Install the Policy Server
===========================
Choose the type of installation
------------------------------------
The policy server physically operates the policy, IOC database, and log server on one or more systems.
**Policy Server only**
A system can act alone as a Policy Server. However, in a large network environment, the Policy Server and Log Server can be separated for performance and stability. Separate server configuration requires separate guidance.
Hardware Preparation
---------------------
You can install the Policy Server on a physical machine.
**Hardware Specifications**
You can use a low-end general server for testing, but the hardware specifications commonly used are as follows.
Minimum Hardware Requirements
.. list-table:: Insights Policy Server
:widths: 60 60
:align: left
:header-rows: 1
* - ES30_R1
- ES50_R1
* - Intel 2.1G (8C16T) * 1
- Intel 2.1G (8C16T) * 2
* - Mem: 64G
- Mem: 128G
* - HDD / SDD : 10T / 2T
- HDD / SDD : 10T / 4T
* - 2U
- 2U
* - Single Power
- Dual Power
initial configuration
----------------------
Genian Insights E provides two installation modes via CLI, and explains how to install using the Interactive Wizard.
Installation using the Interactive Wizard
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
1. On the CLI Initial Configuration Tool screen, enter 1 for installation type.
::
Genian Insights Initial Configuration Tool
1. Interactive Wizard
2. Manual Configuration
Select installation type :
2. Enter 1 for server type.
::
1. Single Server -Stand Alone
Select Server Type:
3. Enter 2 for System Language.
::
1. English
2. Korean
Select System Language :
4. Create a CLI login account.
::
Enter Console Username :
5. Create a CLI login password.
::
# Password must contain at least one alphabet, number, and special character
Enter Console Password :
6. Enter the password created in step 5 once more.
::
Try Again:
7. Select System timezone settings.
::
1. Africa 2. America 3. Antarctica
4. Asia 5. Arcic 6. Australia
7. Europe 8. Indian 9. Pacific
[Timezone] Select Continental :
8. Select System timezone settings.
::
[Timezone] Select City (press enter for re-display):
9. If an NTP server exists, enter the server Domain information.
::
Enter NTP server:
10. Enter the IP information to be used as the server IP.
::
Enter IP Address:
11. Set the Netmask of the server IP.
::
Enter Netmask:
12. Set the server's Gateway.
::
Enter Default Gateway:
13. Enter the DNS server IP information.
::
Enter DNS Server IP Address:
14. When input is complete, confirm the information you entered and enter y.
The database server password change process is additionally performed.
::
Configuration Summary
----------------------------------------------------------------
Server Type: Single Server -Stand Alone
System Language: Korean
Console Username: [ID]
Timezone: Asia/Seoul
NTP Server: pool.ntp.org
Network Interface: eth0
IP Address: [Server IP]
Netmask: [Netmask]
Default Gateway: [Gateway IP]
DNS Server IP Address: [DNS IP]
Database Server Password: ********
----------------------------------------------------------------
Are you sure to continue (y/n) ? y
15. Genian Insights+E module requires additional settings to configure and detect IOC DB. If you are not using the E module, skip 15 and proceed to 17. When setting the ioc-updater enable command, it communicates with an external server to update more than 100 million IOC DBs. Since data update takes a lot of time over several days, you must INSERT the initial data through manual commands and then set ioc-updater enable. Please request separately for the initial DB INSERT method using the manual command.
::
genian(config)#ioc-updater enable
Starting Service...done
genian(config)# threat-detector enable
Starting Service...done
16. After checking the settings through the show config command, reboot the device.
17. Connect to "https://policy server IP:8443/mc" in the web browser.