NetBrain System Setup Guide Two-Server Deployment
NetBrain System Setup Guide Two-Server Deployment
NetBrain System Setup Guide Two-Server Deployment
0
System Setup Guide
Two-Server Deployment
1. System Overview......................................................................................................................................................................... 3
5. Appendix..................................................................................................................................................................................... 46
NetBrain Integrated Edition is an adaptive automation platform, where you can integrate with your existing
Network Management System (NMS) tools and IT workflows to automate documentation, troubleshooting,
network change, and defense. It serves as an operating system of your whole network to relieve network
professionals from manual CLI-digging and also empowers team collaboration to elevate productivity.
The browser-based interface of NetBrain Integrated Edition is backed by a full-stack architecture, adopting
advanced distributed technologies to support large-scale networks with more expansion possibilities.
Component Description
Browser-based Thin Client provides a user interface for end users to access the system.
Web Server serves static content such as HTML, JavaScript, and CSS resources, which serves as the
user interface of the Thin Client.
Web API Server provides the front-end web applications to support the browser-based Thin Clients
and serves RESTful API calls from third-party applications for integration.
Worker Server serves as a resource manager to support computing tasks. It relies on both Redis and
RabbitMQ to work.
Front Server Controller serves to coordinate and communicate with Front Servers and other components.
Front Server serves as a polling server to collect and parse live network data. It is the only
component required to access the live network.
Service Monitor Agent monitors the health of your NetBrain Servers with operations management of related
services.
Ansible Agent (add-on) integrates with Ansible to define, execute playbooks and visualize results in Change
Management Runbooks. See Ansible Integration for more details.
Smart CLI (add-on) provides a Telnet/SSH client to connect to devices from Windows and can be
integrated with NetBrain workflows. See Smart CLI for more details.
This section introduces the hardware requirements, network connectivity requirements, and more prerequisites
for deploying a two-server system.
▪ Reference Specification
▪ Deployment Prerequisites
Reference Specification
The two-server deployment requires one Windows server for applications and one Linux server for the database.
Both physical machines and virtual machines are supported.
Environment NetBrain Component Machine CPU 1) Memory Hard Disk Operating System
Count
≤1000 nodes Application Server 1 4 Physical 16GB 200GB ▪ Windows Server 2012/2012 R2
≤10 users Cores 1)
▪ HDD 3) (Standard/Datacenter Edition),
64-bit
▪ SSD 5)
▪ Windows Server 2016/2019
(Standard/Datacenter Edition),
64-bit
▪ CentOS
7.5/7.6/7.7/7.8/7.9/8.2/8.3, 64-
bit
▪ Oracle Linux
7.7/7.8/7.9/8.2/8.3, 64-bit
1001~2000 nodes Application Server 1 4 Physical 32GB 200GB ▪ Windows Server 2012/2012 R2
≤10 users Cores 1)
▪ HDD 3) (Standard/Datacenter Edition),
64-bit
▪ SSD 5)
▪ Windows Server 2016/2019
(Standard/Datacenter Edition),
64-bit
▪ SSD 5) bit
▪ CentOS
7.5/7.6/7.7/7.8/7.9/8.2/8.3, 64-
bit
▪ Oracle Linux
7.7/7.8/7.9/8.2/8.3, 64-bit
Notes:
1) If hyper-threading is enabled, one physical core equals to two logical processors; in a virtual environment, the number
of vCPUs required is twice the number of physical cores (as listed in the table).
2) Allocating at least half of the RAM amount for swap space on your Linux server is required to provide the necessary
additional memory when the RAM space has been exhausted.
3) For good performance of data processing and caching, it is recommended to install the Application Server on a
machine equipped with Solid State Drive (SSD) when managing up to 5000 nodes.
4) The required hard disk space must be exclusively reserved for NetBrain. For better performance, it is recommended to
install the MongoDB on a machine equipped with Solid State Drive (SSD), or Hard Disk Drive (HDD) RAID-10.
5) If the Intent Based Automation (IBA) license is activated, both Application Server and Database Server must be
equipped with Solid State Drive (SSD)
Note: *) If SSL was enabled for any component including MongoDB/Elasticsearch/Redis/RabbitMQ/License Agent/Front
Server Controller/Ansible Agent/Auto Update Server (within Web API Server), the SSL protocol should be added to
firewall rules to enable SSL connection between servers.
