Enterprise Vault™ Compliance Accelerator Installation Guide

Last Published:
Product(s): Enterprise Vault (15.1)
  1. Introducing Compliance Accelerator
    1.  
      About Compliance Accelerator desktop application-specific updates
    2. Product documentation
      1.  
        White papers on the Veritas Support website
  2. Preparing to install Compliance Accelerator
    1. Configuration options for Compliance Accelerator
      1.  
        Compliance Accelerator configuration for large installations
      2.  
        Compliance Accelerator configuration for smaller installations
    2.  
      Supported versions of Enterprise Vault in Compliance Accelerator environments
    3. Prerequisites for Compliance Accelerator
      1.  
        Prerequisites for the SQL Server computer
      2.  
        Prerequisites for the Compliance Accelerator server computer
      3.  
        Prerequisites for the Enterprise Vault server computer
      4. Prerequisites for Veritas Surveillance
        1.  
          Additional requirements for Veritas Surveillance
        2.  
          Set Kerberos Trusted Delegation
    4.  
      Configuring Outlook to enable the processing of items with many attachments or many recipients
    5.  
      Setting the Windows and ASP.NET Temp folder permissions
    6. Security requirements for temporary folders
      1.  
        Granting additional users and groups access to the temporary folders
    7.  
      Disabling networking facilities that can disrupt a Compliance Accelerator environment
    8.  
      Disabling the Windows Search Service on the Compliance Accelerator server
    9.  
      Ensuring that the Windows Server service is running on the Compliance Accelerator server
    10.  
      Configuring the SQL Server Agent service
    11.  
      Assigning SQL Server roles to the Vault Service account
    12.  
      Installing and configuring the SQL full-text search indexing service
    13.  
      Verifying that Enterprise Vault expands distribution lists
    14. Configuring Intelligent Review API Authentication and Authorization
      1.  
        Setting Kerberos trusted delegation between Compliance Accelerator Servers and Compliance Accelerator Database Servers
      2.  
        Setting Kerberos trusted delegation between Compliance Accelerator Servers and Compliance Accelerator Database Servers on IP address
  3. Installing Compliance Accelerator
    1. Installing the Compliance Accelerator server software
      1.  
        Allowing Enterprise Vault to communicate with Compliance Accelerator through the Windows firewall
      2.  
        Creating the configuration database and customer databases
      3.  
        Configuring a dedicated server for Intelligent Review processing (optional deployment configuration)
      4. Configuring Compliance Accelerator for use in a SQL Server Always On environment
        1.  
          Using SQL Server Reporting Services in an Always On environment
      5. Installing Compliance Accelerator in a clustered environment
        1.  
          Configuring Compliance Accelerator for use in a Network Load Balancing cluster
      6.  
        Maximizing security in your Compliance Accelerator databases
    2.  
      Uninstalling Compliance Accelerator
  4. Appendix A. Ports that Compliance Accelerator uses
    1.  
      Default ports for Compliance Accelerator
    2.  
      Changing the ports that Compliance Accelerator uses
  5. Appendix B. Troubleshooting
    1.  
      Error messages appear in the event log when upgrading to Compliance Accelerator 15.1
    2.  
      Enterprise Vault Accelerator Manager service not created
    3.  
      Enterprise Vault Accelerator Manager service does not start
    4.  
      "Access is denied" message is displayed when you try to create a customer database on a UAC-enabled computer
    5.  
      Cannot create or upgrade Compliance Accelerator customer databases when Symantec Endpoint Protection is running
    6.  
      Error messages when the Intelligent Review (IR) API authentication and authorization fails
  6. Appendix C. Installing and configuring the Enhanced Auditing feature
    1.  
      Overview
    2.  
      Prerequisites for the Enhanced Auditing feature
    3.  
      Installing the Enhanced Auditing feature
    4.  
      Post installation steps
    5.  
      Upgrading the Enhanced Auditing setup
    6.  
      Modifying the Enhanced Auditing setup
    7.  
      Repairing the Enhanced Auditing setup
    8.  
      Uninstalling the Enhanced Auditing setup
    9.  
      Managing access from Veritas Surveillance
  7. Appendix D. Introducing Veritas Surveillance web client
    1.  
      About Veritas Surveillance
    2.  
      Feature comparison: Compliance Accelerator desktop application Vs Veritas Surveillance web application

Using SQL Server Reporting Services in an Always On environment

Microsoft does not fully support the use of SQL Server Reporting Services in an Always On environment and, consequently, neither does Compliance Accelerator. As the following article explains, however, it is possible to configure Reporting Services to work with an Always On availability group:

https://msdn.microsoft.com/hh882437.aspx

In summary, you must do the following to make the Compliance Accelerator reports work in an Always On environment:

  • Install SQL Server Reporting Services on all the replicas in the availability group.

  • On all the secondary replicas, assign the same reporting server credentials to the Vault Service account as you assigned to this account on the primary replica:

    • The System Administrator role

    • The Content Manager role on the Home folder

    Use the Report Manager tool that comes with SQL Server to assign the credentials.

  • On the primary replica, use the Encryption Keys page of Reporting Services Configuration Manager to back up the encryption keys for the report server databases to a file.

  • Add the report server databases, ReportServer and ReportServerTempDB, to the availability group.

  • When you upload the Compliance Accelerator report templates through the Accelerator Manager website, take care to specify the correct URL for the reporting server. Rather than specify the name or address of a standalone SQL reporting server, you must specify the virtual network name of the appropriate availability group listener. For example, you might specify the reporting server URL as follows:

    http://availability_group_listener/ReportServer

  • After failover occurs, do the following:

    • Use the Reporting Services Configuration Manager to point the report server service on the new primary replica to the failed-over databases, ReportServer and ReportServerTempDB.

      Take care to specify the report server database credentials for the same domain user as you previously specified on the old primary replica.

    • On the Encryption Keys page of Reporting Services Configuration Manager, restore the encryption keys from the backup file that you previously created on the old primary replica.