Hosts and Services Set Up ProceduresHosts and Services Set Up Procedures
Every service requires a host. After you set up a host, you can assign services to and from this host to other hosts in your NetWitness Platform deployment. This topic contains information about basic procedures. For additional procedures, see Hosts and Services Maintenance Procedures.
|Set Up a Host||
Complete the following tasks in the order shown to set up a host.
Step 1. Deploy a HostStep 1. Deploy a Host
Caution: If you include "." in a host name, the host name must also include a valid domain name.
Deploy a host.
You can deploy a physical host (RSA Appliance), virtual host on-prem, a virtual in AWS, a virtual host in Azure, or a virtual host on Google Cloud Platform. See the following guides for instructions on how to deploy hosts.
- Physical Host Installation Guide
- Virtual Host Installation Guide
- AWS Installation Guide
- Azure Installation Guide
- GCP Installation Guide
Go to (Admin) > Hosts.
The New Hosts dialog is displayed with the hosts that you deployed.
Select the hosts that you want to enable.
The Enable menu option becomes active.
Select the host you enabled.
The host is displayed in the Hosts view. At this point, you can install a service on the host.
Step 2. Install a Service on a HostStep 2. Install a Service on a Host
Perform the following steps to install a service on a host.
In NetWitness Platform, go to (Admin) > Hosts.
The Hosts view is displayed.
- Select the host on which you want to install the service (for example, Event Stream Analysis).
Click in the toolbar.
The Install Services dialog is displayed.
Select a service from the Category drop-down list (for example, ESA Primary).
The becomes active in the Install Services dialog.
Step 3. Review SSL Ports for Trusted ConnectionsStep 3. Review SSL Ports for Trusted Connections
To support trusted connections each core service has two ports, an unencrypted non-SSL port and an encrypted SSL port. Trusted connections require the encrypted SSL port.
Encrypted SSL PortsEncrypted SSL Ports
By default, trusted connections are established with two settings:
- SSL is enabled.
- Core service is connected to an encrypted SSL port.
Each NetWitness Platform Core service has two ports:
- Unencrypted non-SSL port
Example: Archiver 50008
- Encrypted SSL port
Example: Archiver 56008
The SSL port is the non-SSL port + 6000.
For information about ports and a comprehensive list of ports for all services, see "Network Architecture and Ports" in the Deployment Guide for RSA NetWitness Platform. Go to the Master Table of Contents to find all RSA NetWitness Platform 11.x documents.
Step 4. Manage Access to a ServiceStep 4. Manage Access to a Service
In a trusted connection, a service explicitly trusts the NW Server to manage and authenticate users. With this trust, services in (Admin) > Services no longer require credentials to be defined for every NetWitness Platform Core service. Instead, users who have been authenticated by the server can access the service without entering another password.
Test a Trusted ConnectionTest a Trusted Connection
- The administrator must assign a role to the user.
For more information, see "Add a User and Assign a Role" in the System Security and User Management Guide.
- The user must:
- Log in to NetWitness Platform for the server to authenticate the user.
- Have access to the service.
- In NetWitness Platform, go to (Admin) > Services.
The Services view is displayed.
- Select the checkbox of the service (for example, a Concentrator) to test and click .
The Edit Service dialog is displayed.
- Remove the username to test the connection without credentials.
Click Test Connection.
The message Test connection successful confirms the trusted connection is established.
The previously authenticated user can access the service without typing a username and password on the service.
- Click Save.
Note: The Options box will only display if the selected service is not licensed. A licensed service is denoted by a in the Services view.