Deployment Prerequisites
The following requirements must be satisfied before setting up your NetBrain system:
▪ The operating system must be installed with an English-language version (not language packs).
▪ When installing NetBrain servers, comply with your company security policy to set the passwords and
archive them for further reference.
▪ NetBrain servers use hostnames to identify and communicate with each other. Make sure each server has a
unique hostname.
▪ Add all the NetBrain installation folders and files (on both Windows and Linux) to the allow list of antivirus
software for routine scans, and keep the TCP connections unblocked between NetBrain components.
▪ If the machine's firewall is turned on, make sure the firewall rules allow traffics to all the ports and protocols
that will be used by the NetBrain system.
▪ Special Requirements for Client Machine
o It is recommended to deploy the NetBrain Smart CLI on the same machine where the browser-based
thin client is used, and the machine needs to meet the following minimum system specifications:
❖ 4 Physical CPU Cores (If hyper-threading is enabled, one physical core equals to two logical
processors; in a virtual environment, the number of vCPUs required is twice the number of
physical cores)
❖ 8GB RAM
o Ensure to reserve at least 50% system capacity for the satisfactory performance of NetBrain Browser-
based Thin Client and Smart CLI Application.
o Users with administrative privileges of the machine are required to implement the installation.
o NetBrain Integrated Edition should not be installed on the same server as an existing NetBrain
Enterprise Edition (6.2 or earlier version), except that Front Server and Network Server (EEv6.2) can be
installed on the same machine.
o There must be more than 5GB free space in the system drive (for example, C drive) to complete the
installation no matter which drives the NetBrain system will be installed on.
o Temporarily disable antivirus software during the installation process.
o Ensure the NetBrain installation process using administrator account has the necessary permissions
to modify “User Rights Assignment” in “Local Security Policy” or change the local user privileges.
o Click ‘Yes’ to continue with installation/upgrade process and NetBrain service will be configured to run as Local
System. If you have security concern s, please click ‘No’ to abort the installation/upgrade.
Note: Local System accounts have additional privileges that are considered a high risk. Please verify that this
is an acceptable risk in accordance with your SysAdmin policies.
Note: After clicking ‘No’, please check with your system administration team to enable the relevant
permissions, uninstall the affected component(s) and reinstall. Contact NetBrain support team if you need
any assistance during the process.
o Users with root privileges of the machine are required to implement the installation.
o It is highly recommended to store the data files and log files of NetBrain servers into separated disk
partitions. Make sure each partition has enough disk space.
• More than 100GB free space in the directory where the data files of MongoDB/Elasticsearch will be
saved.
• More than 50GB free space in the directory where the log files of MongoDB/Elasticsearch will be
saved.
• More than 180GB free space for the Front Server PostgreSQL data path.
All NetBrain Linux components, including MongoDB, License Agent, Elasticsearch, Redis, RabbitMQ, and Service
Monitor Agent, will be installed sequentially on this Linux server. However, if an error occurs during the
installation of any components, the installation will abort. After resolving the error, you can re-run the installation
package to install the remaining components.
Pre-installation Tasks
▪ Ensure you have upgraded the Linux OS to Red Hat Enterprise Linux Server 7.5/7.6/7.7/7.8/7.9/8.2/8.3, 64-
bit, CentOS 7.5/7.6/7.7/7.8/7.9/8.2/8.3, 64-bit or Oracle Linux Server 7.7/7.8/7.9/8.2/8.3, 64-bit to avoid
installation or upgrade failure. Refer to Linux System Upgrade Instructions Online for more details. If your Linux
server has no access to the Internet, refer to Linux System Upgrade Instructions Offline.
Note: During and after the Linux OS upgrade, do not restart the Linux server, and keep all the NetBrain services on Linux
server including MongoDB running normally and all the services on the Windows server stopped.
▪ Ensure the hostname of the Linux server must be resolvable by DNS or configured in /etc/hosts because
RabbitMQ needs a resolvable hostname no matter whether it is a standalone server or a cluster.
▪ RabbitMQ has dependencies on the third-party packages socat and logrotate. Run the rpm -qa|grep socat
and rpm -qa|grep logrotate commands to check whether socat and logrotate have been installed on this
Linux server. If they have not been installed yet, you can choose either option below to install the dependencies.
o Online Install: run the yum -y install socat and yum -y install logrotate commands to install them
online.
o Offline Install: refer to Offline Installing Third-party Dependencies for more details.Service Monitor Agent
has dependencies on the third-party package zlib-devel readline-devel bzip2-devel ncurses-devel gdbm-
devel xz-devel tk-devel libffi-devel gcc. Run the rpm -qa|grep -E "zlib-devel|readline-devel|bzip2-
devel|ncurses-devel|gdbm-devel|xz-devel|tk-devel|libffi-devel|gcc" command to check whether it
o Offline Install: refer to Offline Installing Third-party Dependencies for more details.
▪ It is highly recommended to install numactl on this Linux server to optimize MongoDB performance. Run the
rpm -qa|grep numactl command to check whether it has been installed. If it has not been installed yet and the
Linux server has access to the Internet, run the yum install numactl command to install it online.
▪ If you want to enable SSL to encrypt the communications between servers, prepare a set of certificate files and
upload them to the /etc/ssl directory by using a file transfer tool. For more details regarding the requirements
for these certificate files, refer to SSL Certificate Requirements.
Note: Make sure each path of /usr/lib, /usr/share, and /etc has more than 10GB free space to install the component
files.
2. Create a directory under the /opt directory to place the installation package. For example, netbraintemp10.0.
[root@localhost ~]# mkdir /opt/netbraintemp10.0
Note: Don't place the installation package under any personal directories, such as /root.
Tip: Run the yum -y install wget command to install the wget command if it has not been installed.
7. Run the ./install.sh command under the netbrain-all-in-two-linux-10.0 directory to install NetBrain Linux
components.
1) Read the license agreement, and then type YES and press the Enter key.
2) Type I ACCEPT and press the Enter key to accept the license agreement. The script starts to check whether
the system configuration of the Linux server meets the requirement, and all required dependent packages
are installed for each Linux component.
[root@localhost netbrain-all-in-two-linux-10.0]# ./install.sh
Please read the End User License Agreement (“EULA”) for the license type (perpetual or
subscription)
purchased in the order form at https://www.netbraintech.com/legal-tc/ carefully. I have read
the
subscription EULA, if I have purchased a subscription license, or the perpetual EULA, if I
have
purchased a perpetual license, at the link provided above. Please type “YES” if you have read
the
applicable EULA and understand its and understand its contents, or “NO” if you have not read
the
applicable EULA. [YES/NO]: YES
Do you accept the terms in the subscription EULA, if you have purchased a subscription
license, or
the perpetual EULA, if you have purchased a perpetual license? If you accept, and to continue
with
the installation, please type "I Accept" to continue. If you do not accept, and to quit the
installation script, please type "CANCEL" to stop. [I ACCEPT/CANCEL]: I ACCEPT
INFO: Creating installation log file
INFO: Collecting system information SUCCEEDED.
INFO: MongoDB was not installed. Fresh installation is required.
Components to be installed:
servicemonitoragent
mongodb
licenseagent
elasticsearch
rabbitmq
redis
3) Configure the following parameters one by one with an interactive command line.
Install NetBrain Linux components.
The values in brackets are the default values of the parameters. To keep the default value
for the
current parameter, press the Enter key.
Please enter the data path for NetBrain [/var/lib/netbrain]:
Please enter the log path for NetBrain [/var/log/netbrain]:
Please enter the IP address of this machine [10.10.3.142]:
Please create NetBrain service username [admin]:
Please create NetBrain service password:
Please re-enter NetBrain service password to confirm:
Use SSL on NetBrain Services [no]:
Use customized server ports? [no]
Please enter the URL (must end with /) to call NetBrain Web API service for the Service
Monitor
[http(s)://<IP address or hostname of NetBrain Application Server>/]: http://10.10.3.141/
Note: Make sure the designated data path has more than 100GB free space and the designated log path has more
than 50GB free space. You can run the df -h command to check which directory has been mounted to a large disk.
Note: The certificate name specified in the path must strictly match the one you uploaded.
Note: Keep notes of the NetBrain service username and password because they will be used later.
4) After these parameters are configured, the key configurations for each component are listed for your
further confirmation. To continue the installation with the current configurations, press the Enter key. To
change any configurations, type no.
Data path: /var/lib/netbrain
Log path: /var/log/netbrain
8. After all the components are successfully installed, run the reboot command to restart the machine.
Post-installation Tasks
▪ If you have customized a port for any of MongoDB/License Agent/Elasticsearch/RabbitMQ/Redis or you have
configured DNS connection during Database Server installation, to make the Server Monitor Agent can still
detect and monitor its service, you must add the customized port number to the corresponding configuration
file.
MongoDB mongodb.yaml
Elasticsearch elasticsearch.yaml
RabbitMQ rabbitmq.yaml
Redis redis.yaml
Example: If you use FQDN during Database Server installation, do the following:
2) Add the following DNS info to the mongodb.yaml file, and save the changes. For how to modify the file,
refer to Editing a File with VI Editor.
Note: Follow the text format in the example strictly, including alignment, punctuations, and spaces.
init_config:
instances:
- name: default
dns: mongo2.cloud.netbraintech.com
Example: If you configured the port number 27000 during MongoDB installation, do the following:
Note: Follow the text format in the example strictly, including alignment, punctuations, and spaces.
init_config:
instances:
- name: default
port: 27000
Parameters
Refer to the following table for the parameters of NetBrain Database Server.
Data path /var/lib/netbrain The directory to save data of all NetBrain Linux components. You can
press the Enter key to keep the default path or type a new one.
Log path /var/log/netbrain The directory to save logs of all NetBrain Linux components. You can
press the Enter key to keep the default path or type a new one.
IP address of this machine <current IP The binding IP address for MongoDB/ElasticSearch/NetBrain License
address
Agent. It will be used for establishing connections with NetBrain
automatically
Application Server. You can press the Enter key to keep the default value
obtained from the
machine> or type a new one.
Note: If you configured multiple network cards on this machine, type the
designated IP address to be bound.
NetBrain service admin The admin username and password created for MongoDB, Elasticsearch,
username RabbitMQ, Redis, Front Server and Service Monitor.
Use SSL on NetBrain no Whether to enable SSL for all components on NetBrain Database Server.
Services To enable SSL, type yes.
Certificate file path The file name of the certificate file that contains the public key.
Private Key file path The file name of the private key file.
Certificate Authority file The name and directory of the chain certificate authority (CA) file, which
path is used to authenticate the CA issuing the SSL certificates.
Use customized server no Whether to use customized port number for each Linux component. To
ports? customize ports, type yes.
MongoDB port 27017 The port number that the MongoDB service listens to. You can press the
Enter key to keep the default port or type a new one.
Note: Keep notes of the customized port because it will be used for
validating the connections with MongoDB when installing NetBrain
Application Server.
License Agent port 27654 The port number that the License Agent service listens to. You can press
the Enter key to keep the default port or type a new one.
Note: Keep notes of the customized port because it will be used for
validating the connections with License Agent when installing NetBrain
Application Server.
Elasticsearch port 9200 The port number that the Elasticsearch service listens to. You can press
the Enter key to keep the default port or type a new one.
Note: Keep notes of the customized port because it will be used for
validating the connections with Elasticsearch when installing NetBrain
Application Server.
Rabbitmq port 5672 The port number that the RabbitMQ service listens to. You can press the
Enter key to keep the default port or type a new one.
Note: Keep notes of the customized port because it will be used for
validating the connections with RabbitMQ when installing NetBrain
Application Server.
Redis port 6379 The port number that the Redis service listens to. You can press the
Enter key to keep the default port or type a new one.
Note: Keep notes of the customized port because it will be used for
validating the connections with Redis when installing NetBrain
Application Server.
URL to call NetBrain Web http(s)://<IP The URL to call NetBrain Web API service. For example,
address or
API service for the Service http://10.10.3.141/ or https://www.YOURCOMPANY.com/.
hostname of
Monitor Note: If SSL will be enabled with https binding created for the system
NetBrain
Application website in IIS Manager, type https in the URL.
