Installing Virtual Appliance

This article covers the system requirements, and the step-by-step procedure on how to install and deploy Virtual Appliance:
This article covers the system requirements, and the step-by-step procedure on how to install and deploy Virtual Appliance:
System Requirements
The Virtual Appliance deployment model lets you deploy the CA Identity Suite components in a single Virtual Appliance or distributed across multiple appliances. Based on the load and demand, the sizing of the Virtual Appliances vary. The number of instances of the Virtual Appliance depends on the projected usage by each customer. The flexibility of the Virtual Appliance enables deployment of separate services to different appliance instances for optimal performance.
The following parameters depict the minimum and recommended system requirements for installing Virtual Appliance. However, the CA Services Architect determines the best production grade deployment based on quality assurance and load testing during the deployment project.
  • Minimum Requirements
    • 10-GB RAM
    • 4 Virtual CPUs
    • 50-GB Disk Space
  • Recommended Requirements
    • 16-GB RAM
    • 4 Virtual CPUs
    • 200-GB Disk Space
  • Memory Requirements for Virtual Appliance Services
    Demo / Sandbox
    Non-Production / Production
    CA Identity Portal
    1.5 GB
    8 GB
    CA Identity Governance
    1.5 GB
    8 GB
    CA Identity Manager
    2 GB
    8 GB
    0.5 GB
    4 GB
    Provisioning Server
    0.5 GB
    6 GB
    Connector Server
    1 GB
    2 GB
    Central Logs
    1 GB
    4 GB
    Oracle Express
    1 GB
    Not Applicable
The recommended requirements assume the distribution of components on several Virtual Appliance machines.
Set Up CA Identity Suite Virtual Appliance
To deploy CA Identity Suite products and services that you want, you must set up the Virtual Appliance. To set up the Virtual Appliance, you must import the .ova file into your Virtualization platform and must complete the required configurations that are detailed in this procedure.
Follow these steps:
  1. Download the .ova file from the CA Support website by following the given steps:
    1. Click
      Enterprise Software.
    2. Click
      Product Downloads.
    3. Search and click
      Identity MGMT and Governance.
    4. Search for
      CA Identity Suite.
    5. Select a release from the drop-down and download the file using HTTP or FTP.
  2. Import the .ova file into your Virtualization platform.
  3. Power on the virtual machine.
    The Virtual Appliance initialization page appears in the Virtualization platform console.
  4. Log in with the following default credentials:
  5. When prompted, change the default password of the
  6. Follow the initialization wizard to initialize the Virtual Appliance.
    • You can enable or disable FIPS 140-2 support
      only once
      during the initialization of a fresh Virtual Appliance installation. This implies that you cannot enable FIPS 140-2 support on a system that is upgraded from an earlier version.
    • All nodes in the Virtual Appliance solution must be configured with the
      same FIPS mode
      (either "enabled" or "disabled").
      For more information, see FIPS 140-2 Compliance.
  7. After the initialization process completes, the Virtual Appliance web management Console URL is displayed. For example:
  8. Using a supported web browser, access the web management Console so that you proceed with the Virtual Appliance configuration.
Deploy CA Identity Suite Virtual Appliance
After you are done setting up the Virtual Appliance, perform the configurations that are detailed in this section to deploy CA Identity Suite products and services that you want.
Follow these steps:
  1. In a supported browser, access the Virtual Appliance IP address by using the HTTPS protocol on port 10443.
    For example:
  2. The Virtual Appliance is shipped with a self-signed certificate. So, you are prompted with an alert. Ignore the alert message and proceed to view the Virtual Appliance login page.
  3. Provide the
    user credentials to log in to the web management Console and click
    The home page shows the available configuration types:
    Sandbox / Custom
    Non Production
    , and
  4. Click a configuration type that you want to deploy.
    • For demonstration and proof of concept purposes, consider using either the Demo or Sandbox options.
    • The Demo and Sandbox configuration types allow you to use an embedded database.
    • When using an external database (for Sandbox, Non-production, and Production), Oracle and Microsoft SQL databases are supported.
    • You must set up the Production and Non-Production configuration types for High Availability too.
  5. In the
    Configure Password
    page, enter and validate a master password. This password is the default master password to log in to the CA Identity Suite components.
  6. Upload the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy.
  7. Once a configuration type is chosen, for example, Demo, the solution deployment page is displayed.
  8. Drag-and-drop the services or products that you want to the virtual machine section.
  9. As you place components in the virtual appliance instance, the memory bar shows projected memory usage.
  10. Click
    The selected services or products are deployed.
During CA Identity Governance startup, the WorkPoint processes are automatically imported. This is equivalent to the user browsing to CA Identity Governance User Console and executing a Workpoint update from the Administration > Settings > Workpoint DB Administration page.