Deploy the ExtraHop Discover Appliance in Azure

Similar documents
Deploy the ExtraHop Discover 3100, 6100, 8100, or 9100 Appliances

Deploy the ExtraHop Discover Appliance 1100

Deploy the ExtraHop Explore Appliance on a Linux KVM

Deploy the ExtraHop Explore Appliance in Azure

Deploy the ExtraHop Trace 6150 Appliance

Deploy the ExtraHop Explore 5100 Appliance

Deploy the ExtraHop Discover Appliance with VMware

ExtraHop 7.0 ExtraHop Trace Admin UI Guide

ExtraHop 7.0 ExtraHop Explore Admin UI Guide

ExtraHop 6.1 ExtraHop Explore Admin UI Guide

ExtraHop 6.2 Admin UI Guide

Collaboration Management Suite. Installation manual

VMware Identity Manager Cloud Deployment. Modified on 01 OCT 2017 VMware Identity Manager

VMware Identity Manager Cloud Deployment. DEC 2017 VMware AirWatch 9.2 VMware Identity Manager

Cisco VVB Installation

VMware Identity Manager Connector Installation and Configuration (Legacy Mode)

ExtraHop 7.1 Admin UI Guide

System Setup. Accessing the Administration Interface CHAPTER

Installation and Configuration

Deploy the ExtraHop Explore Appliance on a Linux KVM

Deploy the ExtraHop Discover Appliance with Hyper-V

InControl 2 Software Appliance Setup Guide

Installing and Configuring VMware Identity Manager. DEC 2017 VMware AirWatch 9.2 VMware Identity Manager 3.1

Deploy the ExtraHop Discover Appliance with Hyper-V

Installation and Configuration. vrealize Code Stream 2.1

vapp Deployment and Configuration Guide

Installing and Configuring VMware Identity Manager for Linux. Modified MAY 2018 VMware Identity Manager 3.2

akkadian Global Directory 3.0 System Administration Guide

ACE Live on RSP: Installation Instructions

Deploy the ExtraHop Discover 3000, 6000, or 8000 Appliances

How to Deploy a VHD Virtual Test Agent Image in Azure

Installing and Configuring vrealize Code Stream. 28 JULY 2017 vrealize Code Stream 2.3

Deploy the ExtraHop Discover Appliance on a Linux KVM

HySecure Quick Start Guide. HySecure 5.0

Installing and Configuring VMware Identity Manager. Modified on 14 DEC 2017 VMware Identity Manager 2.9.1

Installing and Configuring VMware Identity Manager

VMware Skyline Collector Installation and Configuration Guide. VMware Skyline 1.4

Load Balancing Web Servers with OWASP Top 10 WAF in Azure

Installing and Configuring vrealize Code Stream

Installing and Configuring VMware Identity Manager Connector (Windows) OCT 2018 VMware Identity Manager VMware Identity Manager 3.

Configure the Cisco DNA Center Appliance

Installing Cisco CMX in a VMware Virtual Machine

VMware Content Gateway to Unified Access Gateway Migration Guide

Runecast Analyzer User Guide

Reset the Admin Password with the ExtraHop Rescue CD

Storage Manager 2018 R1. Installation Guide

Cisco Meeting Management

SAML-Based SSO Configuration

Silver Peak EC-V and Microsoft Azure Deployment Guide

Deploying VMware Identity Manager in the DMZ. JULY 2018 VMware Identity Manager 3.2

Connect the Appliance to a Cisco Cloud Web Security Proxy

PCoIP Connection Manager for Amazon WorkSpaces

KEMP360 Central. 1 Introduction. KEMP360 Central. Feature Description

LDAP Directory Integration

Administering vrealize Log Insight. 05-SEP-2017 vrealize Log Insight 4.3

Appliance Installation Guide

Horizon DaaS Platform 6.1 Service Provider Installation - vcloud

ExtraHop 7.2 Admin UI Guide

Load Balancing Nginx Web Servers with OWASP Top 10 WAF in Azure

Course AZ-100T01-A: Manage Subscriptions and Resources

UDP Director Virtual Edition Installation and Configuration Guide (for Stealthwatch System v6.9.0)

Cisco Integrated Management Controller (IMC) Supervisor is a management system that allows you to manage rack mount servers on a large scale.

