The Center wizard is displayed on your screen as you power on the Center. Enter Start to start configuring the Center.

During this procedure you will choose which type of Center to install. There are three types of Centers:

• A Center receives metadata from sensors and store them into an internal database (Postrgresql). This Center (could be standalone or with synchronization with Global Center), is similar to a standalone Center from a functionality point of view, except for the link to a Global Center. You must install Centers with sync after the Global Center. This will enable your system to start enrollment and start push events to it.

• A Global Center introduces a centralized architecture which collects all industrial insights and events from Centers with Global Center and aggregates it on a single global point of view. It will also allow you to manage the knowledge database (KDB) and upgrade the whole platform.

Select the type of Center you want to install.

The Center uses a dedicated sub-network on the Administration interface. It is possible to change it if the default one doesn't fit the environment on which the Center will be connected.

The Administration network interface configuration can be done either:

• Using a DHCP server, if there is one available on the network.

  

  In this case, enter OK. Settings will be adjusted automatically, and you will be directed to the next step.

• Manually:

  

  

  Enter the Administration network interface's IP address, netmask (in a two-number format), and gateway.

This step is not applicable to a Global Center. Select No.

Concerning a Center, it is possible to:

• Set the Administration and Collection Network Interfaces on two distinct interfaces (recommended for security). In this case, select Yes.

• Use a single interface. In this case, select No.

If you choose to set a dual interfaces, you will be directed to the following screens in the Configure the Center's Collection network interface subsection.

Type a DNS server address and optional fallbacks.

Enter IP addresses of local or remote NTP servers (gateway configuration needed) to synchronize the Center and the sensors with a clock reference. Each address must be separated by a space.

Optionally, add a key ID and an AES A28 CMAC key value separated by a semicolon with the corresponding NTP server.

The synchronization takes a few seconds.

Check that the time is correct, or set the time manually.

Note	The time is set in the UTC standard.

Note	This name will be used in the Center certificate.

Enter the Center name provided by your administrator or type 'Default' which is a secure value.

Note	This name must match the DNS name you will use to access the Center through SSH or a browser.

The administrator account (cv-admin) password of the Center must be set for security reasons. It is hidden for confidentiality reasons.

Confirm the password.

Erase the network address suggested into the field to disable the DHCP server and enter OK to proceed to the next step.

Type the IP address of the Industrial network interface:

As this step does not apply when installing a Global Center, the following screens won't be displayed. Instead, you'll be directed to Authorize networks.

Although, if you're installing a Center, proceed as below.

The sensors' root password must be set for security reasons.

This password will be assigned once you will have enrolled the sensors on the Center. You will need this password for troubleshooting, diagnostics, and updates.

Confirm the password.

This step allows you to restrict IP addresses that can connect to the Administration interface. If no IP is entered, all networks are authorized by default.

Next is the last screen of the basic Center configuration. It reminds you the addresses set to be used to download the CA certificate and access Cisco Cyber Vision. Save these addresses somewhere, you will need them later to access the user interface.

Enter OK to finish the basic Center configuration.

Note

A major change regarding the Center command line (CLI) access through serial console or SSH was made in Cisco Cyber Vision version 4.1.0. The user root is no more usable to establish the connection. A new user called ‘cv-admin’ must be used. This user has limited rights and many CLI commands will require permission elevation: prefix the command with "sudo". or open a root shell using "sudo -i" and enter the command.

Close the Center configuration window before proceeding with the next steps of Cisco Cyber Vision configuration.

To proceed with the Cisco Cyber Vision configuration, open your browser and go to the URL previously indicated to access the user interface.

Note	Each Cisco Cyber Vision Center includes its own PKI (Public Key Infrastructure), with a CA (Certification Authority), that will be used to establish the TLS connection with the sensors and to clients. The CA must be installed on each client browser (see the following chapters).

This step is applicable to the Global Center and its synchronized Centers.

Once the Global Center and its synchronized Centers are installed, proceed to data synchronization, which consists of registering the Center in the Global Center and enrolling the Center to the Global Center. To do so, you need to open each's Cisco Cyber Vision's GUI.

Note	To differentiate each user interface, check the top left corner of Cisco Cyber Vision's "Global Center" or "Center".

In the Global Center's Cisco Cyber Vision GUI, navigate to Admin > System Management > Management.

Click the Register a Center button.

The window "Register a Center" pops up, ready to be filled. Now you must access the Center's GUI to retrieve its fingerprint.

In the Center's Cisco Cyber Vision GUI, navigate to Admin > System.

Scroll down to Certificate fingerprint and copy it.

In the Global Center's GUI, give a name to the Center, and paste the Center's fingerprint into the corresponding field.

Click OK.

The Center appears in the list as unenrolled.

At this point you must switch to the Center's GUI and enroll it to the Global Center.

In the Center's GUI, scroll down to Enroll a Global Center and click the Enroll button.

The Enrollment window pops up.

Copy the Global Center's fingerprint from its GUI's System administration page (same location as the Center's).

Enter the Global Center's IP address and click Enroll.

Once the synchronization is complete, it is indicated that the Center is enrolled to the Global Center.

In the Global Center's GUI, the Center status changes to Connected.

The Global Center and the Center are successfully connected.

Repeat the previous steps as many times as necessary to connect other Centers.

The next step will be to install and enroll the sensors. To do so, refer to the corresponding Cisco Cyber Vision Sensors Installation Guides.

Once a sensor will be connected it will appear in the Global Center's GUI as below: