1. Install/Update NetWitness version 12.5.1.0 on On-Prem NetWitness Admin Server.

  2. To create a Service Account and assign Roles, see GCP Prerequisites 5. b. under the SASE Installation section.

  3. Copy the GCP Authentication Credential JSON File on the On-Prem Admin Server to /root/.gcp/gcp-auth-token.json. See GCP Prerequisites 5. e. under the SASE Installation section.

  4. Copy /opt/rsa/saTools/cloud/sase-deployment-models.yml to /root/.sase/sase-deployment-models.yml. See SASE Installation section for more details.

  5. Edit the /root/.sase/sase-deployment-models.yml file to customize the deployment. The deployment is data driven and very flexible. Most, but not all, attributes have been defaulted and do not need to be updated for the standard 12.5.1.0 NetWitness SASE deployment. See SASE Configuration section for full attributes list and definitions. The following attributes though, MUST be updated for a successful deployment to GCP in the provider > gcp > default node:

    1. image: Set to latest available image name for version. i.e., rsa-nw-12-5-1-0-<build #>-lite

    2. image_project: Set to nw-onprem-images-prod. This is the NetWitness GCP Project that contains the available NetWitness Product images.

    3. vpn_provider: Set to one of the available supported customers specific vpn providers (Broadcom/PaloAlto/Netskope).

    4. default_region: Set to the VPN provider’s region of deployment.

    5. ppn_server > cloud_subnet: Update if default value conflicts with currently deployed sub-network.

    6. regions: Update region node name from default (us-east1) to the VPN provider’s region of deployment.

    7. regions > <preferred region>.region_name: Update region name value from default (us-east1) the VPN provider’s region of deployment.

    8. regions > <preferred region>.cloud_node_subnet: Update if default value conflicts with currently deployed sub-network.

    9. Under the node: provider > gcp > default > regions > <preferred region>.region_name > nw_nodes: Update the following attributes.

      1. decoder > model_name: Set to available production value. See Host Models subsection in the SASE Configuration Section above.

      2. decoder > additional_storage: Set to true to add required persistent disks defined based on the model_name above.

      3. concentrator > model_name: Set to available production value. See Host Models subsection in the SASE Configuration Section above.

      4. concentrator > additional_storage: Set to true to add required persistent disks defined based on the model_name above.

6. From Admin Server command line, execute: nw-create-cloud-hybrid --enable-cloud-sase.