NetSight Atlas
Policy Manager
Installation

	NOTE:	When this file is opened from the CD-ROM, the links from this topic to other help topics will not work. Links within the topic will work, and once you've installed Policy Manager, you can launch the help system and access help for all topics.

This document provides instructions for installing NetSight Atlas Policy Manager, a component of Enterasys' Secure Networks solution. The most recent version of this file is located on the NetSight Documentation web page: http://www.enterasys.com/support/manuals/netsight.html.

General Installation Information
Installation on Windows
- Configuring the Environment
- Launching the Installer (Windows)
Installation on UNIX
- Preparing for Installation on UNIX
- Launching the Installer (UNIX)
Installation on Linux
- Preparing for Installation on Linux
- Launching the Installer (Linux)
Installer
Launching Policy Manager
Authentication Configuration
Uninstalling Policy Manager
Support

General Installation Information

Policy Manager utilizes the InstallAnywhere® application for its installer. You can install Policy Manager on the following platforms:

Windows® 2000, Windows XP®, or Windows Server™ 2003
UNIX® Solaris® 2.7, 2.8, 2.9
Red Hat Linux version 9, Linux Enterprise v3 ES

Before you install Policy Manager, it is highly recommended that you read the NetSight Atlas Policy Manager Release Notes. The most recent version of the release notes can be found on the NetSight Documentation web page: http://www.enterasys.com/support/manuals/netsight.html.You can also access the release notes from the CD by opening the srn.htm file with a web browser.

This version of Policy Manager supports both 802.1X authentication (on a per-device basis) and web-based authentication via a RADIUS server. In order for your network elements (devices, end stations, etc.) to take advantage of the authentication features, additional configuration is required. See Authentication Configuration, below, for more information.

The following tasks comprise the Policy Manager installation process:

Installing any operating system patches required for Java or InstallAnywhere® (UNIX only).
Preparing your system for installation.
Installing Policy Manager.
Using Policy Manager to configure your devices for authentication.

System Requirements

The system requirements for operating Policy Manager are listed here.

Windows^® 2000 w/ Service Pack 4, Windows XP^® w/ Service Pack 1, and Windows Server™ 2003 (qualified on the English version of the operating systems)
- Recommended P4, 2.4GHz, 1GB RAM
- Free Disk Space - 600MB

Solaris^® 2.7 2.8, 2.9 (with latest operating system patches installed)
- Recommended Sun^® Ultra 30/60 (or equivalent), 900MHz, 1GB RAM
- Free Disk Space - 600MB

Linux Red Hat Version 9 and Linux Enterprise v3 ES
- Recommended P4, 2.4GHz, 1GB RAM
- Free Disk Space - 600MB

Evaluation Copy

When you install Policy Manager, you can elect to install a 30-day evaluation copy.

WARNING: If you install an evaluation copy, be sure to remove all policies from your devices prior to the expiration of your evaluation copy. Without Policy Manager, there is no way to remove policies from your devices, and you will need to clear Non-Volatile RAM (NVRAM).

	WARNING:	If you install an evaluation copy, be sure to remove all policies from your devices prior to the expiration of your evaluation copy. Without Policy Manager, there is no way to remove policies from your devices, and you will need to clear Non-Volatile RAM (NVRAM).

To convert from an evaluation copy of Policy Manager to a purchased copy, contact your Enterasys Networks Representative to purchase the software and receive a License Key. You do not need to reinstall the software to perform the conversion. If your evaluation copy has not expired, do this:

In the Policy Manager main window, select Help > About NetSight Atlas Policy Manager.
In the About NetSight Atlas Policy Manager window, click License.
Enter the License Key and click Update.

If you have let your evaluation copy expire, when you launch Policy Manager a window opens where you can enter the License key. Once your evaluation copy has expired or been uninstalled, you cannot install another evaluation copy.

Small Business Edition

The Policy Manager Small Business Edition provides the same policy configuration capability as the full version of Policy Manager, but limits the ability to deploy the policy to a maximum of 10 devices. The installation information provided in this Help topic pertains to both the Small Business Edition and the full version of Policy Manager.

To upgrade from a Small Business Edition to a full version of Policy Manager, contact your Enterasys Networks Representative to purchase the software and receive a License Key. You do not need to reinstall the software to perform the conversion, simply perform these steps:

In the Policy Manager main window, select Help > About NetSight Atlas Policy Manager.
In the About NetSight Atlas Policy Manager window, click License.
Enter the License Key and click Update.