Deploying VMware Identity Manager in the DMZ. SEPT 2018 VMware Identity Manager 3.3

Plexxi Control Installation, Upgrade and Administration Guide Release 3.2.0

Plexxi HCN Plexxi Connect Installation, Upgrade and Administration Guide Release 3.0.0

Creating an IBM API Management Version 2.0 environment

Management Console User s Guide (AST 2500 Chipset)

SUSE Cloud Admin Appliance Walk Through. You may download the SUSE Cloud Admin Appliance the following ways.

HA for Azure Classic Interface. Feature Description

ExtraHop 7.5 Admin UI Guide

VMware Skyline Collector Installation and Configuration Guide. VMware Skyline Collector 2.0

SafeConsole On-Prem Install Guide. version DataLocker Inc. July, SafeConsole. Reference for SafeConsole OnPrem

Realms and Identity Policies

Global Management System (GMS) Virtual Appliance 6.0 Getting Started Guide

Administering vrealize Log Insight. September 20, 2018 vrealize Log Insight 4.7

Install the ExtraHop session key forwarder on a Windows server

Cisco IMC Supervisor Installation Guide for VMware vsphere and Microsoft Hyper-V, Release 2.0

Installing Cisco MSE in a VMware Virtual Machine

VMware vrealize Log Insight Getting Started Guide

AccessEnforcer Version 4.0 Features List

Realms and Identity Policies

SECURE Gateway with Microsoft Azure Installation Guide. Version Document Revision 1.0

Configure Settings and Customize Notifications on FindIT Network Probe

DOCUMENTATION. UVM Appliance Azure. Quick Start Guide

Important Information

Real4Test. Real IT Certification Exam Study materials/braindumps

Quick Start Guide ViPR Controller & ViPR SolutionPack

Installing and Configuring vcloud Connector

VMware AirWatch Content Gateway for Linux. VMware Workspace ONE UEM 1811 Unified Access Gateway

Load Balancing Censornet USS Gateway. Deployment Guide v Copyright Loadbalancer.org

Migrating vrealize Automation 6.2 to 7.2

KeyNexus Hyper-V Deployment Guide

Lenovo ThinkAgile XClarity Integrator for Nutanix Installation and User's Guide

Deploy the ExtraHop Trace Appliance with VMware

Link Gateway Initial Configuration Manual

Deploy the ExtraHop Trace 6150 Appliance

Privileged Remote Access Appliance Interface (/appliance)

Exam : Implementing Microsoft Azure Infrastructure Solutions

User Identity Sources

Deployment Guide: Routing Mode with No DMZ

Transcription:

Deploy the ExtraHop Discover Appliance in Azure Published: 2018-04-20 The following procedures explain how to deploy an ExtraHop Discover virtual appliance in a Microsoft Azure environment. You must have experience administering in an Azure environment to complete these procedures. System requirements Your environment must meet the following requirements to deploy a virtual Discover appliance in Azure: An Azure storage account A Linux client with the latest updates installed The ExtraHop Discover 1000v or 2000v virtual hard disk (VHD) file, available on the ExtraHop Customer Portal A Discover appliance product key An Azure instance size that most closely matches the Discover appliance VM size, as follows: Appliance EDA 1000v EDA 2000v Azure Instance Size Basic A3 or Standard DS2 Basic A4 or Standard DS4 Important: If you want to deploy more than one ExtraHop virtual appliance, create the new instance with the original deployment package or clone an existing instance that has never been started. Deploy the EDA 1000v or 2000v Before you begin If you have not already done so, download the ExtraHop Discover appliance VHD file for Azure from the ExtraHop Customer Portal. 1. On your Linux client, open a terminal application and run the following commands. a) Install npm and node.js-legacy: sudo apt-get install npm nodejs-legacy b) Install the Azure command-line interface tools: sudo npm install -g azure-cli@0.9.7 Note: Version 0.9.7 is not the most recent version of the Azure command-line tools. However, in order to upload VHD files to Azure, you must install the older version of the tool. c) Download your publish settings file from Azure: azure account download Your default browser automatically opens to http://go.microsoft.com/fwlink/? LinkId=254432 2018 ExtraHop Networks, Inc. All rights reserved.

