Deploy and Configure Security Director Insights with Open Virtualization Appliance (OVA) Files

Security Director Insights requires VMware ESXi server version 6.5 or later to support a virtual machine (VM) with the following configuration:

• 8 CPUs

• 24-GB RAM

• 1.2-TB disk space

If you are not familiar with using VMware ESXi servers, see VMware Documentation and select the appropriate VMware vSphere version.

1. Download the Security Director Insights VM OVA image from the Juniper Networks software download page.Note

   Do not change the name of the Security Director Insights VM image file that you download from the Juniper Networks support site. If you change the name of the image file, the creation of the Security Director Insights VM may fail.

2. Launch the vSphere Client that is connected to the ESXi server, where the Security Director Insights VM is to be deployed.
3. Select File > Deploy OVF Template.

   The Deploy OVF Template page appears, as shown in Figure 1.

   Figure 1: Select an OVF Template Page

   

4. In the Select an OVF template page, select the URL option if you want to download the OVA image from the internet or select Local file to browse the local drive and upload the OVA image.
5. Click Next.

   The Select a name and folder page appears.

6. Specify the OVA name, installation location for the VM, and click Next.

   The Select a compute resource page appears.

7. Select the destination compute resource for the VM, and click Next.

   The Review details page appears.

8. Verify the OVA details and click Next.

   The License agreements page appears, as shown in Figure 2.

   Figure 2: License Agreement Page

   

9. Accept the EULA and click Next.

   The Select storage page appears.

10. Select the destination file storage for the VM configuration files and the disk format. (Thin Provision is for smaller disks and Thick Provision is for larger disks.)

    Click Next. The Select networks page appears.

11. Select the network interfaces that will be used by the VM.

    IP allocation can be configured for DHCP or Static addressing. We recommend using Static IP Allocation Policy.

    Click Next. The Customize template page appears. For DHCP instructions, see Step 13.

12. For IP allocation as Static, configure the following parameters for the virtual machine:

    • IP address—Enter the Security Director Insights VM IP address.

    • Netmask—Enter the netmask.

    • Gateway—Enter the gateway address.

    • DNS Address 1—Enter the primary DNS address.

    • DNS Address 2—Enter the secondary DNS address.

    Figure 3: Customize Template Page

    

13. For IP allocation as DHCP, enter the search domain, hostname, device name, and device description for the virtual machine.

    This option is recommended only for the Proof of Concept type of short-term deployments. Do not use this option.

    Click Next. The Ready to complete page appears, as shown in Figure 4.

    Figure 4: Ready to Complete Page

    

14. Verify all the details and click Finish to begin the OVA installation.
15. After the OVA is installed successfully, power on the VM and wait for the boot-up to complete.
16. Once the VM powers on, in the CLI terminal, log in as administrator with the default username as “admin” and password as “abc123”.

    After you log in, you will be prompted to change the default admin password. Enter a new password to change the default password, as shown in Figure 5.

    Figure 5: Default Admin Password Reset

    

    The Security Director Insights deployment is now complete.

17. You must now add the Security Director Insights node to Junos Space by performing the following steps.

    • Log in to Security Director GUI and navigate to Administration > Insights Management > Insights Nodes.

    • Enter the Security Director Insights IP address and the admin password (from Step 16).

    • Click Save to complete integrating the Security Director Insights VM into Security Director.

    To know more about how to add Security Director Insights nodes, see Add Insights Nodes.

Reserve Resources on VMware vCenter

1. Power off the VM, as shown in Figure 6.

   Figure 6: VM Power Off Button

   

2. Once the VM is completely powered down, click the edit button as show in Figure 7.

   Figure 7: VM Edit Button

   

   The Edit Settings page appears, as shown in Figure 8. Edit the values in the Virtual Hardware page.

   Figure 8: Edit Settings Page

   

3. In the CPU section, modify the number of CPU cores and select the values for Reservation and Limit from the respective lists.
4. In the Memory section, select the required memory reservation and limit values from the lists. For relevant values, refer the Performance Matrix table in Add Security Director Insights as a Log Collector.
5. Click OK.

Verify If the VM is Getting Enough Resources

To verify if enough resources are getting allocated to the VM at run time, select Monitor>Performance>Advanced in the vSphere and check the CPU clock speeds. as shown in Figure 9.

Figure 9: Monitor CPU Clock Speeds

You can view both CPU usage and reserved memory by selecting the required view from the View list. If the CPU usage does not reach the allocated peak and you observe any performance issues, it may indicate that the ESXi host on which this VM is running might be over subscribed. Reserving a dedicated CPU or memory for the VM might help.

Expand the VM Disk Size

Before You Begin

• Ensure that there are no snapshots. You must delete the snapshot before expanding the disk size.

• We recommend to create a backup by cloning the VM before expanding the disk size.

Procedure

1. Log in to vSphere and power down the VM.
2. Click the Edit VM settings icon, as shown in Figure 10.

   Figure 10: Edit VM Settings Icon

   

3. Set the hard disk size, as shown in Figure 11.

   Figure 11: Edit Settings Page

   

4. Power on the VM.
5. Log in to the Admin CLI and switch to server mode.
6. Run set disk-partition-to-full command.

   The new disk size is the size of /dev/sda2.