verinice. for Organizations
verinice.PRO is the central application server and an add-on product to verinice: The server provides central functions for security, rights management and groupware, which make the ISMS tool applicable in larger networks with more performance.
verinice.PRO will be supported until the end of 2027. In 2025, SerNet will offer the new, modernized generation verinice onprem as a successor to verinice.PRO.
For verinice.PRO, you receive technical support from SerNet and professional support from the verinice partners.
Key benefits of verinice.PRO
- central database and simple document storage
- can be integrated into Active Directory and LDAP
- multi-user and multi-client capability
- granular authorization and role concept
- web-based workflow and mail notification
- external database possible (PostgreSQL / Oracle)
- remote access and VPN support
- secure access protected by TLS/SSL
- incl. vDesigner for report customization
- licensed as software subscription
Licensing
The verinice.PRO server is free software and the source code becomes the property of the customer. The contract for the purchase of the software is a subscription contract with access to a download portal where verinice.PRO can be obtained as a software subscription.
- incl. unlimited verinice client licenses
- available as a software subscription (1-3 years)
- Licensing is per server per facility per year
- available for AlmaLinux and Red Hat Enterprise Linux (RHEL)
- VMWare images with AlmaLinux
- Optional installation support, remote or on-site
- Optional update support from SerNet
- including all additional content created by SerNet and verinice partners
- Open source software under a free license GPLv3
- no backdoors thanks to open source code
System requirements
The recommended requirements for verinice.PRO refer to an average system environment (10 users).
Recommended hardware:
- CPU: 2 cores >= 1 GHz, 64 bit
- RAM: 16 GB
- hard disk: 200 GB
Minimum hardware
- CPU: 1 core >= 1 GHz, 64 bit
- RAM: 8 GB
- hard disk: 100 GB
Operating system
Operating system for the verinice server is Red Hat Enterprise Linux (RHEL 8). Standardized operating environment for the server is our preconfigured verinice.PRO virtual appliance on Alma Linux (largely compatible with RHEL)
The verinice.PRO appliance is based on Alma Linux 8. verinice.PRO can be installed on RHEL 8 and Alma Linux 8 from version 1.27.
Virtualization
When installing the verinice.PRO appliance as a VMWare solution: VMWare ESXi from version 6.5 and Vmware Fusion from version 7.x.
The verinice.PRO appliance can be run in other virtualization environments. However, SerNet does not test verinice.PRO with these.
Java Development Kit (JDK)
The verinice server only works with the Java Development Kit (JDK) 11. You can install a version that is provided with continuous security updates, such as Eclipse Temurin 11-LTS or the package java-11-openjdk from Almalinux.
Database
The verinice server requires a database to operate. The data entered in the verinice clients connected to the server is stored in this database.
Officially supported databases:
If Oracle is selected as the database, Oracle runs on an external database server. It is possible to use an existing Oracle server in the company that is also used for other applications. PostgreSQL runs on the same host as the verinice server. Verinice works better when PostgreSQL is used. PostgreSQL is installed on the verinice.PRO appliance.
The verinice server also runs with other versions of PostgreSQL and Oracle. However, SerNet does not test verinice with these versions.
verinice.PRO Server Update
With version verinice 1.27, RPM packages for Red Hat Enterprise Linux 8 (RHEL 8) and AlmaLinux 8. CentOS. On RHEL and for RHEL 7 and CentOS 7 for the last time. RPM packages are installed, updated or deleted under RHEL, AlmaLinux and CentOS with the package management systemYUM. When a new version of verinice.PRO is published, the new RPM packages are ready in the verinice.PRO repository: https://update.verinice.com/.
Due to the end of support for CentOS 7 and RHEL 7 on June 30, 2024, the RPM packages for these versions will be provided for the last time with verinice 1.27.
All users are recommended to migrate to AlmaLinux 8 or RHEL 8 as soon as possible. The verinice.PRO appliance has been based on AlmaLinux since verinice 1.27. Please note in particular that an additional public package key must be imported before installing the verinice.PRO server! For details see verinice.PRO - Installation under AlmaLinux 8 and RHEL 8 chapter 4.3.1. verinice Repository.
