Transition from Rapid7 ManagedVM to the InsightVM Console hosted by the customer

MVM to IVM with a Backup Restore

In this guide, we will walk through what to expect in your migration from your Managed Vulnerability Management (MVM) console hosted by Rapid7 to the on-premise InsightVM console. This process ensures your existing data is preserved.

This includes getting a backup of your current environment for MVM and restoring the backup into a new InsightVM(IVM) Console.

Note: If you do NOT wish to back up your existing Managed VM console, you do not need to run through the steps below, and Rapid7 will go through the normal process of deactivating your Managed VM console. If you do not backup your data, then you will be starting from scratch.

The transition can be done with the assistance of your Rapid7 team, led by the Cybersecurity Advisor (CA)and Customer Success Advisor (CSA). Please do not hesitate to ask for a call to review any of the following high-level steps:

MVM Backup Migration Steps:

Step 1: Customer will setup On-Premise Security Console (IVM)
Step 2: Rapid7 will run the backup from the Managed Console (MVM)
Step 3: Customer to download the backup from the MVM Console
Step 4: Rapid7 takes MVM Console Offline and removes paired engines
Step 5: Customer and CA will restore backup into IVM Console (do not proceed to step 6 until step 5 is completed)
Step 6: Update the URL in the new Console
Step 7: Verify Platform Pairing is connected to IVM Console
Step 8: Re-Pair Scan Engines into IVM Console
Step 9: Re-enable SSO or Jira connections if needed
Step 10: Firewall Rules Updated

Overview:

Steps	Details
Step 1: Customer to set up an on-premise security console (IVM)	Please see the information in the link below in order to stand up your InsightVM Console: https://docs.rapid7.com/insightvm/security-console-quick-start-guide The same license will be utilized, which will be contained in the backupR Set up requirements: Install an agent on the console (and the scan engine(s) if different assets). https://docs.rapid7.com/insight-agent/requirements/ (Links: https://docs.rapid7.com/insightvm/requirements#ports & https://docs.rapid7.com/insightvm/configure-communications-with-the-insight-platform/ ) On each asset that will be scanned, open UDP port 31400 in the local firewall to the scan engine IP address so the scan engine and the agent can interact Open 3780 on the IVM console with the local firewall Open TCP 443 outbound on external and local firewalls to allow the console to communicate with: support.rapid7.com - allows upload of PGP-encrypted diagnostic information to support Updates.rapid7.com - allows the Security Console to download content and feature updates
Step 2: Rapid7 will run the backup from the customer’s Managed Console	Your Cybersecurity Advisor will work with you to run a backup of your MVM Console The CA will verify your MVM console is up to date and the license is not expired If customer is using single sign-on (SSO) - they will need to verify there is a Global Admin account not on SSO that they can log into once the backup is restored in IVM If the MVM license is expired, please verify with your CA. The CA will ask the CSA to extend the license The CA will work with the Rapid7 Managed Ops team to prepare the customer’s backup. The backup will be downloadable via the MVM Console UI. The CA will send the backup password over to your team via the Secure File Transfer Portal
Step 3: Customer to download the backup from the MVM Console UI	(This could also be downloaded from the AWS S3 bucket - by request) Store backup on your local Console
Step 4: Rapid7 then takes MVM console offline and removes paired external engines	Your CA will work with our Managed Ops team to quickly remove any externally managed sites from the engines so it will not be a manual effort later
Step 5: Restore backup into IVM console	Once the on-prem IVM console is stood up, customer to download the backup from the UI and restore the backup with the password provided by Rapid7 in the SFTP (existing MVM username and password will be the same - this is why we asked to have you create a global admin user separate from SSO if that was enabled) Link to restoring the backup Create the /backups directory in the following location of your new Security Console installation: Linux - /opt/rapid7/nexpose/nsc Windows - C:\Program Files\Rapid7\nexpose\nsc Transfer your backup files from your external media to this new directory. Do not expand the backup file; it must be a ZIP file. If you run into any issues, please work with your Cybersecurity Advisor through a support case.
Step 6: Update the URL in the new Console	Need to be logged in as an Admin On the console tabs go to Management and select - Org settings
Step 7: Verify platform pairing is connected to IVM console	Your CA will work with support to get your collector reset Selecting any of the platform icons (Dashboards, Projects, Goals & SLAs) should load the platform selection If there is an inconsistency between the data or an error message please reach out to your CA
Step 8: Re-pair scan engines into IVM console	Work with your Network team on firewall whitelisting rules prior to scan engine repairing If you should need help, please ask to set up a call with your Cybersecurity Advisor to run through Re-pairing the scan engines
Step 9: Re-enable SSO or Jira connections if previously used on the MVM console	Jira link SAML
Step 10: Firewall rules updated	Close any ports that were opened for MVM console access