Actor Installation Workflow
The following is the overall installation workflow for the Actor.
- Review and complete the Pre-Installation Checklist.
- Review the Network Actor Requirements and Endpoint Actor Requirements to ensure that your system is adequate.
- Download the installer. If you do not have access to the internet on the OS where the Actor will be installed, you can also find installer files in Library > Actor Installer Files.
- Complete the Required Installation Information form. Keep this list handy during installation.
- Install the Actor.
Pre-Installation Checklist for Software Installs
Review the following information and check off each item as you complete it.
| Done? | Windows | Mac | Linux | Verify... | Reference |
|---|---|---|---|---|---|
| c | ✔ | ✔ | ✔ | System on which the Actor will be installed meets or exceeds system requirements. |
Network Actor Requirements (for Linux-based Network Actors)
|
| c |
✔
|
✔
|
✔ | Verify that your FQDN follows RFC 1123 naming requirements. | FQDNs must comply with RFC 1123, a standard that defines the requirements for FQDNs on the internet. This standard specifies that FQDNs can only contain the following:
Underscores are not permitted. For more information, see RFC 1123: Requirements for Internet Hosts. |
| c | ✔ |
|
|
System on which the Actor will be installed has the required accounts. | Configure Windows Accounts
|
| c |
|
|
✔
|
SSL Certs: Your organization supports self-signed certificates or you have custom certificates you can add to the Actor | Adding a Custom Certificate to your Linux Actor
|
| c | ✔ | ✔ | ✔ | Select which type of installation you will perform: easy, interactive, or automated. | Pre-Installation Decisions - Actor
|
| c |
|
|
✔ |
Identify the online repository you will use for package dependencies and ensure that you can access it from the system where you are installing the Actor. |
Handling Software Dependencies
|
| c | ✔ | ✔ | ✔ | Ensure that required communication ports are available for Actor traffic. | Network Communication Requirements |
| c |
|
✔ |
|
If you are running a MacBook with an M1 processor, enable Rosetta by running the following command: softwareupdate --installrosetta |
|
| c |
|
|
✔ | Ensure adequate disk space is allocated to /opt on the partition where you will install the platform. | System Requirements |
| c |
|
|
✔ | Create or designate a system account to own the Validation Platform programs, data, and log files. Assign the account to the wheel group and verify it has shell capabilities. | Configure the Environment - Linux Actor |
| c |
|
|
✔ | Create or designate a system group to run the Validation Platform programs and services. | Configure the Environment - Linux Actor |
| c |
|
|
✔ | Verify that sudo is enabled. | |
| c |
|
|
✔ | Configure a time service. | See your operating system documentation for instructions. |
| c
|
|
|
✔
|
On the host system, verify that umask has read + write permissions (022) on the “Others” group. | See your operating system documentation for instructions.
|
| c |
|
|
✔ | Disable and mask firewalld. | See your operating system documentation for instructions. |
| c | ✔ |
|
|
Add the Validation Platform Services, Directories, and Artifacts to your Allow list. |
Windows 64-bit Actor Artifacts and Services See instructions for your vendor's product or platform. |
| c |
|
✔ | ✔ |
Update your Allow list to include the Security Validation Actor folder that is required to update your Actor (will contain all update artifacts):
|
Only necessary if there is a security control in place that would prevent the Actor from running correctly. See instructions for your vendor's product or platform. |
| c |
|
|
✔ | Verify that you can update sshd_config. | Updating the sshd_config File
|
Pre-Installation Checklist for Appliance Installs
Review the following information and check off each item as you complete it.
| Done? | AMI | OVA | VHD | Verify... | Reference |
|---|---|---|---|---|---|
| c | ✔ | ✔ | ✔ | System on which the Actor will be installed meets or exceeds system requirements. | |
| c | ✔
|
✔
|
✔
|
SSL Certs: Your organization supports self-signed certificates or you have custom certificates you can add to the Actor | Adding a Custom Certificate to your Linux Actor
|
| c |
|
✔ | ✔ | Select which type of installation you will perform: easy, interactive, or automated. | Pre-Installation Decisions - Actor
|
| c | ✔ | ✔
|
✔
|
Add the Validation Platform Services to your Allow list. |
See instructions for your vendor's product or platform. |
| c | ✔
|
✔ | ✔ |
Update your Allow list to include the Security Validation Actor folder that is required to update your Actor (will contain all update artifacts):
|
Only necessary if there is a security control in place that would prevent the Actor from running correctly. See instructions for your vendor's product or platform. |
Required Installation Information
The following information is required during installation. Enter your specific information in this table and keep it handy during the install.
| Requirement | Install Details |
|---|---|
| Director host information (software and appliances) |
Hostname: IP address: |
| Privileged user account (software and appliances) | Username: |
| Designated services group (software only) | Group: |
| Designated interface for Director to listen for connections (software only) | Interface: |
| Online repository (software only) | Repository: |
Endpoint Actor Configuration Notes
- Endpoint Actors are always set to Pull mode
- Two interfaces are supported
- Supported proxy types between the Endpoint Actor and Director include
- HTTP
- HTTP Auth
- HTTP NTLM
- HTTPS
- HTTPS Auth
- SSL Man in the Middle
- Kerberos
- Socks
- Socks Auth