Installation and Setup - BlueCat Infrastructure Assurance

(LiveNX Freemium Offer) LiveAssurance - Network Security Quick Start Guide
ft:locale
en-US
Product name
BlueCat Infrastructure Assurance

Prerequisites

To use LiveAssurance, ensure:

  • LiveNX is upgraded to version v25.1.0 and greater versions up to and including v25.3.0.

  • A working Internet connection is available to download the Docker container for LiveAssurance freemium.

  • indeni-docker.jfrog.io is added to your firewall allowlist, if required.

  • Devices have SSH enabled on port 22.

  • Device credentials (username and password) are available.

  • TCP Port 5443 is open.

  • SMTP server details are available if email notifications are required.

Installation and Setup

Enabling LiveAssurance:

  1. SSH into the LiveNX server CLI.

  2. Navigate to the LiveAssurance working directory by using the following command: cd /data/bcia.

  3. Verify the LiveAssurance files by using the following command:

    ls -la.

    The following image shows a sample output of the ls -la command, which displays details of all the LiveAssurance files (including hidden files such as the .env file) and directories. The details include the total number of files and directories, in addition to their type and permissions, number of hard links, owner, group, size, and modification time corresponding to each file/directory name.

  4. Initiate Docker by using the following command:

    sudo ./docker-run-pre.sh (run only once).

  5. Start LiveAssurance by using the following command; reach out to BlueCat support to obtain details of the supported version:

    ./start-bcia.sh <version>.
    Note: The installation will use the environment variables contained in the LiveAssurance .env file. Optionally, you can edit this file to set the supported version.

    The required Docker containers will be downloaded the first time this command is run for the specified version. The time taken for the download varies depending on the Internet speed.

  6. It may take 1 minute to start all the LiveAssurance services. Then, you will see a completion message indicating that the services have started, as shown in the following image.

  7. Access the LiveAssurance web interface via a browser at <LiveNX-IP>:5443.

Accessing the LiveAssurance Web Interface

  1. Open <LiveNX-IP>:5443 in a browser (both http and https are supported).

  2. Log in using the default credentials (admin/admin123!), as shown in the following image.

  3. Acknowledge the LiveAssurance Insight Confirmation.

Changing Default Credentials

  1. From the LiveAssurance web interface, select the Settings tab in the sidebar, then select Users.

  2. Select the vertical ellipsis icon for the admin user, then select Edit, as shown in the following image.

  3. In the Edit User window that opens, enter the First Name and Last Name. Also, enable the Ask for password change at next login toggle button, as shown in the following image. On the next login, you will be prompted to change the password.

  4. Select Next and then, select Save.

  5. Select the Profile icon in the top-right corner of the UI, then select Logout in the drop-down menu.

  6. In the login screen, enter your username and password, then select Login.

    You will be prompted to change your password, as shown in the following image.

  7. Enter your new password and select Change Password to log back in.

Device Onboarding and Credential Management

Creating Credential Sets

The first step to inspecting your devices is to create the credential set—the login credentials that will be used to query the devices.

  1. From the LiveAssurance web interface, select the Devices tab in the sidebar, then select Credential Sets.

  2. In the Credential Sets section, select New to create a credential set, as shown in the following image.

  3. In the Credentials section, select New to create new credentials, as shown in the following image.

    Select an authentication method (Username and Password, SSH Private Key, SNMPv2, or SNMPv3). Based on your selection, additional configuration parameters are displayed.

    After you configure the required parameters, select Save.

Configuring Subnets for Credentials

The credentials also include the subnet which will use those credentials. If all of your devices are using the same credentials, you can simply set this to 0.0.0.0/0 to have it apply to all devices. Otherwise, if your devices use different credentials, you can create multiple credential sets, and then specify the network and mask for each (which can be an exact IP address such as 94.94.94.17/32 or a subnet such as 94.94.0.0/16.)

If there are overlapping Subnets (such as 94.94.94.17/32 and 94.94.0.0/16), the LiveAssurance server will try to connect using the most specific subnet. If those credentials fail, it will then try the next most specific subnet. In our example, the /32 subnet would be tried first and then the /16 subnet.

  1. In the Subnets to use Credentials on section, select New to add a subnet, as shown in the following image.

  2. Assign the credentials to specific subnets.

  3. Use 0.0.0.0/0 for all devices.

  4. Configure multiple credential sets for different subnet ranges.

    If overlapping subnets exist, LiveAssurance prioritizes the most specific subnet.

Adding Devices for Inspection

  1. From the LiveAssurance web interface, select the Devices tab in the sidebar, then select New Device.

  2. In the Add Device window that opens, enter the device name and IP address.

  3. Select Interrogate.

    LiveAssurance will interrogate the device (using the credential sets you have created) to determine the device vendor, OS, etc. If the LiveAssurance server is unable to communicate with the device, it will return an error. The most common reasons for a communication issue are:

    • An issue with the credentials. Either:
      • You have mistyped the username/password in the Credential Set.
      • The device’s IP Address is not in the subnet(s) assigned to the Credential Set.
      • Those credentials don’t exist on that device or don’t have the correct permissions.
    • Connectivity issues between the device and the LiveAssurance server. This could be:
      • Basic connectivity between the LiveAssurance server and device. The easiest way to test this is to logon directly to the LiveAssurance server’s Linux interface and ping the device.
      • SSH connectivity between the LiveAssurance server and the device. Validate that SSH is enabled on the device using port 22.

    LiveAssurance queries the firewalls on a scheduled basis, varying from every minute to every day depending on the data being retrieved. You should therefore begin to see Alerts within a few minutes.