AWS Deploy: Launch an Instance and Configure a Host

Document created by RSA Information Design and Development on Feb 6, 2018Last modified by RSA Information Design and Development on Apr 4, 2018
Version 4Show Document
  • View in full screen mode
 

Note: Refer to the AWS "Launching an Instance" documentation (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/usingsharedamis-finding.htmlhttp://docs.aws.amazon.com/AWSEC2/latest/UserGuide/launching-instance.html) for additional instructions.

  1. Select an instance from the grid (for example, RSA-NW-Concentrator-11.1.0.0-01) and click Launch.

  1. Choose the RAM and CPUs by selecting instance type.
    Refer to AWS Instance Configuration Recommendations for guidelines on how to configure the EC2 Instance based on the requirements of the NetWitness Suite component (that is, service) for which you are launching an instance. The following example has the m4.2xlarge instance type selected with 8 CPUs and 32 GB of RAM.

  1. Click Next: Configure Instance Details at the bottom right of the Step 2: Choose an Instance Type page.
    The Step 3. Configure Instance Details page is displayed.

    For NetWitness Suite, the subnet and VPC are defaulted to the values in the following example.

  2. Click Next: Add Storage at the bottom right of the Step 3: Configure Instance Details page.
    The Step 4. Add Storage page is displayed.

    Refer to AWS Instance Configuration Recommendations for guidelines on how to configure storage based on based on the requirements of the NetWitness Suite component (that is, service) for which you are launching an instance.

  3. Click Next: Add Tags at the bottom right of the Step 4: Add Storage page.
    The Step 5. Add Tags page is displayed. Enter the name of your Instance.
  4. Click Next: Configure Security Group at the bottom right of the Step 5: Add Tags page.
    The Step 6. Configure Security Group page is displayed.
    1. Select the "Create a new security group" radio button.
    2. Create a rule that opens all the firewall for the NetWitness Suite component.
      You must configure the security group correctly to configure the instance (host) from the NetWitness Suite) User Interface and SSH to it.

      Note: See the "Network Architecture and Ports" documentation in RSA Link (https://community.rsa.com/docs/DOC-83050) for a comprehensive list of the ports you must set up for all NetWitness Suite components..

    Note: After you configure a Security Group, you can change it at any time.

  5. Click Review and Launch at the bottom right of the Step 6: Configure Security Group page.
    The Step 7. Review Instance Launch page is displayed.
  6. Click Launch at the bottom right of the Step 7. Review Instance Launch page.
    The Select an existing key pair or create a new key pair dialog is displayed.
  7. Choose Proceed without key pair.
  8. Click Launch Instance.
    AWS displays the following information as it builds the Instance.

  9. Click View Instances.
  10. Select Instances in the left navigation panel to review all instances that AWS is initializing (for example, the NW-Concentrator) .

    The IP Address for the new RSA-NW-Concentrator-11.1.0.0-01 host is sample-ip-address.

  11. SSH to newly-created instance using the default NetWitness Suite credentials.
  12. Go to Configure Hosts (Instances) in NetWitness Suite.

Installation Tasks

Task 1 - Install 11.1.0.0 on the NetWitness Server (NW Server) Host

Note: You can perform this task for RSANW-11.1.0.0.1245-Full-01 instance.

    1. Run the nwsetup-tui command to set up the host.

    This initiates the Setup program and the EULA is displayed.

    Note: 1.) When you navigate through the Setup program prompts, use the down and up arrows to move among fields, use Tab key to move to and from commands (such as <Yes>, <No>, <OK>, and <Cancel>. Press Enter to register your command response and move to the next prompt.
    2.) The Setup program adopts the color scheme of the desktop or console you use access the host.
    3.) If you specify DNS servers during Setup program (nwsetup-tui) execution, they MUST be valid (valid in this context means valid during setup) and accessible for the nwsetup-tui to proceed. Any misconfigured DNS servers cause the Setup to fail. If you need to reach DNS server after setup that unreachable during setup, (for example, to relocate a host after setup that would have a different set of DNS Servers), see the "Post Installation Tasks" topic in the Physical Host Installation Guide.
    If you do not specify DNS Servers during setup (nwsetup-tui), you must select 1 The Local Repo (on the NW Server) in the NetWitness Suite Update Repository prompt in step 12 (the DNS servers are not defined so the system cannot access the external repo).

