Deploy the Cisco Cyber Vision Center

Create and configure the instance

  1. Go to https://aws.amazon.com Amazon Web Services and sign in.

  2. Navigate to Services > EC2.

  3. Click Launch Instance.

  4. Click Launch Instance again.

  5. Choose your Cisco Cyber Vision AMI from the AWS Marketplace and click Select.


    Note
    In the example above, the image is mapped with sample AMIs. Those images are for internal use. You will find the image in the AWS marketplace using the keyword "Cisco Cyber Vision". The correct version to use should appear.

  6. Choose the instance type from the available list and click Next.

Supported instance families

  • C5, C5a, C5ad, C5d, C5n, C6g, C6gd

  • M5, M5a, M5ad, M5d, M5dn, M5n, M5zn, M6g, M6gd

  • R5, R5a, R5ad, R5d, R5dn, R5n, R6, R6gd

  • T3, T3a, T4g

  • Z1d

VM sizing

Minimum – up to 500 components:

  • CPU: Intel Xeon, 8 cores

  • RAM: 16GB minimum

  • Storage: 500GB SSD

Recommended:

For 10,000 components w/o Center DPI:

  • CPU: Intel Xeon, 10 cores

  • RAM: 32GB minimum

  • Storage: 1TB SSD minimum, RAID-10

For more than 10,000 components or Center DPI:

  • CPU: Intel Xeon, 16 cores

  • RAM: 64GB minimum

  • Storage: 1TB SSD minimum, RAID-10

  1. Configure instance details.

  2. Choose the VPC and the subnet network.

  3. The public IP address should be disabled. An Elastic IP will be associated to the Cisco Cyber Vision instance to avoid any Dynamic public IP issues. The Public IP address association will be described later in this section.

  4. Depending on the Center type you can fill the Advanced Details > User data part at the bottom of Configure Instance Details menu.

    If a JSON file is used to specify the type of the Center, this step will be skipped during the installation.

    • To deploy a Center, leave the textbox empty.

    • To deploy a Center with sync, the minimal configuration is:

      {

      "center-type": "Local Center",

      }

    • To deploy a Global Center, the minimal configuration is:

      {

      "center-type": "Global Center",

      }

      For all json parameters, refer to Annex – Setup Center json file.

  5. Click Next: Add Storage.

  6. If needed, click the button to add a new volume.


    Note
    Make sure to setup the correct disk size as this information will remain and cannot be modified.

    Note
    Do not use the Magnetic (Standard) for Volume Type.

    Note
    Default type will be SSD.

  7. You can add tags to identify resources internally on AWS.

  8. AWS firewall settings

    Add the rules that provide access from users or other resources to the Center. List of the ports that need to be added:

    For Global Center <--> Center communication

Protocol

Port

AMPQ

TCP/5671

NTP

UDP/123

Syslog

UDP/TCP 514

SSH

TCP/22

For CS workstation/ntp server <--> Center communication

Protocol

Port

HTTPS

TCP/443

SSH

TCP/22

NTP

UDP/123

For Sensor à Center communication

Protocol

Port

AMPQ

TCP/5671

Syslog

UDP/10514

Example of a security configuration:

  1. Review your settings and click Launch.

  2. Select or create a new key pair for the SSH connection.

  3. Click Download Key Pair. A file called YOURKEYPAIRNAME.pem will be downloaded.

  4. Then, click Launch Instance.

Allocate an Elastic IP to the instance

  1. Click View Instances.

  2. Choose your instance on instances list and copy your instance ID.

  3. Go to Elastic IP.

  4. Click the created Elastic IP.

  5. Click Associate Elastic IP address.

  6. Tick Instance.

  7. Paste the instance ID previously copied.

  8. Type the private IP address of the created Center.

  9. Click Associate.

Cisco Cyber Vision Center setup

Open an SSH connection from AWS

  1. Go to instances to check the information of the created machine.

    The key previously created or chosen will be automatically added to /data/etc/ssh/userkey/root.


    Note
    It is possible to add multiple keys on that file if an access is needed from another device that is not using the same certificates than the installed one.

    This key is downloaded locally or already exists.

    Please follow the steps below to connect using SSH and finalize the installation.

