Important
This document relates to the Installation Instructions for Snare Central v8.1.0 or newer. For details related to earlier verions please refer to the following guide.
Snare is an appliance-like solution, that includes the operating system, and the Snare Central software, on the installation media. A heavily customised distribution of Linux is used for the baseline installation.
The system which will host Snare Central must be configured to boot from the CD, DVD or USB device. Please note that a monitor, mouse and keyboard should be connected to the server or workstation.
Once you boot from the Snare Central installation media, the installation will ask you a number of questions. The following images and instructions will guide you through the process of installation.
Snare Central Installation - Kickstart | |
---|---|
Insert the Snare Central Installation media, and boot the computer. The Snare Central installation media will provide you with a guided install of the Linux operating system, and the Snare Central tools and utilities, presenting you with only those options that may vary from site to site, or from system to system, and specifically require your input. Hit ENTER on your keyboard. |
Operating System Bootstrap | |
---|---|
When you hit ENTER, Snare Central will boot the Linux operating system. The screen will remain blank for some time, and then a new video mode will appear on your monitor. Please Wait |
Language Selection | |
---|---|
Although Snare Central currently only supports the English language, some elements of the operating system installation process can be localised. Select the language that is most appropriate for your current geographic location, and press ENTER. |
Location Selection | |
---|---|
The installer will attempt to provide a range of potential locations, based on your language selection. Select your geographic location, and press ENTER. |
Keyboard Layout | |
---|---|
Local keyboard layouts are supported for Snare Central. Select an option appropriate for your type of keyboard, and press ENTER. |
Keyboard Layout (2) | |
---|---|
Some languages/locations provide more than one option for keyboard layouts (eg: Qwerty, Dvorak). Select an option appropriate for your type of keyboard, and press ENTER. |
Accept the EULA | |
---|---|
You will need to accept that you have read the End User License Agreement, available at https://www.snaresolutions.com/legal/terms-and-conditions. If for any reason you do not accept the terms, the installation process will be terminated at this stage. Select YES, I accept the license terms and press ENTER. |
Preparing for Installation | |
---|---|
Snare Central will scan the local application database for installation targets, and load additional components. Please wait. |
IP Address Configuration | |
---|---|
Your Snare Central will require an IP address in order to participate on the network. You may need to consult your network administration team for assistance with an appropriate allocation, so that address conflicts do not occur. Type the IP Address of the Snare Central Server, and press ENTER. |
Netmask | |
---|---|
Your Snare Central server will need to know the netmask to use for the local network. You may need to consult with your network administration team for assistance with an appropriate value, but most networks on which a Snare Central server will be installed will generally use either a 'Class C' (255.255.255.0), or 'Class B' (255.255.0.0) range. Type the Netmask for the network on which Snare Central will be active. |
Default Gateway | |
---|---|
In order to contact (and be contacted by) machines outside the local area network, your Snare Central will need to know the IP address of the default gateway on the local network. You may need to consult with your network administration team for an appropriate value. Type the Default Gateway Address that Snare Central should use to contact non-local network devices, and press ENTER. |
Name Servers | |
---|---|
Enter the IP address of your Domain Name Server(s). Space separated DNS Server IP addresses, then press ENTER |
Domain Name | |
---|---|
The domain name is generally the alphabetic part of your company or organisational internet address; it may include '.gov' or '.com'. Do not include the hostname in this text entry box. Type the domain name under which the Snare Central server will exist, and press ENTER |
Time Zone | |
---|---|
The Time Zone setting is important to ensure that your Snare Central retains appropriate time settings, particularly during events such as "Daylight Saving". The installation process will attempt to detect your approximate physical location based on your earlier location and language settings. Select your time zone. The list will be populated with values based on your earlier location and language selections. |
Possible warning - disk space | |
---|---|
If the disk space available is less than 300GB, a warning message will be displayed. Depending on your requirements select either 'Go Back' or 'Continue'. |
Possible partitioning warning - mounted partitions | |
---|---|
If the server on which you intend to install Snare, already has disks formatted with a file system that Snare is able to recognise, the installer may attempt to mount the disks. If it does so successfully, this dialog may appear, requesting that you unmount the partition. Select 'Yes'. |
