3.3 Installing the Collector Manager and Client Applications

Use the Novell Sentinel Rapid Deployment Web interface to download the Collector Manager installer and the Client installer.

3.3.1 Downloading the Installers

  1. Open a Web browser to the following URL:

    https://<svrname.example.com>:8443/sentinel

    Replace <svrname.example.com> with the actual DNS name or IP address of the server where Sentinel is running. The URL is case sensitive.

  2. If you are prompted to verify the certificates, review the certificate information, then click Yes if it is valid.

  3. Specify the username and password to access the Sentinel account.

  4. Use the Languages drop-down list to select the language.

    This is the same language as the language code of the Sentinel Rapid Deployment server and your local computer. Ensure that your browser's languages setting is configured to support the desired language.

  5. Click Sign in.

  6. Select Applications.

    You can download the following installers:

    Options

    Description

    Action

    Collector Manager Installer

    The Collector Manager Installer allows you to install the Sentinel Collector Manager on supported Windows and Linux platforms.

    Click download Collector Manager installer and follow the on-screen instructions.

    Client Installer

    The Client Installer allows you to install the Sentinel Control Center, Sentinel Solution Designer, and Sentinel Data Manager on supported platforms.

    Click download Client installer and follow the on-screen instructions.

For more information on installing the Collector Manager, see Section 3.3.4, Installing the Sentinel Collector Manager on SLES or Windows and for installing Client installer, see Section 3.3.3, Installing the Sentinel Client Applications.

3.3.2 Port Numbers for Sentinel Rapid Deployment Client Components

Use the following ports to configure your firewall setting to allow access between the Sentinel Rapid Deployment server and the client components.

Table 3-3 Compatible Port Numbers for Sentinel Rapid Deployment Components

Port Number

Description

61616

The remote Collector Managers use this port number to connect to the Sentinel Rapid Deployment server via ActiveMQ.

10013

The Sentinel Control Center uses this port number to connect to the Sentinel Rapid Deployment server via a proxy.

5432

The Sentinel Data Manager uses this port number to connect to the PostgreSQL database.

8443

The Web clients use this port number to connect to the Sentinel Rapid Deployment server.

3.3.3 Installing the Sentinel Client Applications

You can install Sentinel client application either on Linux or Windows system. To install the client applications:

  1. Browse to the folder where you have downloaded the client installer.

  2. Extract the install script from the file:

    Platform

    Action

    Windows

    Unzip the client_installer.zip file.

    The files are unzipped to a directory named disk1.

    Linux

    Run the following command with root privileges:

    unzip client_installer.zip

    The files are unzipped to a directory named disk1.

  3. Go to the install directory and start the installation:

    Platform

    Action

    Windows

    Run disk1\setup.bat

    NOTE:On a Windows Vista machine, launch the command prompt by using the Run as Administrator option from the right-click menu options.

    Linux

    • GUI mode: <install_directory>/disk1/setup.sh

    • Console mode: <install_directory>/disk1/setup.sh –console

    The steps listed below are only for GUI mode.

  4. Click the down-arrow and select one of the languages.

  5. In the Welcome screen, click Next.

  6. Read and accept the End User License Agreement. Click Next.

  7. Accept the default install directory or click Browse to specify your installation location. Click Next.

    IMPORTANT:You cannot install into a directory that uses special characters or non-ASCII characters in its name. For example, when you instal Sentinel Rapid Deployment on Windows x86-64, the default path is C:\\Program Files (x86). You must change this default path to avoid the special characters like the parentheses in (x86) if you want to continue the installation.

  8. Select the Sentinel applications you want to install.

    The following options are available:

    Component

    Description

    Sentinel Control Center

    The main console for security or compliance analysts.

    Sentinel Data Manager (SDM)

    Used for manual database management activities.

    Solution Designer

    Helps you create Solution Packs.

  9. If you chose to install Sentinel Control Center, the installer prompts you for the maximum memory space to be allocated to Sentinel Control Center. Specify the maximum JVM heap size (MB) to be used only by Sentinel Control Center.

    The allowed range is 64-1024 MB.

    This option is not available if any of the Sentinel applications are already installed.

  10. Specify the user name or press Enter to select the default user name. The default user name is esecadm.

    This is the username of the user who owns the installed Sentinel product. If the user does not exist, a user is created along with a home directory in the specified directory.

  11. Specify the user home directory or press Enter to select the default directory. The default directory is /export/home.

    If the username is esecadm, the corresponding home directory is /export/home/esecadm.

  12. Specify the password for the user to log in as the esecadm user if you have selected the default user name in Step 10. Otherwise, set the password for the user that you have created in Step 10.

  13. Specify the following information:

    • Message bus port: The port on which the communication server is listening. Components connecting directly to the communication server use this port. The default port number is 61616.

    • Sentinel Control Center Proxy Port: The port on which the SSL proxy server (Data Access Server Proxy) listens to accept the username and password. The SSL proxy server accepts the credentials based on the authenticated connections. Sentinel Control Center uses this port to connect to the Sentinel Server. The default port number is 10013.

