Self-Hosted-GYTPOL installation guide

1. Open the vmware console and import the gytpol-postgres OVA

a .Follow the instructions to finish the import.

b. Edit the VM, add a 100 GB hard disk and set the Memory and CPU to the appropriate size

(System Requirements for Self-Hosted GYTPOL 2.0 )

c. Power on the VM

Importing the GYTPOL PostgreSQL OVA

1. Open the VMware Console:

   • Launch the VMware vSphere Client or VMware Workstation, depending on your environment.

2. Import the GYTPOL PostgreSQL OVA:

   • Select File > Deploy OVF Template (or equivalent option).

   • Browse to the location of the gytpol-postgres.ova file.

   • Follow the on-screen instructions to complete the import process.

3. Post-Import Configuration:

   • Once the import is complete, locate the newly created VM in your VMware environment.

   • Edit the VM settings to ensure it meets the required specifications - please refer to System Requirements for Self-Hosted GYTPOL 2.0 guide:

     • Add a 100 GB hard disk.

     • Set Memory and CPU to the appropriate size based on your endpoint count:

       • Memory: Refer to system requirements (e.g., 8 GB minimum).

       • CPU: Refer to system requirements (e.g., 4 cores minimum).

2. Open the console of the postgres VM, login using the credentials

   1. user: ubuntu

   2. password: m-33W8]aiUh

3. Run the command

sudo gyt postgres-init

4. follow the network configuration questions to setup an IP address, we recommend choosing ‘static’, otherwise, please set a reservation in your DHCP for the MAC address.

   

5. wait until you are prompt for passwords:

   1. PostgreSQL master password

   2. keycloak_user password (for user management db)

      

      don’t forget these passwords, we will use them later on.

6. Open the vmware console and import the gytpol-services OVA

a .Follow the instructions to finish the import.

b. Edit the VM, add a 20 GB hard disk and set the Memory to 12 GB and CPU to 6

c. Power on the VM

7. Make sure the dns record for the GYTPOL server is resolvable before continuing

8. Open the console of the postgres VM, login using the credentials

   1. user: ubuntu

   2. password: m-33W8]aiUh

9. Run the command

sudo gyt install

10. follow the network configuration questions to setup an IP address, we recommend choosing ‘static’, otherwise, please set a reservation in your DHCP for the MAC address.

11. wait until asked to supply the following information:

    1. GYTPOL_URL : the dns name of the GYTPOL server

    2. DB_PASSWORD: password for the GYTPOL database (use your own password)

    3. POSTGRES_HOST: IP of the postgres VM

    4. MASTER_PASSWORD: password for the master user from step 5.a

    5. GYTPOL_ADMIN_USER_EMAIL: email for the first user in the system

    6. USER_MANAGEMENT_ADMIN_PASSWORD: password for accessing the user management console

    7. USER_MANAGEMENT_DB_PASSWORD: password for the user management db from step 5.b

       

12. wait until asked to supply initial user password

    

13. wait until installation finishes

    

14. copy the sensor installation files to the services ova (using winSCP or tool of your choice) over port 12222, for example:

    

    (do it for all the sensor installation files you receive)

15. in the services ova, run the following command for each of the sensor installation files:

    sudo gyt copy-client <OS> <VERSION> <FILENAME>

for example,

sudo gyt copy-client linux 2.4.9.18 gytpol-client_2.4.9.18-18_amd64.deb
sudo gyt copy-client mac 2.4.9.18 gytpol-client_2.4.9.18-18_amd64.pkg
sudo gyt copy-client windows 2.36.3.0 gytpolClient_x64.msi

16. run the following command to generate sensor links in the UI, or wait up to 30 minutes

    sudo kubectl create job --from cj/gytpol-analyzer-periodic-client-signer-cj signer-job -n gytpol

17. you can now use GYTPOL.

Enabling HTTPS

without adding a certificate, GYTPOL will run on http

1. in order to enable HTTPS, you will need to copy a crt and key files for the dns domain name to the services VM.

2. SSH the services OVA (over port 12222) and run the command

   sudo gyt add-ssl-certificate <CRT FILENAME> <KEY FILENAME>

GYTPOL is now available over HTTPS

Getting API Key

for using gytpol user API, please run the following command from the services VM:

sudo gyt get-api-key

Installing License

1. run the following command from the services VM to fetch the license ID, and send it back to us

   sudo gyt get-license-id

2. once you receive a license file from GYTPOL, copy it to the services VM and run the command

   sudo gyt install-license <LICENSE FILENAME>

Adding users

1. go to https://<gytpol services dns>:9093/admin

2. log as admin and the password configured as USER_MANAGEMENT_ADMIN_PASSWORD during the installation

3. select users on the left pane

   

4. click on the Add user button

   

5. select “Email Verified” and enter the details (both username and email should be in an email pattern)

   

6. after creating the user, go to “Role mapping” and click “Assign role”

   

7. assign “gytpol”

   

8. go to “Credentials” and click on “Set password”

   

9. write the password and select whether it the user should change it on first login or not (Temporary)

Resetting user password

1. go to https://<gytpol services dns>:9093/admin

2. log as admin and the password configured as USER_MANAGEMENT_ADMIN_PASSWORD during the installation

3. select users on the left pane

   

4. select the user

5. go to Credentials and click the “Reset password” button