Upgrading

If you are upgrading your currently installed version of Policy Manager to a newer one, consult the Upgrading section of the Release Notes for considerations and instructions related to your version.

Installation on Windows

Use the following instructions to install Policy Manager on a Windows 2000, Windows XP, or Windows Server 2003 system. Before installing Policy Manager on a Windows platform, you need to:

Configure the environment

Once your system is properly configured, you can proceed with:

Launching the Installer (Windows)
Installer
Launching Policy Manager

Configuring the Environment

Below are the instructions for configuring the environment on Windows 2000, Windows Server 2003, and Windows XP platforms.

NOTE: Some of the operations in the following instructions may generate a message prompting you to reboot your system. It is not necessary to reboot your system until you have completed the configuration process.

	NOTE:	Some of the operations in the following instructions may generate a message prompting you to reboot your system. It is not necessary to reboot your system until you have completed the configuration process.

Windows 2000

Open your system's Control Panel (Start > Settings > Control Panel) and double-click the System icon. The System Properties window opens.
Select the Advanced tab and click the Performance options button. The Performance Options window opens.
Verify that the "Application response" section has Optimize performance for: Applications selected.
Click the Change button in the "Virtual Memory" section of the Performance Options window. The Virtual Memory window opens.
Enter the following settings in the "Paging file size for selected drive" section:
Initial size (MB) -- set to a minimum of 128 MB or equivalent to your system RAM.
Maximum size (MB) -- typically set to twice the Initial size. For example, if your Initial size is set to 128 MB, your maximum size would be set to 256 MB.
Click Set and OK to close the window.
Click OK to close the Performance Options window.
Click OK to close the System Properties window.
With the cursor in an open area of the desktop, right click and select Properties from the drop-down menu. The Display Properties window opens.
Select the Settings tab, and set Colors to a minimum of High Color (16 bit) and Screen area to 1024 by 768 pixels (recommended minimum). The Colors setting affects the appearance of Policy Manager windows. With a setting of 24 bit (16,777,216 colors) and above, certain window features such as tables, appear with a color gradient. Setting the Colors lower than 24 bit will not support color gradients.
Click OK to close the Display Properties window.
Reboot your system.

Windows Server 2003 and Windows XP

Open your system's Control Panel (Start > Settings > Control Panel) and double-click the System icon. The System Properties window opens.
Select the Advanced tab and click the Settings button in the "Performance" section. The Performance Options window opens.
Select the Advanced tab and verify that the "Processor scheduling" and "Memory usage" sections have Adjust for best performance of: programs selected.
Click the Change button in the "Virtual Memory" section of the Performance Options window. The Virtual Memory window opens.
In the "Paging file size for selected drive" section, select the Custom size option and enter the following settings:
Initial size (MB) -- set to a minimum of 128 MB or equivalent to your system RAM.
Maximum size (MB) -- typically set to twice the Initial size. For example, if your Initial size is set to 128 MB, your maximum size would be set to 256 MB.
Click Set and OK to close the window.
Click OK to close the Performance Options window.
Click OK to close the System Properties window.
With the cursor in an open area of the desktop, right click and select Properties from the drop-down menu. The Display Properties window opens.
Select the Settings tab, and set the Screen resolution to 1024 by 768 pixels (recommended minimum), and the Color quality to a minimum of Medium (16 bit). The Color quality setting affects the appearance of Policy Manager windows. With a setting of 24 bit and above, certain window features such as tables, appear with a color gradient. Setting the Color quality lower than 24 bit will not support color gradients.
Click OK to close the Display Properties window.
Reboot your system.

Launching the Installer (Windows)

Now that you have configured your system, you are ready to launch the Policy Manager installer.

Log onto your system as the user who will be using Policy Manager.
Insert the Policy Manager CD into your system's CD drive.
In Windows Explorer, navigate to the CD drive and open the Windows folder where the Install.exe application resides.
Double-click the Install.exe application.
Go on to the Installer.

Installation on UNIX

On the UNIX platform, Policy Manager supports the Sun Solaris 2.7, 2.8, and 2.9 operating systems. Before installing Policy Manager, be sure to install the latest patches for your operating system. You can download these from http://sunsolve.sun.com.

Before installing Policy Manager on a UNIX platform, you need to:

Prepare for Installation on UNIX

Once your system is properly configured, you can proceed with:

Launching the Installer (UNIX)
Installer
Launching Policy Manager

The following procedures assume that the CD drive from which you are installing is physically attached to the system where Policy Manager is being installed.

