Deployment Prerequisites

This section describes the actions to perform before you begin the installation.

Download OVF templates and verify checksum


If you have not yet received the .zip files, contact your Cybereason Technical Representative.

Download the .zip files that contain the required OVF templates for the Cybereason servers, and verify the SHA-256 checksum file for each OVF.

The following table lists the required OVF templates.




Detection server


Registration server


WebApp server


Microservices server


Optional - airgapped deployment database and Threat Intel services. For airgapped customers only.

Configuration management server


Includes a ZIP file with the following files:

Production environments:

  • The onprem-rollout.ps1 PowerCLI script

  • The Python script

  • The Server_Configuration.csv template

POC environments:

  • The Ansible OVF

  • The Server_Configuration.csv template

Complete the server configuration CSV file

The Server_Configuration.csv and Server_Configuration_POC.csv files apply a set of configuration settings for each of the Cybereason servers.

  1. Download the appropriate server configuration template file: Server Configuration File.

  2. Remove the example fields, and fill in the server information as required.

Obtain usernames and passwords

Obtain the necessary usernames and passwords from your Cybereason technical representative.

Review the communications requirements

  • Add client access via SSH.

  • If your company uses HTTPS inspection or non-transparent proxies, make sure that you have allowlisted Cybereason traffic.

  • Ensure that you meet the requirements for TLS Communication.

Verify client PC requirements

  • If you plan to use the onprem-rollout.ps1 script for production environments, you must use a Windows PC with the following:

  • If you plan to use the script for production environments, install Python 3.x. You can run this script on all OSs.

  • Verify vCenter connectivity.

  • Verify that you have vCenter admin credentials.

Configure customization specification in VMWare

To create a VMWare custom specification:

  1. In VMWare, click Home > Policies and Profile.

  2. Select VM Customization Specification.

  3. Click New….

  4. Select Linux as the Target VM Operating System.

  5. Enter the Customization Spec Name.

  6. Select Use the virtual machine name and type the domain name in the Domain Name field.

  7. Select the time zone in the Time Zone field.

  8. Select Manually select custom settings, and click Edit.

  9. Select Prompt the user for an address when the customization is used.

  10. Type the Subnet Mask and Default Gateway values.

  11. Click OK.

  12. Type the Primary DNS, Secondary DNS, and DNS Search Path values.

  13. Click OK.


The Cybereason Detection Servers OVA is provided with two disks: one disk includes 50 GB, and the second disk includes 256 GB-1 TB in thin provisioning, based on the Detection server size.

Review the DNS requirements

You must assign a hostname to each Cybereason server. If a server has an IP address but does not have a hostname, these settings collide with the requirements of the signed certificate.

Review connectivity requirements for non-air-gapped customers

The following table includes the Cybereason platform incoming and outgoing port and certificate requirements:







Used for communication between the WebApp and the Global Threat Intel for a non air-gapped environment.

Cybereason Detection servers and the WebApp server use Secure Sockets Layer (SSL) certificates. Because any SSL termination technology interrupts the service, if your company uses HTTPS inspection or non-transparent proxies, you must allowlist Cybereason traffic.

If you are planning to use the Anti-Malware solution, set up access to the Update server ( over port 443 or use a local update server solution.

Next steps

After you verify that your environment satisfies the deployment prerequisites, import the OVFs.