Install the Policy Server

Choose the type of installation

The policy server physically operates the policy, IOC database, and log server on one or more systems.

Policy Server only A system can act alone as a Policy Server. However, in a large network environment, the Policy Server and Log Server can be separated for performance and stability. Separate server configuration requires separate guidance.

Hardware Preparation

You can install the Policy Server on a physical machine.

Hardware Specifications You can use a low-end general server for testing, but the hardware specifications commonly used are as follows.

Minimum Hardware Requirements
Insights Policy Server
ES30_R1 ES50_R1
Intel 2.1G (8C16T) * 1 Intel 2.1G (8C16T) * 2
Mem: 64G Mem: 128G
HDD / SDD : 10T / 2T HDD / SDD : 10T / 4T
2U 2U
Single Power Dual Power

initial configuration

Genian Insights E provides two installation modes via CLI, and explains how to install using the Interactive Wizard.

Installation using the Interactive Wizard

1. On the CLI Initial Configuration Tool screen, enter 1 for installation type.

Genian Insights Initial Configuration Tool

1. Interactive Wizard
2. Manual Configuration

Select installation type :

2. Enter 1 for server type.

1. Single Server -Stand Alone

Select Server Type:

3. Enter 2 for System Language.

1. English
2. Korean

Select System Language :

4. Create a CLI login account.

Enter Console Username :

5. Create a CLI login password.

# Password must contain at least one alphabet, number, and special character
Enter Console Password :

6. Enter the password created in step 5 once more.

Try Again:

7. Select System timezone settings.

1. Africa    2. America      3. Antarctica
4. Asia      5. Arcic        6. Australia
7. Europe    8. Indian       9. Pacific

[Timezone] Select Continental :

8. Select System timezone settings.

[Timezone] Select City (press enter for re-display):

9. If an NTP server exists, enter the server Domain information.

Enter NTP server:

10. Enter the IP information to be used as the server IP.

Enter IP Address:

11. Set the Netmask of the server IP.

Enter Netmask:

12. Set the server's Gateway.

Enter Default Gateway:

13. Enter the DNS server IP information.

Enter DNS Server IP Address:

14. When input is complete, confirm the information you entered and enter y. The database server password change process is additionally performed.

Configuration Summary
----------------------------------------------------------------
Server Type:                Single Server -Stand Alone
System Language:            Korean
Console Username:           [ID]
Timezone:                   Asia/Seoul
NTP Server:                 pool.ntp.org
Network Interface:          eth0
IP Address:                 [Server IP]
Netmask:                    [Netmask]
Default Gateway:            [Gateway IP]
DNS Server IP Address:      [DNS IP]
Database Server Password:   ********
----------------------------------------------------------------

Are you sure to continue (y/n) ? y

15. Genian Insights+E module requires additional settings to configure and detect IOC DB. If you are not using the E module, skip 15 and proceed to 17. When setting the ioc-updater enable command, it communicates with an external server to update more than 100 million IOC DBs. Since data update takes a lot of time over several days, you must INSERT the initial data through manual commands and then set ioc-updater enable. Please request separately for the initial DB INSERT method using the manual command.

genian(config)#ioc-updater enable
Starting Service...done
genian(config)# threat-detector enable
Starting Service...done
  1. After checking the settings through the show config command, reboot the device.
  2. Connect to "https://policy server IP:8443/mc" in the web browser.