Install and Configure the Virtual Appliances
Learn about Alert Logic appliances and how to install them to ensure that they run at peak performance.
Install an Alert Logic IDS virtual appliance
You must be running VMware ESXi 6.5 or higher before installing or updating the Alert Logic IDS virtual appliance.
The main use for an Alert Logic virtual appliance is for network IDS analysis and scanning in VMware deployments.
If you have experience with VMware management tools and virtual machine installation, you can install a virtual appliance into your environment to collect network traffic and data.
The instructions below are not a complete guide to configure vSphere or virtual data centers. VMware offers more information regarding vSphere.
Data Center deployments only
For Data Center deployments, you must locate and copy your Unique Registration Key, which you need to install the appliance.
Alert Logic uses the Unique Registration Key to specify where the appliance is located.
To access your Unique Registration Key:
- In the Alert Logic console, open the relevant Data Center deployment.
- Under Configuration Overview, click Installation Instructions.
- Copy your Unique Registration Key.
Download the Alert Logic IDS virtual appliance
Before you download the virtual appliance, review the virtual appliance requirements.
| Link | MD5 | Type |
|---|---|---|
| Latest Virtual Appliance link | e2b21e4002fcde90773952a2d9a5aef6 | VMware image |
| Latest Virtual Appliance link | e70ef2d3a3b29d66e25a93f916ae4f25 | Hyper-V |
Install the Alert Logic IDS virtual appliance
The appliance is configured with a 60-GB virtual drive.
To install a virtual Alert Logic IDS appliance with vSphere:
- Save the virtual appliance image to your target machine.
- Import the file into vSphere.
- Power on the virtual machine.
- Configure your IP address. To manually assign an address, log into a serial console with the following credentials: setup/7739521
- In your browser, type: http://<YourVirtualApplianceIPAddress>.
- For Data Center deployments only, in Unique Registration ID, paste your unique registration key.
- Click Start Claim Process. A screen appears informing you that your appliance is provisioning. For status details, click Go To Detailed Status.
Install an Alert Logic Log Manager virtual appliance
You must be running VMware ESXi 6.5 or higher before installing or updating the Alert Logic Log Manager virtual appliance.
The main use for a Log Manager virtual appliance is for syslog log collection.
If you have experience with VMware management tools and virtual machine installation, you can install a virtual appliance into your environment to collect both secure and standard syslog logs.
The instructions below are not a complete guide to configure vSphere or virtual data centers. VMware offers more information regarding vSphere.
For Data Center deployments, you must locate and copy your Unique Registration Key, which you need to install the appliance. For instructions, see Access Unique Registration Keys for Data Center Deployments.
Download the Alert Logic Log Manager virtual appliance
Before you download the virtual appliance, review the virtual appliance requirements.
| Link | MD5 | Type |
|---|---|---|
| Latest Virtual Appliance link | c58e01b616022746d14e8e48cc35efc7 | VMware image |
Install the Alert Logic Log Manager virtual appliance
The appliance is configured with a 60-GB virtual drive.
To install a virtual Alert Logic Log Manager appliance with vSphere:
- Save the virtual appliance image to your target machine.
- Import the file into vSphere.
- Power on the virtual machine.
- Configure your IP address. To manually assign an address, log into a serial console with the following credentials: setup/7739521
- In your browser, type: http://<YourVirtualApplianceIPAddress>.
- For Data Center deployments only, in Unique Registration ID, paste your unique registration key.
- Click Start Claim Process. A screen appears informing you that your appliance is provisioning. For status details, click Go To Detailed Status.
Install an Alert Logic Managed Web Application Firewall (WAF) virtual appliance
Alert Logic Managed Web Application Firewall (WAF) is an add-on implemented per website as a filtering gateway to validate all requests to web systems. The virtual appliance is for use in VMWare deployments.
Download the WAF virtual appliance
Click the download link in the customer onboarding email to download the ISO install image or create a ticket with Alert Logic Support to request a link to download.
Install the WAF virtual appliance
To install the WAF virtual appliance with vSphere:
-
In the vSphere client, create a new virtual machine with the following minimum specifications:
Components System Requirements Guest operating system CentOS 64-bit CPU 2 CPUs 64 bit RAM 4 GB Disk space 250 GB Virtual network interface(s) An interface with an external IP address for management
An interface with access to the web servers to be protectedNIC type em1000 Encryption/decryption for SSL traffic AES-NI CPU instruction set for encryption/decryption of SSL traffic on VMs and host OS is recommended Clustering For clustering to work, ensure promiscuous mode, forged transmits, and MAC address changes are allowed on the VMware virtual switch (vSwitch) or the port group in the VMware ESX network configuration - Mount the WAF install ISO image, start the appliance on the image, and then follow the on-screen instructions.
- Restart the appliance.
- Verify appliance connectivity
- In the console, log in with the credentials operator/changeme.
- Run the system backend verify command. This test verifies that the appliance can connect to the Alert Logic backend systems.
Every test should report OK except the last test 216.52.175.200:123. This test will time out because the appliance has not been fully provisioned.
- Call the Alert Logic Security Operations Center (SOC) at (877) 484-8383, option 2, and then request that a Managed WAF subject matter expert perform a connectivity test.