Preparing for Installation on UNIX

The user performing the installation must be logged in as root.

Insert the Policy Manager CD into the CD drive.

Use an xterm window where you are logged in as root using the su - command.

	NOTE:	You may encounter a Java exception when becoming the root user with the `su -` command. Be sure that your system's root environment has a proper DISPLAY variable setting. The Installation program will report a Java exception (`InvocationTargetException`) if the DISPLAY variable is undefined. If this occurs: Set the system display variable to accept a remote display with the command: `/usr/openwin/bin/xhost +` Set the display variable in the environment where the su - was done. For C shell: `setenv DISPLAY :0.0` For Korn shell: `export DISPLAY=:0.0`

NOTE:

You may encounter a Java exception when becoming the root user with the su - command. Be sure that your system's root environment has a proper DISPLAY variable setting. The Installation program will report a Java exception (InvocationTargetException) if the DISPLAY variable is undefined.

If this occurs:

Set the system display variable to accept a remote display with the command:
/usr/openwin/bin/xhost +
Set the display variable in the environment where the su - was done.
  For C shell:
      setenv DISPLAY :0.0
  For Korn shell:
      export DISPLAY=:0.0

Using the cd command, cd to the /cdrom/cdrom0 (where 0 is zero) directory. If it does not exist, make the directory using the mkdir -p command, then cd to the newly created directory.
Using the ls command, check to see if the CD drive is mounted. If no files are listed, issue the following commands:
cd / mount -r -F hsfs /dev/sr0 /cdrom/cdrom0
(where 0 is zero).
You can now launch the Policy Manager Installer (see Launching the Installer (UNIX)).

Launching the Installer (UNIX)

Now that you have accessed your CD, you are ready to install Policy Manager.

NOTE: Before the installer launches, it checks to see if the Solaris patches required for installation are installed on your system. For more information, see Installation on UNIX, above.

	NOTE:	Before the installer launches, it checks to see if the Solaris patches required for installation are installed on your system. For more information, see Installation on UNIX, above.

Use an xterm window where you are logged in as root. (Be sure that your system's root environment has a proper DISPLAY variable setting. For more information see the above note.)
Start the Installer by issuing the command: /cdrom/cdrom0/Solaris/install.bin
The Installer checks your system for required installation patches. If required patches are not present, the Installer will stop and list the patches that are needed. If required patches are installed, the Installer Program launches.
Go on to the Installer.

Installation on Linux

On the Linux platform, Policy Manager supports the Red Hat Linux version 9 and Linux Enterprise v3 ES operating systems. You can download the most recent operating system from http://www.linux.org. The following procedures assume that the CD drive from which you are installing is physically attached to the system where Policy Manager is being installed.

Before installing Policy Manager on a Linux platform, you need to:

Prepare for Installation on Linux

Once your system is properly configured, you can proceed with:

Launching the Installer (Linux)
Installer
Launching Policy Manager

	NOTE:	Prior to beginning installation, verify that your /etc/hosts file has the local host name specified. It should have an entry that looks like: 127.0.0.1 <myName.myDomain.com> <myName> localhost.localdomain localhost where myName is the local host name and myDomain is the domain name.

Preparing for Installation on Linux

The user performing the installation must be logged in as root.

Insert the Policy Manager CD into the CD drive.

Use an xterm where you are logged in as root.

	NOTE:	If you do not have a DISPLAY variable defined for your root user environment, you will encounter a Java exception during the install upon becoming the root user. Be sure that your system's root environment has a proper DISPLAY variable setting.

Using the cd command, cd to the /mnt/cdrom directory.
Using the ls command, check to see if the CD drive is mounted. If no files are listed, issue the following command:
mount /mnt/cdrom
You can now launch the Policy Manager Installer (see Launching the Installer (Linux)).

Launching the Installer (Linux)

Now that you have accessed your CD, you are ready to install Policy Manager.

Use an xterm window where you are logged in as root.
Start the Installer by issuing the command: /mnt/cdrom/linux/install.bin
Go on to the Installer.

