Installing the ESA On-Premise

The following steps explain the installation of the ESA v10.0.x ISO image on-premise.

1. Starting the installation

To install the ESA appliance:

  1. Insert the appliance installation media in the system disk drive.

  2. Boot the system from the disk drive.

    The following screen appears.

  3. Press ENTER to start the installation.

    The following screen appears.

    The system will detect the number of hard drives that are present. If there are multiple hard drives, then it will allow you to choose the hard drive where you want to install the OS partition and the /opt partition.

    If there are multiple hard drives, then the following screen appears.

    For storing the operating system-related data, select the hard drive where you want to install the OS partition and select OK.

    The following screen appears.

    For storing the logs, configuration data, and so on select the hard drive where you want to install the /opt partition and select OK.

2. Selecting Network Interface Cards (NICs)

The Network Interface Card (NIC) is a device through which appliances, such as, the ESA or the DSG, connect to each other on a network. You can configure multiple network interface cards (NICs) on the appliance.

The ethMNG interface is generally used for managing the appliance and ethSRV interface is used for binding the appliances for using other services.

For example, the appliance can use the ethMNG interface for the ESA Web UI and the ethSRV interface for enabling communication with different applications in an enterprise.

The following task describes how to select management interfaces.

To select multiple NICs:

  1. If there are multiple NICs, then the following screen appears.

  2. Select the required NIC for management interface.

  3. Choose Select and press ENTER.

3. Configuring Network Settings

After selecting the NIC for management, you configure the network for your appliance. During the network configuration, the system tries to connect to a DHCP server to obtain the hostname, default gateway, and IP addresses for the appliance. If the DHCP is not available, then you can configure the network information manually.

To configure the network settings:

  1. If the DHCP server is configured, then the following screen containing the network information appears.

  2. If the DHCP server is not available, then the following screen appears.

    The Network Configuration Information screen appears.

  3. Select Manual and press ENTER.

    The following screen appears.

    1. Select DHCP / Static address to configure the DHCP / Static address for the appliance and choose Edit.

    2. Select Static address and choose Update.

    3. If you want to change the hostname of the appliance, then perform the following steps.

      1. Select Hostname and select Edit.
      2. Change the Hostname and select OK.
    4. Select Management IP to configure the management IP address for the appliance and choose Edit.

      1. Add the IP address assigned to the ethMNG interface. This IP address configures the ESA appliance to use the Web UI.
      2. Enter the Netmask. The ethMNG interface must be connected to the LAN with this Netmask value.
      3. Select OK.
    5. Select Default Route to configure the default route for the appliance and press Edit.

      1. Enter the IP address for the default network traffic.
      2. Select Apply.
    6. Select Domain Name and press Edit.

      1. Enter the Appliance Domain Name. For example, protegrity.com.
      2. Press Apply.
    7. Select Name Servers and press Edit.

      1. Add the IP address of the name server.
      2. Press OK.
    8. If you want to configure the NTP, then perform the following steps.

      1. Select Time Server (NTP), and press Edit.
      2. Add NTP time server on a TCP/IP network.
      3. Select Apply.
  4. Select Apply.

    The network settings are configured.

4. Configuring Time Zone

After you configure the network settings, the Time Zone screen appears. This section explains how to set the time zone.

To set the Time Zone:

  1. On the Time Zone screen, select the time zone.

  2. Press Next.

    The time zone is configured.

5. Configuring the Nearest Location

After configuring the time zone, the Nearest Location screen appears.

To Set the Nearest Location:

  1. On the Nearest Location screen, enter the nearest location in GMT or UTC.

  2. Press OK.

    The following screen appears.

    This screen also allows you to update the default settings of date and time, keyboard manufacturer, keyboard model, and keyboard layout.

6. Updating the Date and Time

To Update the Date and Time:

  1. Press SPACE and select Update date and time.

  2. Press ENTER.

    The following screen appears.

  3. Select the date.

  4. Select Set Date and press ENTER.

    The next screen appears.

