Deployment Prerequisites
This section describes the actions to perform before you begin the installation.
Download OVF templates and verify checksum
Note
If you have not yet received the .zip files, contact your Cybereason Technical Representative.
Download the .zip files that contain the required OVF templates for the Cybereason servers, and verify the SHA-256 checksum file for each OVF.
The following table lists the required OVF templates.
Template
Required/Optional
Notes
Detection server
Required
Registration server
Required
WebApp server
Required
Microservices server
Required
Optional - airgapped deployment database and Threat Intel services. For airgapped customers only.
Configuration management server
Required
Includes a ZIP file with the following files:
Production environments:
The onprem-rollout.ps1 PowerCLI script
The onprem_rollout.py Python script
The Server_Configuration.csv template
POC environments:
The Ansible OVF
The Server_Configuration.csv template
Complete the server configuration CSV file
The Server_Configuration.csv and Server_Configuration_POC.csv files apply a set of configuration settings for each of the Cybereason servers.
Download the appropriate server configuration template file: Server Configuration File.
Remove the example fields, and fill in the server information as required.
Obtain usernames and passwords
Obtain the necessary usernames and passwords from your Cybereason technical representative.
Review the communications requirements
Add client access via SSH.
If your company uses HTTPS inspection or non-transparent proxies, make sure that you have allowlisted Cybereason traffic.
Ensure that you meet the requirements for TLS Communication.
Verify client PC requirements
If you plan to use the onprem-rollout.ps1 script for production environments, you must use a Windows PC with the following:
PowerShell 5 or later
If you plan to use the onprem_rollout.py script for production environments, install Python 3.x. You can run this script on all OSs.
Verify vCenter connectivity.
Verify that you have vCenter admin credentials.
Configure customization specification in VMWare
To create a VMWare custom specification:
In VMWare, click Home > Policies and Profile.
Select VM Customization Specification.
Click New….
Select Linux as the Target VM Operating System.
Enter the Customization Spec Name.
Select Use the virtual machine name and type the domain name in the Domain Name field.
Select the time zone in the Time Zone field.
Select Manually select custom settings, and click Edit.
Select Prompt the user for an address when the customization is used.
Type the Subnet Mask and Default Gateway values.
Click OK.
Type the Primary DNS, Secondary DNS, and DNS Search Path values.
Click OK.
Important
The Cybereason Detection Servers OVA is provided with two disks: one disk includes 50 GB, and the second disk includes 256 GB-1 TB in thin provisioning, based on the Detection server size.
Review the DNS requirements
You must assign a hostname to each Cybereason server. If a server has an IP address but does not have a hostname, these settings collide with the requirements of the signed certificate.
Review connectivity requirements for non-air-gapped customers
The following table includes the Cybereason platform incoming and outgoing port and certificate requirements:
Direction |
Ports |
Destination |
Certificates |
|---|---|---|---|
Outgoing |
443 |
sage.cybereason.com |
Used for communication between the WebApp and the Global Threat Intel for a non air-gapped environment. |
Cybereason Detection servers and the WebApp server use Secure Sockets Layer (SSL) certificates. Because any SSL termination technology interrupts the service, if your company uses HTTPS inspection or non-transparent proxies, you must allowlist Cybereason traffic.
If you are planning to use the Anti-Malware solution, set up access to the Update server (cr-protect.cybereason.net) over port 443 or use a local update server solution.
Next steps
After you verify that your environment satisfies the deployment prerequisites, import the OVFs.