Requirements for Tripwire LogCenter Manager
To prepare a Primary, Secondary, or Failover Manager for the installation of TLC Manager software, complete the following steps.
Note |
To install TLC Manager on a Secondary Manager system, you must first install TLC Manager on your Primary Manager system. |
---|
1. | Install your database software (see About the Installation Process). |
2. | Verify that the Manager host system complies with the platform and system requirements for TLC Manager: |
https://www.tripwire.com/products/tripwire-log-center/system-requirements/
Caution |
Since TLC is a high-performance product, the systems in your TLC environment must comply with all installation requirements. |
---|
3. | To determine if the host system is compliant with Federal Information Processing Standards (FIPS), see: |
https://support.microsoft.com/en-us/kb/811833
If it is compliant with FIPS, then Transport Layer Security (TLS) is not required. Otherwise, you must ensure that TLS 1.1 and TLS 1.2 are not disabled on the Manager host system (see Verifying Transport Layer Security (TLS)).
4. | Download and install one of the following versions of Zulu for Windows: |
Download Zulu for Windows 8u292b10 (64-bit) from here:
https://www.azul.com/downloads/?version=java-8-lts
&os=windows&package=jdk&show-old-builds=true
Download Zulu for Windows 11.0.16+8 (64-bit) from here:
https://www.azul.com/downloads/?version=java-11-lts
&os=windows&package=jdk&show-old-builds=true
Follow the instructions on the download page to install the Zulu software.
5. | Create the JAVA_HOME system-environment variable in Microsoft Windows on the Manager host system, and enter the 64-bit installation path for the Zulu OpenJDK as the value for the variable; for example: |
C:\Program Files\Zulu\zulu-8 or C:\Program Files\Zulu\zulu-11
6. | Verify that all ports required for your TLC environment are open on the Manager host system (see Table 1). |
7. | Locate the purchase-confirmation e-mail from Tripwire. This e-mail includes your serial number and a direct link to the TLC installation package. (If you cannot find this e-mail, contact your Tripwire customer service representative.) |
8. | Confirm that the Manager host system has Internet access. |
If the Manager host system does not have Internet access:
a. | Ask your Tripwire customer service representative for a license key. |
b. | Confirm that .NET Framework 4.6 is installed on the Manager host system. |
9. | If you are installing TLC Manager on a Failover Manager, consult with Tripwire Support to verify that your TLC license will support the addition of the Failover Manager. |
10. | If you plan to collect Windows Event Logs from a Windows system, Tripwire recommends the installation of Tripwire Axon Agent for TLC software and the use of the Advanced Windows Collector for this purpose. However, if you plan to collect Windows Event Logs from a Windows system with the WinLog Collector, you must configure a Windows user account for WMI collection (see Appendix I. Configuring a Windows User Account for the WinLog Collector). |
11. | If you plan to collect log messages from an Oracle server with the Oracle Database Collector and Oracle Advanced Security is enabled on the Oracle server, install the Oracle Client Library on the Manager host system. For instructions, see your Oracle Client Library documentation. |
12. | Download the TLC installation package from the Tripwire Customer Center: |
https://tripwireinc.force.com/customers
13. | Unzip the contents of the TLC installation package to any available directory. |
Default Port/Protocol |
Configurable during TLC Manager installation process? |
Required for ... |
---|---|---|
135/TCP and 445/TCP |
No |
... WMI connections to remote hosts if your TLC environment includes one or more Failover Managers. Tip: To set up a fixed port for WMI, click here.
|
514/UDP, |
No |
... collection of log messages from Syslog devices. Note: Once you have installed the TLC Manager and configured a Network Collector in the TLC Console, you can customize these ports in the Manager's properties dialog. For more information, see Working with Managers. |
1433/TCP |
Yes |
... communication between the Manager and a Remote Database Server running Microsoft SQL Server. |
3306/TCP |
Yes |
... communication between the Manager and a Remote Database Server running MySQL Server. |
5432/TCP |
Yes |
... communication between the Manager and a Remote Database Server running PostgreSQL. |
5670/TCP |
No |
... collection of log messages from Axon Agents. Note: This port may be configured when you install the Tripwire Axon Agent for TLC software (see Getting Started with Tripwire Axon Agent for TLC). |
8091/TCP |
No |
... System-Database operations between your Primary Manager and Secondary Managers. |
8717/TCP |
Yes |
... inbound and outbound communication with other Managers and TLC Console host systems. |
Verifying Transport Layer Security (TLS)
If your Manager host system is not compliant with Federal Information Processing Standards (FIPS), you must ensure that Transport Layer Security (TLS) 1.1 and 1.2 are not disabled on your Manager host system. For an overview of TLS settings, see:
https://technet.microsoft.com/en-us/library/dn786418.aspx
To begin, back up your Windows Registry:
1. | From the Start menu, select Run and enter regedit. |
2. | At the top of the Registry Editor, select Computer, and then File > Export. |
3. | In the Export Registry File dialog, select a folder in which to save the exported registry file, and then click Save. |
To ensure TLS 1.1 and 1.2 have not been disabled:
1. | In the Registry Editor, open the following registry key: |
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1
2. | If any of the sub-keys are set to Disabled, change the setting to either (Default) or Enabled. |
3. | In the Registry Editor, open the following registry key: |
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2
4. | If any of the sub-keys are set to Disabled, change the setting to either (Default) or Enabled. |