The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Before installing Cisco Process Orchestrator, you should verify that your system meets the minimum hardware and software requirements. For the requirements necessary to operate Cisco Process Orchestrator, see the Cisco Process Orchestrator Compatibility Matrix.
Note: Cisco Process Orchestrator requires Microsoft Visual C++ 2015 64-bit redistributable. For download information, see https://www.microsoft.com/en-us/download/details.aspx?id=53840.
Cisco Process Orchestrator’s multi-threaded architecture allows it to fully utilize all processors on the Cisco Process Orchestrator server system. Cisco Process Orchestrator generally scales linearly with the number of processor cores and the clock speed at which processors execute. Adding more CPU cores is the single most effective factor in increasing Cisco Process Orchestrator performance. To maximize performance capacity, include the maximum number of processor cores available in the hardware supporting the Cisco Process Orchestrator server.
The Cisco Process Orchestrator server intelligently caches data such as actively running processes to optimize performance. Sufficient memory is required to minimize paging. Allow memory to handle burst situations, but plan the number of processor cores in the system to be sufficient for steady state (average) load.
Database optimization is very important. While Cisco Process Orchestrator ships with a schema, which is performance optimized, including the relevant indices, customers need to install and operate this database. Customers should refer to documentation associated with their chosen database platform for best practice.
In high performance scenarios, the following best practices can dramatically affect performance:
■A separate host server for the database versus other Cisco Process Orchestrator architectural elements
■A separate high speed disk for the database, operating system and program files, and swap files
■Sufficient memory to avoid paging
A high speed network connection typically means the database is “close by” the Cisco Process Orchestrator server, or possibly in the same data center.
Proper database server hardware and routine database maintenance can have substantial effects on performance. Planning for high availability can have impacts on system design, requirements, environments, and installation topologies.
This section provides the active ports and services used by Cisco Process Orchestrator as well as the recommended Exchange ports for use when executing targets.
The following table provides the list of all active TCP/IP ports used or consumed by Cisco Process Orchestrator. In addition, to make sure that your Active Directory environment is configured properly with the correct ports, see the Microsoft site, Active Directory and Active Directory Domain Services Port Requirements.
The Cisco Process Orchestrator service will not start if the System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing local security policy is enabled. For additional information on the policy, see the Microsoft site, http://support.microsoft.com/kb/811833.
To disable this option, choose Start > Administration Tools > Local Security Policy.
The following table provides the list of the current platform services that should be provided or enabled to use Cisco Process Orchestrator.
|
|
---|---|
Verify that your machine meets the minimum requirements for installing Cisco Process Orchestrator by:
■Reviewing the Cisco Process Orchestrator 3.5.1 Compatibility Matrix.
■Manually checking your system setup or using the Prerequisite Checker on the Cisco Process Orchestrator Installation dialog box.
The prerequisite checker will perform the correct checks based on the platform it is running on. If the prerequisites checker runs on a 64-bit platform, it will detect the existence of the 64-bit prerequisite applications (such as 64-bit Remedy client).
1. Double-click the Setup .exe file.
2. On the Setup tab, click Check Prerequisites.
3. From the drop-down list, select one of the options to verify that the computer meets the requirements for the selected installation.
4. To view details about the displayed results, highlight the appropriate item in the Results pane.
5. After verifying the status of the system requirements, click Close.
Note: For additional information about installing Cisco Process Orchestrator, see Installing Cisco Process Orchestrator.
Prior to installing Cisco Process Orchestrator, the following user access and configuration requirements must be met:
■Microsoft SQL Server Database Access Rights
■Oracle Database Access Rights
■Reporting Database Authentication
To install the product, the user must be a member of the Local Administrators group on the computer where Cisco Process Orchestrator is to be installed.
The reporting database user account is used by the SQL Server Reporting Services server to connect to the Cisco Process OrchestratorReporting database. The account needs at least the Owner permission on the Cisco Process OrchestratorReporting database. The Reporting DB user needs db_datareader, db_datawriter, and execute permissions using the dbo default schema.
Admin rights to the database will grant everything needed. For POCs, lab environments, development environments, etc., most users just grant admin rights for the login account to the database. For production environments, DBAS may require more fine-grained privileges.
For the Reporting Services server that runs on Windows Server, users who import reports should be a direct member of the Local Administrators group on the Reporting Services server machine.
The import report process will not work if a user is a member of a global group and the global group is a member of the Local Administrators group.
If SQL Server Windows authentication is being used, the following access rights must be set on the machine where Cisco Process Orchestrator is installed. To change the connection settings through the database user configuration utility on Cisco Process Orchestrator server, the logged in user needs to have db_owner, db_datareader, db_datawriter, db_ddladmin (roles with dbo default schema) permission to the Cisco Process Orchestrator installation folder.
■Windows Server 2012—The user account that connects to the database must be assigned Logon as Service rights.
If the company requires a higher level of security restrictions than allowing the standard access, then use the following scripts to create the logon script for access.
Use the following logon SQL script to create the necessary credentials for accessing the Cisco Process Orchestrator processes database.
Use the following logon script to create a SQL user account for the OrchestratorReporting reporting database. The assumption is that the OrchestratorReporting database will be created by a sysadmin account first, after which the script can be used to create a OrchestratorReporting database account with limited permission, and change reporting database to use the OrchestratorReporting user account.
Following is a list of privileges for the Process DB user on Oracle:
The following is a list of privileges required by the Cisco Process OrchestratorReport user account. To create the Cisco Process OrchestratorReporting database manually, use the Cisco Process OrchestratorReportingCreateUser.sql script.