Preparations
The verinice.PRO database has to be saved before starting the update. If PostgreSQL is used, the following command should be use
postgres@v.PRO:~$ pg_dump -F c -Upostgres <db_name> > /path/to/file.sql
The following command restores the created database backup, e.g. as a new database
postgres@v.PRO:~$ pg_restore -d newdatabase file.sql
When creating the database, please remember to assign the user "verinice" as owner to the database
postgres@v.PRO:~$ createdb -O verinice verinicedb
Don't forget to change the entry for the new database, if another name was used instead of verinicedb, in the /usr/share/tomcat6/webapps/veriniceserver/WEB-INF/veriniceserver-plain.properties.
Checking the Release Notes
Please read the release notes of all newer versions before updating. If required, they contain information to be considered during the update.
Update
The verinice.PRO packages are now ready to be updated. You can either update all RPMs on the server or only the verinice packages. It is recommended to update all packages. All packages will be updated with
yum update
The following command updates the verinice.PRO packages only
yum update verinicepro verinicepro-catalogs verinicepro-clients \ verinicepro-portal verinicepro-update-repo
It may happen that yum does not find the new verinice packages. If no new packages are found, although a new version is ready, the following command must be entered before the update
yum clean all
The Tomcat Application Server has to be restarted after an update
/etc/init.d/tomcat6 restart
Adjusting the configuration
After updating the packages the verinice configuration must be checked. Each update of the RPM packages can cause conflicts with the configuration files. If a regular file changes in a new version, it is overwritten by the package manager for the update. Configuration files can not be treated like regular files since they are usually changed after the first installation.
If a configuration file has been changed by the user and is changed in a new verinice version, the file cannot be overwritten when updating. There are two options how the package manager computes this issue:
- The file of the user is not changed, the new version of the file is installed with the suffix .rpmnew. The files must be compared after the update and possible changes from conf-file.properties.rpmnew must be transferred to conf-file.properties.
- The new version of the file is installed. The file of the user is saved with the suffix .rpmsave. The files must be compared after the update and if necessary settings from conf-file.properties.rpmsave must be transferred to conf-file.properties
Depending on the content of the verinice configuration files will be treated in accordance with option 1 or 2.
veriniceserver-plain.properties
- Directory: /usr/share/tomcat6/webapps/veriniceserver/WEB-INF/
The file is not overwritten during the update. If necessary, a new version of the file is created with the name veriniceserver-plain.properties.rpmnew. In this case new options from veriniceserver-plain.properties.rpmnew must be taken over into veriniceserver-plain.properties.
verinice-ldap.properties
- Directory: /usr/share/tomcat6/webapps/veriniceserver/WEB-INF/
The file is not overwritten during the update. If necessary, a new version of the file is created with the name verinice-ldap.properties.rpmnew. In this case new options from verinice-ldap.properties.rpmnew need to be transferred to verinice-ldap.properties.properties.
SNCA.xml, snca-messages.properties, snca-messages_de.properties
- Directory: /usr/share/tomcat6/webapps/veriniceserver/WEB-INF/
This file is not overwritten during the update. If necessary, a new version of the file is created with the name SNCA.xml.rpmnew. In this case new options from SNCA.xml.rpmnew need to be transferred to SNCA.xml.
web.xml
- Directory: /usr/share/tomcat6/webapps/veriniceserver/WEB-INF/
This file will be overwritten during the update. If the file was changed beforehand, the changed version will be saved as web.xml.rpmsave. After the update the changes in web.xml.rpmsave must be transferred to the new version.
verinice-auth.xml
- Directory: /usr/share/tomcat6/webapps/veriniceserver/WEB-INF/
This file contains the configuration of the authorization profiles. The authorization profiles are typically configured with the verinice.PRO client. The file shouldn't be edited directly on the server. The file is not overwritten when updating verinice.PRO.
Other Files
All other configuration files contain technical configuration and normally do not need to be adjusted. When updating these files will be overwritten. If one of the files was however changed previously, the changed old version of the file is saved under the name file.properties.rpmsave . After the update, the changes from the old modified file datei.properties.rpmsave must be included in the new version.
- Directory: /usr/share/tomcat6/webapps/veriniceserver/WEB-INF
- faces-config.xml
- veriniceserver-osgi.properties
- verinice-auth-default.xml
- verinice-auth-messages.properties
- verinice-auth-messages_de.properties
- /usr/share/tomcat6/webapps/veriniceserver/snca-includes
- configuration.xml
- /usr/share/tomcat6/webapps/veriniceserver/WEB-INF/classes
- log4j.xml
- server_hibernate.cfg.xml
- server_hibernate_derby.cfg.xml
- server_hibernate_oracle.cfg.xml