Perforce Helix Threat Detection OVA Deployment Guide



Similar documents
Perforce Helix Threat Detection On-Premise Deployment Guide

Installation of MicroSoft Active Directory

Trial environment setup. Exchange Server Archiver - 3.0

The following process allows you to configure exacqvision permissions and privileges for accounts that exist on an Active Directory server:

WEBTITAN CLOUD. User Identification Guide BLOCK WEB THREATS BOOST PRODUCTIVITY REDUCE LIABILITIES

White Paper. Fabasoft on Linux - Preparation Guide for Community ENTerprise Operating System. Fabasoft Folio 2015 Update Rollup 2

How To Install Ctera Agent On A Pc Or Macbook With Acedo (Windows) On A Macbook Or Macintosh (Windows Xp) On An Ubuntu (Windows 7) On Pc Or Ipad

Comodo Certificate Manager Software Version 4.5

SevOne NMS Download Installation and Implementation Guide

Appendix B Lab Setup Guide

IceWarp Server - SSO (Single Sign-On)

Using VirtualBox ACHOTL1 Virtual Machines

Comodo MyDLP Software Version 2.0. Installation Guide Guide Version Comodo Security Solutions 1255 Broad Street Clifton, NJ 07013

Kerberos and Windows SSO Guide Jahia EE v6.1

Virtual Appliance for VMware Server. Getting Started Guide. Revision Warning and Disclaimer

KERBEROS ENVIRONMENT SETUP FOR EMC DOCUMENTUM CENTERSTAGE

GX-V. Quick Start Guide. Microsoft Hyper-V Hypervisor. Before You Begin SUMMARY OF TASKS. Before You Begin WORKSHEET VIRTUAL GMS SERVER

Fasthosts Internet Parallels Plesk 10 Manual

How to Configure the Windows DNS Server

Quick Start Guide. Sendio System Protection Appliance. Sendio 5.0

Virtual Appliances. Virtual Appliances: Setup Guide for Umbrella on VMWare and Hyper-V. Virtual Appliance Setup Guide for Umbrella Page 1

Create a virtual machine at your assigned virtual server. Use the following specs

GMS. 1 Create the virtual machine 2 Configure the virtual machine 3 Configure the virtual GMS server. Quick Start Guide. Microsoft Hyper-V Hypervisor

Configuring HP Integrated Lights-Out 3 with Microsoft Active Directory

Big Data Operations Guide for Cloudera Manager v5.x Hadoop

Information Security Practice II. Installation and set-up of Web Server and FTP accounts

Configuring Single Sign-On for Application Launch in OpenManage Essentials

1 Introduction. Ubuntu Linux Server & Client and Active Directory. Page 1 of 14

Step- by- Step guide to Configure Single sign- on for HTTP requests using SPNEGO web authentication

Quick Start Guide for VMware and Windows 7

Quick Deployment Step-by-step instructions to deploy Oracle Big Data Lite Virtual Machine

ENABLING SINGLE SIGN-ON: SPNEGO AND KERBEROS Technical Bulletin For Use with DSView 3 Management Software

SonicWALL SRA Virtual Appliance Getting Started Guide

Configuring Active Directory Single Sign-On (AD SSO)

Deploying Windows Streaming Media Servers NLB Cluster and metasan

Installing and Setting up Microsoft DNS Server

BaseManager & BACnet Manager VM Server Configuration Guide

How To Install And Configure Windows Server 2003 On A Student Computer

CommandCenter Secure Gateway

VELOCITY. Quick Start Guide. Citrix XenServer Hypervisor. Server Mode (Single-Interface Deployment) Before You Begin SUMMARY OF TASKS

RSA Authentication Manager 8.1 Virtual Appliance Getting Started

SOA Software API Gateway Appliance 7.1.x Administration Guide

DC Agent Troubleshooting

Course: WIN310. Student Lab Setup Guide. Summer Microsoft Windows Server 2003 Network Infrastructure (70-291)

Administration Guide. . All right reserved. For more information about Specops Gpupdate and other Specops products, visit

Installing and Configuring Active Directory Agent

Using LifeSize systems with Microsoft Office Communications Server Server Setup

Installation Guide. Version 1.5. May 2015 Edition ICS Learning Group

How-to: Single Sign-On

Configuring Integrated Windows Authentication for JBoss with SAS 9.2 Web Applications

