Install on the First System

CA Risk Authentication Windows Installation Guide › How to Deploy CA Risk Authentication on Distributed System › Install on the First System

Install on the First System

In a distributed system installation you install the CA Risk Authentication Server on the first system.

We recommend Custom Installation for advanced users as it allows selected components installation.

For successful installation, the user account that you plan to use for the installation must belong to the Administrators group.

Note: Verify that all prerequisite software components are installed and the database is set up, as described in Prepare for Installation.

Follow these steps:

Navigate to the directory where the CA Risk Authentication-8.0-Windows-Installer.exe file is located and double-click the file.
Click Next to continue.
Select I accept the terms of the License Agreement option.
Click Next.

Note: The installer checks if any other CA product is installed on the computer. If it does not find an existing CA product installation, then you are prompted for an installation directory.

If the installer detects an existing CA product installation (an existing ARCOT_HOME), then:
- You are not prompted for an installation directory.
- If you are not prompted for the database and encryption setup, the installer uses the existing database and encryption settings. As a result, you will see the screen in Step 8.
Enter the installation directory location and click Next.
Select Custom, and click Next.
Deselect the following components that are not required. By default, all components are selected.
Example: To install CA Risk Authentication Server, Case Management Queuing Server, and Administration Console (without the SDKs and Sample Application), User Behavior Profiling Application select the following options:
1. Risk Evaluation Server
2. Case Management Queuing Server
3. Administration Console
4. User Data Service
5. User Behavior Profiling Application
Note: To install Sample Application, select the CA Risk Authentication SDKs and Sample Application options, and then proceed with the installation.

The following table gives the information on the components:

Component	Description
Risk Evaluation Server	It installs the core Processing engine (CA Risk Authentication Server) that serves the following requests from Administration Console: Risk Evaluation Configuration In addition, this component also installs the following Web services that have been built into the server: Risk Evaluation Web Service: Provides the web-based programming interface for risk evaluation with CA Risk Authentication Server. User Management Web Service: Provides the web-based programming interface for the creation and management of users. Administration Web Service: Provides the web-based programming interface used by Administration Console.
Case Management Queuing Server	It installs the core Queuing engine (Case Management Queuing Server) that allocates cases to the Customer Support Representatives (CSRs) who work on these cases. Note: At any given point in time, all instances of Administration Console can only connect to this single instance of Case Management Queuing Server.
CA Risk Authentication SDKs and Sample Application	It provides programming interfaces (in form of APIs and Web services) that can be invoked by your application to forward risk evaluation requests to CA Risk Authentication Server. This package comprises the following sub-components: Risk Evaluation SDK: Provides the Java programming interface for risk evaluation with CA Risk Authentication Server. Sample Application: Demonstrates the usage of CA Risk Authentication Java APIs. It can be used to verify if CA Risk Authentication was installed successfully, and if it is able to perform risk evaluation requests. Refer to Configuring CA Risk Authentication SDKs and Web Services for more information.
Administration Console	This provides the Web-based interface for managing CA Risk Authentication Server and risk evaluation-related configurations.
User Data Service	It installs UDS that acts as an abstraction layer for accessing different types of user repositories, such as relational databases (RDBMSs) and directory servers (LDAPs.)
User Behavior Profiling	It measures the similarity or dissimilarity of the current transaction to prior access by the same user, or that of their peer group in cases of insufficient data.

Note: If you did not select the Evaluation Server option on this screen, then screens in Step 7 and Step 9 does not appear.

Select Next to continue.

Select the database type from: Microsoft SQL Server, Oracle Database, or MySQL.
Click Next.

Note: If you are using Microsoft SQL Server database, ensure that the ODBC Driver version is the same as the one mentioned in the Configuring Database Server Chapter.
Enter the database details on your database selection:
- If you selected Microsoft SQL Server, fill in the following details given in the table:

Parameter	Description
ODBC DSN	The installer creates the DSN by using this value. CA Risk Authentication Server then uses this DSN to connect to the database. The recommended value to enter is arcotdsn. Note: Database Source Name (DSN) specifies the information that is required to connect to a database by using an ODBC driver. This information includes database name, directory, database driver, User ID, and password.
Server	The host name or IP address of the CA Risk Authentication datastore. Default Instance Syntax: <server_name> Example: demodatabase Named Instance Syntax: <server_name>\<instance_name> Example: demodatabase\instance1
User Name	The database user name for CA Risk Authentication to access the database. This name is specified by the database administrator. (MS SQL Server, typically, refers to this as login.) This user must have the create session and DBA rights. Note: The User Name for the Primary and Backup DSNs must be different.
Password	The password associated with the User Name you specified in the previous field and which is used by CA Risk Authentication to access the database. This password is specified by the database administrator.
Database	The name of the MS SQL database instance.
Port Number	The port at which the database listens to the incoming requests. The default port is 1433. However, if you would like to specify another port, enter the port value in this field.