  5. Set the time.

  6. Click Set Time and press ENTER.

    The date and time settings are configured.

7. Updating the Keyboard Settings

To Update the Keyboard Settings:

  1. Select Update Keyboard or Console settings.

  2. Press ENTER.

  3. Select the vendor and press the SPACEBAR.

  4. Select Next.

    If you select Generic, then a window with the list of generic keyboard models appears.

  5. Select the model you use and press Next.

  6. On the next window, select the keyboard language. The default is English (US).

  7. Select Next.

  8. On the next window, select the console font. The default is Lat15-Fixed16.

  9. Press Next.

    A confirmation message appears.

  10. Press OK to confirm.

8. Configuring GRUB Settings

On the Protegrity appliances, GRUB version 2 (GRUB2) is used for loading the kernel. If you want to protect the boot configurations, then you can secure it by enforcing a username and password combination for the GRUB menu.

During installation for the ESA on-premise, a screen to configure GRUB credentials appears. If you want to protect the boot configurations, then you can secure it by enforcing a username and password combination for the GRUB menu. While installing the ESA v9.2.0.0, you can secure the GRUB menu by creating a username and setting password as described in the following task.

To configure GRUB settings:

  1. From the GRUB Credentials page, press the SPACEBAR to select Enable.

    Note:

    By default the Disable is selected. If you continue to choose Disable, then the security for the GRUB menu is disabled. It is recommended to enable GRUB to secure the appliance.

    You can enable this feature from the CLI Manager after the installation is completed. On the CLI Manager, navigate to Administration > GRUB Credential Settings to enable the GRUB settings.

    For more information about GRUB, refer to the section Securing the GRand Unified Bootloader (GRUB) in the Protegrity Appliances Overview Guide 9.2.0.0.

  2. Select OK.

    The following screen appears.

  3. Enter a username in the Username text box.

    Note:

    The requirements for the Username are as follows:

    • It should contain a minimum of three and maximum of 16 characters
    • It should not contain numbers and special characters
  4. Enter a password in the Password and Re-type Password text boxes.

    Note:

    The requirements for the Password are as follows:

    • It must contain at least eight characters
    • It must contain a combination of alphabets, numbers, and printable characters
  5. Select OK and press ENTER.

    A message Credentials for the GRUB menu has been set successfully appears.

  6. Select OK.

9. Setting up Users and Passwords

Only authorized users can access the appliance. The Protegrity Data Security Platform defines a list of roles for each user who can access the appliance. These are system users and LDAP administrative users who have specific roles and permissions. When you install the appliance, the default users configured are as follows:

  • root: Super user with access to all commands and files.
  • admin: User with administrative privileges to perform all operations.
  • viewer: User who can view, but does not have edit permissions.
  • local_admin: Local administrator that can be used when the admin user is not accessible.

After completing the server settings, the Users Passwords screen appears that allows you set the passwords for the users.

To set the LDAP Users Passwords:

  1. Add the passwords of the users.

    Note: Ensure that the passwords for the users comply with the password polices.

    For more information about the password policies, refer to the section Password Policy Configuration in the Protegrity Enterprise Security Administrator Guide 9.2.0.0.

  2. Select Apply.

    The user passwords are set.

10. Licensing

After the appliance components are installed, the Temporary License screen appears. This system takes time. It is recommended to wait for few minutes before proceeding.

Note: After the ESA Appliance is installed, you must apply for a valid license within 30 days.

Temporary License Information Screen

For more information about licenses, refer Licensing.

11. Installing Products

In the final steps of installing the appliance, you are prompted to select the appliance components to install.

To select products to install:

  1. Press space and select the necessary products to install the following products.

    Install or Repair Products Screen

  2. Click OK.

    The selected products are installed.

  3. After installation is completed, the following screen appears.

    Welcome to Protegrity Appliance

  4. Select Continue to view the CLI Login screen.

Last modified January 30, 2025