Scrutinizer Virtual Appliance Deployment Guide Page i. Scrutinizer Virtual Appliance Deployment Guide. plixer

Similar documents
Deploy a Barracuda Backup Virtual Appliance

VMware ESX ESXi and vsphere. Installation Guide

Installing and Upgrading Cisco Network Registrar Virtual Appliance

HiveManager Virtual Appliance QuickStart

Using VMware vsphere With Your System

Using VMware vsphere with Your System

Contents. Limitations. Prerequisites. Configuration

ECDS MDE 100XVB Installation Guide on ISR G2 UCS-E and VMWare vsphere Hypervisor (ESXi)

Deploy the ExtraHop Discover Appliance with VMware

Configuring High Availability for VMware vcenter in RMS All-In-One Setup

Install and Configure FindIT Network Manager and FindIT Network Probe on a VMware Virtual Machine

Version 2.3 User Guide

UDP Director Virtual Edition Installation and Configuration Guide (for Stealthwatch System v6.9.0)

Archiware Pure Quick Start Guide

Installing or Upgrading ANM Virtual Appliance

Using VMware vsphere With Your System

Deploy the ExtraHop Discover Appliance with VMware

Installing Cisco MSE in a VMware Virtual Machine

Preparing Virtual Machines for Cisco APIC-EM

Preparing Virtual Machines for Cisco APIC-EM

Cisco VDS Service Broker Software Installation Guide for UCS Platforms

Using VMware vsphere With Your System

KEMP360 Central - VMware vsphere. KEMP360 Central using VMware vsphere. Installation Guide

Install ISE on a VMware Virtual Machine

Install ISE on a VMware Virtual Machine

Install ISE on a VMware Virtual Machine

Using a Virtual Machine for Cisco IPICS on a Cisco UCS C-Series Server

Installing Cisco CMX in a VMware Virtual Machine

Installation of Cisco Business Edition 6000H/M

Install ISE on a VMware Virtual Machine

UDP Director Virtual Edition

Deploy the ExtraHop Trace Appliance with VMware

Dell Storage Compellent Integration Tools for VMware

AltaVault Cloud Integrated Storage Installation and Service Guide for Virtual Appliances

Netwrix Auditor. Virtual Appliance and Cloud Deployment Guide. Version: /25/2017

NSFOCUS WAF (VM) User Guide

Dell Storage Compellent Integration Tools for VMware

Vembu VMware Virtual Appliance Installation Guide - OffsiteDR

QUICK SETUP GUIDE VIRTUAL APPLIANCE - VMWARE, XEN, HYPERV CommandCenter Secure Gateway

OpenManage Integration for VMware vcenter Quick Install Guide for vsphere Client, Version 2.3.1

WatchGuard Dimension v1.1 Update 1 Release Notes

Gnostice StarDocs On-Premises API Virtual Appliance

Stealthwatch Flow Sensor Virtual Edition Installation and Configuration Guide (for Stealthwatch System v6.9.0)

Deployment of FireSIGHT Management Center on VMware ESXi

HiveManager NG Virtual Appliance

WatchGuard Dimension v2.1.1 Update 3 Release Notes

Install ISE on a VMware Virtual Machine

How to Deploy vcenter on the HX Data Platform

All - In - One for Hyper- V

Storage Manager 2018 R1. Installation Guide

ClearPass Policy Manager 6.3

Dell Storage Integration Tools for VMware

Global Management System (GMS) Virtual Appliance 6.0 Getting Started Guide

Installing the Cisco IOS XRv 9000 Router in VMware ESXi Environments

OneSign Virtual Appliance Guide

Platform Compatibility... 1 Known Issues... 1 Resolved Issues... 2 Deploying the SRA Virtual Appliance... 3 Related Technical Documentation...

