Installing Policy Server

Deployment Models

You can install the Policy Server in two ways depending on scale and management method.

Type	Description	Note
On-premises	Install the Policy Server inside your network to manage policies and network resources.
Cloud managed	Deploy a virtual Policy Server in a cloud environment. Administrators manage policies and networks via the cloud console and Web UI.	Before deploying in the cloud, prepare the cloud environment (VPC, subnets, security groups) per your provider's documentation.

Prepare the Environment

You can install the Policy Server on a physical system or a virtual machine.

Refer to Install Ubuntu OS to prepare Ubuntu OS 24.04.4 LTS.

Note

You can install the Policy Server on a virtual machine.

ZTNA supports various hypervisors such as VMware, VirtualBox, and XenServer.

Prepare Network Connectivity

Genian ZTNA requires at least one static IP address for network connectivity.

For an on-premises deployment, that interface can be used as the management interface.

Genian ZTNA connects to the network broadcast domain to monitor all broadcast packets.

If the target network is reachable only over a WAN, you need a separate, physically placed Network Sensor.

Note

When using a virtual machine, select the network interface type as Bridge mode.

If you plan to use VMware ESXi with an 802.1Q trunk port, enable VGT mode. See https://kb.vmware.com/s/article/1004252

Install the Policy Server

Step 1: Switch to the root account

genian@genian:~$ sudo su
[sudo] password for genian:
root@genian:/home/genian#

Step 2: Update and upgrade packages

root@genian:/home/genian# apt-get update
root@genian:/home/genian# apt-get upgrade

Step 3: Install curl (required for installation)

root@genian:/home/genian# apt install curl

Step 4: Install Genian ZTNA Policy Center

curl -sSLk https://bit.ly/4fX6bQ8 | sudo PROMPT=0 SSHALLALLOW=1 SSHPORT=22 TARGET=GPC DEB=ztna LOCALE=en bash -

Configure the Policy Server

Step 1: Access Ubuntu and gnlogin

After installation completes, access Ubuntu and run gnlogin for initial setup.

genian@genian:~$ sudo su
[sudo] password for genian:
root@genian:/home/genian#
# Obtain root privileges
root@genian:/home/genian# gnlogin
# Enter Genian Shell

Note

You must have root privileges to apply interface settings properly.

Step 2: Configure interfaces

Configure the default interface of the device.

1. Enter global configuration mode with the "enable" command.

2. Enter configuration mode with the "configure terminal" command.

3. Set the interface IP address and subnet mask.

4. Set the interface default gateway.

5. Set the device default gateway.

6. Set the device DNS server.

7. Set the device NTP server.

genian> enable
Password : (contact Technical Support for the enable password)
genian# configure terminal
genian(config)# interface [interface-name] address [IP] [Subnetmask]
genian(config)# interface [interface-name] gateway [IP]
genian(config)# ip default-gateway [IP]
genian(config)# ip name-server [IP]
genian(config)# ntp server [IP]
// If you configured interfaces during Ubuntu installation, some IP-related settings may already be present.

Step 3: Configure the Database server

Set up the Database server.

1. Set the DB account.

2. Enable the DB server.

3. Set the DB access password.

4. Configure DB access permissions.

genian(config)# data-server username [DB-username]
genian(config)# data-server enable
genian(config)# data-server password [DB-password]

Step 4: Configure the Log Server

Start the Log Server.

genian(config)# log-server version 6
genian(config)# log-server enable
genian(config)# log-server publish-port [interface-name]

Step 5: Configure Web UI and SOAP Server

1. Enable the Web UI.

2. Enable the SOAP server.

genian(config)# interface [interface-name] management-server enable
genian(config)# interface [interface-name] node-server enable

Step 6: Create an administrator account

Create the administrator account for the Genian NAC 6.0 Web UI. This can be set only once.

1. Create the Web UI account.

genian(config)# superadmin [admin-id] [admin-password] [admin-email]

Note

The administrator password must be at least 9 characters and include letters, numbers, and special characters.

Step 7: Access the Web UI

After completing the steps above, log in to the Genian NAC 6.0 Web UI and verify the installation.

Note

For Web UI information, see Administration Console.

Unsupported hardware

If installation does not proceed normally, contact your partner engineer or Technical Support.

Note

If storage devices or network interfaces are not recognized in a virtual environment, change the storage type to SATA or change the network interface driver to an Intel family such as E1000.

• Reporting unsupported hardware