Server>/
Note: When you type https in the URL, the CA verification will not be
performed during the configuration by default. To verify the CA
certificate, complete the following steps after the configuration:
Example:
# enable ssl validation (default:False)
enable_ssl_validation: True
cert_path: /etc/ssl/smca.pem
3) Upload the CA certificate file under the specified path. Make sure the
CA certificate could be accessed and read by the Service Monitor
Agent Service.
All NetBrain Windows components, including Web Server, Web API Server, Worker Server, Task Engine, Front
Server Controller, Front Server, and Service Monitor Agent will be installed sequentially on this Windows server.
Pre-installation Tasks
▪ Make sure the extended memory of your machine is larger than 16GB and the Windows update is of the
latest.
▪ If you use a proxy server to access the Internet on this server, you must add the IP address of Elasticsearch
into the proxy exception list so that the Application Server can communicate with the Elasticsearch.
1) Click the icon at the upper-right corner of Chrome and select Settings > Advanced.
b) Read the license agreement of Microsoft .NET Framework 4.8, select the I agree to the license terms
and conditions check box and click Install. It might take a few minutes for the installation to be
completed.
Note: Some running applications must be closed during the installation of .NET Framework 4.8, such as Server
Manager.
Note: Ensure the FIPS is disabled after restarting the machine. To disable the FIPS setting, modify the Enabled
value to 0 under the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy
directory of Windows registry.
Note: The interface above may not appear if the .NET Framework has never been installed on the server. In
such case, it is still highly recommended to reboot the server after the installation of the .NET Framework
completes.
3) On the NetBrain Integrated Edition Prerequisites page, read the list of Linux components that must be
deployed beforehand in your environment and click Next.
4) On the System Configuration page, review the system configuration summary and click Next.
6) On the Customer Information page, enter your company name and click Next.
7) Click Next to install the Application Server under the default path: C:\Program Files\NetBrain\. If you
want to install it under another location, click Change.
Note: If you select to install it under another drive, make sure there are no spaces in the installation path. For
example, use D:\Program_Files\ instead of D:\Program Files\.
Note: Make sure the designated data folder has more than 100GB free space.
8) On the System Connectivity Configuration page, enter the information to connect to NetBrain Database
Server, including the IP of NetBrain Database Server and the service username and password created on
NetBrain Database Server. Click Next.
Note: If you enabled SSL on NetBrain Database Server, you must select the Use SSL check box here. Both
NetBrain Database Server and NetBrain Application Server must use the same set of SSL certificate files.
9) (Required only if the Use Customized Ports check box is selected) On the Customized Settings page, you
can customize the ports of Linux Components and customize the port for Front Server Controller if you
don't want to use the default port 9095. Click Next.
NetBrain Application Server will use the specified information of NetBrain Database Server, including IP
address, username, password, SSL Settings, and port settings to validate the connectivity to MongoDB,
License Agent, Elasticsearch, RabbitMQ, and Redis one by one.
10) On the Auto Update Server, enter the information for Auto Update Server and click Next.
Note: The Address must be the local server’s IP address which can be reached from other NetBrain servers
including Front Server.
11) (Required only if the Use SSL check box is selected) Configure the following SSL settings.
b) On the Certificate Configuration page, click Browse to upload the certificate file and private key file to
enable SSL communications on Front Server Controller and Auto Update Server. Click Next.
12) On the KeyVault Administration Passphrase Settings page, create a passphrase to initialize and manage
the system KeyVault which contains all encryption keys to protect data security. Type it twice and click
Next.
Note: Keep notes of the passphrase because it is required when you scale up or upgrade the Application Server. In
case of losing the passphrase, select the Enable Resetting KVAP check box so that NetBrain system administrator
can reset the passphrase at any time.
13) On the NetBrain Front Server page, create a password for the PostgreSQL data. Type it twice and click
Next.
Note: If you want to save the PostgreSQL data under another location, click Change.
Note: Make sure the designated data folder has more than 180GB free space.
14) Review the server components to be installed and click Install. All the Windows components will be
installed one by one. It will take a long while for all the components to be installed.
