Security Orchestration, Automation & Response Platform
Security Orchestration, Automation & Response Platform
SOFTWARE INSTALLATION GUIDE v33
Licensed Materials ¨C Property of IBM
? Copyright IBM Corp. 2010, 2019. All Rights Reserved.
US Government Users Restricted Rights: Use, duplication or disclosure restricted by GSA ADP Schedule
Contract with IBM Corp. acknowledgment
Resilient Security Orchestration, Automation and Response Platform
Software Installation Guide
Platform
Version
33.0
Publication
June 2019
Notes
Initial publication.
Contents
Chapter 1. Introduction.........................................................................................1
MSSP add-on............................................................................................................................................... 1
Chapter 2. Prerequisites........................................................................................3
Chapter 3. Deployment......................................................................................... 5
Importing the Resilient license...................................................................................................................6
Chapter 4. Setting the time zone........................................................................... 9
Chapter 5. SSL certi?cate....................................................................................11
Creating and submitting the certi?cate request...................................................................................... 11
Importing the signed certi?cate............................................................................................................... 12
Chapter 6. Accounts and additional con?guration................................................ 13
Accounts and groups.................................................................................................................................13
Creating the initial Resilient user account............................................................................................... 13
LDAP authentication..................................................................................................................................14
SAML authentication................................................................................................................................. 17
Two-factor authentication.........................................................................................................................20
Add additional user accounts................................................................................................................... 22
Importing untrusted certi?cates...............................................................................................................22
Chapter 7. Network con?guration........................................................................25
Chapter 8. Log ?le con?guration..........................................................................27
Chapter 9. Email con?guration............................................................................ 29
Email security ¨C defanging URLs........................................................................................................... 30
Chapter 10. Changing ciphers and protocols........................................................ 31
Chapter 11. Manage Resilient services................................................................ 33
Chapter 12. KeyVaults.........................................................................................35
Storage format, location and key............................................................................................................. 35
Con?guration options................................................................................................................................ 35
Encrypting the KeyVault password...........................................................................................................36
KeyVault backup........................................................................................................................................ 38
Secrets....................................................................................................................................................... 39
Chapter 13. Con?guring maximum image size..................................................... 41
Chapter 14. Resilient audit logs...........................................................................43
Con?guring syslog..................................................................................................................................... 44
Con?guring audit logging.......................................................................................................................... 45
Chapter 15. Backup and restore.......................................................................... 47
iii
Chapter 16. Upgrade Procedure...........................................................................49
iv
Chapter 1. Introduction
Based on a knowledgebase of incident response best practices, industry standard frameworks, and
regulatory requirements, the Resilient SOAR Platform makes incident response ef?cient and compliant.
There are three variations of the Resilient platform:
? Standalone installed on a Red Hat Enterprise Linux (RHEL) server (this package)
? Standalone installed on a FIPS compliant RHEL server
? VMware package installed on a RHEL host
You cannot upgrade from one variation to another, or install different variations on the same system.
MSSP add-on
The Resilient for Managed Security Service Providers (MSSP) add-on, licensed separately, is an optional
feature that allows you to manage multiple Resilient child organizations from a single global dashboard.
Each child organization can be assigned to a different group, division, or company to meet their incident
response requirements.
Many of the administrative procedures remain the same; however, you manage the administrative
settings in the con?guration organization. If you have the MSSP add-on, you need to use the MSSP Add-on
Con?guration Guide to con?gure and manage the MSSP add-on components.
Important: If you are con?guring Resilient for an MSSP deployment, you not need to create a regular
Resilient organization, as described in this guide. In addition, do not con?gure LDAP, as it is not currently
supported for Resilient for MSSP.
Use the Resilient for MSSPs add-on deployment overview for a description of how to install and con?gure
Resilient for MSSP.
?
Copyright IBM Corp. 2019
1
................
................
In order to avoid copyright disputes, this page is only a partial summary.
To fulfill the demand for quickly locating and searching documents.
It is intelligent file search solution for home and business.
Related download
- dgx software with red hat enterprise linux 7
- red hat enterprise linux 8
- red hat enterprise linux 7 7 9 release notes
- adam miller maxim svistunov marie doleželová et al
- technical introduction to rhel 8 red hat
- gestioip 3 2 installation guide
- hat enterprise linux driver deployment on red simplifying
- powa documentation
- pysaml2 documentation
- security orchestration automation response platform
Related searches
- cross company automation group
- cross automation greensboro nc
- cross automation belmont nc
- cross automation nc
- cross automation charlotte
- cross automation belmont
- marketing automation platform
- marketing automation software for small business
- what is marketing automation software
- free marketing automation platform
- automation test strategy document
- cross automation gastonia