Virtual Appliance Setup (64 Bit)

Checklist

Time to Complete

  • 4 – 7 Days (for HealthCheck assessments)
  • Immediate (for CloudScape assessments)

Credentials needed

  • Subnets you wish to scan
  • SNMP read only community string
  • Windows Domain/Local Administrator
  • VMware vCenter or individual ESXi credentials
  • CallManager Administrator account or an AXL user with Perfmon role assigned
  • CDS (Cisco Discovery Service)
  • Additional Credentials
    • SSH/Telnet credentials (Optional feature specific for Cisco network devices)
    • SSH credentials for Linux and AIX
Connection
  • SSL (TCP port 443) access to the following:
    • orchestration.riscnetworks.com ( 34.192.184.110, 34.192.195.90 )
    • initial.riscnetworks.com ( 34.192.43.78, 34.192.198.28)
    • dataup.riscnetworks.com ( 34.192.12.37, 34.192.197.132 )
    • app1.riscnetworks.com (34.192.198.73 )
    • Backup & Growth (34.192.99.153, 34.192.185.36)
  • The connection must have access through any firewall or content filter.

One of the following Hypervisors for appliance deployment

  • VMware ESX or ESXi Server (Hardware Ver. 8)
  • VMware Workstation
  • VMware Player

System Resources

  • 8 gigabytes of memory, configurable to a minimum of 4 gigabytes
  • 50 Gigabytes of hard drive space
  • CPU count is set to 2 by default however, tuning down to 1 is supported.

For more detailed information please see our FAQ and our Security Guide.

  • Advanced Setup (NAT Configuration) can be found here.
  • Setup instructions for Proxy can be found here


Instructions

  1. Download the Virtual Appliance using the link on your assessment and unpack the zipped file to a folder.
    • HealthCheck and CloudScape 1.0
    • CloudScape 2.0
    • Deploy the Virtual Appliance.
      • Deploy on a workstation or laptop with VMware Player (Free) or VMware Workstation
        or
      • Deploy to an ESX Server with VMware Vsphere Client or VMware Workstation
    • Power on / play the Virtual Machine
      • Copy/paste may not be available through the hypervisor console.
      • If DHCP is available in the environment, the Virtual Appliance will obtain a network configuration automatically.
      • If DHCP is not available, you will be prompted to configure the Virtual Appliance network configuration prior to proceeding.
      • Once a network configuration is obtained, you can immediately access the Virtual Appliance interface through a web browser via the Virtual Appliance IP address using HTTP or HTTPS.
    • Accept the Terms and Conditions and log in.
    • Copy assessment code displayed for your assessment on portal.riscnetworks.com.
      See highlighted area on Figure 1.
    • Paste assessment code into the virtual appliance
    • Verify assessment key
      • Key verification will display a green bar at the top
      • Assessment verification will be displayed below the key verification
      • You will be prompted to specify whether you are deploying using FlexDeploy. A selection must be made. Do not select “Yes” at this section unless you are using the FlexDeploy option, as this will prevent your assessment from proceeding.
    • Invite additional users if needed
    • Select the Dashboard button

After each section is completed, please return to the Dashboard to continue to the next section.

Power on virtual machine

Figure 1


Interfaces

    • Continue with obtained DHCP IP Address
      or
    • Manually enter in a static IP address

Assessment

  1. Invite additional users

Subnets

    • Enter network address and subnet mask for each subnet you wish to scan
      or
    • Populate from a routing table:
      • Enter IP of known device you wish to test against
      • Enter read only SNMP string versions 1,2, or 3
      • Select “Populate”
      • Select the subnets you wish to include in the assessment and select save
        or
      • Populate from a CSV file:
        • CSV either comma-delimited or new line delimited
        • Required CSV format is IP Address/CIDR followed by a comma. No header is required.
          • Example: 10.10.10.1/32, 10.10.10.2/32, 10.10.10.3/32
        • Select “File” to browse to CSV
        • Select “Upload” to load CSV

SNMP

  1. Enter read only SNMP string versions 1, 2, or 3 (we only require read-only privileged strings).
  2. Enter the IP address of the device you wish to test against (this will be automatically populated with the default gateway address).

SSH

  1. Enter an SSH credential using either password or key-based authentication.
  2. Enter the IP address of the device you wish to test against (this will be automatically populated with the default gateway address).
  3. For additional info on setting up SSH, please reference the SSH section in the Operations and Security guide here.

Windows

  1. Domain credentials require a Domain Administrator account
  2. Enter Username and Password
  3. Enable Socket Collection (Optional, for more information, please see our Operations and Security guide here).
    • Select Enable
    • Select Next
    • Enable for servers only, or for servers and workstations.
  4. Select Add
  5. Enter IP address of a known server you wish to test against (this will be automatically populated with the default gateway address)
  6. Select ‘Test’
  7. If Test passes, select ‘OK’. If test fails, troubleshoot windows credential issues

VMware

  1. Enter the IP address and credentials of each vCenter you wish to include in the assessment
  2. If you do not have vCenter you must enter the IP address and credentials for each ESX host you wish to include in the assessment
  3. Test each credential

Cisco Call Manager

  1. Enter the publisher’s IP address for the CallManager cluster you wish to include in the assessment
  2. Only the publisher’s credentials are needed
  3. Only one Callmanager cluster can be included per assessment
  4. Enter either CCM Administrator account credentials or an AXL user account with Perfmon role assigned

Cisco Discovery Services

  1. On the left side, enter customer information and the CCO username
  2. Accept Terms and Conditions
  3. Select ‘Save’
  4. On the right side Enter an IP address of a device you wish to test against
  5. Enter the user EXEC password (Privilege EXEC password is not required)
  6. Select ‘Start Assessment’

Additional Credentials

  1. Select ‘CLI’ in the Credential dropdown menu
  2. Select ‘Connection’ type as Telnet or SSH
  3. Enter credentials
  4. Select ‘Add’ and enter an IP address of a device you wish to test against
  5. Test the credential
  6. Select ‘Start Assessment’

To view the status during the assessment and also to view the final reports, please log into our portal.