Novell Doc: Sentinel Rapid Deployment Installation Guide

3.1 Overview

The Sentinel installation package provides you with a simplified single-machine server installer to install everything you need to run Sentinel Rapid Deployment. The Sentinel Rapid Deployment server installer installs the following components:

3.1.1 Server Components

Table 3-1 Sentinel Server Components and Applications

Component	Description
	The Sentinel database stores configuration and event data.
Message Bus	A JMS-based message bus handles communication between components of the Sentinel system.
Correlation Engine	The correlation engine performs real-time event analysis.
Advisor	Advisor provides real-time correlation between detected IDS attacks and vulnerability scan output to immediately indicate increased risk to an organization.
Data Access Service	Includes data storage, query, display, and processing components.
Web Server	Supports the Web interface for Sentinel Rapid Deployment.
Collector Manager	A service that handles connections to event sources, data parsing, mapping, and so on. You can distribute the Collector Manager to other locations, other machines, and other operating systems by using the Collector Manager installer available through the Sentinel Rapid Deployment Web interface. For example, you can install an additional Collector Manager on a Windows machine to collect Windows events.
iTRAC	Sentinel provides an iTRAC workflow management system to define and automate processes for incident response. Incidents that are identified in Sentinel, either by a correlation rule or manually, can be associated with an iTRAC workflow.

3.1.2 Client Applications

The client applications—the Sentinel Control Center, the Sentinel Data Manager, and the Solution Designer are installed by default on the Sentinel Rapid Deployment server. You can launch the client applications by using any of the following methods:

By using the Sentinel Rapid Deployment Web interface. The client systems should have Java 1.6.0_20 or later installed and the JRE path should be set to launch the Sentinel applications through Webstart.

Set the JAVA_HOME environment variable to point to the location of the JRE 6 folder. Set the export path to point to the bin folder under the JRE 6 location.
By using the <install_directory>/bin as a user who owns the Sentinel Rapid Deployment installation files. For example:
```
./bin/<client_application>.sh
```

Table 3-2 Sentinel Client Applications

Component	Description
Sentinel Control Center	Main console for security or compliance analysts.
Sentinel Data Manager	Database management utility.
Solution Designer	Application for creating Solution Packs.
Sentinel Collector Manager	Service that handles connections to event sources, data parsing, mapping, and so on. A Collector Manager is installed on the Sentinel server, but additional Collector Managers can be installed on remote Windows or Linux machines by using a downloadable installer.