Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Current »

Overview

This guide will show how to install CSAT Pro on a Windows system using the installer.

Requirements

  • Download the CSAT Pro 64-bit Windows installer at CIS WorkBench: CSAT Pro Windows 64-bit.

  • Download Neo4j Community Edition 3.5.x here: https://neo4j.com/download-center/#community. Choose Community and scroll down to the correct version. Download and leave it zipped.

  • Download and unzip the license and configuration files from your organization’s WorkBench page. Please see the following link for details on how to download these files: https://csat.readthedocs.io/en/stable/source/CSAT%20Pro%20Deployment/#obtainingConfigFiles.

  • For installation in a Windows environment, PowerShell v2.0 or above must also be installed and added to the “Path” environment variable. This requirement is due to the fact that the CSAT Pro installer utilizes Neo4j's Admin utility during the installation process and it requires PowerShell to run in a Windows environment. See the following link for additional information related to this installation requirement: https://neo4j.com/docs/operations-manual/3.5/installation/windows/#powershell.

  • CSAT Pro officially supports the Google Chrome web browser. Other browsers can work, but may produce unexpected behavior.

  • If you are accessing CSAT Pro from a remote machine, you will likely need to include an inbound firewall rule for port 443 (for HTTPS) or port 8080 (for HTTP).

In order for the application to access the SMTP server, port 25 (default), 465 or 587 (depending on your Email Configuration) needs to be included as an outbound rule.

To opt in to the Industry Average Service, port 8883 needs to be included as an outbound rule. Online license validation also occurs over port 8883, but this is not required if used in a non-internet connected environment.

Implementation Steps

  1. Extract the CSAT Pro bundle on the machine you are using to host CIS CSAT Pro.

  2. Execute the CIS CSAT Pro Installer (CSAT_Pro_windows-x64_Installer.exe) with administrative privileges.

  3. After selecting “Next” at the Welcome page, you will be directed to the “Select Destination Directory” page to select the destination directory of where CSAT Pro, Neo4j database, and the included version of Java, will be installed.

  4. On the “Select Configuration And License Directories” page, select the Integration Configuration file and the License Key file by browsing to their locations.

5. (Optional) On the “Email Configuration” page, if you want to set up password reset functionality, multi-factor authentication (MFA), or notifications, then CSAT Pro must be able to connect to and utilize a valid SMTP server to send email messages. Please see the CSAT Pro Deployment Guide for more details: https://csat.readthedocs.io/en/stable/source/CSAT%20Pro%20Deployment/#introduction.

6. On the “Multi-Factor Authentication (MFA) Configuration” page, select “Enable MFA” or “Do not enable MFA”. Email set up (step 5) is required for multi-factor authentication to work in CSAT Pro.

7. On the “Password Configuration” page, you may select password length requirements for all users in the entire CSAT Pro instance, as well as the Neo4j database admin and TLS keystore passwords. The minimum must be at least 8 characters and the maximum can be up to 127 characters. CIS recommends at least a 14 character minimum if MFA is not being used, or at least an 8 character minimum if MFA is being used.

8. On the “Set Up TLS Configuration” page (screenshot below), you will be given three options:

  • Create Self-Signed Certificate for TLS (port 443)

  • Use Existing Certificate for TLS (port 443)

  • Do not use TLS (port 8080)

Please allow network traffic through the port you select (ports shown above).

Encrypting data in transit is important for security, and we strongly recommend that TLS be enabled for CSAT Pro.

9. The Installation will begin and you will be directed to the “Download Neo4j Server” page. If you have not already downloaded Neo4j, then you will need to now.

Be sure to select the most recent version of Neo4j Community Edition 3.5.x. Other versions, such as v4 are not compatible.

The installer requires that the Neo 4j Community Edition 3.5 bundle remain zipped.

10. On the “Set Up Database Admin” page, set the password for the Neo4j database admin user.

11. On the “Set Up CSAT Admin User” page, set the password and other required information for the the CSAT “admin” user.

12. The CSAT Pro installer will complete the installation. Click “Finish” to close the installer.

At this point, the installer has finished setting up and CIS CSAT Pro is starting. It may take a few minutes for the application to be accessible.

13. To access the site, open your web browser (CSAT Pro officially supports Google Chrome). If you are using TLS, type https://<hostname>. If you are not using TLS, type http://<hostname>:8080.

From here, you can check out the User Guide on how to log in and use CSAT Pro.

Troubleshooting Information

Diagnostic/Debug information to troubleshoot CSAT Pro issues

CSAT Pro Implementation & Troubleshooting

What logging options are available in CSAT Pro?

Where do I put my required License Key for CIS-CAT Pro Assessor v4.x and CSAT Pro to use the full features?

How to generate a new TLS key and update CSAT Pro with new TLS information

CSAT Pro FAQs

Copyright © 2022 Center for Internet Security® Privacy Policy

  • No labels