Hosts and Services Set Up Procedures

Every service requires a host. After you set up a host, you can assign services to and from this host to other hosts in your NetWitness deployment. This topic contains information about basic procedures. For additional procedures, see Hosts and Services Maintenance Procedures.


High-Level Task Description
Set Up a Host

Complete the following tasks in the order shown to set up a host.

Step 1. Deploy a Host

Step 2. Install a Service on a Host

Step 3. Review SSL Ports for Trusted Connections

Step 4. Manage Access to a Service

Step 1. Deploy a Host

Caution: If you include "." in a host name, the host name must also include a valid domain name.

  1. Deploy a host.

    You can deploy a physical host (NetWitness Appliance), virtual host on-prem, a virtual in AWS, a virtual host in Azure, or a virtual host on Google Cloud Platform. See the following guides for instructions on how to deploy hosts.

    • Physical Host Installation Guide
    • Virtual Host Installation Guide
    • AWS Installation Guide
    • Azure Installation Guide
    • GCP Installation Guide
  2. Go to netwitness_adminicon_25x22.png (Admin) > Hosts.

    The New Hosts dialog is displayed with the hosts that you deployed.

  3. Select the hosts that you want to enable.

    The Enable menu option becomes active.

  4. Click Enable.


  5. Select the host you enabled.

    The host is displayed in the Hosts view. At this point, you can install a service on the host.

Step 2. Install a Service on a Host

Perform the following steps to install a service on a host.

  1. In NetWitness, go to netwitness_adminicon_25x22.png (Admin) > Hosts.

    The Hosts view is displayed.

  2. Select the host on which you want to install the service (for example, Event Stream Analysis).
  3. Click netwitness_installhst.png in the toolbar.

    The Install Services dialog is displayed.

  4. Select a service from the Category drop-down list (for example, ESA Primary).

  5. Click netwitness_installcmdbutton_42x12.png in the Install Services dialog.


  6. A pop-up listing all the services already installed on this host is displayed. If there are no services installed, this pop-up will not be displayed.
  7. Click Yes to install the new service.

Step 3. Review SSL Ports for Trusted Connections

To support trusted connections each core service has two ports, an unencrypted non-SSL port and an encrypted SSL port. Trusted connections require the encrypted SSL port.

Encrypted SSL PortsEncrypted SSL Ports

By default, trusted connections are established with two settings:

  • SSL is enabled.
  • Core service is connected to an encrypted SSL port.

Each NetWitness Core service has two ports:

  • Unencrypted non-SSL port
    Example: Archiver 50008
  • Encrypted SSL port
    Example: Archiver 56008

The SSL port is the non-SSL port + 6000.

For information about ports and a comprehensive list of ports for all services, see "Network Architecture and Ports" in the Deployment Guide for NetWitness Platform. Go to the NetWitness All Versions Documents page and find NetWitness Platform guides to troubleshoot issues.

Step 4. Manage Access to a Service

In a trusted connection, a service explicitly trusts the NW Server to manage and authenticate users. With this trust, services in netwitness_adminicon_25x22.png (Admin) > Services no longer require credentials to be defined for every NetWitness Core service. Instead, users who have been authenticated by the server can access the service without entering another password.

Test a Trusted ConnectionTest a Trusted Connection


  1. The administrator must assign a role to the user.
    For more information, see "Add a User and Assign a Role" in the System Security and User Management Guide.
  2. The user must:
    • Log in to NetWitness for the server to authenticate the user.
    • Have access to the service.


    1. In NetWitness, go to netwitness_adminicon_25x22.png (Admin) > Services.
      The Services view is displayed.
    2. Select the checkbox of the service (for example, a Concentrator) to test and click netwitness_edit.png.
      The Edit Service dialog is displayed.

Note: The Options box will only display if the selected service is not licensed. A licensed service is denoted by a netwitness_licensed_green_check.png in the Services view.

  1. Remove the username to test the connection without credentials.
  2. Click Test Connection.


    The message Test connection successful confirms the trusted connection is established.
    The previously authenticated user can access the service without typing a username and password on the service.

  3. Click Save.