Installing the Cisco Nexus 1000V Software Using ISO or OVA Files

EventTracker: Virtual Appliance

CA Agile Central Administrator Guide. CA Agile Central On-Premises

Deploying the Cisco Tetration Analytics Virtual

EventTracker: Virtual Appliance

EventTracker: Virtual Appliance

Deploy IBM Spectrum Control Virtual Appliance into VMware ESXi V5.1 IBM

Installing VMware vsphere 5.1 Components

FortiManager VM - Install Guide. Version 5.6

Installing Cisco Virtual Switch Update Manager

KEMP 360 Central for vsphere. Installation Guide

BIG-IP Virtual Edition and VMware ESXi: Setup. Version 12.1

CA Agile Central Installation Guide On-Premises release

FortiManager VM - Install Guide VERSION 5.4

Installation. Power on and initial setup. Before You Begin. Procedure

Configure Windows Server 2003 Release 2 Server Network File Share (NFS) as an authenticated storage repository for XenServer

Hands-on Lab Manual. Introduction. Dell Storage Hands-on Lab Instructions. Estimated Completion Time: 30 minutes. Audience. What we will be doing

Configure RSPAN with VMware

How to Deploy a Barracuda NG Vx using Barracuda NG Install on a VMware Hypervisor

BIG-IP Virtual Edition and Microsoft Hyper- V: Setup. Version 12.1

PassTest. Bessere Qualität, bessere Dienstleistungen!

Virtual Appliance Installation Guide

WatchGuard Dimension v2.0 Update 2 Release Notes. Introducing New Dimension Command. Build Number Revision Date 13 August 2015

Configure RSPAN with VMware

Deploying the LANGuardian Virtual Appliance on VMware ESXi 6.5

Microsoft Hyper-V Hypervisor/ vsphere Hypervisor. Quick Start Guide. Microsoft Hyper-V. Hypervisor/ vsphere Hypervisor - 1 -

FileCruiser VM Quick Configuration Guide For Trial Version V1.0

Dell Storage Manager 2016 R3 Installation Guide

Symantec Protection Center Getting Started Guide. Version 2.0

Getting Started with ESXi Embedded

InControl 2 Software Appliance Setup Guide

Setting Up Cisco Prime LMS for High Availability, Live Migration, and Storage VMotion Using VMware

DSI Optimized Backup & Deduplication for VTL Installation & User Guide

Deployment Guide for Unitrends Backup on VMware

Cisco Emergency Responder Installation

on VMware Deployment Guide November 2018 Deployment Guide for Unitrends Free on VMware Release 10.3 Version Provide feedback

F5 iworkflow and Microsoft Hyper-V: Setup. Version 2.2.0

Cisco Mobility Services Engine Virtual Appliance Installation Guide

Developing and Deploying vsphere Solutions, vservices, and ESX Agents. 17 APR 2018 vsphere Web Services SDK 6.7 vcenter Server 6.7 VMware ESXi 6.

UPGRADE GUIDE. Log & Event Manager. Version 6.4

OpenManage Integration for VMware vcenter Quick Install Guide for vsphere Client, Version 2.3

Installing Your System Using Manual Deployment

Developing and Deploying vsphere Solutions, vservices, and ESX Agents

How to Deploy Axon on VMware vcenter

Transcription:

Scrutinizer Virtual Appliance Deployment Guide Page i Scrutinizer Virtual Appliance Deployment Guide

Contents What you need to know about deploying a Scrutinizer virtual appliance.. 1 System Requirements..................................2 Scrutinizer OVF Deployment on ESX.........................2 Upgrading the Virtual Machine Hardware Version for ESXi.......... 11 Installing VMware Tools for ESXi........................... 12 Expanding the database size for ESXi........................ 13 Scrutinizer Deployment on Hyper-V......................... 19 Expanding the database size for Hyper-V..................... 24 Scrutinizer Deployment on KVM...........................29 Optimizing Scrutinizer datastores..........................30 FAQ............................................. 31

