Applies to: Advanced Threat Analytics version 1.9
Install ATA - Step 4
Step 4. Install the ATA Gateway
Before installing the ATA Gateway on a dedicated server, validate that port mirroring is properly configured and that the ATA Gateway can see traffic to and from the domain controllers. For more information, see Validate port mirroring.
Make sure that KB2919355 has been installed. Run the following PowerShell cmdlet to check if the hotfix is installed:
Get-HotFix -Id kb2919355
Perform the following steps on the ATA Gateway server.
Extract the files from the zip file.
Installing directly from the zip file fails.
Run Microsoft ATA Gateway Setup.exe and follow the setup wizard.
On the Welcome page, select your language and click Next.
The installation wizard automatically checks if the server is a domain controller or a dedicated server. If it is a domain controller, the ATA Lightweight Gateway is installed, if it is a dedicated server, the ATA Gateway is installed.
For example, for an ATA Gateway, the following screen is displayed to let you know that an ATA Gateway will be installed on your dedicated server:
If the domain controller or dedicated server does not meet the minimum hardware requirements for the installation, you receive a warning. This does not prevent you from clicking Next and proceeding with installation. This might be the right option for installation of ATA in a small lab test environment in which you don't need as much room for data storage. For production environments, it is highly recommended to work with ATA's capacity planning guide to make sure your domain controllers or dedicated servers meet the necessary requirements.
Under Configure the Gateway, enter the following information based on your environment:
When you deploy the ATA Gateway, you do not have to provide credentials. If the ATA Gateway installation fails to retrieve your credentials using single sign-on (for example, this may happen if the ATA Center is not in the domain, if the ATA Gateway isn't in the domain, you do not have ATA admin credentials), you are prompted to provide credentials, as in the following screen:
- Installation Path: This is the location where the ATA Gateway is installed. By default this is %programfiles%\Microsoft Advanced Threat Analytics\Gateway. Leave the default value.
Click Install. The following components are installed and configured during the installation of the ATA Gateway:
KB 3047154 (for Windows Server 2012 R2 only)
- Do not install KB 3047154 on a virtualization host (the host that is running the virtualization, it is fine to run it on a virtual machine). This may cause port mirroring to stop working properly.
- Do not install Message Analyzer, Wireshark, or other network capture software on the ATA Gateway. If you need to capture network traffic, install and use Microsoft Network Monitor 3.4.
ATA Gateway service
- Microsoft Visual C++ 2013 Redistributable
- Custom Performance Monitor data collection set
After the installation completes, for the ATA Gateway, click Launch to open your browser and log in to the ATA Console, for the ATA Lightweight Gateway, click Finish.