Complete the following tasks to deploy a NetWitness Server (NW Server) on a virtual machine (VM) in the Azure Cloud environment.
- Task 1. - Upload NW Server VHDs
- Task 2. - Create NW Server Image
- Task 3. - Create Virtual Machine (VM)
Complete the following steps to upload NW Server VHDs to Azure.
Contact RSA Customer Support (https://community.rsa.com/docs/DOC-1294) to open a support case requesting the NW Server VHDs. A valid throughput license will be required.
- Customer Support will update the case with VHD URI's.
In the Azure Portal, open the Powershell CLI.
You will need a storage account, blob service and container setup. This is where the VHD’s will be copied to. After these are in place, you can execute the following command within the Azure Portal Powershell CLI. Alternatively, you can also run these commands from the Powershell in your workstation:
- Run this command from Powershell to install AzureRM: Install-Module -Name AzureRM –AllowClobber
- Execute this command to verify the installation process has been successfully done: Import-Module -Name AzureRM
- If you find any error regarding execution policy, execute this command: - Set-ExecutionPolicy -ExecutionPolicy RemoteSigned (then repeat step b)
- (Optional) If you are running the commands from the Powershell in your workstation, login to your Azure account using this command: Login-AzureRmAccount
- Select the Subscription: Select-AzureRmSubscription -SubscriptionId <subscriptionid>
- Create a target context: $targetStorageContext = (Get-AzureRmStorageAccount -ResourceGroupName <resource-group-name> –Name <storage-account-name>).Context
- Start the copy: Start-AzureStorageBlobCopy -AbsoluteUri “<SAS-URL>” -DestContainer <container-name> -DestBlob <destination-blob-name> -DestContext $targetStorageContext
- You can get the Blob copy status by executing this command: Get-AzureStorageBlobCopyState -Blob "< destination-blob-name>" -Container "<container-name> " –Context $targetStorageContext
Once the VHD’s are successfully copied. You’ll need to create an image and VM.
Verify that all the NW Server VHDs are uploaded into the Azure Cloud.
- Log in to the Azure portal (https://portal.azure.com).
- In the right panel, click Storage accounts > netwitnessazurestorage1 > Blob service > nwazurevhdstore.
(Optional) In the Azure Explorer, go to the NetWitness group > Storage Accounts > netwitnessazurestorage1) > Blob Containers > nwazurevhdstore). The following screen shot shows you an example of the contents of a storage container.
Task 2. - Create NW Server Image
Complete the following steps to create an NW Server image in Azure from upload VHDs.
- Log in to https://portal.azure.com.
- In the left panel, click More Services and filter by Images.
- Click Images.
- Create and configure the Image.
- Click Add.
- Enter an Image Name, select the correct Resource Group, select a valid Location, and set the OS Disk to Linux.
In the Storage blob, browse to where VHDs are uploaded.
- Make sure that Standard (HDD) is selected for Account Type.
The following screen shot illustrates a completed Create Image view.
- Click Create to create the Image.
The following confirmation is displayed when the image is created.
Task 3. Create Virtual Machine (VM)
Complete the following steps to create a VM in Azure using the NetWitness Server image.
- Go to Images and click Create VM.
The 1 Basics - Configure basic settings section is in focus.
- Define values for all of the fields.
- In the Name field, enter a user-defined name (for example, NWServer1100).
- In the VM disk type field, select HDD from the drop-down list.
- In the User name field, enter a valid username.
- In the Authentication type field, click Password and enter a strong password that is a combination of lowercase, uppercase, numeral and a symbol (for example, Password@123).
- Make sure that the values selected in the Subscription, Resource group and Location fields are correct.
- Click size-required-based-on-capacity (for example, F8 Standard), and click Select.
- Click and define the fields.
- In the Storage field, make sure that Use manage disks is set to Yes.
- In the Network field, select:
- A valid Virtual network and Subnet.
- None for the Public IP address.
RSA recommends None for the Public IP address (this is not mandatory). You can assign a public IP address, but it countermands Best Practices to assign a public IP to something that is based in the Azure Cloud.
- A valid Network security group.
For information on Network security groups, see the Microsoft Azure documentation (https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-nsg).
- A valid Virtual network and Subnet.
- In the Monitoring field, select:
- Enabled for Boot Diagnostics
- Enabled for Guest OS diagnostics
- Valid Diagnostics storage account
- Click OK.
- Verify that the Validation passed, and click OK.
You know that the NW Server VM Deployment is successful when you see the VM status as Running.
- Click Properties to view the IP Address details.
- SSH to the VM using the username that you specified in Step 2d of Task 3 and reset the root password. Use the su passwd root command string to reset the root password as shown in the following screen shot.
Close the current SSH session and open a new SSH session with root as the username and the password created in the previous step.