3. Installing NP-Live
Overview
NP-Live has been designed to be easily installed by a single person in less than an hour. This article provides step-by-step instructions on the installation process, which includes:
- Provisioning a server
- Downloading NP-Live
- Installing NP-Live
- Installing a SSL Certificate
Provisioning a Server
The following table documents the CPU, memory, and disk requirements based on the number of network device configuration files monitored by NP-Live:
| Number of network devices monitored (firewall, router, switch) / concurrent users |
Min. CPU | Memory | Disk Space |
| Up to 10 devices / 2 concurrent users | 2-core | 4GB | 25GB |
| Up to 50 devices / 5 concurrent users | 4-core | 8GB | 50GB |
| Up to 100 devices / 10 concurrent users | 8-core | 8GB | 100GB |
| Up to 500 devices / 20 concurrent users | 16-core | 16GB | 500GB |
| Up to 1,000 devices / 20 concurrent users | 16-core | 32GB | 1TB |
Note that loading and analyzing devices utilizes the majority of the CPU and Memory capacity. The higher the server capacity, the faster devices will load and be analyzed.
NP-Live can be installed on a virtual machine or hardware server. There are 2 package formats available:
- NP-Live Linux installer (~600MB) that works on all major Linux distributions (Red Hat, CentOS, Debian, Ubuntu) on which Docker can be installed
- NP-Live Virtual appliance (~2GB OVF) that works on all major hypervisor with support for the .vmdk disk format (e.g., VMWare ESXi)
The first option is the better choice for the System Administrator wishes to manage their own Linux server. The second option is a better choice if the System Administrator wants a turn key server. The NP-Live OVF uses the CentOS 7 (core) Linux distribution. Root access is provided so the operating system can be periodically updated.
Network ports used by NP-Live
The following ports are used by NP-Live. Please ensure these ports are open on your firewall for proper communication.
- TCP/22: SSH server to provide secure console access to the NP-Live server (required)
- TCP/80: access to NP-Live Web UI through HTTP (optional)
- TCP/443: access to NP-Live Web UI through HTTPS (required)
- TCP/8080: access to NP-Connect Web UI through HTTP (optional)
- TCP/8443: access to NP-Connect Web UI through HTTPS (required)
Firewall Rules
The source IP should be the client workstation that will access NP-Live and the destination IP should be the NP-Live Linux server.
Downloading NP-Live
Sign up on the Portal website to download the latest version of NP-Live and the license key. A SHA256 checksum is supplied with each download by clicking on the “show checksum” link. You can calculate the checksum on the files you download to verify their integrity:
- Windows 10 using Powershell:
Get-FileHash /the/full/path/to/your/file/name/extension | Format-List - Linux:
sha256sum /the/full/path/to/your/file/name/extension - MACOS:
shasum -a 256 /full/path/to/your/file/name/extension
Installing NP-Live
Option 1: Using the NP-Live Linux Installer
Once downloaded onto the Linux server, the NP-Live Linux Installer can be launched with the following commands:
- SSH onto the Linux server
- Get root privilege with the command
sudo -i - Go to the directory in which the NP-Live Linux installer was downloaded and run it with the command
sh NP-Live_server_installer.sh
The installer will automatically check if Internet is available and if Docker is installed. If Internet isn’t available but Docker is installed, the installation will proceed offline. If Internet isn’t available and Docker isn’t installed, the installation will stop and you will have to manually install Docker before continuing. Finally, if Internet is available and Docker isn’t installed, the installer will automatically download and install Docker.
Option 2: Using the NP-Live Virtual Appliance
Once the Virtual Appliance OVF file has been downloaded, extract the .zip archive and import the appliance files into your hypervisor. Please make sure to update the CPU, memory, and disk space for the VM according to the requirements above. Once imported, launch the appliance and log into the terminal using the credentials provided in the README.txt file inside the OVF archive. Once logged in, the NP-Live shell script will guide you through setting up the network configuration and then launching the NP-Live server.
Installing a SSL Certificate
NP-Live listens on both port TCP/80 (HTTP) and TCP/443 (HTTPS). For HTTPS, it uses a self-signed SSL certificate by default. Users can also provide their own SSL certificate by simply copying a valid .pem file into the NP-Live db folder. If using HTTPS, the best practice is to disabled or forwarded HTTP to HTTPS.
The following command can be used to generate a valid .pem file:
openssl req -new -x509 -days 365 -nodes -out cert.pem -keyout cert.pem
To learn more about generating your own SSL certificate, please visit python documentation.
Please note that .pem file should include both the private key and the full certificate. If you received the private key and the certificate as two separate files, you can concatenate them into a single .pem file.
Setting the NP-Live Virtual Appliance Time Zone
By default, the NP-Live Virtual Appliance install creates the file `/opt/np-live/local-settings.yml`. set to America/Chicago. This file needs to be updated to reflect your local time zone. To change to a different time zone, log into the server using SSH and become root with the command sudo -i. You can then perform the following updates.
Update TZ= to a value from timedatectl list-timezones
version: '3.4'
x-environment-tz: &timezone
TZ=America/Chicago
services:
manager:
environment:
- *timezone
report:
environment:
- *timezone
webserver:
environment:
- *timezone
redis:
environment:
- *timezone
monitor:
environment:
- *timezone
Once you have set the new time zone, you can restart NP-Live with the command /opt/np-live/stop_NP-Live.sh and then /opt/np-live/start_NP-Live.sh .
Next: Configure NP-Live
Once installed, please proceed to the NP-Live Configuration section of the Knowledge Base. If you have any question, please don’t hesitate to contact support@network-perception.com.
Additional Installation Information
Personalize the Login Page
To add a custom message to the login page, a NP-Live administrator can edit the file /opt/np-live/docker-compose.yml with the following entry in the webserver environment section: “- banner=Welcome to NP-Live”
For NP-View, the file ~/Documents/NPLive/config.ini can be edited to add: “banner=Welcome to NP-View”
Upload File Size Limit
When users upload a file through the Web user interface, NP-Live and NP-View will enforce a maximum file size which is 200MB by default. To change it, a NP-Live administrator can edit the file /opt/np-live/docker-compose.yml with the following entry in the webserver environment section: “- MAX_IMPORT_SIZE=209715200”. The value is in bytes, so 209715200 corresponds to 200MB.
Complete Removal of NP-Live
If you wish to completely remove NP-Live from you server to start with a fresh install, perform the following steps:
- Stop NP-Live using the script /opt/np-live/stop_NP-Live.sh
- Remove Docker containers using the command
docker system prune -aas root (WARNING: this will completely reset Docker, so if non NP-Live containers have been added they will be deleted as well) - Remove the NP-Live folder with the command
rm -rf /opt/np-liveas root (WARNING: the NP-Live database will be permanently deleted)
If you have any issue deploying NP-Live or importing your file, please contact the support team at support@network-perception.com
