Application server for institutions of all sizes

verinice. for Organizations

verinice.PRO is the central application server and an add-on product to verinice: The server provides central functions for security, rights management and groupware, which make the ISMS tool applicable in larger networks with more performance.

verinice.PRO will be supported until the end of 2027. In 2025, SerNet will offer the new, modernized generation verinice onprem as a successor to verinice.PRO.

For verinice.PRO, you receive technical support from SerNet and professional support from the verinice partners.

Key benefits of verinice.PRO

central database and simple document storage
can be integrated into Active Directory and LDAP
multi-user and multi-client capability
granular authorization and role concept
web-based workflow and mail notification
external database possible (PostgreSQL / Oracle)
remote access and VPN support
secure access protected by TLS/SSL
incl. vDesigner for report customization
licensed as software subscription

Licensing

The verinice.PRO server is free software and the source code becomes the property of the customer. The contract for the purchase of the software is a subscription contract with access to a download portal where verinice.PRO can be obtained as a software subscription.

incl. unlimited verinice client licenses
available as a software subscription (1-3 years)
Licensing is per server per facility per year
available for AlmaLinux and Red Hat Enterprise Linux (RHEL)
VMWare images with AlmaLinux
Optional installation support, remote or on-site
Optional update support from SerNet
including all additional content created by SerNet and verinice partners
Open source software under a free license GPLv3
no backdoors thanks to open source code

System requirements

The recommended requirements for verinice.PRO refer to an average system environment (10 users).

Recommended hardware:

CPU: 2 cores >= 1 GHz, 64 bit
RAM: 16 GB
hard disk: 200 GB

Minimum hardware

CPU: 1 core >= 1 GHz, 64 bit
RAM: 8 GB
hard disk: 100 GB

Operating system

Operating system for the verinice server is Red Hat Enterprise Linux. Standardized operating environment for the server is our preconfigured verinice.PRO virtual appliance on Alma Linux (largely compatible with RHEL)

The verinice.PRO appliance is based on Alma Linux 8. verinice.PRO can be installed on RHEL 7 from version 1.21.

Virtualization

When installing the verinice.PRO appliance as a VMWare solution: VMWare ESXi from version 6.5 and Vmware Fusion from version 7.x.

The verinice.PRO appliance can be run in other virtualization environments. However, SerNet does not test verinice.PRO with these.

Java Development Kit (JDK)

The verinice server only works with the Java Development Kit (JDK) 11. You can install a version that is provided with continuous security updates, such as Eclipse Temurin 11-LTS or the package java-11-openjdk from Almalinux.

Database

The verinice server requires a database to operate. The data entered in the verinice clients connected to the server is stored in this database.

Officially supported databases:

If Oracle is selected as the database, Oracle runs on an external database server. It is possible to use an existing Oracle server in the company that is also used for other applications. PostgreSQL runs on the same host as the verinice server. Verinice works better when PostgreSQL is used. PostgreSQL is installed on the verinice.PRO appliance.

The verinice server also runs with other versions of PostgreSQL and Oracle. However, SerNet does not test verinice with these versions.

verinice.PRO Server Update

With version verinice 1.27, RPM packages for Red Hat Enterprise Linux 8 (RHEL 8) and AlmaLinux 8. CentOS. On RHEL and for RHEL 7 and CentOS 7 for the last time. RPM packages are installed, updated or deleted under RHEL, AlmaLinux and CentOS with the package management systemYUM. When a new version of verinice.PRO is published, the new RPM packages are ready in the verinice.PRO repository: https://update.verinice.com/.

Due to the end of support for CentOS 7 and RHEL 7 on June 30, 2024, the RPM packages for these versions will be provided for the last time with verinice 1.27.

All users are recommended to migrate to AlmaLinux 8 or RHEL 8 as soon as possible. The verinice.PRO appliance has been based on AlmaLinux since verinice 1.27. Please note in particular that an additional public package key must be imported before installing the verinice.PRO server! For details see verinice.PRO - Installation under AlmaLinux 8 and RHEL 8 chapter 4.3.1. verinice Repository.