Partitioning | |
---|---|
The local disk will be automatically partitioned based on Snare's requirements. Please Wait. |
Partitioning 2 | |
---|---|
Several local partitions will be created on the Snare Central server. Please Wait. |
Installing the Base System | |
---|---|
The installation process will install the system packages required for the operation of Snare Central. Please Wait. |
Installing Software | |
---|---|
Additional packages required by Snare, over and above the operating-system level functions will also be installed. Although most steps are generally very quick to complete, there are a few points in the installation that may take a little longer than others. In particular:
Please Wait. |
Installing Boot Loader | |
---|---|
The primary disk on the server will be set to boot the Snare Central operating system. On some systems, the installer may confirm if it should install GRUB, or other similar system components. This should be answered with a "Yes", otherwise Snare Central will not boot. Please Wait. |
Account Authentication | |
---|---|
The installation subsystem will ask you to supply default passwords to several accounts, including:
Although Snare Central implements several password complexity controls such as dictionary exclusions, minimal length, and so on; initial installation passwords are NOT subject to such controls. |
System Reboot & Operating System Updates | |
---|---|
Once the installation process has completed, Snare Central will automatically reboot. At this point, specific components required for the operation of the event collection, analysis and reporting environment, will be installed; as will security updates to the baseline packages that come with the installation media. This process should take approximately 15 minutes to complete, depending on the number of updates included. The most recent line from the raw output from the package update process, will be displayed within the dialog window. The initial boot process may take around 20-30 seconds the first time through. |
Operating System Package Configuration | |
---|---|
The installation process will return to the console in order to configure key operating system packages, just in case a package requires user input in order to continue the installation process. Please wait. |
Snare Central Bootstrap | |
---|---|
Several server-specific tasks will scroll through, including the installation and configuration of configuration databases, the installation of administrative objectives, and the initialisation of firewall rule sets. Please wait. |
Administrator Password | |
---|---|
An initial password for the "Administrator" account for the Snare Central web interface, will be generated, set, and displayed. The password will be chosen from random alpha-numeric characters, be 10 characters in length, and will exclude look-alike characters such as O/0 and I/l. To update this password post-installation, refer to Knowledge Base article at https://support.prophecyinternational.com/s/article/How-to-reset-the-administrator-password-for-Snare-Server. Please note this password for future reference. |
Restart to complete installation | |
---|---|
Snare Central needs to reboot one last time at the completion of the installation process, to complete the upgrade process of system packages. Press Enter to reboot. The Server will briefly return you to a black console, while finalising the installation process. If you are on a VMWare client, with a virtual floppy-drive installed, you may see I/O errors relating to 'fd0' - these are normal and safe to ignore. Other warning messages may be displayed on the console - this are also safe to ignore, and are anticipated & rectified as part of the modified installation process. |
Server Ready | |
---|---|
The Snare server has now installed, and is ready to access via your web browser. Point your browser at the IP address or DNS name for your new server to continue. You can also login to the console directly using the snare user and password set up during the installation process. |
License Information | |
---|---|
Please point your web browser at Snare Central, with your IP address. A screen will appear, that identifies multiple KeyIDs, highlight and copy these KeyIDs. To create the license:
If you are having trouble generating your Snare Central license see Appendix A. Copy, generate and download the KeyIDs in SLDM at customer.intersectalliance.com. |
Log in to Snare Central | |
---|---|
Snare Central will present a login page. Enter the UserID "Administrator", and the password that was generated by the installation process. Log into Snare Central. |
Configuration Wizard | |
---|---|
When you first access Snare Central, a configuration wizard will appear. Follow the prompts to configure your Snare Central. More details about the configuration can be found in the Snare Central Users Guide, and you can always come back to the Configuration Wizard at a later time as required. Use the Next and Previous buttons to move between the sections. You can also open or close them by clicking on the top-left arrow of each section. |
Configuration Wizard - Done | |
---|---|
Once the configuration wizard has finished - this page will return you to Snare Central. Press the "Return to Snare Central" button. |