What’s Involved in the Deployment Process
Most of the planning in this chapter has focused on designing the auditing infrastructure and deciding where to install components. The following illustration provides a visual summary of the complete deployment process and highlights the keys to success. The sections after the flowchart provide additional details about what’s involved in each phase or the decisions you will need to make, such as who should be part of the deployment team, where to install the software, and who has permission to do what.
Plan
During the first phase of the deployment, you collect and analyze details about your organization’s requirements and goals. You can then also make preliminary decisions about sizing, network communication, and where to install components.
Here are the key steps involved:
-
Identify the goals of the deployment.
- Is auditing important for specific computers?
- Is auditing important for computers used to perform administrative tasks?
- Is auditing important for computers that host specific applications or sensitive information?
- Should auditing be required for users in specific groups or with specific roles?
- Assemble a deployment team with Active Directory, UNIX, and other expertise, including at least one Microsoft SQL Server database administrator.
- Provide basic training on Delinea architecture, concepts, and terminology.
-
Analyze the existing environment to identify target computers where you plan to install Delinea auditing infrastructure components.
- Plan for permissions and the appropriate separation of duties for your organization.
- Review network connections, port requirements, firewall configuration.
- Identify computers for Audit Manager and Audit Analyzer consoles.
- Identify computers to be used as collectors, audit stores, and the management Database.
- Verify that you have reliable, high-speed network connections between components that collect and transfer audit data and sufficient disk storage for the first audit store database.
- Identify the initial target group of computers to be audited.
- Define and document your data archiving and data retention policies.
Prepare
After you have analyzed the environment, you should prepare the Active Directory groups to use. You can then install administrative consoles and the auditing infrastructure.
Here are the key steps involved:
- (Optional) Create the additional Active Directory security groups for your organization.
- Groups can simplify permission management and the separation-of-duties security model.
- Install Audit Manager and Audit Analyzer on at least one administrative Windows computer.
- Create a new audit installation and a management database on one computer.
- Create an audit store and audit store database on at least one computer.
- Install a collector on at least two computers.
Deploy
After you have prepared Active Directory, installed administrative consoles on at least one computer, and created at least one installation, you are ready to deploy agents on the computers to be audited.
Here are the key steps involved:
- Install the agent on the computers you want to audit.
- Join the appropriate domains and zones.
- Prepare a Group Policy Object for deploying agents remotely using a group policy.
- Assign the appropriate permissions to the users and groups who should have access to audit data.
Validate
After you have deployed agents on target computers, you should test and verify operations before deploying on additional computers.
Here are the key steps involved:
- Log on locally to a target computer using an Active Directory user account and password to verify Active Directory authentication.
- Open Audit Analyzer and query for your user session.
Manage
After you have tested and verified auditing operations, you are ready to begin managing your audit installation.
Here are the key steps involved:
- Secure the installation.
- Add auditor roles and assign permissions to the appropriate users and groups.
- Create new databases and rotate the active database.
- Archive and delete old audit data.
