWitness Suite.
- In the main menu, select Administration > Hosts. The Administration > Hosts view is displayed.
- In the Hosts panel toolbar, click .
The Add Host dialog is displayed.
- In the Name field, enter a name for the Malware Analysis host. In the Hostname field, enter the host name, the virtual IP address, or IP address on the Malware Analysis. Click Save.
- In the toolbar, select Services.
- In the Services panel toolbar, click and select Malware Analysis in the resulting drop-down list of available services.
- Enter the following information:
In the Name field, enter a name for the Malware Analysis service.
In the Host field, enter the host name, the virtual IP address, or IP address on the Malware Analysis.
In the Port field, enter 60007.
(Optional) Under Options, select Entitle Service.
- Click Test Connection.
While adding the service, NetWitness Suite sends ICMP packets to the service to verify if the hostname and ip address entered is valid for a successful test connection. The result of the test is displayed in the Add Service dialog. If the test is unsuccessful, edit the service information and retry.
- When the result is successful, click save. The Add Service dialog closes and the Malware Analysis service is available to NetWitness Suite.(Optional) Verify the status of the Malware Analysis service. In the Administration Services view, select the Malware Analysis service and select View > System. Below is a sample of the information available for a Malware Analysis service.
- The Add Service dialog is displayed with the service type Malware Analysis
- If the service is not licensed, navigate to the Administration > System > Licensing panel, and select Refresh Licenses in the Licensing Actions menu.