Tool Tip. SyAM Management Utilities and Non-Admin Domain Users

Plexxi Control Installation Guide Release 2.1.0

1. Installation Overview

Active Directory integration with CloudByte ElastiStor

Installing and Using the vnios Trial

F-Secure Messaging Security Gateway. Deployment Guide

Virtual Appliance Setup Guide

Configuring Integrated Windows Authentication for Oracle WebLogic with SAS 9.2 Web Applications

Table of Contents. Contents

IIS, FTP Server and Windows

Backup & Disaster Recovery Appliance User Guide

RealPresence Platform Director

Quick Start Guide. Citrix XenServer Hypervisor. Server Mode (Single-Interface Deployment) Before You Begin SUMMARY OF TASKS

Acano solution. Virtualized Deployment R1.1 Installation Guide. Acano. February B

Deploying BitDefender Client Security and BitDefender Windows Server Solutions

Virtual Web Appliance Setup Guide

Hadoop Basics with InfoSphere BigInsights

Product Version 1.0 Document Version 1.0-B

NSi Mobile Installation Guide. Version 6.2

Configuring Integrated Windows Authentication for JBoss with SAS 9.3 Web Applications

Setting up Sharp MX-Color Imagers for Inbound Fax Routing to or Network Folder

Table 1 shows the LDAP server configuration required for configuring the federated repositories in the Tivoli Integrated Portal server.

Virtual Appliance Setup Guide

EMC Data Domain Management Center

Using Microsoft Active Directory (AD) with HA3969U in Windows Server

AD RMS Windows Server 2008 to Windows Server 2008 R2 Migration and Upgrade Guide... 2 About this guide... 2

CommandCenter Secure Gateway

Kerberos Constrained Delegation. Kerberos Constrained Delegation. Feature Description

Step By Step Guide: Demonstrate DirectAccess in a Test Lab

Introduction to Mobile Access Gateway Installation

Hyper-V Server 2008 Setup and Configuration Tool Guide

Quick Start Guide for Parallels Virtuozzo

Getting Started with ESXi Embedded

Virtual Managment Appliance Setup Guide

WatchGuard Dimension v1.1 Update 1 Release Notes

SUSE Manager in the Public Cloud. SUSE Manager Server in the Public Cloud

Changing Passwords in Cisco Unity 8.x

c. Securely insert the Ethernet cable from your cable or DSL modem into the Internet port (B) on the WGT634U. Broadband modem

How To Set Up Egnyte For Netapp Sync For Netapp

How to Configure an Initial Installation of the VMware ESXi Hypervisor

Hadoop Data Warehouse Manual

Setting Up a Unisphere Management Station for the VNX Series P/N Revision A01 January 5, 2010

The Windows Server 2003 Environment. Introduction. Computer Roles. Introduction to Administering Accounts and Resources. Lab 2

Active Directory Integration: Install and Setup Guide. Insights

NetBoot/SUS Server User Guide. Version 2.0

Single Sign-On Using SPNEGO

Enterprise. Insights. Active Directory Integration: Installation and Setup Guide. v1.0.5

Upgrading a Single Node Cisco UCS Director Express, page 2. Supported Upgrade Paths to Cisco UCS Director Express for Big Data, Release 2.

Using LifeSize Systems with Microsoft Office Communications Server 2007

Contents Introduction... 3 Introduction to Active Directory Services... 4 Installing and Configuring Active Directory Services...

Transcription:

Perforce Helix Threat Detection OVA Deployment Guide

OVA Deployment Guide 1 Introduction For a Perforce Helix Threat Analytics solution there are two servers to be installed: an analytics server (Analytics, Hadoop, Spark) and a reporting server (Helix reporting). After importing the OVA you will choose one of two profiles for the machine: 1. Analytics Server 2. Reporting Server 1.1 Server Hardware Setup Make sure you have the appropriate hardware allocated for each kind of server, and then open the OVA file using a Virtual Machine manager to create it.

2 System Setup Analytics Server The analytics server runs HDFS, HBase, Spark, and Analytics Minimum Requirements Recommended Requirements 8 CPU Cores, 16 GB RAM, 100 GB HDD 16 CPU Cores, 32 GB RAM, 100GB HDD 2.1 Startup Startup the virtual machine after installing the OVA, it should reboot once on its own. If you see a message relating to intel_rapl, simply press enter to skip it. Log in with the following credentials: user: interset password: qwer1234 3.2. Setup Find the ip address of the server by running the following command: ifconfig In the home directory run the following command:./setup.sh Follow the onscreen prompts to perform an installation of an Endpoint Analytics server. When it asks for server type input: 3 Note: The script will initially need input from the user for the I.P. address of the Analytics server and heap sizes, please have that information available. A message will be displayed when the installation is complete.

