JSA Software Installations
A software installation is a JSA installation on your hardware that uses an RHEL operating system that you provide. You must configure partitions and perform other RHEL preparation before a JSA software installation.
Ensure that your hardware meets the system requirements for JSA deployments. For more information about system requirements, see Prerequisites for Installing JSA on Your Hardware, System Requirements for Virtual Appliances, and Appliance Storage Requirements for Virtual and Software Installations.
You must acquire entitlement to a JSA Software Node for a JSA software installation. To acquire entitlement to a JSA Software Node, contact your JSA Sales Representative.
Install no software other than JSA and RHEL on your hardware. Unapproved RPM installations can cause dependency errors when you upgrade JSA software and can also cause performance issues in your deployment.
Do not use YUM to update your operating system or install unapproved software on JSA systems.
Complete the following tasks in order:
Prerequisites for Installing JSA on Your Hardware
Before you install Red Hat Enterprise Linux (RHEL) operating system on your hardware, ensure that your system meets the system requirements.
The following table describes the system requirements:
Table 1: System Requirements for RHEL Installations on your own Appliance
Network Time Protocol (NTP) package
If you want to use NTP as your time server, ensure that you install the NTP package.
Memory (RAM) for Console systems
Minimum 32 GB
Important: You must upgrade your system memory before you install JSA.
Memory (RAM) for Event Processor
Memory (RAM) for JSA Flow Processor
Free disk space for Console systems
Minimum 256 GB
Important: For optimal performance, ensure that an extra 2-3 times of the minimum disk space is available.
JSA Flow Processor primary drive
Minimum 70 GB
WWW (http, https) enabled
Appliance Storage Requirements for Virtual and Software Installations
To install JSA using virtual or software options, the device must meet minimum storage requirements.
The following table shows the recommended minimum storage requirements for installing JSA by using the virtual or software only option.
The minimum required storage size will vary, based in factors such as event size, event per second (EPS), and retention requirements.
Table 2: Minimum Storage Requirements for Appliances When You Use the Virtual or Software Installation Option
Data transfer rate (MB/s)
Supports XX05 licensing
Supports XX29 licensing
Supports XX48 licensing
Small All-in-One or 1600
Less than 500 EPS
Events and flows
Installing RHEL on Your Hardware
You can install the Red Hat Enterprise Linux (RHEL) operating system on your own appliance hardware to use with security JSA.
You can provide your own RHEL, or acquire entitlement to a JSA Software Node, To acquire entitlement to a JSA Software Node, contact your JSA Sales Representative.
If there are circumstances where you need install to RHEL separately, proceed with the following instructions. Otherwise, proceed to Installing a JSA Appliance.
- Copy the Red Hat Enterprise Linux V7.5 minimal ISO to a DVD or a bootable USB flash drive.
- Insert the portable storage device into your appliance and restart your appliance.
- From the starting menu, do one of the following options:
Select the USB or DVD drive as the boot option.
To install on a system that supports Extensible Firmware Interface (EFI), you must start the system in
- When prompted, log in to the system as the root user.
- Follow the instructions in the installation wizard to
complete the installation:
Set the language to English (US).
Click Date & Time and set the time for your deployment.
Click Installation Destination and select the I will configure partitioning option.
Select LVM in the drop-down list.
Click the Add button to add the mount points and capacities for your partitions, and then click Done. For more information about RHEL7 partitions, see Linux Operating System Partition Properties for JSA Installations on Your Own Hardware.
Click Network & Host Name.
Enter the host name for your appliance.
Select the interface in the list, move the switch to the ON position, and click Configure.
On the General tab, select Automatically connect to this network when it is available option.
On the IPv4 Settings or IPv6 Settings tab, select Manual in the Method list.
For an IPv4 deployment, enter the IP address, Netmask, and Gateway for the appliance in the Addresses field.
For an IPv6 deployment, enter the IP address, Prefix, and Gateway in the Addresses field.
Add two DNS servers.
Click Save > Done > Begin Installation.
- Set the root password, and then click Finish configuration.
- Disable SELinux and restart the appliance after the installation finishes.
Linux Operating System Partition Properties for JSA Installations on Your Own Hardware
If you use your own appliance hardware, you can delete and re-create partitions on your Red Hat Enterprise Linux operating system rather than modify the default partitions.
Use the values in the following table as a guide when you re-create the partitioning on your Red hat Enterprise Linux Operating system.
The file system for each partition is XFS.
Table 3: Partitioning Guide for RHEL
Exists on Software Installation
Configure the swap partition size to be 75 percent of RAM, with a minimum value of 12 GB and a maximum value of 24 GB
Upto 15 GB
80% of remaining space
20 % of remaining space
Console Partition Configurations for Multiple Disk Deployments
For hardware with multiple disks, configure the following partitions for JSA.
boot, swap, OS, JSA temporary files, and log files
Use the default storage configurations for JSA appliances as a guideline to determine what RAID type to use.
Store JSA data
The following table shows the default storage configuration for JSA appliances.
Table 4: Default Storage Configurations for JSA Appliances
JSA host role
Event and flow processor
Installing JSA After the RHEL Installation
Install Security JSA on your own device after you install RHEL.
- Copy the JSA ISO to the device.
- Create the
media/cdromdirectory by typing the following command:
the JSA ISO by using the following command:
mount - o loop <qradar.iso> / media/cdrom
the JSA setup by using the following command:
- Select the appliance type:
High Availability Appliance
- Select the appliance assignment, and then select Next.
- If you selected an appliance for high-availability (HA), select whether the appliance is a console.
- For the type of setup, select Normal Setup (default) or HA Recovery Setup, and set up the time.
- If you selected HA Recovery Setup, enter the cluster virtual IP address.
- Select the Internet Protocol version:
Select ipv4 or ipv6.
- If you selected ipv6, select manual or auto for the Configuration type.
- Select the bonded interface setup, if required.
- Select the management interface.
- In the wizard, enter a fully qualified domain name in the Hostname field.
- In the IP address field, enter a static IP
address, or use the assigned IP address.
If you are configuring this host as primary host for a high availability (HA) cluster, and you selected Yes for auto-configure, you must record the automatically-generated IP address. The generated IP address is entered during HA configuration.
For more information, see Juniper Security Analytics High Availability Guide.
- If you do not have a email server, enter
localhostin the Email server name field.
- Leave the
rootpassword as it is.
- If you are installing a Console, enter an
adminpassword that meets the following criteria:
Contains at least 5 characters
Contains no spaces
Can include the following special characters: @, #, ^, and *.
- Click Finish.
- Follow the instructions in the installation wizard to
complete the installation.
The installation process might take several minutes.
- If you are installing a Console, apply your license key.
Log in to JSA as the
In the navigation menu, click Admin.
In the navigation pane, click System configuration.
Click the System and License Management icon.
From the Display list box, select Licenses, and upload your license key.
Select the unallocated license and click Allocate System to License.
From the list of systems, select a system, and click Allocate System to License.
- If you want to add managed hosts, see Juniper Security Analytics Administration Guide.