Hosts and Services Set Up ProceduresHosts and Services Set Up Procedures
Every service requires a host. After you set up a host, you can assign services to and from this host to other hosts in your NetWitness deployment. This topic contains information about basic procedures. For additional procedures, see Hosts and Services Maintenance Procedures.
|Set Up a Host||
Complete the following tasks in the order shown to set up a host.
Step 1. Deploy a HostStep 1. Deploy a Host
Caution: If you include "." in a host name, the host name must also include a valid domain name.
Deploy a host.
You can deploy a physical host (NetWitness Appliance), virtual host on-prem, a virtual in AWS, a virtual host in Azure, or a virtual host on Google Cloud Platform. See the following guides for instructions on how to deploy hosts.
- Physical Host Installation Guide
- Virtual Host Installation Guide
- AWS Installation Guide
- Azure Installation Guide
- GCP Installation Guide
Go to (Admin) > Hosts.
The New Hosts dialog is displayed with the hosts that you deployed.
Select the hosts that you want to enable.
The Enable menu option becomes active.
Select the host you enabled.
The host is displayed in the Hosts view. At this point, you can install a service on the host.
Step 2. Install a Service on a HostStep 2. Install a Service on a Host
Perform the following steps to install a service on a host.
In NetWitness, go to (Admin) > Hosts.
The Hosts view is displayed.
- Select the host on which you want to install the service (for example, Event Stream Analysis).
Click in the toolbar.
The Install Services dialog is displayed.
Select a service from the Category drop-down list (for example, ESA Primary).
Click in the Install Services dialog.
- A pop-up listing all the services already installed on this host is displayed. If there are no services installed, this pop-up will not be displayed.
- Click Yes to install the new service.
Step 3. Review SSL Ports for Trusted ConnectionsStep 3. Review SSL Ports for Trusted Connections
To support trusted connections each core service has two ports, an unencrypted non-SSL port and an encrypted SSL port. Trusted connections require the encrypted SSL port.
Encrypted SSL PortsEncrypted SSL Ports
By default, trusted connections are established with two settings:
- SSL is enabled.
- Core service is connected to an encrypted SSL port.
Each NetWitness Core service has two ports:
- Unencrypted non-SSL port
Example: Archiver 50008
- Encrypted SSL port
Example: Archiver 56008
The SSL port is the non-SSL port + 6000.
For information about ports and a comprehensive list of ports for all services, see "Network Architecture and Ports" in the Deployment Guide for NetWitness Platform. Go to the NetWitness All Versions Documents page and find NetWitness Platform guides to troubleshoot issues.
Step 4. Manage Access to a ServiceStep 4. Manage Access to a Service
In a trusted connection, a service explicitly trusts the NW Server to manage and authenticate users. With this trust, services in (Admin) > Services no longer require credentials to be defined for every NetWitness Core service. Instead, users who have been authenticated by the server can access the service without entering another password.
Test a Trusted ConnectionTest a Trusted Connection
- The administrator must assign a role to the user.
For more information, see "Add a User and Assign a Role" in the System Security and User Management Guide.
- The user must:
- Log in to NetWitness for the server to authenticate the user.
- Have access to the service.
- In NetWitness, go to (Admin) > Services.
The Services view is displayed.
- Select the checkbox of the service (for example, a Concentrator) to test and click .
The Edit Service dialog is displayed.
- Remove the username to test the connection without credentials.
Click Test Connection.
The message Test connection successful confirms the trusted connection is established.
The previously authenticated user can access the service without typing a username and password on the service.
- Click Save.
Note: The Options box will only display if the selected service is not licensed. A licensed service is denoted by a in the Services view.