Preparations

The verinice.PRO database has to be saved before starting the update. If PostgreSQL is used, the following command should be use

postgres@v.PRO:~$ pg_dump -F c -Upostgres <db_name> > /path/to/file.sql

The following command restores the created database backup, e.g. as a new database

postgres@v.PRO:~$ pg_restore -d newdatabase file.sql

When creating the database, please remember to assign the user "verinice" as owner to the database

postgres@v.PRO:~$ createdb -O verinice verinicedb

Don't forget to change the entry for the new database, if another name was used instead of verinicedb, in the /usr/share/tomcat6/webapps/veriniceserver/WEB-INF/veriniceserver-plain.properties.

Checking the Release Notes

Please read the release notes of all newer versions before updating. If required, they contain information to be considered during the update.

Update

The verinice.PRO packages are now ready to be updated. You can either update all RPMs on the server or only the verinice packages. It is recommended to update all packages. All packages will be updated with

yum update

The following command updates the verinice.PRO packages only

yum update verinicepro verinicepro-catalogs verinicepro-clients \
verinicepro-portal verinicepro-update-repo

It may happen that yum does not find the new verinice packages. If no new packages are found, although a new version is ready, the following command must be entered before the update

yum clean all

The Tomcat Application Server has to be restarted after an update

/etc/init.d/tomcat6 restart

Adjusting the configuration

After updating the packages the verinice configuration must be checked. Each update of the RPM packages can cause conflicts with the configuration files. If a regular file changes in a new version, it is overwritten by the package manager for the update. Configuration files can not be treated like regular files since they are usually changed after the first installation.

If a configuration file has been changed by the user and is changed in a new verinice version, the file cannot be overwritten when updating. There are two options how the package manager computes this issue:

The file of the user is not changed, the new version of the file is installed with the suffix .rpmnew. The files must be compared after the update and possible changes from conf-file.properties.rpmnew must be transferred to conf-file.properties.
The new version of the file is installed. The file of the user is saved with the suffix .rpmsave. The files must be compared after the update and if necessary settings from conf-file.properties.rpmsave must be transferred to conf-file.properties

Depending on the content of the verinice configuration files will be treated in accordance with option 1 or 2.

veriniceserver-plain.properties

Directory: /usr/share/tomcat6/webapps/veriniceserver/WEB-INF/

The file is not overwritten during the update. If necessary, a new version of the file is created with the name veriniceserver-plain.properties.rpmnew. In this case new options from veriniceserver-plain.properties.rpmnew must be taken over into veriniceserver-plain.properties.

verinice-ldap.properties

Directory: /usr/share/tomcat6/webapps/veriniceserver/WEB-INF/

The file is not overwritten during the update. If necessary, a new version of the file is created with the name verinice-ldap.properties.rpmnew. In this case new options from verinice-ldap.properties.rpmnew need to be transferred to verinice-ldap.properties.properties.

SNCA.xml, snca-messages.properties, snca-messages_de.properties

Directory: /usr/share/tomcat6/webapps/veriniceserver/WEB-INF/

This file is not overwritten during the update. If necessary, a new version of the file is created with the name SNCA.xml.rpmnew. In this case new options from SNCA.xml.rpmnew need to be transferred to SNCA.xml.

web.xml

Directory: /usr/share/tomcat6/webapps/veriniceserver/WEB-INF/

This file will be overwritten during the update. If the file was changed beforehand, the changed version will be saved as web.xml.rpmsave. After the update the changes in web.xml.rpmsave must be transferred to the new version.

verinice-auth.xml

Directory: /usr/share/tomcat6/webapps/veriniceserver/WEB-INF/

This file contains the configuration of the authorization profiles. The authorization profiles are typically configured with the verinice.PRO client. The file shouldn't be edited directly on the server. The file is not overwritten when updating verinice.PRO.

Other Files

All other configuration files contain technical configuration and normally do not need to be adjusted. When updating these files will be overwritten. If one of the files was however changed previously, the changed old version of the file is saved under the name file.properties.rpmsave . After the update, the changes from the old modified file datei.properties.rpmsave must be included in the new version.

Directory: /usr/share/tomcat6/webapps/veriniceserver/WEB-INF
- faces-config.xml
- veriniceserver-osgi.properties
- verinice-auth-default.xml
- verinice-auth-messages.properties
- verinice-auth-messages_de.properties
/usr/share/tomcat6/webapps/veriniceserver/snca-includes
- configuration.xml
/usr/share/tomcat6/webapps/veriniceserver/WEB-INF/classes
- log4j.xml
- server_hibernate.cfg.xml
- server_hibernate_derby.cfg.xml
- server_hibernate_oracle.cfg.xml