3. Installing NP-Live

Created On
Last Updated On
byAlan Stacklin
You are here:
< All Topics

Overview

NP-Live has been designed to be easily installed by a single person in less than an hour. This article provides step-by-step instructions on the installation process, which includes:

  1. Provisioning a server
  2. Downloading NP-Live
  3. Installing NP-Live
  4. Installing a SSL Certificate

Provisioning a Server

The following table documents the CPU, memory, and disk requirements based on the number of network device configuration files monitored by NP-Live:

Number of network devices monitored
(firewall, router, switch) / concurrent users		 Min. CPU Memory Disk Space
Up to 10 devices / 2 concurrent users 2-core 4GB 25GB
Up to 50 devices / 5 concurrent users 4-core 8GB 50GB
Up to 100 devices / 10 concurrent users 8-core 8GB 100GB
Up to 500 devices / 20 concurrent users 16-core 16GB 500GB
Up to 1,000 devices / 20 concurrent users 16-core 32GB 1TB

NP-Live can be installed on a virtual machine or hardware server. There are 2 package formats available:

  • NP-Live Linux installer (600MB) that works on all major Linux distributions (Red Hat, CentOS, Debian, Ubuntu) on which Docker can be installed
  • NP-Live Virtual appliance (2GB OVF) that works on all major hypervisor with support for the .vmdk disk format (e.g., VMWare ESXi)

The first option is the better choice for the System Administrator wishes to manage their own Linux server. The second option is a better choice if the System Administrator wants a turn key server. The NP-Live OVF uses the CentOS Linux distribution. Root access is provided so the operating system can be periodically updated.

Network ports used by NP-Live

The following ports are used by NP-Live.  Please ensure these ports are open on your firewall for proper communication.

  • TCP/22: SSH server to provide secure console access to the NP-Live server (required)
  • TCP/80: access to NP-Live Web UI through HTTP (optional)
  • TCP/443: access to NP-Live Web UI through HTTPS (required)
  • TCP/8080: access to NP-Connect Web UI through HTTP (optional)
  • TCP/8443: access to NP-Connect Web UI through HTTPS (required)

Firewall Rules

The source IP should be the client workstation that will access NP-Live and the destination IP should be the NP-Live Linux server.

Downloading NP-Live

The process to receive a download link to the latest release of NP-Live is to contact the support team at support@network-perception.com. Please make sure to specify if you prefer the NP-Live Linux installer or the NP-Live Virtual appliance (OVF) format.

Installing NP-Live

Option 1: Using the NP-Live Linux Installer

Once downloaded onto the Linux server, the NP-Live Linux Installer can be launched with the following commands:

  1. SSH onto the Linux server
  2. Get root privilege with the command sudo -i
  3. Go to the directory in which the NP-Live Linux installer was downloaded and run it with the command sh NP-Live_server_installer.sh

The installer will automatically check if Internet is available and if Docker is installed. If Internet isn’t available but Docker is installed, the installation will proceed offline. If Internet isn’t available and Docker isn’t installed, the installation will stop and you will have to manually install Docker before continuing. Finally, if Internet is available and Docker isn’t installed, the installer will automatically download and install Docker.

Option 2: Using the NP-Live Virtual Appliance

Once the Virtual Appliance OVF file has been downloaded, extract the .zip archive and import the appliance files into your hypervisor. Please make sure to update the CPU, memory, and disk space for the VM according to the requirements above. Once imported, launch the appliance and log into the terminal using the credentials provided in the README.txt file inside the OVF archive. Once logged in, the NP-Live shell script will guide you through setting up the network configuration and then launching the NP-Live server.

Installing a SSL Certificate

NP-Live listens on both port TCP/80 (HTTP) and TCP/443 (HTTPS). For HTTPS, it uses a self-signed SSL certificate by default. Users can also provide their own SSL certificate by simply copying a valid .pem file into the NP-Live db folder.  If using HTTPS, the best practice is to disabled or forwarded HTTP to HTTPS.

The following command can be used to generate a valid .pem file:

openssl req -new -x509 -days 365 -nodes -out cert.pem -keyout cert.pem

To learn more about generating your own SSL certificate, please visit python documentation.

Please note that .pem file should include both the private key and the full certificate. If you received the private key and the certificate as two separate files, you can concatenate them into a single .pem file.

Setting the NP-Live Virtual Appliance Timezone

By default, the NP-Live Virtual Appliance is set to Central Standard Time (CST). To change to a different timezone, log into the server using SSH and become root with the command sudo -i. You can then issue the command:

timedatectl set-timezone <timezone-name>

Where <timezone-name> is a valid timezone descriptor name such as:

  • America/Los_Angeles
  • America/Denver
  • America/Chicago
  • America/New_York

Type the command timedatectl list-timezones to get the full list of timezone names. Once you have set the new timezone, you can restart NP-Live with the command /opt/np-live/stop_NP-Live.sh  and then /opt/np-live/start_NP-Live.sh to take the change into account.

Next: Configure NP-Live

Once installed, please proceed to the NP-Live Configuration section of the Knowledge Base.  If you have any question, please don’t hesitate to contact support@network-perception.com.

Additional Installation Information

Personalize the Login Page

To add a custom message to the login page, a NP-Live administrator can edit the file /opt/np-live/docker-compose.yml with the following entry in the webserver environment section: “- banner=Welcome to NP-Live”

For NP-View, the file ~/Documents/NPLive/config.ini can be edited to add: “banner=Welcome to NP-View”

Manual Upload File Size Limit

When users upload a file through the Web user interface, NP-Live and NP-View will enforce a maximum file size which is 200MB by default. To change it, a NP-Live administrator can edit the file /opt/np-live/docker-compose.yml with the following entry in the webserver environment section: “- MAX_IMPORT_SIZE=209715200”

The value is in bytes, so 209715200 corresponds to 200MB.

For NP-View, the file ~/Documents/NPLive/config.ini can be edited to add: MAX_IMPORT_SIZE=209715200

If you have any issue deploying NP-Live or importing your file, please contact the support team at support@network-perception.com

Table of Contents
  • Product
    • Product Text

      Product Tour

      NP-View is the perfect solution to prepare for an audit: it works offline and runs on any desktop. NP-Live is the solution for businesses that require continuous network compliance monitoring.

    • Product TOI np-view

    • Product TOI np-live

  • Solutions
    • Solutions text

      Solutions

      Learn how Network Perception software can support your compliance and security operations.

    • Solutions TOI NERC-CIP

    • Solutions TOI Security Assessment

  • Resources
    • Resources text

      Resources

      Learn how to use Network Perception software through video tutorials and documentation. Explore the Knowledge Base for technical questions and advanced features.

    • Resource TOI Whitepapers

    • Resource TOI Knowledge Base

    • Resources TOI Tutorial Videos

  • Company
    • Company text

      Company

      Network Perception was founded in 2014 by a team of researchers and security experts. Learn more about our history and positions available.

    • Company TOI About

    • Company TOI Careers

    • Company TOI Contact

  • Customer Portal Login
  • Demo