    • Communication Server host name: The machine IP address or hostname where the Sentinel Rapid Deployment server is installed.

    Ensure that the port numbers are the same as on the Sentinel Rapid Deployment server at<install_directory>/config/configuration.xml to enable communications. Make a note of these ports for future installations on other machines. For more information on port numbers, see Section 3.3.2, Port Numbers for Sentinel Rapid Deployment Client Components.

  14. Click Next.

    A summary of the installation is displayed.

  15. Click Install.

  16. Click Finish to complete the installation.

NOTE:When you log in again, use the username you specified in Step 10.

If you forget the username that you have set, open a terminal console and enter the following command as the root user:

env | grep ESEC_USER

This command returns the username if the user is already created and the environment variables are already set.

3.3.4 Installing the Sentinel Collector Manager on SLES or Windows

The Sentinel Collector Manager installer is available for download on the Applications page of the Sentinel Rapid Deployment Web interface. To install the Collector Manager:

  1. Browse to the folder where you have downloaded the Collector Manager installer.

  2. Extract the install script from the file:

    Platform

    Action

    Windows

    Unzip the scm_installer.zip file.

    The files are unzipped to a directory named disk1.

    Linux

    Run the following command with root privileges:

    unzip scm_installer.zip

    The files are unzipped to a directory named disk1.

  3. Go to the disk1 directory and start the installation:

    Platform

    Action

    Windows

    Run the following command:

    disk1\setup.bat

    Linux

    • GUI mode: <install_directory>/disk1/setup.sh

    • Console mode: <install_directory>/disk1/setup.sh –console

  4. Select a language to proceed with the installation.

  5. Read the Welcome screen, then click Next.

  6. Read and accept the End User License Agreement. Click Next.

  7. Accept the default install directory or click Browse to specify your installation location, then click Next.

    IMPORTANT:You cannot install into a directory that uses special characters or non-ASCII characters in its name. For example, when you install Sentinel on Windows x86-64, the default path is C:\\Program Files (x86). You must change the default path to avoid the special characters like the parentheses in (x86) if you want to continue the installation.

  8. Specify the Sentinel Administrator username and path to the corresponding home directory.

    This option is not available if any Sentinel applications are already installed.

    • OS Sentinel Administrator Username: The default is esecadm.

      This is the username of the user who owns the installed Sentinel product. If the user does not already exist, a user is created with corresponding home directory in the specified directory.

    • OS Sentinel Administrator User Home Directory: The default is /export/home. If esecadm is the username, the corresponding home directory is /export/home/esecadm.

    To log in as the esecadm user, you need to first set its password.

  9. Specify the following information:

    • Message bus port: The port on which the communication server is listening. Components connecting directly to the communication server use this port. The default port number is 61616.

    • Communication Server hostname: The machine IP or hostname where the Sentinel Rapid Deployment server is installed.

    Ensure that the port numbers are the same on every machine in the Sentinel system to enable communications. Make a note of these ports for future installations on other machines.

  10. Click Next.

  11. Specify the following information:

    • Automatic Memory Configuration: Select the total amount of memory to allocate to the Collector Manager. The installer automatically determines the optimal distribution of memory across components, considering the estimated operating system and database overhead.

      IMPORTANT:You can modify the -Xmx value in the configuration.xml file to change the RAM allocated to the Collector Manager process. The configuration.xml file is placed in the <install_directory>/config on Linux or <install_directory>\config on Windows.

    • Custom Memory Configuration: Click Configure to fine-tune memory allocations. This option is only available if there is sufficient memory on the machine.

  12. Click Next.

    A summary screen with the features selected for installation is displayed.

  13. Click Install.

  14. After the installation finishes, you are prompted to enter the username and password that are used by the ActiveMQ JMS strategy to connect to the broker.

    Use the username collectormanager and its corresponding password that is available in the <install_directory>/config/activemqusers.properties file on the Sentinel server.

    An example for the credentials available in the activemqusers.properties file is given below:

    collectormanager=cefc76062c58e2835aa3d777778f9295

    collectormanager is the username and cefc76062c58e2835aa3d777778f9295 is the corresponding password.

    You must use the collectormanager user and its corresponding password during the Collector Manager service installation. In this case, the collectormanager user has the access rights only to the required communication channels for the Collector Manager operations.

    After the installation finishes, you are prompted to reboot or to log in again and start the Sentinel services manually.

  15. Click Finish to reboot your system.

  16. Log in again, using the username you specified in Step 8.

    If you forget the username, open a terminal console and enter the following command with root credentials.

    env | grep ESEC_USER

    This command returns the username if the user is already created and the environment variables are already set.

NOTE:There are a few issues with Collector Manager installation on the Windows 2008 platform, and also on Imaged Collector Managers. For information on troubleshooting these issues, see Section B.0, Troubleshooting Tips.