CimTrak™ Master Repository Installation

3. CimTrak™ Master Repository Installation

3.6. CimTrak™ Master Repository Installation – LINUX

The following libraries are installation prerequisites for the CimTrak™ Master Repository on a LINUX system. The required packages or libraries are as follows:

2. expect

3. readline.i686

zlib.i686

Once the libraries are installed, the standard CimTrak™ installation can be performed. Navigate to the CimTrak™ installer Installshield directory and enter:

There are several prompts during the installation process where you may get a question stating “directory does not exist - create?” Prompts like this are not detailed in the instructions below, but should be responded to accordingly. For any support issues, please contact the CimTrak™ Support group. For more information about the CimTrak™ Support group, please refer to section 13.1.

Figure 44: Extracting the CimTrak™ Installation file(s)

Extract the downloaded file(s) to a specified directory as shown in Figure 45.

Navigate to the specified directory where the file(s) was extracted to, locate the installation script “./CTSInstall”, and run the installation script as shown in Figure 46.

Figure 46: CimTrak™ Master Repository UNIX/LINUX installer language selection

Upon launching the CimTrak™ Master Repository Installer, you will be prompted to select the language which you will install the CimTrak™ Master Repository in as shown in Figure 47.

Figure 47: CimTrak™ Master Repository Installer EULA

After selecting the desired language, you will then be prompted by the CimTrak™ Master Repository End User License Agreement as shown in Figure 48. Please read and accept the terms and conditions in order to continue.

Next, you will be prompted by the “CimTrak™ Master Repository Shell Script Installer” Welcome screen as shown in Figure 49.

Please read the important notes on this screen. These notes detail specific interactions with the installer.

Figure 49: CimTrak™ Master Repository Installer Option Menu

Upon agreeing to the CimTrak™ Master Repository End User License Agreement you will me prompted by the menu screen as shown above in Figure 50.

To select the CimTrak™ Master Repository install, select option “0.” To continue, please confirm your selection.

Within this menu will be a series of six steps which will need to be followed in order. If you encounter any errors while performing these steps, please contact [email protected] regarding how to proceed.

1. Setup install directories and load software (Menu Option #1)

1.1. The repository file should be configured to be 'owned' by the root user account.

If the root account has a different name on your system than the one shown, please input the user name of the root user. Once this has been completed, please select option 9 to 'Configure ownership of files'.

2. Initialize database (Menu Option #2)

2.1. Database User and Password - This is the PostgreSQL database user. The

'password' is not the actual password, but a key used to generate the password. Select 0 when you are done with these entries

2.2. Storage Area Setup Menu - The storage area is where file content will be

stored (if you select that option in your policies) and the encryption method used to store that data securely. Select 0 when you are done with these settings

3.1. This is to select the SSL encryption method to be used in communication

across a network between CimTrak™ components (Repository, Clients, Agents). To set, select 0 when done.

4. Enter client/agent user login and password (Menu Option #5)

4.1. Use this option to create the first administrator account. Select 0 when the user

and password are set how you want them.

5. Install services (auto restart, run time control scripts) (Menu Option #7)

6. Start CimTrak™ Master Repository (Menu Option #8)

6.1. You can do this, or control the process with the service command ('service

CimTrak™Server [stop|start|status]')

You are now done and can select the appropriate options to exit the install menus.

You will likely need to configure your firewall to allow traffic on the port that CimTrak™ is configured to use (default 3749).

4. CIMTRAK™FILE SYSTEM AGENT INSTALLATION

4.1. CIMTRAK™ FILE SYSTEM AGENT PRE-INSTALLATION INTEGRITY VERIFICATION

Before beginning the installation process CIMCOR™ recommends verifying the authenticity of the Installation file(s). Each CimTrak™ component has an associated SHA1 hash value calculated on installation components. The associated SHA1 hash value can be obtained from the CIMCOR™ website located at http://cimcor.com/downloads.

4.2. CIMTRAK™ FILE SYSTEM AGENT INSTALLATION – WINDOWS GRAPHICAL

The steps taken to begin the graphical installation of the CimTrak™ File System Agent will depend on the operating system on which the installation will occur. After the installation is started, the process is the same for all operating systems. Determine which operating system you are using.

