Install or Upgrade Security Monitoring

Follow the steps in this guide to install or upgrade or upgrade the NGINX Management Suite Security Monitoring module.


Before You Begin

Security Considerations

To ensure that your NGINX Management Suite deployment remains secure, follow the recommendations in this section:

  • Install NGINX Management Suite and its modules on a dedicated machine (bare metal, container, cloud, or VM).
  • Make sure that no other services are running on the same machine.
  • Make sure that the machine is not accessible from the Internet.
  • Make sure that the machine is behind a firewall.

Installation Prerequisites

Important:
Before you can install this module, you need to have NGINX and ClickHouse installed on your system. Additionally, you will need to add the NGINX Management Suite repository. The Prerequisites topic has detailed instructions on how to fulfill these requirements.

Dependencies with Instance Manager

The Security Monitoring module requires the following versions of Instance Manager to be installed on the management plane:

Security Monitoring Instance Manager
1.7.1 2.14.1-2.16.0
1.7.0 2.14.0
1.6.0 2.12.0-2.13.0
1.5.0 2.11.0
1.4.0 2.10.0–2.10.1
1.3.0 2.9.0
1.2.0 2.8.0
1.1.0 2.7.0
1.0.0 2.6.0
Important:
The Security Monitoring module installation does not automatically install or upgrade Instance Manager. You’ll need to manually install Instance Manager, or upgrade it to a version supported for use with Security Monitoring.

Install Security Monitoring

  1. To install the latest version of the Security Monitoring module, run the following command:

    sudo yum -y install nms-sm
    

  1. To install the latest version of the Security Monitoring module, run the following commands:

    sudo apt-get update
    sudo apt-get install -y nms-sm
    
  1. Restart the NGINX Management Suite services:

    sudo systemctl restart nms
    

    NGINX Management Suite components started this way run by default as the non-root nms user inside the nms group, both of which are created during installation.

  2. Restart the NGINX web server:

    sudo systemctl restart nginx
    
  3. If running Security Monitoring v1.7.0 or higher, start the module:

    sudo systemctl start nms-sm
    

Accessing the Web Interface

To access the NGINX Management Suite web interface, open a web browser and go to https://<NMS_FQDN>, replacing <NMS_FQDN> with the Fully Qualified Domain Name of your NGINX Management Suite host.

The default administrator username is admin, and the generated password was displayed in the terminal during installation. If you’d like to change this password, refer to the “Set or Change User Passwords section in the Basic Authentication topic.

Add License

A valid license is required to make full use of all the features in Security Monitoring module.

Refer to the Add a License topic for instructions on how to download and apply a trial license, subscription license, or Flexible Consumption Program license.


Upgrade Security Monitoring

Instance Manager Dependency
The upgrade process for Security Monitoring does not automatically upgrade Instance Manager, which is a package dependency. To ensure compatibility with Security Monitoring, you will need to manually upgrade Instance Manager to a version supported by Security Monitoring. For specific version dependencies between Security Monitoring and Instance Manager, refer to the Security Monitoring release notes.

  1. To upgrade to the latest version of Security Monitoring, run the following command:

    sudo yum update -y nms-sm
    

  1. To upgrade to the latest version of the Security Monitoring, run the following command:

    sudo apt-get update
    sudo apt-get install -y --only-upgrade nms-sm
    
  1. Restart the NGINX Management Suite platform services:

    sudo systemctl restart nms
    

    NGINX Management Suite components started this way run by default as the non-root nms user inside the nms group, both of which are created during installation.

  2. Restart the NGINX web server:

    sudo systemctl restart nginx
    
  3. If running Security Monitoring v1.7.0 or higher, start the module:

    sudo systemctl start nms-sm
    
  4. (Optional) If you use SELinux, follow the steps in the Configure SELinux guide to restore the default SELinux labels (restorecon) for the files and directories related to NGINX Management suite.


What’s Next

Set Up Data Plane

To set up your NGINX App Protect WAF data plane instances for use with Security Monitoring, refer to the following instructions:

Install Other NGINX Management Suite Modules