IBM Support

IBM Counter Fraud Management 1.5.0.5 Hypervisor Edition Readme

Product Readmes


Abstract

The IBM Counter Fraud Management (ICFM) 1.5.0.5 Virtual Machines (VMs) are distributed as five Open Virtualization Format (OVA) image files. These images comprise a set of pre-configured servers ready to deploy an environment of IBM Counter Fraud Management 1.5.0.5 with APAR PO05499 on an ESXi server (hypervisor for VMware).

Content

Quick links

VM architecture and image details

Figure 1 depicts the contents of each image. (Click the image to enlarge it.)

Figure 1. IBM Counter Fraud Management VM Architecture

Table 1 outlines the file names and descriptions required to deploy a complete ICFM 1.5.0.5 environment.

Description Server File Name File Size
IBM Counter Fraud Management Hypervisor DB 1.5.0.5 Linux Data Node CN7MKEN.ova 39.8 GB
IBM Counter Fraud Management Hypervisor 1.5.0.5 Linux Core Node CN7MLEN.ova 76.6 GB
IBM Counter Fraud Management Hypervisor CM 1.5.0.5 Linux Case Node CN7MPEN.ova 89.4 GB
IBM Counter Fraud Management Hypervisor IDD V1.5.0.5 Linux Investigate, Detect, and Discover Node (IDDN) CN7MMEN.ova 71.3 GB
Table 1: IBM Counter Fraud Management 1.5.0.5 VM Image Details

To deploy these images, the images must be imported into an ESXi server and then configured for the hosting environment. For instructions, see Importing the OVA files into a VMware ESXi server and Initial startup and configuration of the IBM Counter Fraud Management 1.5.0.5 VMs.

Importing the OVA files into a VMware ESXi server

Complete these steps to deploy the OVA images to an ESXi server:
  1. Download the five OVA files to a machine with a vSphere client or vCenter installed. Optionally, you can upload these images directly to the ESXi data store.
  2. As a user with ESXi deployment privileges, log in to the target ESXi server using the vSphere client.
    Note: The process for deploying an OVA using vCenter is similar.
  3. Select File > Deploy OVF Template.
  4. On the source panel, click Browse to select an OVA file. Navigate to the directory where the OVA files were downloaded. Select a file and click Open. Click Next.
  5. On the OVF Template Details panel, review the information and click Next.
  6. On the Name & Location panel, set the name of the VM Name, following conventions used for your environment. Select the Inventory location as defined by your System Administrator. Click Next.
  7. On the Host/Cluster panel, select the Host/Cluster as defined by your System Administrator. Click Next.
  8. On the Storage panel, select the data store for the VM. Click Next.
  9. On the Disk Format panel, select Thin Provision. Click Next.
  10. On the Network Mapping, select the Destination Network. If there are multiple options, contact your administrator to determine which option to select. Click Next.
    Note: You can change the destination network after the OVA is deployed.
  11. On the Ready to Complete panel, review the information and click Finish.

    The deployment begins. The amount of time it takes to deploy varies depending on the size of the OVA, the network speed, ESXi resource utilization, and so on.

  12. After the deployment is complete, a window is displayed stating that Deployment Completed Successfully. Click Close.
  13. Repeat steps 1 through 11 for each of the five OVAs (Data, Core, Case, IDDN, and Client1).

Initial startup and configuration of the IBM Counter Fraud Management 1.5.0.5 VMs

To complete the next steps, fill in the environment specifics where these images will be deployed in Table 2.

Table 2. IBM Counter Fraud Management Environmental Details Required for Installation
Data Node Core Node Case Node Investigate, Detect, and Discover Node
Server host name data core case lddn
LUKS password default_luks_password default_luks_password default_luks_password default_luks_password
Root password        
IP address        
Server Netmask        
Gateway IP        
Primary DNS Server        
Secondary DNS Server        
Tertiary DNS Server        
DNS Search Path        
/etc/hosts entries Update only the entries highlighted in bold:

# IBM Counter Fraud Management v1.5.0.5
0.0.0.0 data.icfm.ibm.com data host1.mycompany.com host1
0.0.0.0 core.icfm.ibm.com core host2.mycompany.com host2
0.0.0.0 case.icfm.ibm.com case host3.mycompany.com host3
0.0.0.0 iddn.icfm.ibm.com iddn host4.mycompany.com host4

Instructions

For each of the Red Hat Enterprise Linux servers (data, core, case, iddn), follow these steps:

  1. Using the vSphere client, power on the VM.
  2. Enter the LUKS password.
  3. Select Language (U.S. English). Use the Tab key to move the cursor.
  4. Enter the new root password. Type the new root password again when prompted.
    Note: When entering the password, the cursor does not move.
  5. Select Device Configuration on the Select Action window.
  6. Select eth0 (eth0) – vmxnet3.
  7. Enter the following information: Note: Refer to Table 2 to complete these entries. 
    Static IP:            host_IP  Netmask:              server_netmask  Default Gateway IP:   gateway_ip  Primary DNS Server:   primary_dns_server  Secondary DNS Server: secondary_dns_server
  8. Click OK on the Network Configuration window.
  9. Select Save on the Select a Device window.
  10. Select DNS Configuration on the Select Action window.
  11. Enter the following information:
    Primary DNS	 primary_dns_server  Secondary DNS	 secondary_dns_server  Tertiary DNS	 tertiary_dns_server  DNS Search Path  dns_search_path
    Note: Do not change the host name. You will have the option later to edit the /etc/hosts file and enter a different host name.
  12. Click OK on the DNS Configuration page.
  13. Select Save & Quit on the Select Action page.
  14. On the Authentication Configuration window, leave all defaults and click Next.
  15. On the Services window, accept all defaults and click OK.
  16. On the Welcome page, click Forward.
  17. If you agree to the license agreement, select Yes, I agree to the license agreement and click Forward.
  18. Select No, I prefer to register at a later time and click Forward. Select Register Later when prompted.
    Optional: To register the system with Red Hat, select Yes, I’d like to register now.. Contact your System Administrator for Red Hat Network Subscription information and then click Forward.
  19. On the Finish Updates Setup window, click Forward.
  20. On the Create User window, click Forward.
  21. On the Date and Time window, click Finish and wait for the server to start.
  22. If successful, the server startup process completes and a list of users is displayed.
    Note: To optionally disable the list of users on the logon page, log into the server and enter the following command as user root:
    gconftool-2 --direct --config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults --type bool --set /apps/gdm/simple-greeter/disable_user_list true
  23. Log in to the server with the following credentials:
    • Username: root
    • Password: Refer to Table 2.
  24. Edit the /etc/hosts file. For each of the servers (data, core, case, iddn, and client1), follow these steps:
    1. Edit the IP address. Change the 0.0.0.0 to a static address assigned for each server.
    2. Edit the full host name entry to match the full host name assigned for each server (for example, change the host1.mycompany.com entry to the full host name for the server).
    3. Edit the short host name assigned for each server (for example, change the host1 entry to the short host name for the server).
      Note: Be sure to change all IP, full host name, and short host name entries for each server as defined in steps 24.a through 24.c.
  25. To restart the network configuration, enter the following command: 
    service network restart
  26. Verify the network configuration is resolving properly.
    ping localhost  ping server_short_hostname (for example, ping data)  ping server_long_hostname (for example, ping data.icfm.ibm.com)
  27. Repeat these steps for each Linux server (data, case, core, iddn).

System verification

After the Linux servers are deployed, start the IBM Counter Fraud Management services in the sequential order listed. Before starting the next service, ensure that the previous service started successfully (in other words, wait for the current service to complete startup before starting the next service).

  1. On the Data Node, enter: service ibmcfmdata start
  2. On the Core Node, enter: service ibmcfmcore start
  3. On the Case Node, enter: service ibmcfmcase start
  4. On the Investigate, Detect, and Discover Node, enter: service ibmcfmiddn start
  5. Log in to the Case Manager client.
    1. Using any of the servers, from the desktop, open a browser and navigate to: https://core.icfm.ibm.com/cfm/links.html
    2. Select the Case Manager Client link and log in with filenet/default_password.* For example, The Case Manager Client link for the Core server is: https://core.icfm.ibm.com/navigator/?desktop=icm

      *The Case Manager Client default password is located in the addendum of the ICFM 1.5.0.5 Hypervisor Edition Operations Guide (availability restricted to IBM Lab Services Use Only).

Post deployment

Configuring Operational and Investigator reports

Reports are provided for IBM Counter Fraud Management. To report the auditing of Counter Fraud case data, follow these steps:

  1. Log in to Administration Console for Content Platform Engine. Enter the following URL:
    https://case_manager_server:secure_port/acce
  2. Navigate to Object Stores > deployed_target_object_store > Data Design > Property Templates.

    deployed_target_object_store specifies the object store where the Counter Fraud solution is installed.