NOTE: Ensure that the CimTrak™ Master Repository is installed prior to CimTrak™ File System Agent installation and if the Agent is being installed on a remote system, make sure that both systems are set to the same UTC.

For Windows Platforms: Navigate to the location where the CimTrak™ Install file is

located and run “setupwin32.exe”. The Install Wizard should begin automatically, however, if it does not you may start the Install Wizard by opening a command prompt and typing the following command:

“X\setupwin32.exe” where “X” is the path to the CimTrak™ Install file’s directory.

The first screen you will see, allows you to pick the language for the installation.

Figure 50 – Language Selection Screen Select the language and click “Next.”

The next screen will have the CimTrak™ End User License Agreement. You must read and accept the terms of the agreement to continue installation.

Figure 51 – EULA

The next screen will be the CimTrak™ Installation Welcome Screen.

Figure 52 – CimTrak™ Welcome Screen Click “Next” to continue.

Now you will see the directory where the CimTrak™ File System Agent will be installed. You may leave the default directory in place (recommended) or change the path to meet your specifications. (It is recommended to leave the default directory in place, to simplify future upgrades.)

Figure 53 – Installation Directory

The following screen allows you to determine which components of CimTrak™ you can install.

Figure 54 – Choose to install the CimTrak™ File System Agent

Place a check mark in the box next to CimTrak™ File System Agent and click “Next.”

When “Next” is clicked, you are given the option to install the optional driver for the Agent.

Figure 55 – Install Optional Driver for File System Agent

This driver will allow you to have a more detailed view of user and process information from detections:

• The Windows user that created the intrusion

• The Windows process

• The Process ID number

• The Thread ID number

The confirmation screen will now be displayed.

Figure 56 – Confirmation Screen

Confirm the settings and then click “Install” to start the installation. A progress screen will appear while the components are being installed.

After the CimTrak™ File System Agent is installed, the Private Key screen is now displayed.

Figure 57 – Choose to create Private Key

If an Agent should have a Private Key applied to it: make sure Yes is chosen, enter the desired Private Key in both text boxes, then press Next. Make sure that the Private Key is unique (it should not be the same as a Repository login name or password).

If an Agent does not need to have a Private Key applied to it: choose No, and then press Next.

4.2.1. AGENT-LEVEL PRIVATE KEYS EXPLAINED

The Private Key is a secondary layer of security for the information stored within CimTrak™. If an Agent has a Private Key applied to it, all Object Groups within the Agent are protected by an additional layer of encryption, which is only accessible by entering the Private Key. If a user tries to view, compare, or change files within an Object Group, the user is prompted to enter the Private Key. Only by entering the Private Key can these files be viewed, compared, or changed.

If a Private Key is set for an Agent, all Object Groups within that particular Agent inherit this Private Key. However, any Object Group or Document Control created still can have its own specific Private Key, overriding the Private Key of the Agent. When an Object Group or Document Control is created, the CimTrak™ Admin has the option to create a Private Key for that particular object.

This is true for all Object Groups and Document Controls, whether or not the parent Agent has a Private Key. If a Private Key is specified for an Object Group or Document Control, the Private Key applied for that object is the one that was specified during the creation of the object; the Private Key for that object is *not*

inherited by the Agent.

If a Private Key is not applied to an Agent during install and it is desired for all Object Groups and Document Controls within that Agent to have Private Keys. When an Object Group or Document Control is created, a Private Key *must* be

set for every object created.

NOTE: The Private Key only protects viewing of files within CimTrak™. If an unauthorized user is able to gain access to the computer that is being protected by CimTrak™, he or she can still view the files watched by Object Groups, even if they are protected by CimTrak™. Proper security measures are still necessary to prevent unauthorized access of computers and data.

NOTE: If a Document Control is placed within an Agent, and that Agent has a Private Key, the Document Control will not inherit the Private Key from its parent agent. If a Document Control requires a Private Key, the Private Key must be set at the time of Document Control creation.

NOTE: If a Private Key is applied to an object, the FTP interface and certain global Reports will not be able to access files within any object protected by a Private Key.

NOTE: Once a Private Key has been assigned to an Agent or an Object Group, the Private Key cannot be altered. In addition, if an Agent is configured without a Private Key, a Private Key cannot be assigned to it after it has been configured.

NOTE: In the event that the Private Key is lost, it can *not* be recovered.