Scrutinizer Virtual Appliance Deployment Guide Page 1 What you need to know about deploying a Scrutinizer virtual appliance To help improve the deployment process, this section will outline the Scrutinizer Virtual Appliance (VA) deployment process and give you the understanding of what is required to successfully complete this deployment. The Scrutinizer Virtual Appliance can be obtained from Plixer or your local reseller; and is downloaded as an all-in-one virtual appliance which can be deployed on an ESXi v5.5 and above, Hyper-V 2012 hypervisor, or KVM 14 and above. You will need to obtain an appliance license or evaluation license from Plixer or your local reseller in order for the Scrutinizer Virtual Appliance to function properly. It is recommended to give the Scrutinizer virtual machine NIC a stat MAC address to prevent the machine ID from changing. This is especially important in clustered virtual environments where the VM can change hosts and MAC addresses. If the MAC address changes, the VM will need a new license key. The Scrutinizer Virtual Appliance is deployed on a hypervisor server; it will use 100GB of disk space, 16GB of RAM, and 1 CPU with 4 cores. The performance you get out of a Scrutinizer Virtual Appliance will be directly depended on the hardware on which it's deployed. It's recommended to dedicate, not share, all the resources that are allocated to the Scrutinizer virtual machine. This is especially important for the Scrutinizer datastores. In environments with high volumes of NetFlow data, Scrutinizer will require dedicated datastores, which are discussed in further detail later in this document. Scrutinizer hardware appliances are recommended for deployments of exceedingly high volume of flow, as they are designed to handle the highest flow rates. With the default of 100GB of disk space, you can store up to 1 month of NetFlow v5 data from 25 devices at 1,500 flows per second. If you're planning on exceeding this volume of flow data, or if you need to store data for longer than 30 days, there are detailed steps indicated below that will show you how to expand the amount of disk space allocated in the appliance.

Scrutinizer Virtual Appliance Deployment Guide Page 2 To enable the ability to shut down the Scrutinizer Virtual Appliance through vsphere, install VMware Tools using the instructions in this document. Using the "Power > Off" method will result in database corruption. Here at Plixer, we don't like our customers to encounter difficulty, so if you have any questions please do not hesitate to contact our support team. System Requirements The Scrutinizer Virtual Appliance has the following requirements: Component Minimum Specifications (for trial installations) Recommended Specifications (for production environments) RAM 16GB 64GB Disks 100GB 1+ TB 15K RAID 0 or 10 configuration Processor 1 CPU 4 cores 2GHz+ 2 CPUs 8 Cores 2GHz+ Operating System ESXi 5.5+, Hyper-V 2012, KVM 14 ESXi 6+, Hyper-V 2012, KVM 16 Scrutinizer OVF Deployment on ESX 1. Download the latest Scrutinizer Virtual Appliance 2. Using VMware vsphere, or vcenter, connect to the ESX host where you will deploy the Scrutinizer Virtual Appliance

Scrutinizer Virtual Appliance Deployment Guide Page 3 3. Go to File > Deploy OVF Template 4. Select "Deploy from file" and browse to the downloaded Scrutinizer.ovf file and then click "Next."

Scrutinizer Virtual Appliance Deployment Guide Page 4 5. This step will show you the OVF template details. Click "Next." 6. Give your Scrutinizer VA a name and click "Next."

Scrutinizer Virtual Appliance Deployment Guide Page 5 7. Select your datastore and click "Next." NOTE: Be sure to read the "Optimizing Scrutinizer Datastores" section to obtain the best performance and collection rates. 8. Select the network to be used by the Scrutinizer Virtual Appliance.

Scrutinizer Virtual Appliance Deployment Guide Page 6 9. A summary of the options you chose will appear. Click "Finish" and it will import the Scrutinizer Virtual Appliance. This can take a few moments. 10. Before powering on the Scrutinizer virtual machine, it's important to set a static MAC address for licensing purposes. Right-click on the Scrutinizer VM and select "Edit Settings..."

