To enable forwarding to Cognito Recall the following prerequisites must be met:
- Cognito Detect must be running version 4.1 or newer.
- You must be licensed for Recall.
- Your Brain appliance must have active and functional NTP synchronization.
If you are interested in Cognito Recall but have not yet received your license please contact your Vectra Sales team or Vectra Support.
- Navigate to Settings - Cognito Recall. Edit "Cognito Recall Metadata Forwarding":
- Turn the flag on and Save
- Wait for the signed certificate to be generated. This may take a minute or more.
- Once enabled you should see Health Status as Connected.
Your Cognito Detect brain will need to make outbound HTTPS (TCP 443) connections to your Cognito Recall instance.
Your Cognito Detect Brain will need to keep its clock synchronized with Recall for token-based authentication to work, this can be done by allowing requests to an NTP server, or by manually synchronizing the brain's clock periodically.
The IPs and FQDN will be provided by your Support or Sales team once Recall is licensed and deployed.
For your security, the Cognito Recall instance is restricted so that only your Cognito Brain can make HTTPS connections to the instance. Your Support or Sales team will ask you to provide the external (post-NAT) IP addresses for configuration in your Recall instance firewall.