Algosec PoC Preparation Guide - VMWare Appliance - Worldwide VA30.0
Algosec PoC Preparation Guide - VMWare Appliance - Worldwide VA30.0
Algosec PoC Preparation Guide - VMWare Appliance - Worldwide VA30.0
vA30.0
AlgoSec Whitepaper
Overview
You will have received this document subsequent to a PoC Preparation Call with your respective Algosec
Systems Engineer. This document will outline initial steps evaluation customers should take in preparation
for a remote session or on-site visit by an Algosec Systems Engineer to configure an Algosec evaluation
environment. This document specifically covers the steps to prepare an Algosec Central Manager
for your Proof-of-Concept, using the Algosec Vmware Appliance.
Upon completion of the steps within this document, evaluation customers will have a fully prepared
Algosec environment ready to have evaluation devices added. As always should issues arise while
performing the steps outlined, please contact your Regional Systems Engineer using the contact
information outlined below. Please note that a PoC License will NOT be issued until the planned PoC
Initial Installation session takes place, with your assigned Algosec Systems Engineer
Page | 2 Confidential
Download Algosec VMware Appliance
Download the latest Algosec Security Management Suite Virtual appliance from the Algosec Portal &
deploy on VMWare ESX, WorkStation, or Player. The download is available by browsing to Downloads >
Software > Algosec Security Management Suite & following the wizard.
The Algosec Virtual Appliance is pre-installed with the latest available GA code & up to date
hotfixes.
NOTE: The latest release may be newer than appears in the below screenshot
NOTE: The latest release included in the Vmware OVF will always include the latest available Algosec GA
& hotfix code
Page | 3 Confidential
Deploy Algosec VMware Appliance On ESX/ESXi
Please follow the below instructions to deploy the Algosec VmWare Appliance on VmWare ESX/ESXi. It is
imperative to ensure the VmWare Appliance is deployed with at least the below minimum
specifications to ensure a smooth PoC experience. Note that these specifications may change in the
event of a larger PoC deployment as defined by your Systems Engineer or Solutions Architect.
Network
Architecture CPU Memory Storage
Bandwidth
Minimum
Algosec VMWare
8 CPU Cores 16 GB 300 GB 1 Gbps
Appliance
2.2 GHz Each
Page | 4 Confidential
3. Select File > Deploy OVF Template to launch the OVF Template wizard. The OVF Template
Source page opens
4. Click Browse, locate the OVF file on your computer, then click Next to continue. The OVF
Template Details page opens.
5. Verify the OVF template details. This page details the product name, download size, size on disk,
and description. Click Next to continue. The OVF Template End User License Agreement page
opens
6. Enter a name for this OVF template. The name can contain up to 80 characters and it must be
unique within the inventory folder. Click Next to continue. The OVF Template Disk Format page
opens.
Page | 5 Confidential
7. Choose default Disk Provisioning settings
NOTE: If you believe your environment will expand in future, it is recommended to consult your
Regional Systems Engineer & add hard disks larger than the base OVF advises for a typical PoC.
8. Click Next to continue. The OVF Template Network Mapping page opens.
9. Map the networks used in this OVF template to networks in your inventory. Click Next to continue.
The OVF Template Ready to Complete page opens.
10. Review the template configuration.
11. Click Finish to deploy the OVF template. You will receive a Deployment Completed Successfully
dialog box once the Algosec VM OVF template wizard has finished.
Page | 6 Confidential
Configure the Algosec Application
1. After the appliance powers up you can login to the Linux system. The default credentials are:
Username: root
Password: algosec
2. The following screen will appear. Press “1” and configure your IP parameters
3. Browse to machine’s IP, the following screen will appear allowing you to configure the Built in
Administrator
Page | 7 Confidential
Create an initial application level administrator called ALGOSEC-ADMIN, as per below. The chosen
password for this account should be documented & stored in accordance with your internal Logical
Access Policies
Page | 8 Confidential
Algosec Suite Connectivity
The below diagram outlines all necessary connectivity required for the Algosec Security Management
Suite to function across its own infrastructure, in your environment:
MS-HADR (TCP/9595)
SSH (TCP/22)
ICMP
*Bidirectional
HazelCast (TCP/5701)
SSH (TCP/22)
*Bidirectional
*Bidirectional
PostgreSQL (TCP5432)
HTTPS (TCP/443)
Load Distribution ActiveMQ (TCP/61616) Central Manager *Bidirectional Remote Distribution
Nodes Nodes
*Bidirectional
HazelCast ActiveMQ
(TCP/5701) (TCP/61616)
*Bidirectional *Bidirectional Device Connectivity
(See Device Connectivity Methodologies
Technical Brief)
The below diagram outlines all necessary connectivity required for the Algosec Security Management
Suite to integrate into your enterprise infrastructure systems:
AlgoSec Administrator
SSH (TCP/22)
HTTPS (TCP/443)
TCP/1518
DNS SMTP (TCP/25)
*Default Vault
(UDP/53) POP3 (TCP/110)
Port
DNS Server Active Directory Mail Service Backup Server RADIUS Server
Page | 9 Confidential
The below diagram outlines all necessary connectivity required for the Algosec BusinessFlow Auto
Discovery infrastructure to integrate into your enterprise:
HTTPS (TCP/9443)
Central Manager Network Data Sources
w/ BusinessFlow Algosec AutoDiscovery Server NetFlow, PCAP, Port Mirroring, SFlow
*Open Services
As Needed
Netflow, SYSLOG, Client Based Sensor
etc. To Windows, Linux, Solaris, FreeBSD, Linux
AutoDisccovery RHEL
Server and/or
Sensor
ESX Server
Port Mirrored Traffic
*ESX Switch in Promiscuous Mode
AutoDiscovery Server or Client Sensor
*As Needed
Page | 10 Confidential
Algosec FREE Online Level One Self-Training
Algosec provides several FREE Level One courses available on the Algosec Portal! Ahead of the PoC
Installation Session it may be beneficial to review these courses to help you become more efficient and
aware of all the features and customization options within the AlgoSec Security Management Suite! If you
have not already, please visit https://portal.algosec.com/en/training/training_home to access the
available courses.
Page | 11 Confidential
About AlgoSec
AlgoSec is the market leader for security policy management, enabling organizations to manage security
at the speed of business. The AlgoSec Suite of products automates management of complex policies
across firewalls, routers, switches, secure web gateways and more. Bridging traditional gaps between
security, network and application teams, the AlgoSec Suite improves business agility, increases security
and ensures continuous compliance.
More than 1500 of the world’s leading organizations, including 18 of the Fortune 50, rely on AlgoSec for
faster security provisioning of business applications, simplified security operations and improved
protection against cyber-attacks.
AlgoSec is committed to the success of every single customer, and offers the industry's only money-back
guarantee.
Page | 12 Confidential