Cryptzone Support

If you wish to submit a support ticket please sign in to your customer portal or use the “submit a ticket” button at the top menu.
If you need to find documentation about our Sheriff Suite please login to the Hive- Click Here



Compliance Sheriff Pre-Installation Checklist

« Go Back

Compliance Sheriff Pre-Installation Checklist



1.      Microsoft Server 2012 and above is the minimum supported OS -- The most important hardware component is number of CPU cores on the servers. The number of cpu cores directly correlates to the number of scans you can run simultaneously. A minimum of 8 CPU cores for the worker\controller server(s) is recommended.  A minimum of 16 GB RAM is recommended for the CSheriff platform (i.e. each of the CSheriff servers)
2.      SQL Server 2012 or above (can use SQL express if desired, limit to 10gb db).
Named Pipes and TCP\IP need to be enabled for the instance.  
3.      MSMQ feature installed on the Controller\worker server(s). 
4.      IIS with all .net components installed. If installing on a Server 2012 Server, both the “IIS” role and “Application” role needs to be installed, and under the application role we need the “Web Server Support” role installed 
5.      Make sure the Service Account has local administrator rights before install. -- Use a domain account for the CS installation if more than one server, and its advised to have local admin rights on the controller and web servers. 
6.      SQL Login – The service account needs to be explicitly added to “Logins” under the SQL instance prior to the installation. The user (i.e. service account) who runs the installation file will also need access and enough privilege to create databases.  
7.      SQL storage location – make sure that the physical paths for the storage of the data and log files exists prior to the installation. For example, E:\Data\ and E:\Logs 
8.      NetBIOS/Computer Browsing service – must be turned on (for the install), alternatively we can use a command line switch to bypass this need if necessary, we should know ahead of time if both the “Computer Browsing” service and NetBios are running on the server.  
9.      IE Enhanced Security mode needs to be turned off
10.  PowerShell Policy --- this should be set to “unrestricted” prior to the installation. To do this, open a PowerShell console as an administrator, then type
Set Execution-Policy Unrestricted

11.  Below are PowerShell commands that will install all required features that need to be installed before CSheriff installation

Windows Server 2016 with all roles
Install-WindowsFeature NET-Framework-45-Features,NET-WCF-HTTP-Activation45,Web-Default-Doc,Web-Dir-Browsing,Web-Http-Errors,Web-Static-Content,NET-Framework-45-Features,NET-Framework-45-Core,MSMQ,Web-Http-Logging,Web-Stat-Compression,Web-Filtering,Web-Net-Ext45,Web-Asp-Net45,Web-ISAPI-Ext,Web-ISAPI-Filter,Web-Mgmt-Console,NET-Framework-45-Core,NET-Framework-45-ASPNET,NET-WCF-MSMQ-Activation45,NET-WCF-TCP-PortSharing45,Web-Server,Web-Common-Http,Web-Security,WAS-Process-Model,NET-HTTP-Activation, FS-SMB1

Windows 2016 No Web role
Install-WindowsFeature NET-Framework-45-Features,NET-Framework-45-Core,MSMQ,NET-Framework-45-Core,NET-Framework-45-ASPNET,NET-WCF-MSMQ-Activation45,NET-WCF-TCP-PortSharing45,FS-SMB1

Windows 2016 Web only role

Install-WindowsFeature NET-Framework-45-Features,NET-WCF-HTTP-Activation45,Web-Default-Doc,Web-Dir-Browsing,Web-Http-Errors,Web-Static-Content,Web-Http-Logging,Web-Stat-Compression,Web-Filtering,Web-Net-Ext45,Web-Asp-Net45,Web-ISAPI-Ext,Web-ISAPI-Filter,Web-Mgmt-Console,Web-Server,Web-Common-Http,Web-Security,WAS-Process-Model,NET-HTTP-Activation

Article Info
2/3/2017 7:42 AM
12/18/2018 5:00 PM



Was this article helpful?



Please tell us how we can make this article more useful.

Characters Remaining: 255