Configure the VM IP addresses
This section describes how to configure the Cybereason VM IP addresses for Cybereason On-Prem servers. Before you begin, review the Deployment Prerequisites and Import OVFs.
In this topic:
Configure manually (for POC environments)
In the VMWare console, connect to each server (Detection, Registration, Configuration management, WebApp, and microservices) and configure the IP address:
/opt/cybereason/setip/setip.py -ip [ip] -netmask [netmask] -dgw [dgw] -dns1 [dns1] -dns2 [dns2]
Restart the Configuration management server.
Continue to Configure Servers.
Configure with a script (for production environments)
Note
If you do not want to use the scripts used in this step, you can manually configure the IP addresses using the steps in Configure manually (for POC environments). However, you will need to manually type out the command to configure an IP address for every server in your environment.
In this stage, you run a PowerShell or Python script from the administrator’s machine that configures the VM IP addresses. These scripts support deployments that include multiple Detection servers, and allow administrators to configure all servers in a simple CSV file, reducing potential input errors.
You can use one of the following scripts to deploy the servers:
onprem_rollout.py
: For environments using Python. This script is significantly faster than the PowerShell script and provides detailed log information.onprem-rollout.ps1
: For environments using PowerShell.
For details on script arguments and actions, see Deployment Scripts;
Note
Cybereason supports two types of Cybereason On-Prem installations, depending on whether the environment is air gapped and on whether you are using a Local Threat Intel server. For more information, see Communication with Threat Intel services.
Retrieve required information
This table describes how you can retrieve information required to run the onprem-rollout.ps1
script or the onprem_rollout.py
script.
Information |
Retrieve via onprem-rollout.ps1 script command |
Retrieve via vSphere |
---|---|---|
Data center name |
get-datacenter |
Locate the first object under the vCenter object. |
Cluster name |
get-cluster |
In the Hosts and Clusters view, locate the first object under the data center object. |
Resource pool name |
get-resourcepool |
The resource pool object is typically located under the vSphere client’s Hosts and Clusters view, as the second object type, after the cluster objects. |
Template location (folder) |
get-template -location [datacenter ] |
The folder that includes the templates is typically the first object listed under the data center object in the vSphere VMs and Templates view. |
Customization template name |
get-OSCustomizationSpec |
Under Home > Shortcuts, in the Monitoring section, click VM Customization Specifications. The specification names are listed in the VM Customization Specifications table. |
Data store name |
get-datastore |
In the Storage view, the datastore object is the first object under the data center object. |
Host information |
get-vmhost |
In the Hosts and Clusters view, the host is the first object under the cluster object. |
Virtual Network |
get-VirtualNetwork |
View all available Virtual Networks in Vcenter |
For example, to retrieve the data center name using the onprem-rollout.ps1 script, type:
get-datacenter
The following output is visible:
Name
--------
OnPrem
Lab
Run the onprem_rollout.py script
Before you begin
Ensure that the
Server_Configuration.csv
file and theonprem_rollout.py
script reside in the same folder.Install the pyvim and pyvmomi Python packages on the administrator’s machine. You can use the pip install command to install these packages, for example:
pip install pyvmomi==7.0.2
Retrieve required information, such as the data center and cluster name.
Run the script
From the administrator’s machine, open a command prompt and run the script with the following command:
python onprem_rollout.py [-h] -action ACTION -vc vcenter -user username@domain -pwd password -file filelocation -dc dcname -cluster clustername -folder foldername [-maxrunning number] [-resourcepool name] [-templatefolder templatefolder] [-logfile logfile] [-verbose] [-nopreflight] [-q] [-s]
For a description of the script arguments, see Deployment Scripts.
If you provided the
-s
argument in step 1, the script asks for the vCenter server user and password. Enter the credentials.
Note
Provide the -resourcepool
parameter only if a resource pool exists on the cluster. If you’re unsure of whether a resource pool exists, contact your VM administrator.
The script deploys each of the servers, according to the number of servers provided in the Server_Configuration.csv
file. For more details on the script parameters, see Deployment Scripts.
Run the onprem_rollout.ps1 script
Before you begin
Ensure that the
Server_Configuration.csv
file and the onprem-rollout.ps1 script reside in the same folder.Retrieve required information, such as the data center and cluster name.
Run the script
From the administrator’s machine, open Windows PowerShell as an administrator and run the following command to connect to the vCenter server:
Connect-VIServer -Server <IP Address of the vCenter server>
When the vCenter server starts, enter the username and password.
Run the
*onprem-rollout.ps1
script:# .\onprem-rollout.ps1 -clustername [cluster] -dcname [datacenter] -resourcepool [resourcepool] -foldername [foldername] -filename [filename.csv] -action deploy
Note
Provide the
-resourcepool
parameter only if a resource pool exists on the cluster. If you’re unsure of whether a resource pool exists, contact your VM administrator.After the command is executed, select R to run the script once, and type Deploy as the action.
The script deploys each of the servers, according to the number of servers provided in the
Server_Configuration.csv
file. For more details on the script parameters, see Deployment Scripts.Continue to configure the servers.