    For example, click Object Stores > TARGET1 > Data Design > Property Templates.
  3. Verify that the following properties exist.
    Table 1. Properties
    Display Name Symbolic Name Data Type
    CF_CaseOwner CFReporting_CaseOwner String
    CF_CreateDate CFReporting_CreateDate Date Time
    CF_CurrentLoss CFReporting_CurrentLoss Float
    CF_LossExposure CFReporting_LossExposure Float
    CF_LossRecovery CFReporting_LossRecovery Float
    CF_Resolution CFReporting_Resolution String
    CF_ResolutionDate CFReporting_ResolutionDate Date Time
    CF_Status CFReporting_Status String
    CF_Supervisor CFReporting_Supervisor String
  4. Leave the Property Templates tab open, and navigate to Data Design > Classes > Folder > Base Case > Case Folder.
  5. In the tree view, expand Case Folder and open the folder that represents the fraud investigation. You might have multiple Fraud Investigation folders. The Symbolic Name field is displayed in the Fraud Investigation tab when you open a folder. Select the folder name with the symbolic name that depicts the prefix for the solution that you are configuring. If you opened multiple fraud investigation tabs, close all but the fraud investigation tab that you are configuring.
  6. Enable auditing on the case type.
    1. In the Fraud Investigation tab, scroll to the Audit Definitions tab and click New.
    2. Enter the following values in the New Audit Definition dialog box and click OK.
      Field Name Value
      Display name Creation
      Event Creation Event
      Object state recording level Modified object only
      Audit type Success
      Options Is Enabled
    3. Click OK.
  7. Repeat step 6 to add an audit definitions for the Deletion event.
    Field Name Value
    Display name Delete
    Event Deletion Event
    Object state recording level Modified object only
    Audit type Success
    Options Is Enabled
  8. Repeat step 6 to add Audit Definitions for the Update event.
    Field Name Value
    Display name Update
    Event Update Event
    Object state recording level Modified object only
    Audit type Success
    Options Is Enabled
  9. In the Fraud Investigation tab, click Save.
  10. Enable auditing for a property.
    1. Click the Properties tab in the correct Fraud Investigation tab.
    2. In the Property Definitions row, select the Owner property in the Property Value list. The Owner tab opens.
      Important: The Counter Fraud solution template includes two Owner properties. Ensure that the Owner tab has the Is System Owned property set to False. If your tab does not show False, close this tab and scroll to locate and then open the other Owner value in the Property Definitions drop down list. You need to copy values from the case property.
    3. In the Property Templates tab, click the CF_CaseOwner property template in the list of templates. The CF_CaseOwner tab opens.
    4. In the CF_CaseOwner tab, click Actions > Copy Object Reference.
    5. In the Owner tab, scroll to the Audit As field and click the down arrow next to the Property Value drop down list. Click Paste Object in the context menu.
    6. In the Fraud Investigation tab, click Save.
      Tip:
      If more than one Fraud Investigation tab is open, the tab with changes has an * asterisk in the tab name. The changes to the Fraud Investigation and Owner tabs are saved.
    7. Close the Owner and CF_CaseOwner tabs. Leave the Property Template tab and Fraud Investigation tab open.
  11. Repeat step 10 for each item in the following table.
    Table 2. Property definitions
    Case Property Name Audit As Property Template Data Type
    Date Created CF_CreateDate Date Time
    Current Loss CF_CurrentLoss Float
    Loss Exposure CF_LossExposure Float
    Loss Recovery CF_LossRecovery Float
    Resolution CF_Resolution String
    Resolution Date CF_ResolutionDate Date Time
    Status CF_Status String
    Supervisor CF_Supervisor String
  12. Close the Property Template tab and Fraud Investigation tab.
  13. Configure the Creation Event to audit the property templates.
    1. Navigate to Object Stores > deployed_target_object_store > Data Design > Classes > Other Classes > Event > Object Change Event > Creation Event.
    2. Click the Property Definitions tab and then click Add. The Add/Remove Properties window displays the available properties.
    3. Optional: Filter the properties to display only the items that start with "CF_". This step can take a while to complete.
      1. Click Define Filter.
      2. For the Column field, select Property.
      3. In the Value field, enter CF_ and click Filter.
    4. Select the CF_* properties from Table 2 and click OK.
    5. In the Creation Event tab, click Save. The property is added to the list of properties in the Property Definitions tab in the Creation Event tab.
    6. Close the Creation Event tab.
  14. Configure the Deletion Event to audit the property templates. Navigate to Object Stores > deployed_target_object_store > Data Design > Classes > Other Classes > Event > Object Change Event > Deletion Event and add the properties to the event.
  15. Configure the Update Event to audit the property templates. Navigate to Object Stores > deployed_target_object_store > Data Design > Classes > Other Classes > Event > Object Change Event > Update Event and add the properties to the event.

Results

Expect a delay between the time that you configure auditing and when data shows up in reports. It can take five minutes or more for data to be displayed in a report.