You must configure the Agent to communicate with the CimTrak™ Master Repository. On the CimTrak™ File System Agent configuration screen, you will need to enter the following information:

• IP Address where the CimTrak™ Master Repository is located

• Port used (if other than the default 3749)

• A descriptive name for this CimTrak™ File System Agent

• “Automatically Restart the Service” in the event of program termination (default restart is after 300 seconds)

• CimTrak™ Master Repository Username

• CimTrak™ Master Repository Password

CimTrak™. If an Agent has a Professional License, intrusions can also be removed as well as logged by CimTrak™.

Figure 58 – Enter Repository information for File System Agent

The descriptive name for the CimTrak™ File System Agent allows the user to easily identify which Agent they are viewing in the Management Console, in the case that multiple Agents are installed.

When the components have been completely installed, the installer will take you to the last screen.

Figure 59 – Summary Information Screen Click “Finish” to complete the installation.

Installation of the CimTrak™ File System Agent is complete.

4.3. CIMTRAK™ FILE SYSTEM AGENT INSTALLATION – WINDOWS COMMAND LINE

The way in which the non-graphical installation of the CimTrak™ File System Agent is started, will depend on what operating system you are installing it on. After the installation is started, the process is the same for all operating systems. Determine which operating system you are using.

For Windows Platforms: Navigate to the location where the CimTrak™ Install file is

“X\setupwin32.exe” where “X” is the path to the CimTrak™ Install file’s directory.

NOTE: When including the greater-than (>) symbol as part of an object name or path it will be necessary to use quotations around the entire expression, (as shown.) Example: -object=”Agent-name->object-Name”.

The first screen is language selection. Enter a “1” or “2” and press “Enter” to submit your selection. Then type “0” and press “Enter” to move to the next screen.

Figure 60 – Language Selection

NOTE: After every screen in which the user inputs configuration settings, the user is given the option to go to the previous screen, cancel the installation, redisplay the current page, as well as continue to the next page.

The next screen is the End User License Agreement. You will need to read and accept the EULA to continue the installation and use CimTrak™. When done, enter a one (1) and press “Enter” to accept the agreement, then type “0” and press “Enter” to move to the next screen.

Figure 63 – Options after every screen

A Welcome screen will appear. Press the “Enter” key to continue.

Figure 64 – CimTrak™ Welcome Screen

The next screen shows the directory where CimTrak™ will be installed. You may leave the default directory in place (recommended) or change the path to meet your specifications.

Figure 65 – Installation Directory

Now you can select the components to be installed. To select the components, enter the corresponding number of the component. When done, type “0” to move to the next screen.

On the next screen you are given the option to install the optional driver for the Agent. This driver will allow you to have a more detailed view of user and process information from detections:

• The Windows user that created the intrusion

• The Windows process

• The Process ID number

• The Thread ID number

Figure 67 – Install Optional Driver for File System Agent

The next screen will confirm your installation selections. Select “Next” to begin the install.

Figure 68 – Confirmation Screen

The installation of the CimTrak™ File System Agent will proceed.

After the CimTrak™ File System Agent is installed, the Private Key screen is now displayed.

Figure 70 – Choose to create Private Key

If an Agent should have a Private Key applied to it, type “1” and “Enter.” Type in the Private Key twice, and then press “Enter.” Make sure that the Private Key is unique (it should not be the same as a Repository login name or password.)

Now you will have to configure the CimTrak™ File System Agent to communicate with the CimTrak™ Master Repository. You will provide the IP Address or Fully Qualified Domain Name of the CimTrak™ Master Repository. You will then specify the port number being used by the CimTrak™ Master Repository as well as the name that you will call the CimTrak™ File System Agent.

The next step is to specify if the agent will automatically restart if it stops communicating with the repository. If the agent is set to restart, you must specify the interval between the time the agent stops and the restarting of the agent process, the default time is 300 seconds.

Lastly, you will submit the username and password to connect the CimTrak™ File System Agent to the CimTrak™ Master Repository.

Figure 71 – Enter Repository information for File System Agent This completes the CimTrak™ File System Agent installation.

4.4. CIMTRAK™ FILE SYSTEM AGENT INSTALLATION – UNIX/LINUX COMMAND LINE

In document CimTrak Integrity & Compliance Suite (Page 56-81)