2.2 Required Configuration 2.2.1 Configure Server Connection On the first server (usually the 'analytics' server) create an ssh key with the name report when prompted : ssh-keygen Then copy the key to the other server: ssh-copy-id -i report interset@<$hostname> Ensure that you're able to ssh from each server to the other without entering a password (i.e. ssh <server> should give you a remote shell without prompting for a password). This will allow the analytics to automatically send its findings to the reporting server. 2.2.2 Ingest Configure the interset.conf configuration file: cd /opt/interset/analytics/conf vi interset.conf Configure the scmtype to be the desired log type and the repoformat to be consistent. Configure the ingestfolder, ingestingfolder and ingestedfolder to be the desired locations. Defaults will work if the file is left unaltered. Configure the reportservers with the conclusive list of all your Reporting servers. Running jps will now show the Ingest process as running. If you restart the server you will need to restart the service manually (but don t do it right now!): /opt/interset/analytics/bin/ingest.sh /opt/interset/analytics/conf/interset.conf Log file for the ingest is located in: tail -f /opt/interset/analytics/logs/ingest.0.log NOTE: The settings in the conf file can be modified on the fly without restarting the process/service, changing the ingest folder(s) location(s) will change where the system looks at (i.e. ingest, ingested, ingesting and ingesterror) to pick them up. You have now completed the setup of the Analytics server and the server is ready to ingest logs.

2.3 Optional Configuration Further configure your installation and learn how to check the status of various processes following the steps below. 2.3.1 HDFS A good check is to load up the HDFS web-ui. By default it can be found at: http://hostname:50070 Where hostname is the namenode running HDFS. 2.3.2 HBase The HBase web-ui is also available at: http://hostname:60010 2.3.3 Spark As a quick check for HDFS, HBase, and Spark, enter the jps command and the output should match: 28352 HMaster 28258 HQuorumPeer 29140 Worker 28538 HRegionServer 27723 DataNode 28957 Master 29422 Jps 27567 NameNode As a quick test, run one of the examples that came with spark: /opt/interset/spark/bin/run-example SparkPi 10 It will output a lot of info and a line approximating the value of Pi.

3 Reporting Server Setup The analytics server runs Reporting. Minimum Requirements Recommended Requirements 8 CPU Cores, 16 GB RAM, 100 GB HDD 16 CPU Cores, 32 GB RAM, 100GB HDD 3.1 Startup Startup the virtual machine after installing the OVA, it should reboot once on its own. If you see a message relating to intel_rapl, simply press enter to skip it. Log in with the following credentials: user: interset password: qwer1234 3.2 Setup Find the ip address of the server by running the following command: ifconfig In the home directory run the following command:./setup.sh Follow the onscreen prompts to perform an installation of an Endpoint Analytics server. When it asks for server type input: 4 Note: The script will initially need input from the user for the I.P. address of the Analytics server and heap sizes, please have that information available. When entering the memory heap size only enter the number. A message will be displayed when the installation is complete.

3.3 Optional Configuration Further configure your installation and learn how to check the status of various processes following the steps below. 3.3.1 Reporting The users are: User name: user, password password. User name: admin, password password. Reporting will now start automatically at system startup. Use the service command to start, stop and restart the reporting service as shown below: sudo service reporting restart There is a log file for the Reporting server that you may wish to monitor: tail -f /opt/interset/reporting/logs/reporting.log The reporting web UI is available at: http://<reporting>/ You have now completed the setup of the Reporting server and the server is ready to display the results of the Analytics. You can use the accounts user / password and admin / password to log in.

4 Configure Kerberos For Kerberos to function properly, the hostname and DNS must be configured correctly. All servers and clients must be able to be resolved by the Active Directory names on the hosts. There are two options for setting up the server. Using the supplied script on a domain controller or manually making the changes. Upload Keytab files to the Api server 1. Open a browser and point it to https://$analytics/webadmin. You will be prompted for a user name and password. 2. The default values are: admin/qwer1234 3. Select Kerberos Details. 4. Select Browse and then filetrekkey from from C:\. Select Upload key. 5. Select Generate keytab. 6. The following should be displayed: Key generated on the following hosts $ANALYTICS.