Installer

The Policy Manager installer leads you through a series of windows asking you for all the information required in order to install Policy Manager. You will need the following information to complete the installation:

License Key -- This is a unique number assigned to your copy of NetSight Atlas Policy Manager and is located on a label on your CD holder. Alternatively, you may choose to install the Policy Manager Evaluation Copy.
Uninstalling -- If an existing installation of Policy Manager is detected by the installer, you will be asked if you want to uninstall that version (Yes or No). In making your decision, consider the following:
- The uninstallation process does not remove the Demo.pmd file or other Policy Manager database (.pmd) files; device list files you created; or any other files you created or saved in the installation directory, or copied into it.
- If you plan to install the new version in the same directory as the currently installed version, it does not matter which option you choose (Yes or No). If you choose Yes, the uninstaller removes the currently installed files, and the installer installs the new ones. If you choose No, the installer simply overwrites the currently installed files.
- If you plan to install the new version in a different directory, answering Yes will cause the currently installed files to be removed from the old directory, and the new files to be installed in the new directory. Answering No leaves the currently installed files in the old directory, and installs the new files in the new directory.
Destination Directory -- This is the path to your Policy Manager Installation Directory. In the Destination Directory window, click Browse to navigate to the directory, or type the path in manually.

When you click Done on the final window in the installer, Policy Manager has been installed according to your specifications.

Launching Policy Manager

Now that you've installed Policy Manager, you can launch it.

After you've launched Policy Manager for the first time, it is highly recommended that you select Help > Help Topics from the menu and read the following links before proceeding to use Policy Manager:

Launching on Windows

From the Start menu, select Programs > Enterasys Networks > NetSight Atlas Policy Manager > Policy Manager. Evaluation Copy users will see a message indicating that this is an evaluation copy, and informing you of the expiration date (30 days from date of installation). Click OK to continue.

Launching on UNIX

Use an xterm window where you are logged in as root.
Use the cd command to navigate to the Policy Manager Installation Directory.
Issue the Policy Manager startup command:
./PolicyManager

Launching on Linux

Use an xterm window where you are logged in as root.
Use the cd command to navigate to the Policy Manager Installation Directory.
Issue the Policy Manager startup command:
./PolicyManager

Authentication Configuration

The authentication scheme for Enterasys' Secure Networks depends on the proper configuration and setup of the required authentication components. It is strongly recommended that, after you have installed Policy Manager, you select Help > Help Topics and read the Authentication Configuration Guide to assist you in properly installing and configuring your authentication components.

Uninstalling Policy Manager

Use the procedures below to uninstall Policy Manager. When you uninstall, only the files which were distributed with Policy Manager will be uninstalled. Files you generate (such as logs, device lists, and .pmd data files) will not be automatically uninstalled.

Uninstalling on Windows

From the Start menu, select Programs > Enterasys Networks > NetSight Atlas Policy Manager > Uninstall Policy Manager. You must be logged in as the user who installed Policy Manager in order to see this selection on the Start menu.

If a different user is uninstalling Policy Manager, go to the UninstallerData directory located in the Policy Manager Installation Directory and double-click on Uninstall PolicyManager.exe. In such a case the Uninstaller may not be able to remove certain files due to permission conflicts.

Uninstalling on UNIX

The user performing the uninstall must be logged in as root.

Use the cd command to navigate to the Policy Manager Installation Directory (top level). Start the Uninstaller by issuing this command:

./UninstallPolicyManager.sh

Uninstalling on Linux

The user performing the uninstall must be logged in as root.

Use the cd command to navigate to the Policy Manager Installation Directory (top level). Start the Uninstaller by issuing this command:

./UninstallPolicyManager.sh

Support

To locate product specific information, refer to the Enterasys website:

http://www.enterasys.com

Accessing Help

After you have installed Policy Manager on your system, the full Help system is available from the Help menu option on Policy Manager windows, and from any window that has a Help button on it. The online Help system is also available as a PDF file in the docs directory located in your Policy Manager installation directory.

Technical Support

If you need technical support related to Policy Manager, contact the Enterasys Global Technical Assistance Center:

Phone: 603-332-9400 (24 hours a day, 365 days a year)
Fax: 603-337-3075 (24 hours a day, 365 days a year)
Email: support@enterasys.com

Mail:
Enterasys Networks, Inc.
Technical Support
P.O. Box 5005
Rochester, NH 03866-5005
FTP: ftp.enterasys.com
Login: anonymous
Password: [your email address]
BBS: 603-335-3358
Modem Setting: 8N1: 8 data bits, 1 stop bit, No parity

Documentation

For the latest Enterasys documentation on the web, see http://www.enterasys.com/support/manuals.

Send your questions, comments, and suggestions regarding NetSight documentation to NetSight Technical Communications via the following e-mail address:

Netsight_docs@enterasys.com

Training

For training on this and other Enterasys products, see http://www.enterasys.com/training.