2. Sign into your Azure account. 3. Save the.publishsettings file to your computer. 4. Return to your terminal application and run the following commands: a) Import your publish settings file: azure account import <path_to_publishsettings_file> b) Create a boot image in the Azure blob storage location. The <azure-eda2000v.vhd> file is uploaded to blob storage, and then the new virtual instance is created from this boot image. azure vm image create <boot_image_name> <path_to_extrahop.vhd> -o linux -u <storage_account_url> Where <boot_image_name> is the name of your boot image, <path_to_extrahop_extrahop.vhd> is the name of the ExtraHop VHD file on your local machine, and <storage_account_url> is the location of your storage account in Azure. For example: azure vm image create example-image /temp/azure-eda2000v-5.1.0.983.vhd -o linux -u https://exstorage1.blob.core.windows.net/vm-images/ example-vm.vhd Note: The VHD name in the URL (example-vm.vhd, in the example above) must be unique. If you try to overwrite an existing VHD file with the same name, this step will fail and you will need to repeat this step with a new VHD name. c) Create and start an Azure VM instance: azure vm create <vm_name> <boot_image_name> --ssh -z <instance_size> - l '<zone_name>' --username user --password 'Ignored@Password1' Where <vm_name> is the name of your Explore VM, <boot_image_name> is the name of the boot image you created in step 4b, <instance_size> is the Azure instance size, and <zone_name> is your Azure subscription region. For example: Note: Choose an Azure instance size that most closely matches the Discover VM size. For the EDA 1000v, select Basic_A3 or Standard_DS2. For the EDA 2000v, select Basic_A4 or Standard_DS4. azure vm create example-vm example-image --ssh -z Basic_A4 -l 'West US' --username user --password 'Ignored@Password1' Note: Azure requires that you specify a username and password to create and start the VM instance; however, the username and password are not required by the Discover virtual appliance. d) Create HTTP and HTTPS endpoints. Endpoints are required to direct the inbound network traffic to the virtual Discover appliance. azure vm endpoint create -n HTTP <vm_name> 80 80 azure vm endpoint create -n HTTPS <vm_name> 443 443 Deploy the ExtraHop Discover Appliance in Azure 2

e) Create rpcapd endpoints: azure vm endpoint create -n rpcapd-tcp -o tcp <vm_name> 2003 2003 azure vm endpoint create -n rpcapd-udp -o udp <vm_name> 2003 2003 Note: By default, Access Control Lists (ACLs) do not restrict access to these endpoints. Configure the Discover appliance After the Discover appliance is deployed in Azure, log into the Discover Admin UI through the following URL: https://<vm_name>.cloudapp.net/admin. Note: The default login name is setup and the password is default. After you log into the Discover appliance, complete the following recommended procedures: Register the ExtraHop appliance Configure the system time Configure email notifications Pair the Discover appliance to any Command or Explore appliances Register the ExtraHop appliance Complete the following steps to apply a product key. If you do not have a product key, contact your ExtraHop account team. Tip: To verify that your environment can resolve DNS entries for the ExtraHop licensing server, open a terminal application on your Windows, Linux, or Mac OS client and run the following command: nslookup -type=ns d.extrahop.com If the name resolution is successful, output similar to the following appears: Non-authoritative answer: d.extrahop.com nameserver = ns0.use.d.extrahop.com. d.extrahop.com nameserver = ns0.usw.d.extrahop.com. 1. In your browser, type the URL of the ExtraHop appliance (https://<vm_name>.cloudapp.net/ admin). 2. Review the license agreement, select I Agree, and then click Submit. 3. On the login screen, type setup for the username and default for the password. 4. Click Log In. 5. In the Appliance Settings section, click License. 6. Click Manage License. 7. Click Register. 8. Enter the product key and then click Register. 9. Click Done. Configure the system time The default time server setting is pool.ntp.org. If you want to maintain the default setting, skip this procedure and go to the next section. Deploy the ExtraHop Discover Appliance in Azure 3

