Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »


BH Appliance Deployment

BH Appliance can be deployed on ESX 6.5 and higher version. The appliance needs a minimum of 32GB of RAM and a minimum of 24 vCPUs. Inspecting higher than 2Gbps of sustained traffic will need additional vCPUs. It is recommended to create a separate vSwitch for the external spanned traffic to the VM. A typical deployment scenario would look like the figure below:



Step 1: OVF Deployment

Download BlueHexagon OVF tgz package and deflate it on the client’s machine disk. Ensure that the md5 checksum provided in the package matches md5sum of vmdk file from the package. Example of the command to get md5 checksum

md5sum bh-appliance-master.configured.8-bluehexagon-pov-disk1.vmdk

Use client’s machine Chrome (or other browser that works with your version of VMWare hypervisor) to connect to your ESX server HTTPS server, Import OVF into ESX using standard procedure for importing from the local OVF file explained in https://docs.vmware.com/en/VMware-vSphere/6.7/com.vmware.vsphere.vm_admin.doc/GUID-17BEDA21-43F6-41F4-8FB2-E01D275FE9B4.html.

Start Deploy

Select Files

Choose Options

BlueHexagon VM will be up and running after the deploy has been completed.

Step 2: Installing credentials

Mount the ISO image provided by your Blue Hexagon representative as a CD/DVD drive.

Step 3 : Configuring uplink and packet capture

BlueHexagon VM will be created with two interfaces where the first interface will try to auto-configure through DHCP protocol. If successfully configured, the IPv4 address will be available in VMWare client’s console. All services are up and running at this point.

Create vSwitch for capturing packets

Identify the physical NIC on the ESX server that receives the spanned traffic from your traffic mirror of choice (switch, proxy, firewall, packet broker).

Create a new vSwitch with uplink port as the physical NIC that receives the spanned traffic.

This NIC cannot be uplink on other vSwitches.

Turn on “promiscuous mode” in the security options of the switch.

In the example shown below, we are creating a new vSwitch called capture_vSwitch with uplink port as vmnic1. “Accept” the promiscuous mode option in security settings.


Create portgroup for capturing packets

Create a portgroup within the above created vSwitch.

Accept the promiscuous mode option in the security options of the portgroup.

In the below example, we are creating a portgroup named “capture_portgroup” within

capture_vSwitch.

Add BH Appliance vNIC to capture portgroup

BH Appliance by default comes with two interfaces, one for management and other

to received spanned traffic(capture vnic).

Add the capture vnic of BH Appliance to the portgroup created above.

The capture vnic would show up as “Network Adapter 2” in the VM settings of the appliance.

In the screenshot below, the Network Adapter 2 of the bh-appliance is added to capture_portgroup.


Access the Portal UI

Once mirroring is complete, the results from the appliance are available in the UI. Please login to the product portal at https://gobluehexagon.ai with the credentials emailed to you. Please refer to our UI guide on how to interact with results from the appliance in the console.

Custom Network Settings

The Blue Hexagon VM appliance by default uses the DHCP for the Management interface. If you need to change the network settings on the VM to use a static IP. Navigate to http://<management_interface_ip and make the necessary changes as shown below

  • No labels