Scrutinizer Virtual Appliance Deployment Guide Page 7 11. Select the Network adapter, set the MAC Address to Manual, enter in a unique MAC Address, and then proceed to step 12. 12. The next step is to allocate and dedicate resources to the Scrutinizer virtual machine. For evaluation purposes, the Scrutinizer OVF grabs 1CPU with 4 cores, 16GB of RAM, and 100GB of disk space. When deploying the Scrutinizer Virtual Appliance, it's recommended to increase the resources to meet the recommended system requirements listed earlier in this document. Since all installs will vary, more resources may be required. Start on the "Hardware" tab and increase the Memory, CPUs, and Hard disk as necessary (see System Requirements section for more detail).

Scrutinizer Virtual Appliance Deployment Guide Page 8 Next, navigate to the "Resources" tab. Under CPU and Memory, set the "Shares" value to High and set the "Reservation" value to the amount of resources dedicated to the virtual machine. Now press "OK." NOTE: The amount of RAM in the screenshot below is on a small test ESX server, so it won't match a production install.

Scrutinizer Virtual Appliance Deployment Guide Page 9 13. Right-click on the Scrutinizer virtual machine and power it on. 14. Navigate to the "Console" tab and log in to the Scrutinizer Virtual Appliance using root/scrutinizer. The server will perform a quick setup and immediately reboot.

Scrutinizer Virtual Appliance Deployment Guide Page 10 15. Log in to the server again and answer the provided questions. You will see the server download and install the PDF converter. Press "Enter" and the server will reboot to apply the necessary settings. 16. Now log in to the Scrutinizer web interface in your web browser and apply the necessary evaluation license keys.

Scrutinizer Virtual Appliance Deployment Guide Page 11 Upgrading the Virtual Machine Hardware Version for ESXi The Scrutinizer Virtual Appliance is built on Virtual Machine Hardware Version 7 to maintain backwards compatibility with ESX 4.1 hypervisors. If you're running vsphere 5.0 or 5.1 you can take advantage of the newer feature sets by upgrading the Virtual Machine Hardware Version as indicated below. 1. While the virtual machine is powered off, in vsphere (or vcenter), rightclick on the virtual machine and select "Upgrade Virtual Hardware." 2. Next, power on the virtual machine 3.

Scrutinizer Virtual Appliance Deployment Guide Page 12 Installing VMware Tools for ESXi After you have powered on and gone through the initial Scrutinizer configuration, optionally, you can install VMware Tools on the appliance. VMware Tools doesn't come installed by default because each version of ESX installs a different VMware Tools package. Instead, there's a command you can run from the interactive prompt: 1. Log in to the appliance as the "" user Use the password you set in the initial deployment 2. In the Scrutinizer interactive prompt, type the following command: enable vmwaretools 3. The tool will then display the necessary files in the terminal. You will return to the prompt afterward.

Scrutinizer Virtual Appliance Deployment Guide Page 13 4. Celebrate. You will be able to see details of the appliance in vsphere under the summary tab. NOTE: Installing VMware Tools will allow you to properly shut down the Scrutinizer virtual machine from within vsphere by going to Power > Shut Down Guest. When shutting down the Scrutinizer virtual machine, DO NOT select Power > Power Off, as it will result in database corruption. Powering off a virtual machine is equivalent to unplugging a physical computer. Expanding the database size for ESXi Depending on the volume of NetFlow data that will be sent to the Scrutinizer appliance, you may need to expand the size of the database. Expanding the size of the database is a multi-stage process. If you have any questions, please contact your support representative. 1. Power off the Scrutinizer virtual machine by logging in and issuing the "shutdown -h now" command. 2. Add an additional hard drive to your Scrutinizer Virtual Appliance by rightclicking on the Scrutinizer virtual machine and going to "Edit Settings..."

Scrutinizer Virtual Appliance Deployment Guide Page 14 3. On the Hardware tab, click "Add...", select "Hard Disk" and then click "Next."

