Deployment Guide: The Basics

Document created by RSA Information Design and Development on Oct 17, 2017Last modified by RSA Information Design and Development on Jul 8, 2019
Version 10Show Document
  • View in full screen mode
 

This guide describes the basic requirements of a NetWitness Platform deployment and outlines optional scenarios to address needs of your enterprise. Even in small networks, planning can ensure that all goes smoothly when you are ready to bring the hosts online.

Note: This document refers to several additional documents available on RSA Link. Go to the Master Table of Contents to find all NetWitness Platform Logs & Network 11.x documents.

There are many factors you must consider before you deploy NetWitness Platform. The following items are just some of these factors. You need to estimate growth and storage requirements when you consider these factors

  • The size of your enterprise (that is, the number of locations and people that will use NetWitness Platform)
  • The volume of network data and logs you need to process
  • The performance each NetWitness Platform user role needs to do their jobs effectively.
  • The prevention of downtime (that is, how to avoid a single point of failure).
  • The environment in which you plan to run NetWitness Platform
    • RSA Physical Hosts (software running on hardware supplied by RSA)
      See the RSA NetWitness® Platform Physical Host Installation Guide for detailed instructions on how to deploy RSA Physical Hosts.
    • Software Only provided by RSA:
      • On-Premises (On-Prem) Virtual Hosts
        See the RSA NetWitness® Platform Virtual Host Installation Guide for detailed instructions on how to deploy on-prem virtual hosts.
      • VCloud:
        • Amazon Web Services (AWS)
          See the RSA NetWitness® Platform AWS Installation Guide for detailed instructions on how to deploy virtual hosts in AWS.
        • Azure
          See the RSA NetWitness® Platform Azure Installation Guide for detailed instructions on how to deploy virtual hosts in Azure.

Basic Deployment

Before you can deploy NetWitness Platform you need to:

  • Consider the requirements of your enterprise and understand the deployment process.
  • Have a high-level picture of the complexity and scope of a NetWitness Platform deployment.

Process

The components and topology of a NetWitness Platform network can vary greatly between installations, and should be carefully planned before the process begins. Initial planning includes:

  • Consideration of site requirements and safety requirements.
  • Review of the network architecture and port usage.
  • Support of group aggregation on Archivers and Concentrators, and virtual hosts.

When ready to begin deployment, the general sequence is:

  • For RSA Physical Hosts:
    1. Install physical hosts and connect to the network as described in the RSA NetWitness® Platform Hardware Setup Guides and the RSA NetWitness® Platform Physical Host Installation Guide.
    2. Set up licensing for NetWitness Platform as described in the RSA NetWitness® Platform Licensing Guide.
    3. Configure individual physical hosts and services as described in RSA NetWitness® Platform Host and Services Getting Started Guide. This guide also describes the procedures for applying updates and preparing for version upgrades.
  • For On-Prem virtual hosts, follow the instructions in the RSA NetWitness® Platform Virtual Host Setup Guide.
  • For AWS, follow the instructions in the RSA NetWitness® Platform AWS Installation Guide
  • For Azure, follow the instructions in the RSA NetWitness® Platform Azure Installation Guide

When updating hosts and services, follow recommended guidelines under the "Running in Mixed Mode" topic in the RSA NetWitness Platform Host and Services Getting Started Guide.

You should also become familiar with Hosts, Host Types, and Services as they are used in the context of NetWitness Platform also described in the RSA NetWitness Platform Host and Services Getting Started Guide.

NetWitness Platform High-Level Deployment Diagram

The following diagram illustrates a basic, multi-site NetWitness Platform Deployment.

RSA NetWitness Platform Detailed Host Deployment Diagram

The following diagram is an example of a NetWitness Platform deployment hosted on physical or virtual machines. For instructions on how to install NetWitness Platform see the Physical Host Installation Guide, Virtual Host Installation Guide, AWS Installation Guide, or Azure Installation Guide. Go to the Master Table of Contents to find all NetWitness Platform Logs & Network 11.x documents.

Deployment Options

You deploy RSA NetWitness Platform with the following options.

  • Group Aggregation
  • Second Endpoint Server
  • Warm Standby NW Server Host
  • Hybrid Categories on the NW Server

See Deployment Optional Setup Procedures for instructions.

You are here
Table of Contents > The Basics

Attachments

    Outcomes