Prerequisites

  • Install RSA NetWitness Platform. For more information, see the Physical Host Installation Guide or Virtual Host Installation Guide.
  • Install NetWitness Endpoint Log Hybrid. For more information, see the Physical Host Installation Guide or Virtual Host Installation Guide.
  • Deploy ESA Rules from the Endpoint Rule Bundle. For more information, see ESA Configuration Guide.
  • Configure Endpoint Metadata forwarding. For more information, see NetWitness Endpoint Configuration Guide.

  • Review the default policies and create groups to manage your agents. For more information, see NetWitness Endpoint Configuration Guide.
  • Configure your RSA Live account and make sure the File Reputation service is enabled. For more information, see Live Services Management Guide.
  • To migrate an existing NetWitness Endpoint 4.4.0.x to NetWitness Platform 11.5 and later, see https://community.rsa.com/t5/rsa-netwitness-platform/post-migration-steps-for-importing-configurations-from-rsa/ta-p/129 to import the NetWitnes Endpoint 4.4.0.x configurations (file status, certificate status and blocked hashes).

Note: If you are upgrading, make sure that you deploy the latest Endpoint application rules from RSA Live. For more information, see Live Services Management Guide.