Scrutinizer Virtual Appliance Deployment Guide Page 15 4. Select "Create a new virtual disk" and then click "Next." 5. Choose the type of Disk Provisioning and alter the Capacity of the disk size. Click "Next."

Scrutinizer Virtual Appliance Deployment Guide Page 16 6. The screenshot below is the default; be sure to specify any "Advanced Options" you require and then click "Next." 7. Review your changes and then click "Finish."

Scrutinizer Virtual Appliance Deployment Guide Page 17 8. Power on the virtual machine by right-clicking on the Scrutinizer virtual machine in vsphere. Select Power > Power On. 9. Now that the new hard drive is added, we have to resize the volume group, the partition volume, and the file system so that Scrutinizer can use the newly allocated space. Start by logging in to the Scrutinizer Virtual Appliance as the '' user Type 'show diskspace' to view the current size of the database, which is mounted on /var/db. This is the current size of disk before we add the new space.

Scrutinizer Virtual Appliance Deployment Guide Page 18 Type "show partitions" and make note of the disk in use for the newly added space. 10. Now that we know the disk to use, we can run a command to use the newly added space. There will be an interactive prompt to follow. It will ask whether you have taken a backup of your data before proceeding. Type "set partitions /dev/sd[from above]" In this guide, /dev/sdb is the correct partition. If the values are correct, type "y" to continue. Confirm that the new diskspace was added to the volume group.

Scrutinizer Virtual Appliance Deployment Guide Page 19 The next step will be automatic; please wait a few moments. When it is finished, compare the output of the "show partitions" command we ran in Step 9. 11. Celebrate! Scrutinizer Deployment on Hyper-V 1. Download the latest Scrutinizer Virtual Appliance 2. Unzip the file on your Hyper-V server 3. Open Hyper-V Manager and select Import Virtual Machine

Scrutinizer Virtual Appliance Deployment Guide Page 20 4. Specify the Scrutinizer Incident Response System folder 5. Select the Virtual Machine

Scrutinizer Virtual Appliance Deployment Guide Page 21 6. Choose Import Type 7. Go to Settings

Scrutinizer Virtual Appliance Deployment Guide Page 22 8. Make sure the memory is set to 16GB. 9. Select your Network Adapter and assign it to the appropriate Virtual Switch. 10. Expand the Network Adapter section, select Advanced Features, set the MAC Address to Static, enter in a unique MAC Address, and then press "OK."

Scrutinizer Virtual Appliance Deployment Guide Page 23 11. Start the Virtual Machine. 12. Right-click on the Virtual Machine and click Connect to log in to the Scrutinizer Virtual Appliance using root/scrutinizer. The server will perform a quick setup and immediately reboot. 13. Log in to the server again and answer the provided questions. You will see the server download and install the PDF converter. Press "Enter" and the server will reboot to apply the necessary settings. 14. Now log in to the Scrutinizer web interface in your web browser and apply the necessary evaluation license keys.

Scrutinizer Virtual Appliance Deployment Guide Page 24 Expanding the database size for Hyper-V Depending on the volume of NetFlow data that will be sent to the Scrutinizer appliance, you may need to expand the size of the database. Expanding the size of the database is a multi-stage process. If you have any questions, please contact your support representative. 1. Power off the Scrutinizer virtual machine by logging in and issuing the "shutdown -h now" command. 2. In the Hyper-V Manager, right-click on the Scrutinizer virtual machine and select "Settings." 3. Next, select the IDE Controller and click "Add" to a hard drive.

Scrutinizer Virtual Appliance Deployment Guide Page 25 4. Under Virtual hard disk, select "New." 5. On the New Virtual Hard Disk Wizard, select "Next."

Scrutinizer Virtual Appliance Deployment Guide Page 26 6. On the Choose Disk Format page, select VHDX. It's common for Scrutinizer VMs to expand past 2TB of disk space, so VHD is not recommended. 7. On the Choose Disk Type page, select your preferred disk type and then press "Next."

