updated, 18 June 2024
Virtual Deployments
At threatER, we pride ourselves on providing our customers with a cost-effective means to make threat intelligence truly actionable, by blocking malicious traffic in real-time with no measurable impact on network performance. The majority of our customers deploy our threatER Enforce software on dedicated on-premise hardware, often deployed between their ISP modem and their next generation firewall.
Customers with infrastructure running in AWS, Azure and Google Cloud can deploy us directly in those environments as well.
Last but not least, we supply an ISO image that can be ingested into a variety of virtual deployment architectures, such as KVM and VMware. This is generally advisable when the infrastructure you wish to protect is running in that specific hypervisor. For example, if your next-generation firewall is running inside your VMware stack, then deploying threatER Enforce alongside it in that same virtual environment would make sense.
However, in VMware’s case, Broadcom’s recent acquisition of VMware and some of their follow-on business decisions in 2024 complicates threatER’s ability to support new VMware deployments, but we still provide this documentation to help customers who find a need to deploy into VMware. It is our strong recommendation though, given the Broadcom acquisition complications, that customers consider other virtual environments (our favorite internally is open-source/free KVM).
VMware Configuration Steps
The configuration steps outlined below can be used to properly configure a VMware image running the threatER Enforce software stack, suitable for protecting your VMware infrastructure.
- Download the threatER Enforce ISO image file through the link that you received by email.
-
Deploy the ISO image in VMware.
- threatER Enforce software requires the following resources:
- minimum of 2 CPU cores
- minimum of 4 GB RAM
- 200 GB Hard drive
- Three network interfaces (admin, inside, and outside)
- Guest OS should be Ubuntu Linux (64-bit)
- threatER Enforce software requires the following resources:
-
Network Information
- Network adapter 1 is the admin interface, adapter 2 is inside, and adapter 3 is outside.
- Network Adapter Type must be set to VMXNET 3.
- The admin interface must be connected in order to manage the device.
- The inside and outside interfaces can be disconnected until it is ready to be put inline.
- When you are ready to put it in line, Network adapter 2 (inside) is typically connected to a vSwitch that includes the firewall's outside interface. Network Adapter 3 (outside) is connected to a vSwitch that includes the internet router's interface. IMPORTANT: these two vSwitches or port groups must have Promiscuous Mode and Forged Transmits enabled to allow the threatER Enforce software to protect traffic flowing between the two networks. The system will not function properly without those settings in place.
Installing threatER Enforce software
Once you have prepared your virtual appliance, please see our documentation on our support site for installing threatER Enforce using an ISO image.
Configuring threatER Enforce
Once you have installed the software, you will need to re-address the IP on your virtual appliance and configure Enforce. Please see our documentation on our support site for configuring Threater Enforce software.
Need assistance?
Please reach out to our Customer Success team for assistance.
Comments
0 comments
Please sign in to leave a comment.