The features introduced on this page are only available in the RIPS Data Center Edition.
The RIPS Data Center Edition provides additional features for advanced enterprise requirements, e.g. scaling and the management of independent organizations. It allows you to split up your RIPS installation into multiple servers to increase the amount of scans that can be handled in parallel. It also comes with an administration panel that can be used to manage multiple organizations.
For the RIPS Data Center Edition you need one master server that runs the API, UI, database, storage, and the scaler that assigns scans to servers. It is highly recommended to place a reverse proxy in front of the API, UI, and storage.
There can be a variable amount of worker servers that run nothing but the analysis engines. They communicate with the RIPS master server through the reverse proxy and the API.
Preparation (All Servers)
Switch to a root shell, for example with sudo -i or su and install Docker CE as described in https://docs.docker.com/engine/installation/. Do not use the Docker version that comes with your distribution, it might not be compatible with the installer.
The following example shows the installation of Docker on Ubuntu 18.04. A more detailed guide to install Docker on Ubuntu can be found in the official documentation.
The following example shows the installation of Docker on CentOS 7. A more detailed guide to install Docker on CentOS can be found in the official documentation.
Download (All Servers)
Create an installation directory with secure permissions.
Download the installer rips3.py from https://files.ripstech.com/installer/rips3.py and make it executable.
Installation (Master Server)
To install RIPS on your master server run rips3.py rips:install. Direct access to the UI, Admin UI, and API should be prevented by binding their addresses to localhost with the parameters --ui-address 127.0.0.1, --ui-admin-address 127.0.0.1, and --api-address 127.0.0.1. The UI port should be changed from the default value 80 to a different value. In this example we will assume that --ui-port 9090 is used. Make sure to set the address of the reverse proxy as API URL, for example --api-url
The installer will ask for your download credentials. Please refer to your purchase email for your user name and password. At the end of the process, the installer creates a new user account and you can set your private account credentials.
For security reasons LDAP support is disabled by default. If you would like to enable LDAP please use the parameter --ldap=1. You can find more information about the configuration of LDAP in the user guide.
It is highly recommend to place a HTTP reverse proxy in front of RIPS for TLS encryption, access logging, and similar tasks. This section explains how RIPS and the reverse proxy have to be configured to do this.
If you are running SELinux make sure that httpd_can_network_connect is set to true. You can enable it by running:
For additional resources please refer to:
The modules mod_proxy and mod_proxy_http have to be enabled.
For additional resources please refer to:
Installation (Worker Server)
To create a worker use the parameters --master=0 --worker=1. Additionally you have to specify the addresses of the API and the storage server with --api-url and --storage-url. Those are required for the worker to contact the master server.
The installer will ask for your download credentials. Please refer to your purchase email for your user name and password.
Before the installation starts the installer asks you to copy the credentials directory from the master server to the worker server. This directory contains credentials that are required to access the API and the storage server. It can be synchronized using scp, for example the following command can be executed on the master server. Make sure to replace the host name with your own.
Once the RIPS worker is installed and started it will automatically register at the API. The scaler will then automatically assign scans to it based on the system resources of the worker and the size of the scans.
Use the admin interface to manage your organizations, departments, and servers. To access the admin interface you have to create an admin user through the command line interface of the RIPS installer on your master server.