Installation Prerequisites

This guide is for installing TrustView on-prem. If you are looking for a cloud solution, we have TrustView Lite, but that is not as feature complete as our on-prem solution. Contact our for more details if needed.

There will be a technical contact attached to perform the installation for you.

The following technical prerequisites are required to get TrustView installed:

  1. Logical network access (typically VPN or Citrix)

  2. Access to a server, where we can install TrustView

  3. Access to a database

Note

The installation can also be performed through TeamViewer, a Microsoft Teams session, or something similar, if you prefer to avoid giving server access or have not set up VPN access.

Network topology diagram of TrustView

Server specifications

  • Operating system: Windows Server 2022 or later

  • Memory: 8GB minimum, 12GB or more is recommended

  • Application storage: 25GB or more

Database specifications

  • Database type: Microsoft SQL Server, Microsoft SQL Express or MySQL

  • Database storage: Initially 1GB. Growth/yearly: 10MB per endpoint

Note

The database can be installed on a separate server or the same server as TrustView. Once TrustView runs the first time, all required tables will automatically be added to the database, so only a database (named trustviewdb etc.) and a user to access the database, is required. It is also possible to just add this database to an already existing SQL or MySQL instance.

Basic configuration

Additionally, for the basic configuration of TrustView, we require:

  • Access to an SMTP gateway adress and a shared mailbox (which is used as sender when e-mail notifications are sent from TrustView)

Note

An example of an SMTP gateway adress could be smtp.company.com, but it’s also possible to use an Office 365 SMTP server or specify a port and user credentials if necessary.

  • SSL certificate issued to TrustView itself (used to access the TrustView web interface using https)

Note

This is optional, but if you want to use HTTPS with TrustView, the SSL certificate needs to cover the hostname and domain of the server. It’s not necessary to provide a SSL certificate if you have the ADCS module, as that can perform all the needed actions, through TrustView.

  • An AD security group (allows access to TrustView using domain login for users that are members of the group)

Note

This is optional, as you can login into TrustView with local users (setup directly in TrustView), but if you want to be able to log into TrustView with Active Directory users, then at least one group (inside your Active Directory) must be created for that purpose. The group can be named after the user roles, like TrustViewAdmins or TrustViewReadOnly etc. (but the final naming convention is up to you). See User Roles.

  • AD user to synchronize with the Active Directory (only needed if you want login access to TrustView with AD users)

Note

It is recommended to use an AD user which does not expire, as TrustView would need to synchronize with your AD on a hourly basis.

Firewall rules and access

There may be cases where your network is closed off and you only want to open for the necessary inbound and outbound connections related to the TrustView instance. The following rules are required:

  • Inbound and outbound HTTPS connection - port 443

  • Connect outbound to view.trustskills.com - port 443

  • Connect outbound to api.trustskills.com - port 443

Integration of ADCS module

Important

This step is only needed if you need to have the ADCS module (MS PKI) setup and have the license to that module.

A service account with the following permissions assigned to your ADCS (Issuing CA) is needed:

  • Read (set under Properties Security)

  • Issue and Manage Certificates (set under Properties Security). Only required if you want to be able to revoke certificates from TrustView

  • Logon as a service on the TrustView server

On the template used to issue from (usually Web Server unless you have specific preferences), the following permissions are needed:

  • Read and Enroll

Tip

If you have any questions related to the on-prem TrustView installation, contact the technical contact you have been provided or contact our .

Quick checklist

The following tasks should be completed by you, before the installation of TrustView by a TrustSkills technician takes place:

Prepare server for TrustView instance (it can be an existing or new server)
Prepare database (Microsoft SQL, SQL Express or MySQL)
Prepare VPN access for TrustView server (or let the the technical contact know of the preferred method of access during installation)
SMTP Server (used for notifications sent from TrustView)
Sender E-mail address (what e-mail to send from when TrustView sends out notifications)
Prepare SSL certificate for use on the TrustView application (optional)
Choose type of log in - Local users or AD-login (AD-login requires additional configuration)