  2. In the AWS EC2 management console, click Instances (1).

  3. Choose the needed instance and click the Connect button (2).

  4. Access the SSH Client menu (3) and follow the steps described in it.

  5. Copy and paste the example (4) into the ssh client and replace the ‘root’ with ‘cv-admin’, like below:

    ssh -i wbo.pem cv-admin@ec2-54-195-222-376.eu-west-1.compute.amazonaws.com

  6. Once connected to the Center, type the following command:

    sudo -i

  7. Type the following command:

    setup-center

  8. Press enter.

    The basic Center configuration appears.

Basic Center configuration

Access the basic Center configuration

The Center wizard is displayed on your screen as you power on the Center. Enter Start to start configuring the Center.

Accept the End User License Agreement

Select the language to match your keyboard


Note
By default, the system is configured to work with a US QWERTY keyboard.

Select the Center type

During this procedure you will choose which type of Center to install. There are three types of Centers:

  • A Center receives metadata from sensors and store them into an internal database (Postrgresql). This Center could be standalone or with synchronization with Global Center, is similar to a (standalone) Center from a functionality point of view, except for the link to a Global Center. You must install Centers with sync after the Global Center. This will enable your system to start enrollment and start pushes events to it. .

  • A Global Center introduces a centralized architecture which collects all industrial insights and events from Centers with Global Center and aggregate it on a single global point of view. It will also allow you to manage the knowledge database (KDB) and upgrade the whole platform.

Select the type of Center you want to install.

Center

If installing a Center, select the first option.

Then you will have the opportunity to set the Center id. It can be used in case of Center restoration to reuse the same id previously set in the Global Center. Thus, some data can be retrieved.

If you're installing the Center for the first time, this id will be automatically generated. Select No. You will be directed to the next step.

If you're reinstalling the Center and want to restore it, select Yes.

Use the following command from the Global Center's CLI to get a list of all Center's id:

sbs-db exec "select name, id from center"

Type the id into the basic Center configuration UUID field.

Click OK. You will be direct to the next step.

Global Center

If installing a Global Center, select the second option.

As this step does not apply to a Global Center, select No.

You will be directed to the next step.

Configure the Center's DNS

Type a DNS server address and optional fallbacks.

Synchronize the Center and the sensors to NTP servers

Enter IP addresses of local or remote NTP servers (gateway configuration needed) to synchronize the Center and the sensors with a clock reference. Each address must be separated by a space.

Optionally, add a key ID and an AES A28 CMAC key value separated by a semicolon with the corresponding NTP server.

The synchronization takes a few seconds.

Check that the time is correct, or set the time manually.


Note
The time is set in the UTC standard.

Give the Center a name


Note
This name will be used in the Center certificate.

Enter the Center name provided by your administrator or type 'Default' which is a secure value.


Note
This name must match the DNS name you will use to access the Center through SSH or a browser.

Set the Center's password

The administrato account (cv-admin) password of the Center must be set for security reasons. It is hidden for confidentiality reasons.

Confirm the password.

Configure the sensors' password

As this step does not apply when installing a Global Center, the following screens won't be displayed. Instead, you'll be directed to Authorize networks.

Although, if you're installing a Center, proceed as below.

The sensors' root password must be set for security reasons.

This password will be assigned once you will have enrolled the sensors on the Center. You will need this password for troubleshooting, diagnostics, and updates.

Confirm the password.

Authorize networks

This step allows you to restrict IP addresses that can connect to the Administration interface. If no IP is entered, all networks are authorized by default.

Set DHCP

Procedure
Step 1

If the following message appears, select OK.
Step 2

Select DHCP.

Complete the basic Center configuration

Next is the last screen of the basic Center configuration. It reminds you the addresses set to be used to download the CA certificate and access Cisco Cyber Vision. Save these addresses somewhere, you will need them later to access the user interface.

Enter OK to finish the basic Center configuration.

Close the Center configuration window before proceeding with the next steps of Cisco Cyber Vision configuration.

To proceed with the Cisco Cyber Vision configuration, open your browser and go to the URL previously indicated to access the user interface.


Note
Each Cisco Cyber Vision Center includes its own PKI (Public Key Infrastructure), with a CA (Certification Authority), that will be used to establish the TLS connection with the sensors and to clients. The CA must be installed on each client browser (see the following chapters).