1. In the Appliance Settings section, click System Time. 2. Click Configure Time. 3. Click the Time Zone drop-down list and select a time zone. 4. Click Save and Continue. 5. On the Time Setup page, select one of the following options: Set time manually Note: You cannot manually set the time if the Discover appliance is managed by a Command appliance. Set time with NTP server 6. Select the Set time with NTP server radio button, then click Select. The pool.ntp.org public time server appears in the Time Server #1 field by default. 7. Type the IP address or fully qualified domain name (FQDN) for the time servers in the Time Server fields. You can add a maximum of nine time servers. Tip: After adding the fifth time server, click Add Server to display up to four additional time server fields. 8. Click Save, and then click Done. The NTP Status table displays a list of NTP servers that keep the system clock in sync. To sync the current system time a remote server, click the Sync Now button. Configure email settings You must configure an email server and sender before the ExtraHop appliance can send notifications about system alerts by email. 1. In the Network Settings section, click Notifications. 2. Click Email Server and Sender. 3. Type the IP address or hostname for the outgoing SMTP mail server in the SMTP Server field. Note: The SMTP server should be the fully qualified domain name (FQDN) or IP address of an outgoing mail server that is accessible from the ExtraHop management network. If the DNS server is set, then the SMTP server can be a FQDN, otherwise it needs to be an IP address. 4. Type the port number for SMTP communication in the SMTP Port field. The default port number is 25. 5. Select one of the following encryption methods from the Encryption drop-down list: None. SMTP communication is not encrypted. SSL/TLS. SMTP communication is encrypted through the Secure Socket Layer/Transport Layer Security protocol. STARTTLS. SMTP communication is encrypted through STARTTLS. 6. Type the email address for the notification sender in the Sender Address field. Note: The displayed sender address might be changed by the SMTP server. When sending through a Google SMTP server, for example, the sender email is changed to the username supplied for authentication, instead of the originally entered sender address. 7. Select Validate SSL Certificates to enable certificate validation. If you select this option, the certificate on the remote endpoint is validated against the root certificate chains specified by the trusted certificates manager. In addition, the host name specified in the certificate presented by the SMTP server must match the host name specified in your SMTP configuration or validation will fail. You must configure which certificates you want to trust on the Trusted Certificates page. For more information, see Add a trusted certificate to your ExtraHop appliance. 8. Type the email address for the report sender in the Report Sender Address field. Deploy the ExtraHop Discover Appliance in Azure 4

9. Select the Enable SMTP authentication checkbox and then type the SMTP server setup credentials in the Username and Password fields. 10. Click Save. Add an email notification group Email notification groups are assigned to alerts to designate who should receive an email when that alert becomes active. Although you can specify individual email addresses to receive emails for alerts, email groups are the most effective way to manage your alert recipient list. 1. In the Network Settings section, click Notifications. 2. Click Email Notification Groups. 3. Click Add Group. 4. In the Group Info section, enter the following information: Name: The name of the email group. System Health Notifications: Select this checkbox if you want to send system storage alerts to the email group. These alerts are sent under the following conditions: A virtual disk is in a degraded state. A physical disk is in a degraded state. A physical disk has an increasing error count. A necessary role is missing, such as firmware, datastore, or packet capture. 5. In the Email Addresses text box, type the recipient email addresses for the team members that you want to receive the alert emails for this group. Email addresses can be entered one per line or separated by a comma, semicolon, or space. Email addresses are checked only for [name]@[company].[domain] format validation. There must be at least one email address in this text box for the group to be valid. 6. Click Save. Connect the Discover appliance to any Explore, Trace or Command appliances If you have any ExtraHop Explore, Trace or Command appliances in your environment, you can connect the Discover appliance to the Command appliance or join the Discover appliance to an Explore or Trace appliance. For more information, see the ExtraHop Admin UI Guide. Deploy the ExtraHop Discover Appliance in Azure 5

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback