Versions Compared

Old Version 22

changes.mady.by.user Andrew Nelson (Unlicensed)

Saved on

compared with

New Version 23

changes.mady.by.user Arun Raman

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents

Introduction

This document describes the steps needed to

Note

To complete the steps below, you must have a valid Blue Hexagon SaaS license. Please contact your Blue Hexagon representative to obtain a license. You can request a free trial license here.

GCP Security Audit Setup

The first step to protecting your cloud with Blue Hexagon Agentless Runtime Cloud Security powered by Deep Learning AI is to connect Blue Hexagon with your GCP project(s). Follow the steps here:

Connect GCP Account with Blue Hexagon

Blue Hexagon Network Threat Defense Setup

This following steps deploy the Blue Hexagon for GCP solution with GCP Packet Mirroring. Blue Hexagon inspects network traffic generated by GCP Compute Engine and GCP Kubernetes Engine workloads to uncover and respond to threats in real-time.

A Blue Hexagon representative can assist you to deploy the solution.

...

Getting Started

Share your GCP project or Compute Engine service account email address with your Blue Hexagon representative. Blue Hexagon will in turn share a custom Compute Engine image and add the provided email address as an Image User, as described here.

...

  • You must have a GCP project with a VPC containing at least one private subnet.

  • The VPC must be configured for Cloud NAT to allow Blue Hexagon virtual appliances deployed in the private subnet to reach out to the Blue Hexagon cloud.

  • The Blue Hexagon deployment manager template creates a 0.0.0.0/0 outbound firewall rule to allow outbound communications with the Blue Hexagon cloud - do not remove this.

  • [Preferred] The gcloud command line tool to deploy the Blue Hexagon for GCP Deployment Manager package. Follow instructions here to install. The following command may be useful.

    Code Block
    curl https://sdk.cloud.google.com | bash

GCP Security Audit Setup

...

Login to the GCP account you wish to connect with Blue Hexagon and enable (e.g. via cloud shell) the following APIs.
 Code Block
gcloud services enable appengine.googleapis.com bigquery.googleapis.com cloudfunctions.googleapis.com cloudresourcemanager.googleapis.com cloudkms.googleapis.com compute.googleapis.com container.googleapis.com dataflow.googleapis.com dns.googleapis.com dataproc.googleapis.com iam.googleapis.com sqladmin.googleapis.com storage-component.googleapis.com recommender.googleapis.com monitoring.googleapis.com logging.googleapis.com serviceusage.googleapis.com 
Step 2: Create Service Account
Name the service account, e.g. bluehexagonsecurity
Grant the service account the following permissions:
  • Viewer
  • Security Reviewer
  • Storage Object Viewer
Step 3: Create and Export JSON Key File
...
Step 4: Register JSON Key File with Blue Hexagon
...
Deployment
...
Your welcome email should have the password to decrypt the package; if not, ask your Blue Hexagon representative for the same. Unzip the package using unzip or equivalent.
...
Run the following command (requires python3 – use GCP Cloud Shell if necessary)
 Code Block
cd bluehexagon
./bh_gcp_registration.py -l <YOUR-BLUEHEX-SAAS-LICENSE> -k <PATH-TO-DOWNLOADED-JSON-KEYFILE>
If you are unable to complete the above steps, you can alternatively share the JSON key file with your Blue Hexagon representative, who will complete the registration for you.
...
Blue Hexagon is deployed as an autoscaling managed instance group behind an internal load balancer in a subnet in your VPC.
...