2.5 Installing the Universal Policy Administrator On Premises Gateway

The Universal Policy Administrator On Premises Gateway is used to push policies from Active Directory to the Cloud Gateway.

When using Universal Policy Administrator to work with Universal Policies, you can use the Universal Policy Repository to effectively plan and evaluate your Universal Policy before implementing it in your production environment. The Universal Policy Repository also provides change management features.

NOTE:The Offline Repository is built and configured during the installation of the Universal Policy Administrator Gateway. After the installation, the repository is built and the Universal Policy Administrators can use the Web Console to manage domains, users, groups and Cloud OUs.

Ensure that the following prerequisites are met before you install the Universal Policy Administrator On-Premises Gateway:

  • Microsoft Windows Server 2012 R2 or later installed and running

  • Domain Administrator account access

The Universal Policy Administrator On Premises Gateway installer also installs Microsoft .Net Framework 4.7.x.

NOTE:The Universal Policy Administrator On Premises Gateway installation on a Microsoft Windows Server 2012 R2 computer upgrades Microsoft Windows PowerShell to version 5.1 through a Windows Management Framework (WMF) 5.1 update.

To install the Universal Policy Administrator On Premises Gateway:

  1. Log in to a Member server as a domain administrator.

  2. Download the Universal Policy Administrator On Premises Gateway installer file UPAOPG_3.exe from the Micro Focus Downloads website.

  3. Execute the downloaded UPAOPG_3.exe file.

  4. When the installation wizard opens, click Install.

    If .NET Framework 4.7.x is not already installed on the server, it is installed as part of the prerequisite check before the Universal Policy Administrator On Premises Gateway installation starts.

  5. Click Next when the Universal Policy Administrator On Premises Gateway setup wizard opens.

  6. Read and Accept the License Agreement, and click Next.

  7. Select an installation option. The available options are:

    • NAT Traversal

    • DMZ or Port Forward

    NOTE:In most cases, select NAT Traversal.

  8. Click Next.

  9. Enter domain administrator credentials and click Next.

  10. Enter the Cloud Gateway URL and Universal Policy Administrator On Premises Gateway owner account credentials, and click Next.

    NOTE:Click Register and create a new account if one does not exist.

  11. Retain or change the default location for program installation, and then click Next.

  12. Click Install to copy the Gateway installer files.

  13. Click Finish on the last screen of the wizard to complete the installation.

2.5.1 Configuring the Universal Policy Administrator Syslog Provider

You can configure Universal Policy Administrator to forward events and syslog messages to one or more SIEM solutions.

To configure the Universal Policy Administrator Syslog Provider:

  1. Open the C:\Program Files\MicroFocus\AD Bridge\Gateway\WebApp\Web.Config file.

  2. Modify the highlighted text in the following code snippet according to your environment:

    <syslogSettings CEFVendor="Micro Focus" CEFProduct="AD Bridge" CEFVersion="2.0"> 
    <Forwarders> 
      <add host="localhost" port="514" senderType="UDP" rfcType="Rfc5242" filterType="None" /> 
    </Forwarders> 
  </syslogSettings>

    The available options for each of these attributes are:

    • senderType: The default value is UDP.

      • TCP

      • UDP

    • rfcType: The default value is Rfc5242.

      • Rfc5242

      • Rfc3164

    • filterType: The default value is None.

      • SyslogOnly

      • AuditOnly

      • None

        NOTE:Universal Policy Administrator 3.0 only supports the filterType attribute value, AuditOnly.

  3. Set CEFVendor, CEFProduct, and CEFVersion to values of your choice.

NOTE:You can specify multiple forwarders in the same Web.Config file.