Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

HConnectSecure ConnectSecure V4 On-Premise Setup

Panel
bgColor#DEEBFF

ConnectSecure On 's on-Premise VM setup is appealing for many businesses with specific data security, privacy, and compliance needs and priorities for Data Security, Privacy and Compliance.

...

Topic - Table of Contents

Table of Contents
minLevel1
maxLevel6
include
outlinefalse
indent
styledefault
excludeTable of Contents
typelist
printablefalse
class

Topic - Things to keep Ready

...

Download the OVA file from here

...

Download Azure image RAM TO PROVIDE A LINK

Create a Virtual Machine with below configuration

CPU                4 Core

Memory         16 GB RAM

Storage space 100 GB Disk Space(SSD) for 0-2500 assets

...

Prerequisites

Note

Thick Provisioning should be used for storage space; otherwise, you may need to manually expand disk space/storage. For help on expanding the disk space, please see the section below:

https://cybercns.atlassian.net/wiki/spaces/CVB/pages/edit-v2/2232844301#How-to-grow-disk-size

Asset Count

RAM (GB)

CPU

Disk (GB)

1-2500

16

4

100

2501-5000

32

8

200

5001-7500

48

12

300

Network

Access

Ports Required

80, 443, 4222, 4505 & 4506

207.246.91.196

ports 8433, 5, 90 & 8422, For pushing the patch update to the appliance

IP

A static Internal IP assigned to a VM and mapped to a Public IP/External IP

Note

Ensure that SSH access (Port-5) is enabled to the specific IP address (45.32.217.250) until the sign-up, installation, and replication process is complete.

...

Installation Methods

Server OS used is Ubuntu 22.04 - No need to download the server OS separately.

VM Install with VMware 5.5 - OVA file

  1. Download the OVA file from here.

  2. Create a Virtual Machine with the configuration provided under Prerequisites.

Sample VM created screenshot as follows:

...

  • Select the VM created, right click and

...

  • select Export OVF Template.

...

  • Uncheck - Include the highlighted check box “Include image files attached to floppy and CD/DVD devices in the OVF packagepackage”

...

  • Select the source file as consecure-V4-onprem.ova (downloaded earlier).

...

  • Check Verify the OVF template details for selected OVA.

...

  • Name Provide a name to the OVF template

...

  • Select the storage to deploy the OVF template. Please ensure the selected storage has a free disk size of 100 GB or more.

...

  • Select “Thin Provision”Thin Provision” and click on NEXT.

...

  • Complete the deployment by clicking on FINISH.

...

  • VM will be ready as show in the following screenshot.

...

VM Install with VMware ESXi 7.0 - OVA file

  1. Download the OVA file from here.

  2. Navigate to Virtual Machine option and select to Create a new virtual machine under VMWare ESXi 7.0.

...

  1. Under Select creation type, choose Deploy a virtual machine from an OVF or OVA file.

...

  1. Select the downloaded OVA file location to attach the OVA.

...

  1. Select standard required storage as per prerequisites.

...

  1. Navigate to Deployment options and select appropriate Network mappings, Disk Provisioning as Thin and select a checkbox for Power on automatically.

...

  1. Click on Finish as VM is ready.

...

Once the VM is ready, it will power up automatically.

...

VM Install with Azure - VHD

Info

This is a 32GB image and needs to be uploaded to your Microsoft Azure Storage Account.

  1. Download the Azure VHD from here.

  2. Login to your https://portal.azure.com/

  3. Browse for All Services and select “Storage Accounts” from the details.

...

  1. Select to create a storage account as follows.

...

  1. Select Storage Account details as follows and use Review+create to create it.

Subscription: As required (same has to be used while creating other components)

Resource Group: As required (same has to be used while creating other components)

Storage Account Name: As required (same has to be used while creating other components)

Region: As required (same has to be used while creating other components)

Performance: Standard is suitable for most scenarios.

...

From Advanced Settings, enable the following Security Settings.

  • Allow enabling anonymous access on individual containers

  • Default to Microsoft Entra authorization in the Azure portal

...

  1. Select the created storage account from the list to create a container under it.

...

  1. Select Containers as shown and click on +Container to create a new container for the storage account.

...

  1. Select the Created Container and select to upload the downloaded Azure VHD using the browse for files option and upload it successfully.

...

  1. Next, Create an Image with following details and use Review+create to create it.

Subscription: As required

Resource Group: As required (Use the same resource group as used for Storage Account)

Name: As required (same has to be used while creating other related components)

Region: As required (Use the same resource group as used for Storage Account)

OS type: Linux

VM Generation: Gen 2

Storage Blob: Select the created Storage Account.

...

  1. Next, Select to create a Virtual Machine with following details and use Review+create to create it.

Subscription: As required

Resource Group: As required (Use the same resource group as used for Storage Account)

Virtual Machine Name: As required

Image: Select All Images and select the image created earlier.

VM Architecture: x64

Size: Auto selected with be standard

...

Authentication Type: SSH public key

SSH public key source: Generate new key pair

SSH Key Type: RSA SSH Format

Key pair name: As required

Select inbound ports: SSH (22)

Licensing: As required

...

  1. Select the created Virtual Machine and verify the Public IP and Internal Static IP assigned to it.

...

VM Install with HyperV - VHDX

  1. Download the VHDX from here.

  2. Login to your Hyper-V Manager.

...

  1. Start with New Virtual Machine creation wizard.

...

  1. Specify Name for the VM.

...

  1. Specify Generation as Generation 2.

...

  1. Configure networking by selecting the connection.

...

  1. Connect Virtual Hard Disk - Please “Use an existing virtual hard disk” option and select the downloaded VDHX.

...

  1. Once the VM is ready, start the VM.

  2. Select the created Virtual Machine and verify the Internal Static IP assigned to it which has to be mapped to a Public IP.

VM Install under AWS using VHDX

  1. Download the VHDX from here.

  2. Login to your AWS account.

  3. Please upload VHDX to S3 bucket.( Copy bucket name, token key and security key to be used later)

  4. Follow below steps to create AMI using VHDX file.

  • Open the terminal

  • Configure AWS using CLI

  • aws configure
    AWS Access Key ID [None]: Use your accesskey
    AWS Secret Access Key [None]: Use your secretkey
    Default region name [None]: us-west-2 (Any region of your choice)
    Default output format [None]:blank

...

  1. Run below command on the terminal window:

Info
  • Use your S3 buckets information such as bucket name, token key and security key for creating AMI.

  • Below command takes approx 30mins to complete to import image.

>>aws ec2 import-image --description "onPremCS" --disk-container "Format=VMDK,UserBucket={S3Bucket=onprem-v4,S3Key=Onprem VHDX.

...

vhdx}"

...

  1. If this import is not working follow the below steps as there might be an issue with the policy

  • Create a file named trust-policy.json with the following content:

{

   "Version": "2012-10-17",

   "Statement": [

      {

         "Effect": "Allow",

         "Principal": { "Service": "vmie.amazonaws.com" },

         "Action": "sts:AssumeRole",

         "Condition": {

            "StringEquals":{

               "sts:Externalid": "vmimport"

            }

         }

      }

   ]

}

  • Use AWS CLI to create the role using below command:

>> aws iam create-role --role-name vmimport --assume-role-policy-document file://trust-policy.json

  • Create a file named role-policy.json with the following content (replace your-bucket-name with your actual S3 bucket name):

{

   "Version":"2012-10-17",

   "Statement":[

      {

         "Effect": "Allow",

         "Action": [

            "s3:GetBucketLocation",

            "s3:GetObject",

            "s3:ListBucket"

         ],

         "Resource": [

            "arn:aws:s3:::your-bucket-name",

            "arn:aws:s3:::your-bucket-name/*"

         ]

      },

      {

         "Effect": "Allow",

         "Action": [

            "ec2:ModifySnapshotAttribute",

            "ec2:CopySnapshot",

            "ec2:RegisterImage",

            "ec2:Describe*"

         ],

         "Resource": "*"

      }

   ]

}

  • Attach the policy to the role used.

>> aws iam put-role-policy --role-name vmimport --policy-name vmimport --policy-document file://role-policy.json

  •  After the steps are done rerun the first command in the point no. 5. The status can be checked using

>>aws ec2 describe-import-image-tasks

  1. Few pointers:

Allow SSH, https and https for the security group attached.

...

  1. AMI will be created successfully.

...

  1. Launch the AMI using EC2 instance under the tier of your requirement.

...

10. Once this is ready, please let the support team know to proceed further.

...

On Premise Sign up Setup

Info

On Premise Setup continues with Sign Up Process.

  • Browse the Public IP/External IP assigned to the VM, to start with the ConnectSecure signup process.

...

  • Signup details to be added by the partner.

  • Make sure to add a Tenant Name for your organisation does NOT include any special Characterscharacters.

...

  • Once the signup is processed, the setting up of Software and Services start and take around 7 minutes to complete.

...

  • Setup Complete Completion confirmation is shown once the configuration is completed.

...

  • As a part of configuration, 2 emails are sent to the user to verify email and a Welcome To ConnectSecure V4 email.

  • Please follow Verify Email to complete User Verification Process.

...

  • Setup the password for the new user.

...

  • Setup 2 Factor Authentication for the user and you are ready to login to your ConnectSecure Portal.

  • Welcome Email has details of Portal URL, Tenant Name & User Name.

...

  • Once the User Verification and User Setup is completed, it will redirect to ConnectSecure Portal Onboarding process.

  • For Onboarding (One time setup), Select PSA or Non-PSA for Creating a New Company.

...

  • Get ready to drop an agent in the Created Company network.

...

  • Check the installed agentsInstalled agents will report under Agents section..

...

  • Further Agent installation could be managed at Company level>Overview>Agents

...

...


Start Using ConnectSecure V4

  • Login URL: Portal.myconnectsecure.com

  • Tenant name: “mytestdomain” ( Please use your configured tenant name here)

...

...


Help

How to grow disk size

  1. For VM with VMWare

  • Edit VM

  • Click HDD and select the size in GB to increase to.

  • Click Thick Provision and Finish.

  1. Using SSH

  • Login to VM

  • lsblk (to list the disk details)

  • sudo growpart /dev/sda 1 (Grow disk size for sda 1)

  • reboot (reboot the VM)

  • df -h (Verify the disk size) 

  1. To increase specific partition

  •  lsblk (to list the disk details)

  • resize2fs /dev/sda2 (resize for sda2)

  • growpart /dev/sda 2 (Grow disk size for sda 2)

  • reboot (reboot the VM)

  • df -h (Verify the disk size) 

How to assign a Static IP to a VM

  1. Log in to the vCenter Server from the vSphere Client.

  2. Select the host in the inventory.

  3. On the Configure tab, expand Networking.

  4. Select VMkernel adapters.

  5. Select vmk0 Management Network and click the edit icon.

  6. Select IPv4 settings.

  7. Select Use static IPv4 settings.

  8. Enter or change the static IPv4 address settings.

  9. (Optional) Set static IPv6 addresses.

    1. Select IPv6 settings.

    2. Select Static IPv6 addresses.

    3. Click the add icon.

    4. Type the IPv6 address and click OK.

  10. Click OK

...

Info

Tap to view the Getting Started info; see the link below for additional information.

V4 Getting Started In App Info

...

Need Support?

Contact our support team by sending an email to support@connectsecure.com or by visiting our Partner Portal, where you can create, view, and manage your tickets.

...