    1. Tab to Accept and press Enter.
      The "Is this the NW Server" prompt is displayed.
    2. Tab to Yes and press Enter.
      Choose No if you already installed 11.1.0.0 on the NW Server.

      Caution: If you choose the wrong host for the NW Server and complete the Setup, you must restart the Setup Program (step 2) and complete all the subsequent steps to correct this error.

      The Install or Upgrade prompt is displayed.

    3. Press Enter (Install is selected by default).
      The "Host Name" prompt is displayed.

    4. Press Enter if want to keep this name. If not edit the host name, tab to OK, and press Enter to change it.
      The "Master Password prompt" is displayed.
      The following list of characters are supported for Master Password and Deployment Password:
      • Symbols : ! @ # % ^ + ,
      • Numbers :0-9
      • Lowercase Characters : a-z
      • Uppercase Characters : A-Z
        No ambiguous characters are supported for Master Password and Deployment Password (for example: space { } [ ] ( ) / \ ' " ` ~ ; : . < > -.

    5. Type in the Password, down arrow to Verify, retype the password, tab to OK, and press Enter.
      The "Deployment Password" prompt is displayed.

    6.  

      Type in the Password, down arrow to Verify, retype the password, tab to OK, and press Enter.
      If:

      • The Setup program finds a valid IP address for this host, the following prompt is displayed.

        Press Enter if you want to use this IP and avoid changing your network settings. Tab to Yes and press Enter if you want to change the IP configuration found on the host.
      • If you are using an SSH connection, the following warning is displayed.

      Note: If you connect directly from the host console, the following warning will not be displayed.


      Press Enter to close warning prompt.

      • If the Setup Program found an IP configuration and you chose to use it, the Update Repository prompt is displayed. Go to step 12 to and complete the installation.
      • If The Setup Program did not find an IP configuration or if you chose to change the existing IP configuration, the Network Configuration prompt is displayed.

       
    7. Tab to OK and press Enter to use Static IP.
      If you want to use DHCP, down arrow to 2 Use DHCP and press Enter.
      The Network Configuration prompt is displayed.
    8. Down arrow to the network interface you want, tab to OK, and press Enter. If you do not want to continue, tab to Exit.
      The Static IP Configuration prompt is displayed.
    9. Type the configuration values (using the down arrow to move from field to field), tab to OK, and press Enter.
      If you do not complete all the required fields, an All fields are required error message is displayed (Primary DNS Server, Secondary DNS Server, and Local Domain Name fields are not required.)
      If you use the wrong syntax or character length for any of the fields, an Invalid field-name error message is displayed.

    Caution: If you select DNS Server, make sure that the DNS Server is correct and the host can access it before proceeding with the install.

    The Update Repository prompt is displayed.

       

    1. If you select 2 An External Repo (on an externally-managed server), the UI prompts you for a URL.

    Enter the base URL of the NetWitness Suite external repo and click OK. The Start Install

    prompt is displayed.

    1. Apply the standard firewall configuration, press Enter.
      • Disable the standard configuration, tab to Yes and press Enter.
        The Disable firewall prompt is displayed.

        The disable firewall configuration confirmation prompt is displayed.

        Tab to Yes and press Enter to confirm (press Enter to use standard firewall configuration).
    2. Press Enter to install 11.1.0.0 on the NW Server.
      The Start Install prompt is displayed.

      When "Installation complete" is displayed, you have installed the 11.1.0.0 NW Server on this host.

      Note: Ignore the hash code errors similar to the errors shown in the following screen shot that are displayed when you initiate the nwsetup-tui command. Yum does not use MD5 for any security operations so they do not affect the system security.

  • Task 2 - Install 11.1.0.0 on Other Component Hosts

    Note: You can perform this task for RSANW-11.1.0.0.1245-Lite-01 instance.

