Host GS: Hosts and Services Set Up Procedures

Document created by RSA Information Design and Development Employee on Nov 7, 2017Last modified by RSA Information Design and Development Employee on Sep 8, 2020
Version 14Show Document
  • View in full screen mode
 

Every service requires a host. After you set up a host, you can assign services to and from this host to other hosts in your NetWitness Platform deployment. This topic contains information about basic procedures. For additional procedures, see Hosts and Services Maintenance Procedures.

Detailed workflow for deploying a host and maintaining hosts and services

               
High-Level TaskDescription
Set Up a Host

Complete the following tasks in the order shown to set up a host.

Step 1. Deploy a Host

Step 2. Install a Service on a Host

Step 3. Review SSL Ports for Trusted Connections

Step 4. Manage Access to a Service

Step 1. Deploy a Host

Caution: If you include "." in a host name, the host name must also include a valid domain name.

  1. Deploy a host.

    You can deploy a physical host (RSA Appliance), virtual host on-prem, a virtual in AWS, a virtual host in Azure, or a virtual host on Google Cloud Platform. See the following guides for instructions on how to deploy hosts.

    • Physical Host Installation Guide
    • Virtual Host Installation Guide
    • AWS Installation Guide
    • Azure Installation Guide
    • GCP Installation Guide
  2. Go to (Admin) > Hosts.

    The New Hosts dialog is displayed with the hosts that you deployed.

  3. Select the hosts that you want to enable.

    The Enable menu option becomes active.

  4. Click Enable.

    Example of Enable button moused over in the New Hosts dialog

  5. Select the host you enabled.

    The host is displayed in the Hosts view. At this point, you can install a service on the host.

Step 2. Install a Service on a Host

Perform the following steps to install a service on a host.

  1. In NetWitness Platform, go to (Admin) > Hosts.

    The Hosts view is displayed.

  2. Select the host on which you want to install the service (for example, Event Stream Analysis).
  3. Click The Install button in the toolbar.

    The Install Services dialog is displayed.

  4. Select a service from the Category drop-down list (for example, ESA Primary).

    The The Install button becomes active in the Install Services dialog.

  5. Click The Install button.

    Diagram with callouts of path to follow to add a service on a host

Step 3. Review SSL Ports for Trusted Connections

To support trusted connections each core service has two ports, an unencrypted non-SSL port and an encrypted SSL port. Trusted connections require the encrypted SSL port. 

Encrypted SSL Ports

By default, trusted connections are established with two settings:

  • SSL is enabled.
  • Core service is connected to an encrypted SSL port.

Each NetWitness Platform Core service has two ports:

  • Unencrypted non-SSL port
    Example: Archiver 50008
  • Encrypted SSL port
    Example: Archiver 56008

The SSL port is the non-SSL port + 6000.

For information about ports and a comprehensive list of ports for all services, see "Network Architecture and Ports" in the Deployment Guide for RSA NetWitness Platform. Go to the Master Table of Contents to find all RSA NetWitness Platform 11.x documents.

Step 4. Manage Access to a Service

In a trusted connection, a service explicitly trusts the NW Server to manage and authenticate users. With this trust, services in (Admin) > Services no longer require credentials to be defined for every NetWitness Platform Core service. Instead, users who have been authenticated by the server can access the service without entering another password.

Test a Trusted Connection

Prerequisites

  1. The administrator must assign a role to the user.
    For more information, see "Add a User and Assign a Role" in the System Security and User Management Guide.
  2. The user must:
    • Log in to NetWitness Platform for the server to authenticate the user.
    • Have access to the service.

Procedure

  1. In NetWitness Platform, go to (Admin) > Services.
    The Services view is displayed.
    Example of the Admin Services view
  2. Select the checkbox of the service (for example, a Concentrator) to test and click The Edit icon.
    The Edit Service dialog is displayed.
    Edit Service dialog of a non-licensed service
  3. Note: The Options box will only display if the selected service is not licensed. A licensed service is denoted by a The licensed icon in the Services view.

  4. Remove the username to test the connection without credentials.
  5. Click Test Connection.

    Edit Service dialog with success message

    The message Test connection successful confirms the trusted connection is established.
    The previously authenticated user can access the service without typing a username and password on the service. 

  6. Click Save.

You are here
Table of Contents > Hosts and Services Set Up Procedures

Attachments

    Outcomes