5 Appendix 5.1 Assign Static IP Address By default the VM is configured to obtain IP address from a DHCP server. You can assign a static IP Address by running static_ip.py script: Note: run the script from server console. If run on a remote session (i.e. SSH) you will lose the connection when the IP address is changed. Run the script: cd /opt/interset/flow/tools sudo./static_ip.py Enter the following info when you are prompted: Enter IP Address, example: 192.198.1.10: enter static IP address which you want to assign Enter Subnet Mask, example: 255.255.255.0: enter subnet mask Enter Gateway IP Address, example: 192.168.1.254: enter default gateway Enter DNS Server IP Address, example: 192.168.1.2: enter DNS server s IP address. Multiple DNS server can be separated by space Enter Domain Name, example: mydomain.com: enter Windows Active Directory domain Review the information that you have provided and if everything is OK. Press Enter, otherwise Ctrl-c Try to ping default-gateway, you should get reply. To verify the IP address and routing table, you can run ifconfig and route -n commands. Check /etc/hosts and verify that the only reference to 127.0.0.1 is localhost. Reboot the Api Server now: sudo reboot now 5.2 Change the Host Name of the Server It is optional to change the server s name. The default host name for the VM is 'ft-server- <random four digit number>. Edit and change the following configuration files: sudo editor /etc/hostname Change the host name. Reboot the server sudo reboot now

5.3 Setting up DNS Kerberos relies on the presence of both forward and reverse lookup entries in DNS. Check that the host name of the FileTrek Server can be resolved to its IP address, and that its IP address can be resolved to its host name. DNS aliasing is allowed, but must be done with an CNAME records. To create an A record for the server: 1. Log in to the DNS server and go to: Start > All Programs > Administrative Tools > DNS. 2. Expand Forward Lookup Zones and select your domain name. 3. From the Action menu, select New Host (A or AAAA). This opens a new Window. 4. Type the host name of server in Name, and its IP address in IP_address. 5. Select Create associated pointer (PTR) record and select Add Host. 6. You should see a message similar to: "The host record server.mydomain.com was successfully created." 7. Click on OK and Done. 5.4 Create user and keytab files in Domain Controller 6 Log in to domain controller and follow instructions below. 6.0.1 Create an Active Directory account 1. Go to Start> All Programs > Administrative Tools > Active Directory Users and Computer. 2. Expand the Active Directory domain name and right-click Users, and then select New User. 3. Note: User can be member of any of organizational unit. 4. First name: Enter a display name 5. User logon name: This name is used in the setspn and ktpass commands. API server will use this name to communicate with AD. 6. Click Next, and enter and confirm password. 7. Check User cannot change password and Password never expires, and then select then Next. 8. Click Finish to create the user. 6.0.2 Create Keytab file A Kerberos keytab file contains a list of keys that are similar to user passwords.

Note: https://$analytics/webadmin/kerberossetup offers a form that will test the DNS and user accounts that have been setup for the filetrek server to use. Then create the commands that will be needed to be run on the domain controller. On the domain controller, open a command prompt and type the following command: ktpass -out C:\filetrekkey -princ HTTP/internet-server.mydomain.com@MYDOMAIN.COM -mapuser username@mydomain.com -mapop set -pass password -setupn -crypto RC4-HMAC-NT -ptype KRB5_NT_PRINCIPAL Update the following: $ANALYTICS.mydomain.com - the full DNS name of the server MYDOMAIN.COM - your domain name. This must be uppercase username@mydomain.com - the user that was created in previous step password - the user s password Notes: ktpass doesn't validate if the password is correct When you change the user s password, you must recreate the keytab file and repeat the setup procedure Values are case sensitive 6.0.3 Map Service Principal Name (SPN) to the User On the domain controller, open a command prompt and type: setspn -s HTTP/$ANALYTICS.mydomain.com username setspn -s HTTP/$ANALYTICS username Update the following: $ANALYTICS.mydomain.com - the full DNS name of the API server username - the user that was created in previous step Notes: When issuing the setspn command, if may see a message, Duplicate SPN found, aborting operation!. You can ignore this. Values are case sensitive setspn.exe and ktpass.exe are not installed by default on Windows server 2003 and are included in Microsoft Windows Server 2003 Support Tools. To install Windows Server 2003 Support Tools, double-click Suptools.msi in the Support\Tools folder on the Windows Server 2003 CD. To verify that the SPN is registered, type:

setspn -l username A list of registered SPNs will be displayed.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information