▪ Ensure the NetBrain installation process using administrator account has the necessary permissions to
modify “User Rights Assignment” in “Local Security Policy” or change the local user privileges. Otherwise,
the following error message will prompt when installing each Windows component.
▪ Click ‘Yes’ to continue with installation/upgrade process and NetBrain service will be configured to run
as Local System. If you have security concerns, please click ‘No’ to abort the installation/upgrade.
Note: Local System accounts have additional privileges that are considered a high risk. Please verify that this is
an acceptable risk in accordance with your SysAdmin policies.
Note: After clicking ‘No’, please check with your system administration team to enable the relevant permissions,
uninstall the affected component(s) and reinstall. Contact NetBrain support team if you need any assistance
during the process.
5. After all the components are successfully installed, click Finish to complete the installation process and exit the
Installation Wizard.
6. Open the Task Manager and navigate to the Services panel, you can find the following running NetBrain
services.
Tip: The NetBrainFrontServer service is not running because Front Server has not been registered.
Note: The system is designed to work with a minimum screen resolution of 1440x900 pixels. Make sure the
Notifications and Popups are allowed for the Web Server URL in your web browser and zoom it at 100% to get the best
view.
2. In the login page, enter your username or email address, and password. The initial username/password is
admin/admin.
4. Modify your password first and then complete your user profile in the pop-up dialog, by entering the email
address, first name, and last name, and then click Save.
1. In the System Management page, click Activate under the License tab. The activation wizard prompts.
Note: If your NetBrain Application Server is not allowed to access the Internet, you can configure a proxy server.
Click the icon at the upper-right corner, select the Use a proxy server to access the internet check box and
enter the required information.
Note: Only use this activation method when your NetBrain Application Server is not allowed to access the
Internet.
a) Follow the instructions to generate your license file. Attach the file to your email and send it to
NetBrain Support Team. After receiving your email, the NetBrain team will fill in the license
b) Click Browse to select the activation file that you received from the NetBrain team, and then click
Activate.
4) A message box will prompt you the subscription license has been activated successfully. Click OK.
3. A confirmation dialog box prompts to ask you whether to generate an initial tenant. Click Yes and the initial
tenant will be created automatically with all purchased nodes assigned.
Tip: To synchronize authenticated user accounts that are managed in third-party user management servers, refer to
Third-Party User Authentication.
2. Click Add at the upper-left corner, and complete the settings. This is an example:
2) Assign user rights, including access permissions and user roles. See online help for more details.
Note: For authenticated users account from external servers (LDAP/AD/TACACS+), their roles and privileges can be
locked as follows. After being locked, the roles and privileges will not be synced with any changed settings of
external authentication.
3) Configure the advanced settings if required, including account expiration and privilege to modify/reset
password.
3. Click Submit. The user account will be added to the Existing User List.
1. In the System Management page, select the Front Server Controllers tab, and then click Add Front Server
Controller.
2. In the Add Front Server Controller dialog, configure the settings for the Front Server Controller, and then
allocate tenants to it.
b) To authenticate the Certificate Authority (CA) certificate on the Front Server Controller, select the
Conduct Certificate Authority verification check box.
c) If CA has not been installed on the Worker Server and Task Engine, click Browse to upload the CA file,
for example, ca.pem.
Note: Only certificates in the Base-64 encoded X.509 PEM format are supported.
3) Click Test to verify whether the Web API Server can establish a connection to Front Server Controller with
the configurations.
4) In the Allocated Tenants area, select the target tenants to allocate them to the controller.
5) Click OK to save the settings.
Field Description
Port The port number created when you install the Front Server Controller for listening to the
connections from Worker Server. By default, it is 9095.
Username The user name created for NetBrain service when installing NetBrain Database Server.
Password The password created for NetBrain service when installing NetBrain Database Server
Timeout The maximum waiting time for establishing a connection from Worker Server to this Front Server
Controller. By default, it is 5 seconds.
Description The brief description to help you add more information about the Front Server Controller.
1. In the Front Server Controller Manager, select the target tenant and click New Front Server.
Tip: Keep notes of the Authentication Key because it is required when you register this Front Server.