Configuring Counter Fraud to use existing customer host names

Counter Fraud provides generic host names for the following nodes:

  • data.icfm.ibm.com
  • core.icfm.ibm.com
  • case.icfm.ibm.com
  • iddn.icfm.ibm.com

You must reconfigure Counter Fraud dashboards to work with a customer's actual host names. To do so, for each dashboard, you must update the URL to the reporting server to match a customer's environment. This procedure is performed when updating mapping services during the import of theCounter Fraud case management solution. However, you might need to change a URL value after import, or provide a missing value.

After you import the solution package, if you need to add a missing value (or update a URL), follow steps for the specific dashboard you wan to configure.

You can configure dashboard URLs during the import process, or manually configure using these instructions. To configure a dashboard URL:

  1. Log in to Case Manager Builder. Enter the following URL in the browser:
    https://case_server:secure_port/CaseBuilder
  2. Click Edit on the target solution to load the design environment.
  3. Navigate to the Pages tab and expand the Solution Pages section to list the available dashboard pages.
  4. For the Operational Dashboard and Investigator Dashboard pages, skip to step 5. For all other dashboards, complete the following steps.
    1. Click the name of the page to open the Page Designer.
      Update the following Dashboard pages:
      • Assessment Activity Dashboard
      • Assessment Results Dashboard
      • Analysis Flow Dashboard
      • Case Generation Dashboard
      • Assessment Trends Dashboard
      • Assessments by Object Type
      • 12 Month Assessment Summary
    2. Click the Edit Settings icon.
    3. Update the URL to match the Cognos Gateway configuration for the environment. For example, the base URL might be https://hostname:secure_port/ibmcognos/ or https:/hostname:secure_port/ServletGateway depending on your installation. For details about the Cognos Gateway URL construction, see CGI Program and Alternative Gateways.
    4. Click OK to save the settings. Click Save and Close.
  5. For the Operational Dashboard and Investigator Dashboard pages only, complete the following steps.
    1. Click the dashboard page name to open it in Page Designer.
    2. Display the Script Adapter widget (if hidden) by clicking the Show or Hide Hidden Widgets button.

      Show or Hide Hidden Windows icon

    3. Click the Edit Settings icon to open the Settings dialog box.
    4. In the script code, update the URL to match the Cognos Gateway configuration for the environment. For example, the base URL might be https://hostname:secure_port/ibmcognos/ or https:/hostname:secure_port/ServletGateway, depending on your installation. For more information, see CGI Program and Alternative Gateways.
    5. Click OK to save the settings. Click Save and Close.
  6. For the Content Analytics page, complete the following steps.
    1. Click the dashboard page name to open it in Page Designer.
    2. On the Website Viewer widget, click the Edit Settings icon to open the Settings dialog box.
    3. In the dialog box, update the URL if necessary to match the Watson Content Analytics server information for your environment. For example, the base URL might be https://hostname:secure_port/ui/search, where the hostname value is replaced with your specific server name.
    4. Click OK to save the settings. Click Save and Close.
  7. For the Link Analysis page, follow these steps:
    1. Click the dashboard page name to open it in Page Designer.
    2. On the Website Viewer widget, click the Edit Settings icon to open the Settings dialog box.
    3. In the dialog box, update the URL if necessary to match the Watson Content Analytics server information for your environment. For example, the base URL might be https://iapserver_hostname:secure_port/apollo/, where the iapserver_hostname is replaced with your specific server name.
    4. Click OK to save the settings. Click Save and Close.
  8. Commit your changes and deploy the solution.

Known issues

Known issues associated with the 1.5.0.5 VMs are documented below. As problems are discovered, relevant information and problem workarounds are added to this list.

  1. ISSUE: Notifications do not work for i2 Analyst Notebook Premium against the i2 Intelligence Analysis Platform server

    Before following the workaround outlined below, ensure that DB2 is up and running on the data server. If DB2 is not started, log into the data server as root and run the following command:

      service ibmcfmdata start

    Workaround

    Follow these steps:

    1. Use a secure-shell (ssh) client to connect to the data server. You can connect with a network client application, such as PuTTY. Log in to the data server as root.
    2. Switch to the DB2 instance account as follows: 
        sudo su - db24core
    3. Connect to the Counter Fraud database (CFDB): 
        db2 connect to cfdb
    4. Check the values set for the following system properties: 
        db2 "select name, value from cfconfig.SYSTEM_PROPS" | grep IIM  IAP ICM DOCUMENT TYPE, IIM_ANBChart  IAP ICM ANB CHART PROPERTY, IIM_FileName

      Note that these values should be CFAL_ANBChart and CFAL_FileName. Default values (IIM_ANBChart and IIM_FileName) must be changed to match the solution prefix for your solution; otherwise, attachments do not work from the ANBP plug-in for ICM.