    1. Run the nwsetup-tui command to set up the host.

    This initiates the Setup program and the EULA is displayed.

    Note: 1.) When you navigate through the Setup program prompts, use the down and up arrows to move among fields, use Tab key to move to and from commands (such as <Yes>, <No>, <OK>, and <Cancel>. Press Enter to register your command response and move to the next prompt.
    2.) The Setup program adopts the color scheme of the desktop or console you use access the host.
    3.) If you specify DNS servers during Setup program (nwsetup-tui) execution, they MUST be valid (valid in this context means valid during setup) and accessible for the nwsetup-tui to proceed. Any misconfigured DNS servers cause the Setup to fail. If you need to reach DNS server after setup that unreachable during setup, (for example, to relocate a host after setup that would have a different set of DNS Servers), see the "Post Installation Tasks" topic in the Physical Host Installation Guide..
    If you do not specify DNS Servers during setup (nwsetup-tui), you must select 1 The Local Repo (on the NW Server) in the NetWitness Suite Update Repository prompt in step 12 (the DNS servers are not defined so the system cannot access the external repo).

    1. Tab to Accept and press Enter.
    2. The "Is this the NW Server" prompt is displayed.

      Tab to No and press Enter.

    Caution: If you choose the wrong host for the NW Server and complete the Setup, you must restart the Setup Program (step 2) and complete all the subsequent steps to correct this error.

    1. The Install or Upgrade prompt is displayed.

      Press Enter (Install is selected by default).

    1. The "Host Name" prompt is displayed.

      Press Enter if want to keep this name. If not edit the host name, tab to OK, and press Enter to change it.
    2. The "Deployment Password" prompt is displayed.

      Type in the Password, down arrow to Verify, retype the password, tab to OK, and press Enter.
    3. If:
      The Setup program finds a valid IP address for this host, the following prompt is displayed.

      Press Enter if you want to use this IP and avoid changing your network settings.
      Tab to Yes and press Enter If you want to change the IP configuration found on the host.
      You are using an SSH connection, the following warning is displayed.

      Press Enter to close warning prompt. The Setup Program found an IP configuration and you chose to use it, the Update Repository prompt is displayed. Go to step 12 to and complete the installation.
    4. The Setup Program did not find an IP configuration or if you chose to change the existing IP configuration, the Network Configuration prompt is displayed.

      Tab to OK and press Enter to use Static IP.
      If you want to use DHCP, down arrow to 2 Use DHCP and press Enter.

    5. The Network Configuration prompt is displayed.

      Down arrow to the network interface you want, tab to OK, and press Enter. If you do not want to continue, tab to Exit.
    6. The Static IP Configuration prompt is displayed.

      Type the configuration values (using the down arrow to move from field to field), tab to OK, and press Enter.
    7. If you do not complete all the required fields, an All fields are required error message is displayed (Primary DNS Server, Secondary DNS Server, and Local Domain Name fields are not required.)
      If you use the wrong syntax or character length for any of the fields, an Invalid field-name error message is displayed.

      Caution: If you select DNS Server, make sure that the DNS Server is correct and the host can access it before proceeding with the install.

    8. The Update Repository prompt is displayed.

      Press Enter to choose the Local Repo on the NW Server.

    9. To:
      • Apply the standard firewall configuration, press Enter.
      • Disable the standard configuration, tab to Yes and press Enter.
        The Disable firewall prompt is displayed.

        The disable firewall configuration confirmation prompt is displayed.

        Tab to Yes and press Enter to confirm (press Enter to use standard firewall configuration).
    10. The Start Install prompt is displayed.

      Press Enter to install 11.1 on the NW Server.
      When "Installation complete" is displayed, you have installed the 11.1.0.0 NW Server on this host.

      Note: Ignore the hash code errors similar to the errors shown in the following screen shot that are displayed when you initiate the nwsetup-tui command. Yum does not use MD5 for any security operations so they do not affect the system security.

    You are here
    Table of Contents > AWS Deployment > Step 3.  Launch an Instance and Configure a Host

    Attachments

      Outcomes