Scrutinizer Virtual Appliance Deployment Guide Page 27 8. On the Specify Name and Location page, give your VHDX a name and then select the location for the virtual disk. 9. Set the size of the new virtual disk and then press "Next."

Scrutinizer Virtual Appliance Deployment Guide Page 28 10. Review the new disk settings and then click "Finish." 11. Power on the Virtual Machine 12. Follow steps 9-23 starting on page 17 under "Expanding the database size for ESX"

Scrutinizer Virtual Appliance Deployment Guide Page 29 Scrutinizer Deployment on KVM 1. Create a directory for your install mkdir kvm/scrut_vm_guide/ 2. Download the latest Scrutinizer Virtual Appliance to your KVM install Command line example: wget https://files..com/scrutinizer_kvm_image_pg.tar.gz NOTE: Contact support for latest image if the URL above does not work. 3. Unzip the file on your KVM server to your new folder. sudo tar xvsf Scrutinizer_KVM_Image.tar.gz 4. Run your script to install Scrutinizer sudo./install-kvm-scrut.sh At this point, you should see that your machine has been created from the image we deployed:

Scrutinizer Virtual Appliance Deployment Guide Page 30 5. Lastly, we just need to log in to the machine now that it is deployed. Run this command to get to the console: virsh console Scrutinizer You will be prompted to log in; the default credentials are root/ scrutinizer. The machine will reboot and you will be asked to log in again. This time, you will be presented with a shell script asking for networking information. Follow the on-screen instructions and celebrate! Optimizing Scrutinizer datastores Due to the nature of NetFlow, large deployments require a very high volume of disk I/O. For the best performance, the Scrutinizer Virtual Appliance should be deployed on a dedicated 15,000RPM RAID 10 datastore, with the amount of disk space that is required to meet your history setting requirements; 1.8 TB of disk space in RAID 10 is the recommended datastore deployment size. If Scrutinizer is deployed on shared drives, such as a storage area network (SAN) or network-attached storage (NAS), then collection rates cannot be guaranteed, as the collection rates will directly depend on what other applications are also using the same disk I/O. In high flow volume environments, if you cannot get dedicated datastores, it's recommended to use a Scrutinizer Hardware Appliance for the dedicated resources and higher collection rates.

Scrutinizer Virtual Appliance Deployment Guide Page 31 FAQ Q: I got an UNEXPECTED INCONSISTENCY error when trying to power on the Scrutinizer Virtual Appliance. What do I do now? A: This error indicates that the clock on the ESX server is not set correctly and is in the past. As a result, the disk checks fail, which does not allow the virtual machine to start. To resolve this, set your ESX host to sync with a NTP server and then re-deploy the Scrutinizer OVF. Q: How do I make the collector listen on a non-standard NetFlow port? A: This is a 4-step process. 1. Log in to the web interface, navigate to Admin > Settings > System Preferences and update the listener port. 2. From the Scrutinizer VA CLI, edit the /etc/sysconfig/iptables file and add a line identical to another UDP line, but with your port number. 3. Type the command "service iptables restart" 4. Type the command "service _flow_collector stop" then "service _flow_collector start" Q: How do I stop/start the services? A: Run the following commands )stop start means type one OR the other): service _flow_collector stop start service _syslogd stop start service httpd stop start service mysqld stop start Q:I have a German "QWERTZ" keyboard layout. How come I keep getting password failures when logging in to the appliance for the first time? A: On the German "QWERTZ" keyboard layout, the Z and Y keys are switched. You'll need to log in with the password "scrutiniyer." Q: Is the Scrutinizer Hyper-V image backwards compatible with Hyper-V 2008? A: The Scrutinizer Hyper-V image uses features in Hyper-V 2012 that are not backwards compatible with Hyper-V 2008.

Scrutinizer Virtual Appliance Deployment Guide Page 32

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback