Optional OVA Configuration

The OVA is ready to use as-is. This section describes how to make the following optional configuration steps:

  • Static IP address
  • DNS server
  • Static route

The configuration instruction steps differ depending on the Ubuntu operating system in use. So the first step is to determine which version of Ubuntu is running.

Before you begin, ensure that:

  • The OVA is deployed.
  • You have credentials and the IP address to log in to the virtual appliance.

To determine which version of Ubuntu is running:

  1. Use SSH to log in to the virtual appliance CLI.
    On Windows machines, you can use PuTTY.
  2. Type the admin username and password.
    If the following CLI is displayed, the operating system is Ubuntu 16:
    temporary placeholder
    Otherwise, the operating system is Ubuntu 20.04

To make optional configurations proceed to the section that matches your operating system:

Optional Configuration for Ubuntu 16-based Systems

Perform optional configurations with the Threat Command virtual appliance (“appliance”) console.

Before you begin:

  • Ensure that you have a static IP address, network mask, gateway, and a DNS server address to assign to the appliance. A static IP address is required so that the appliance IP address can be used as a feed source for the security devices.
  • Grant the new VM access to api.intsights.com

There are two separate logins to create in this section:

  • SSH console login - Used to set up and maintain the appliance. Even though this login is rarely used, it is critical to keep the password for future maintenance, otherwise, the virtual appliance and your device environment may need to be recreated.

  • Virtual appliance web access login - Used to access the web interface of the Threat Command virtual appliance. This login is used more frequently to create and configure devices.

To configure the virtual appliance:

  1. Start the newly created virtual machine.

  2. Open a console.

  3. Log in with default credentials:

    • Username: admin
    • Password: admin

  4. Change the default password.

    1. Type the current password: admin
    2. Type a new password.
    3. Confirm the new password.

  5. Verify network connectivity by selecting Network Settings > Show > IP / DNS - If DHCP is enabled (by default, for the appliance), validate that the appliance has acquired the appropriate networking settings:

  6. Configure a static IP address for the virtual appliance:

    1. From the Main screen, select Network Settings > Set > IP > Static.
    2. Type a static IP address, network mask, gateway and DNS settings.
    3. Apply the changes, then press Enter to continue.

Optional Configurations for Ubuntu 20.04-based Systems

This section describes how to make these optional configuration steps:

  • Static IP address
  • DNS server
  • Custom route

To configure a static IP address or DNS, you will need to disable DHCP, explained below.

The virtual appliance (VA) operation system is Linux-based running Ubuntu 20.04 LTS distribution. These procedures use Ubuntu’s built-in netplan command-line tool to apply the network configuration.

To edit the configuration file, this procedure uses the nano text editor.

Configuring a Static IP and DNS

This section describes how to configure a custom static IP and DNS.

Before you begin, ensure that:

  • You can log in to the VA command line. You can use SSH with the VA's IP address (on a Windows machine, you can use  PuTTY), or from an ESXi, open console mode in the VM.
  • You have the static IP, gateway IP, and required DNS information from the network administrator.

To configure a static IP and DNS:

  1. Log in to the VA command line.

  2. Type in your admin username and password.

  3. Display the VA network configuration, by typing in the terminal: netplan get all The output should be similar to: temp

  4. Determine where the DHCP is running on the VA by typing: cat /etc/netplan/00-installer-config.yaml The output should be similar to: temp This indicates that the VA is currently running with DHCP mode on eth0.

  5. Open the file for editing: sudo nano /etc/netplan/00-installer-config.yaml - Assuming your networking configuration is -

    • Static IP 192.168.121.221
    • Subnet 24
    • Gateway IP 192.168.121.1
    • DNS servers 8.8.8.8, 1.1.1.1

    Edit the file to look like this: temp YAML files are sensitive to indentation. Ensure that the indentation is consistent, as demonstrated in the example above.

  6. Save the file (Ctrl+S ) and exit (Ctrl+X ).

  7. Apply the changes: sudo netplan try The output should be similar to:
    temp

  8. (Optional) To validate the changes were applied, type:ip addr show eth0 The output should be similar to: temp Verify your Static IP, and Gateway IP is correct in the output.

To revert the changes, simply revert the file to its original state, enabling DHCP again, as mentioned at the beginning.

Configuring a custom route

This section describes how to configure a custom route. In the example, you want to add a custom route to 172.16.0.0 from 192.168.1.10.

To configure a custom route:

  1. Log in to the VA command line.
  2. Type in your admin username and password.
  3. Open the file for editing: sudo nano /etc/netplan/00-installer-config.yaml
  4. Modify the file by adding a custom routes section, under the eth0 interface:
    temp The final file should like similar to this: temp
  5. Save the file (Ctrl+S ) and exit (Ctrl+X ).
  6. Apply the changes: sudo netplan try The output should be similar to:
    temp
  7. (Optional) To validate the changes were applied, type: routes -n The output should be similar to:
    temp Every call to 172.16.0.0 should be passed to 192.168.1.100.

Additional resources

These are additional resources that can be used:

System settings

This section describes how to change the admin password and reboot the machine. To change the admin password:

  1. From the terminal, type: passwd admin
  2. Press Enter and follow the output to configure the new password.

To reboot the machine:

  • From the terminal, type: reboot