    5. Update these property values to match the ICM solution prefix: 
        db2 "update CFCONFIG.SYSTEM_PROPS set value='CFAL_ANBChart' where name='IAP ICM DOCUMENT TYPE'"  db2 "update CFCONFIG.SYSTEM_PROPS set value='CFAL_FileName' where name='IAP ICM ANB CHART PROPERTY'"
    6. Verify that the commands worked: 
        db2 "select name, value from cfconfig.SYSTEM_PROPS" | grep IIM
      The following entries should "not" appear in the results: 
        IAP ICM DOCUMENT TYPE, IIM_ANBChart  IAP ICM ANB CHART PROPERTY, IIM_FileName
    7. Disconnect from the Counter Fraud database: 
        disconnect from cfdb "db2 connect reset"  (or "db2 terminate")
  2. ISSUE: Adding a task (Request Case Analysis and Secondary Review) results in an exception error

    After selecting a case, if you select to add a task (Add Task), such as to Request Case Analysis or Secondary Review, you might receive the following error:

    Note: This issue is not applicable to Generate Case Package and Conduct Meeting tasks.

      The following error occurred while processing a request on the application server:   [FNRPE2131090277E]Role Definition class object "Triage%202" not found for   Application Space "Counter Fraud Alert".    An error occurred on the application server.  Additional information about the error is in the SystemOut.log of the ICFM WebSphere Application Server profile.

    The following Java exception is displayed in the log file:

      Caused by:     [FNRPE2131090277E]Role Definition class object "Triage%202" not found for Application Space "Counter Fraud Alert".     at filenet.jpe.rpc.ejb.EJB_rpc_fetchRoles.addTheseRolesInTheAppSpace_FilterBy(EJB_rpc_fetchRoles.java:407)     at filenet.jpe.rpc.ejb.EJB_rpc_fetchRoles.getFilteredRoleClasses(EJB_rpc_fetchRoles.java:352)     at filenet.jpe.rpc.ejb.EJB_rpc_fetchRoles.execute(EJB_rpc_fetchRoles.java:141)     at filenet.jpe.rpc.ejb.PECommandsRemote.pejb_fetchRoles(PECommandsRemote.java:1571)     at sun.reflect.GeneratedMethodAccessor183.invoke(Unknown Source)     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:37)     at java.lang.reflect.Method.invoke(Method.java:611)     at filenet.jpe.rpc.ejb.PECommandsRemote.invokeRPC(PECommandsRemote.java:183)     at filenet.jpe.rpc.ejb.PESendCommandImpl.invokeRPC(PESendCommandImpl.java:105)     at sun.reflect.GeneratedMethodAccessor123.invoke(Unknown Source)     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:37)     at java.lang.reflect.Method.invoke(Method.java:611)     at com.ibm.ejs.container.EJSContainer.invokeProceed(EJSContainer.java:5730)     at com.ibm.ejs.container.interceptors.InvocationContextImpl.proceed(InvocationContextImpl.java:568)     at filenet.jpe.rpc.common.RequestInterceptor.getMyUser(RequestInterceptor.java:93)     at sun.reflect.GeneratedMethodAccessor122.invoke(Unknown Source)     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:37)     at java.lang.reflect.Method.invoke(Method.java:611)     at com.ibm.ejs.container.interceptors.InterceptorProxy.invokeInterceptor(InterceptorProxy.java:227)     at com.ibm.ejs.container.interceptors.InvocationContextImpl.proceed(InvocationContextImpl.java:548)     at com.ibm.ejs.container.interceptors.InvocationContextImpl.doAroundInvoke(InvocationContextImpl.java:229)     at com.ibm.ejs.container.EJSContainer.invoke(EJSContainer.java:5621)     ... 125 more

    Workaround

    For more information about this issue, refer to the following IBM Case Manager Client APAR (proper authorization is required to access):

    PJ43785: ATTEMPT TO SELECT A ROLE WHOSE NAME CONTAINS ONE OR MORE SPACES DURING RE-ASSIGN GETS FNRPE2131090277E EXCEPTION

This document was last updated: 02/01/2016

[{"Product":{"code":"SSXJFX","label":"IBM Counter Fraud Management"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"Not Applicable","Platform":[{"code":"PF016","label":"Linux"}],"Version":"1.5.0.5","Edition":"","Line of Business":{"code":"LOB10","label":"Data and AI"}}]

Document Information

Modified date:
17 June 2018

UID

swg27047242

Page Feedback