If you selected Oracle Database, fill the following information in the fields.

Parameter	Description
ODBC DSN	The installer creates the DSN by using this value. CA Risk Authentication Server then uses this DSN to connect to the CA Risk Authentication database. The recommended value to enter is arcotdsn. Note: Database Source Name (DSN) specifies the information that is required to connect to a database by using an ODBC driver. This information includes database name, directory, database driver, User ID, and password.
User Name	The database user name for CA Risk Authentication to access the database. This name is specified by the database administrator. (MS SQL Server, typically, refers to this as login.) This user must have the create session and DBA rights. Note: The User Name for the Primary and Backup DSNs must be different.
Password	The password associated with the User Name you specified in the previous field and which is used by CA Risk Authentication to access the database. This password is specified by the database administrator.
Service ID	The Oracle System Identifier (SID) that refers to the instance of the Oracle database running on the server.
Port Number	The port at which the database listens to the incoming requests. The default port at which an Oracle database listens is 1521. However, if you would like to specify another port, enter the port value in this field.
Host Name	The host name or IP address of the CA Risk Authentication datastore. Syntax: <server_name> Example: demodatabase If you selected MySQL, then fill in the following information:
Parameter	Description
ODBC DSN	The installer creates the DSN by using this value. CA Risk Authentication Server then uses this DSN to connect to the CA Risk Authentication database. The recommended value to enter is arcotdsn. Note: Database Source Name (DSN) specifies the information that is required to connect to a database by using an ODBC driver. This information includes database name, directory, database driver, User ID, and password.
Server	The host name or IP address of the CA Risk Authentication datastore. Default Instance Syntax: <server_name> Example: demodatabase Named Instance Syntax: <server_name>\<instance_name> Example: demodatabase\instance1
User Name	The database user name for CA Risk Authentication to access the database. This name is specified by the database administrator. This user must have the create session and DBA rights. Note: The User Name for the Primary and Backup DSNs must be different.
Password	The password associated with the User Name you specified in the previous field and which is used by CA Risk Authentication to access the database. This password is specified by the database administrator.
Database	The name of the MySQL database instance.
Port Number	The port at which the database listens to the incoming requests. The default port at which an MySQL database listens is 3306. However, if you would like to specify another port, enter the port value in this field.

To test if you can successfully connect to the database, click the Test Data Source button and verify the result.
Click Next to continue.
Specify the following information for encryption setup:
Master Key

Specifies the password for the Master Key, which is stored at <install_location>\Arcot Systems\conf\securestore.enc and is used to encrypt the data stored in the database. By default, this value is set to MasterKey.

Note: If you want to change the value of Master Key after the installation, then you must regenerate securestore.enc with a new Master Key value. See Changing Hardware Security Module Information After the Installation for more information.

Configure HSM

Identifies if you use a Hardware Security Module (HSM) to encrypt the sensitive data.

If you do not select this option, then by default, the data is encrypted by using the Software Mode.

PIN

Specifies the password to connect to the HSM.

Choose Hardware Module

Specifies HSMs that you plan to use between two options, Luna HSM and nCipher netHSM.

HSM Parameters
Specifies the following HSM information:
- Shared Library: The absolute path to the PKCS#11 shared library corresponding to the HSM.
  For Luna (cryptoki.dll) and for nCipher netHSM (cknfast.dll), specify the absolute path and name of the file.
- Storage Slot Number: The HSM slot where the 3DES keys used for encrypting the data are available.
  For Luna, the default value is 0.
  
  For nCipher netHSM, the default value is 1.
Click Next.
Click Install to begin the installation process.
Note: The Microsoft Visual C++ 2010 x86 Redistributable Setup screen appears, if the current system where you are installing CA Risk Authentication does not have Microsoft Visual C++ 2010 x86.

On the Microsoft Visual C++ 2010 x86 Redistributable Setup screen do the following steps:
1. Select the I have read and accept the license terms option, and click Install.
2. Click Finish.
  Continue with the CA Risk Authentication installation.
Click Done.

Note: After the installation is completed, perform the post-installation tasks that are discussed in the following sections.

Installation Logs

After you complete the installation, you can access the installation log file (Arcot_RiskFort_Install_<timestamp>.log) in the <install_location> directory.

Example: If you had specified the C:\Program Files directory as the installation directory, then the installation log file is created in the C:\Program Files directory.

If the installation fails for some reason, then error messages are recorded in this log file.