3. Click OK. The Front Server is added to the Front Server list.
1. On the machine where the Front Server is installed, click the Windows start menu and then click the icon to
open the Apps pane.
2. Under the NetBrain category, right-click Registration and then select Run as administrator from the drop-
down list.
a) Select the Use SSL check box to encrypt the connections to Front Server Controller with SSL. If SSL is
disabled on Front Server Controller, leave it unchecked and skip step b) to c).
Note: Select the Use SSL check box only if you enabled SSL on Front Server Controller.
b) To authenticate the Certificate Authority (CA) of SSL certificates on Front Server Controller, select the
Conduct Certificate Authority verification check box.
c) If the CA has not been installed on this machine, click Browse to upload the CA file, for example,
ca.pem; otherwise, select I have installed the Certificate Authority on this machine.
Note: Only the certificate in Base-64 encoded X.509 PEM format is supported.
3) Click Test to verify whether this Front Server can establish a connection with Front Server Controller.
4) Keep all default values, and then enter the authentication key created when you add this Front Server to a
tenant.
4. Click Register.
5. Click Close after the registration is finished. The Front Server information in the Front Server Controller
Manager will be synchronized by clicking Refresh.
Knowledge Cloud (KC) manages both the framework components and the platform resources and allows NetBrain
Workstation to automatically upgrade a patch or minor release. Besides replacing the files, the auto-upgrade
process may restart services, execute the database upgrading, check the system health and roll back the release if
the update fails.
Due to security considerations, there will be no direct connection between KC and NetBrain Workstation. NetBrain
System Administrator must download the software update package from NetBrain Customer Portal, manually
upload the package into the system and then schedule system updates accordingly.
Note: Only user with System Management permissions can perform the following actions.
4. Schedule Update
Note: The following steps only apply to the online auto upgrade procedures.
2. By default, the Automatically check the latest version check box is enabled. You can click Check Update
Now to see if there is a new version available.
Note: The Web API Server is required to have internet access in order to perform the function of Check Update Now.
3. When this check is enabled, NetBrain Workstation will check whether a minor release, a patch, a customized
built-in, a customized resource or common platform resource updates have been published since the last time
check (either auto or manual check). The latest available version will be displayed with the release note.
4. If the respective release or patch is available, after reviewing the Release Note, click Get Latest Version to
Download Package from NetBrain Customer Portal.
1. Log into the NetBrain Customer Portal with your username and password.
Tip: Required info includes the License ID, Framework Version, Common Repo Version, Customized Built-in Resource
Repo, Customized Resource Repo.
3. Click Resource Package Link to download the package to your local drive.
4. Keep note of the password for next step- Upload Package to NetBrain Workstation.
3. Click Browse and select the system upgrade package (.zip file).
2. Click Schedule.
1) Click Select and specify the desired Tenant/Domain to perform Domain Health Check.
Note: If there are more than one tenant or domain, step 1) must be completed before proceeding to step 2).
Note: If there is only one tenant and domain, the Initial Tenant will be automatically selected and you can directly
proceed to step 2).
Tip: The devices in the Auto Test Group are automatically selected according to the device type discovered by the
system. You can also manually edit or delete any devices to suit your specific needs.
Note: The last used Application Paths (up to 5 paths) will be automatically copied to the Auto Test Application
Folder. You can also manually change the auto selected path in Application Manager.
Tip: You can edit or remove the system update time once it is scheduled.
Note: A confirmation message will prompt if the selected tenant/domain does not have application path, you can click
Yes to dismiss the message and continue with the update process.
• The update fails, and the system is rolled back to the old version.
The update history only records the releases the system is scheduled to update with. The update history table
provides the following information:
NetBrain Service Monitor provides a portal for administrators to observe the health of deployed Windows and
Linux servers, with operations management of related services. It collects various types of metrics data from these
deployed servers and visualizes them in tables or line charts.
Note: The Service Monitor Agent must be installed on the servers that you want to monitor.
Note: System upgrade feature heavily relies on all the NetBrain servers and service metrics, therefore it is required to
ensure all the NetBrain servers and component metrics can be viewed in the Service Monitor page.
1. In the System Management page, click Operations > Service Monitor from the quick access toolbar.
2. In the Service Monitor home Page, you can monitor key server metrics, server connectivity, resource utilization,
service status and so on.
3. Customize the conditions for when to send out alert emails and take more actions for low disk space on
MongoDB by clicking Alert Rules. See Managing Alert Rules for more details.
1. Download the dependency package from a server with the Internet access using one of the following download
links according to the version of your Operating System:
▪ CentOS7.5: http://download.netbraintech.com/dependencies-centos7.5.tar.gz
▪ CentOS7.6: http://download.netbraintech.com/dependencies-centos7.6.tar.gz
▪ CentOS7.7: http://download.netbraintech.com/dependencies-centos7.7.tar.gz
▪ CentOS7.8: http://download.netbraintech.com/dependencies-centos7.8.tar.gz
▪ CentOS7.9: http://download.netbraintech.com/dependencies-centos7.9.tar.gz
▪ CentOS8.2: http://download.netbraintech.com/dependencies-centos8.2.tar.gz
▪ CentOS8.3: http://download.netbraintech.com/dependencies-centos8.3.tar.gz
▪ RHEL7.5: http://download.netbraintech.com/dependencies-rhel7.5.tar.gz
▪ RHEL7.6: http://download.netbraintech.com/dependencies-rhel7.6.tar.gz
▪ RHEL7.7: http://download.netbraintech.com/dependencies-rhel7.7.tar.gz
▪ RHEL7.8: http://download.netbraintech.com/dependencies-rhel7.8.tar.gz
▪ RHEL7.9: http://download.netbraintech.com/dependencies-rhel7.9.tar.gz
▪ RHEL8.2: http://download.netbraintech.com/dependencies-rhel8.2.tar.gz
▪ RHEL8.3: http://download.netbraintech.com/dependencies-rhel8.3.tar.gz
▪ OL7.7: http://download.netbraintech.com/dependencies-ol7.7.tar.gz
▪ OL7.8: http://download.netbraintech.com/dependencies-ol7.8.tar.gz
▪ OL7.9: http://download.netbraintech.com/dependencies-ol7.9.tar.gz
▪ OL8.2: http://download.netbraintech.com/dependencies-ol8.2.tar.gz
▪ OL8.3: http://download.netbraintech.com/dependencies-ol8.3.tar.gz
3. Run the tar -zxvf dependencies-<OS version>.tar.gz command to decompress the package.
The following steps illustrate how to edit a configuration file with the vi editor, which is the default text file editing
tool of a Linux operating system.
1. Create a terminal and run the cd command at the command line to navigate to the directory where the
configuration file is located.
2. Run the vi <configuration file name> command under the directory to show the configuration file.
3. Press the Insert or I key on your keyboard, and then move the cursor to the location where you want to edit.
4. Modify the file based on your needs, and then press the Esc key to exit the input mode.
5. Enter the :wq! command and press the Enter key to save the changes and exit the vi editor.
The requirements of SSL certificates may vary for different NetBrain servers, depending on their different roles in
SSL encrypted connections, SSL-server or SSL-client.
▪ SSL Certificate Requirements for SSL-Server
MongoDB ▪ Certificate that contains a public key. For example, cert.pem. Base-64 encoded X.509 PEM
Elasticsearch ca.pem.
Ansible Agent
Tip: The certificates in PEM format usually have extensions such as .pem, .crt, .cer, and .key.
Note: By default, NetBrain servers that work as SSL-client don't require any SSL certificates. If you want to authenticate the
Certificate Authority of the certificates for SSL-server, then the SSL certificates are required on SSL-client.
The following table lists the certificate requirements for SSL-client, including Web Server, Web API Server, Worker
Server, Front Server, Task Engine, and Service Monitor Agent.
Use the certificates installed ▪ All the certificates are valid and installed in the certificate N/A
on Windows store.
Upload certificates when ▪ For Front Server and Worker Server: CA certificate containing Base-64 encoded X.509 PEM
installing NetBrain servers root CA certificate and class 2 CA certificate is required.
In addition to creating user accounts manually, the system supports integrating with the following third-party user
management systems for authentication.
▪ AD Authentication
▪ TACACS+ Authentication
▪ SSO Authentication