Cisco Cyber Vision Installation guide

Brand: Cisco

Model: Cyber Vision

Type: Installation guide

Cisco Cyber Vision is an advanced security solution that provides continuous monitoring and protection for industrial networks. It offers real-time threat detection, asset visibility, vulnerability assessment, and incident response capabilities, enabling you to quickly identify and mitigate cyber threats. With its user-friendly interface, customizable alerts, and comprehensive reporting, Cisco Cyber Vision empowers you to maintain a secure industrial environment.

Cisco Cyber Vision Center VM Installation

Guide

Cisco Systems, Inc.

Rev. 0.0.1, 24 February 2020

Cisco Cyber Vision Center VM Installation Guide

Rev. 0.0.1, 24 February 2020

Owner: Cisco IoT

Author: Juliette Maffet

Cisco Systems, Inc.

Trademark Acknowledgments

Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco

trademarks, go to this URL: www.cisco.com/go/trademarks.

Third party trademarks mentioned are the property of their respective owners.

The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)

Publication Disclaimer

Cisco Systems, Inc. assumes no responsibility for errors or omissions that may appear in this publication. We reserve the right to change this publication at

any time without notice. This document is not to be construed as conferring by implication, estoppel, or otherwise any license or right under any copyright or

patent, whether or not the use of any information in this document employs an invention claimed in any existing or later issued patent. A printed copy of this

document is considered uncontrolled. Refer to the online version for the latest revision.

Information in this publication is subject to change without notice. No part of this publication may be reproduced or transmitted in any form, by photocopy,

microfilm, xerography, or any other means, or incorporated into any information retrieval system, electronic or mechanical, for any purpose, without the

express permission of Cisco Systems, Inc.

Americas Headquarters

Cisco Systems, Inc.

San Jose, CA

Asia Pacific Headquarters

Cisco Systems (USA) Pte. Ltd.

Singapore

Europe Headquarters

Cisco Systems International BV Amsterdam

The Netherlands

Cisco has more than 200 offices worldwide. Addresses, phone numbers, and fax numbers are listed on the Cisco Website at www.cisco.com/go/offices.

Total pages: 46

Contents

1 About this documentaon. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

1.1 Document purpose. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

1.2 Warnings and noces. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

2 Informaon & Characteriscs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

3 Requirements for installaon. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

4 Install the Virtual Center. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

4.1 Retrieve the installaon le. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

4.2 ESXi. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

4.2.1 Create a Virtual Machine. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

4.2.2 Boot the Virtual Machine. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

4.3 Hyper-V. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

4.3.1 Create a Virtual Machine. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

4.3.2 Congure the disk size. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18

4.3.3 Create the network interfaces. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21

4.3.4 Map the network interfaces. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24

4.3.5 Boot the Virtual Machine. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27

4.4 Congure the Center. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29

4.4.1 Basic Center conguraon. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29

4.4.2 Cisco Cyber Vision conguraon. . . . . . . . . . . . . . . . . . . . . . . . . . . . 39

Cisco Cyber Vision Center VM Installaon Guide

Rev. 0.0.1

Page 3Contents

1.1

1.2

1About this documentation

Document purpose

This quickstart guide shows how to connect, congure and install Cisco Cyber Vision as a

virtual machine running on VMware ESXi and on HyperV.

This documentaon is applicable to system version 3.0.1.

IMPORTANT

Cisco Cyber Vision EAP is a snapshot of the ongoing development process and is in the

qualifying phase. Tesng for this program is under progress and it may contain features that are

incomplete or may change before the next full release.

Warnings and notices

This manual contains noces you have to observe to ensure your personal safety as well

as to prevent damage to property.

The noces referring to your personal safety and to your property damage are

highlighted in the manual by a safety alert symbol described below. These noces are

graded according to the degree of danger.

WARNING

Indicates risks that involve industrial network safety or producon failure that could possibly

result in personal injury or severe property damage if proper precauons are not taken.

IMPORTANT

Indicates risks that could involve property or Cisco equipment damage and minor personal

injury if proper precauons are not taken.

Note

Indicates important informaon on the product described in the documentaon to which

aenon should be paid.

Cisco Cyber Vision Center VM Installaon Guide

Rev. 0.0.1

Page 4About this

documentaon

■

2Information & Characteristics

The Cisco Cyber Vision soluon is based on a 2-er architecture made of:

Edge sensors which are installed in the industrial network. These sensors are used to

capture network trac, decode protocols using the Cisco Deep Packet Inspecon

engine and send meaningful informaon to the Cisco Cyber Vision Center.

The Cisco Cyber Vision Center, a central plaorm gathering data from all the Edge

Sensors and acng as the monitoring, detecon and management plaorm for the

whole soluon.

The Center is therefore the central point of the Cisco Cyber Vision product. In the case of

a Virtual Center, the Center runs as a virtual machine, which is hosted on an appropriate

infrastructure.

To operate, the Center relies on two separate networks, respecvely connected to the

following interfaces:

The Administraon network interface, which gives access to the user interface.

The Collecon network interface, which connects the Center to the sensors.

Cisco Cyber Vision Center VM Installaon Guide

Rev. 0.0.1

Page 5Informaon &

Characteriscs

Cisco Cyber Vision Center VM Installaon Guide

Rev. 0.0.1

Page 6Informaon &

Characteriscs

■

3Requirements for installation

Make sure the condions listed below are met before installing Cisco Cyber Vision as a

virtual machine.

Required conguraon for a VM:

Hypervisor:

VMware vSphere 6.x or later.

Microso Hyper-V Server 2016 or later.

Make sure the hypervisor used is set with the rights necessary for a new VM

instanaon.

VM sizing

Minimum – up to 500 components:

▪ CPU: Intel Xeon, 4 cores

▪ RAM: 8GB

▪ Storage: 300GB SSD

Recommended:

▪ CPU: Intel Xeon, 8 cores

▪ RAM: 16GB minimum

▪ Storage: 2x500GB SSD minimum

Required resources:

Two IP addresses: The Center needs two interfaces. One receives protocol data from

the sensors (Collecon network interface), the other is used to access the web

interface and for SSH remote administraon (Administraon network interface).

An IP address for each sensor to connect (preferably on a dedicated LAN or VLAN for

connecons between the sensors and the Center i.e. the Industrial network

interface).

A NTP server accessible from the Center (me is generally retrieved on a router).

A machine name which has to be unique (either congured on the DNS, or to be

congured on each client). This is essenal for the security exchanges setup between

a client (humans or API) and the Center.

Cisco Cyber Vision Center VM Installaon Guide

Rev. 0.0.1

Page 7Requirements for

installaon

4.1

♦

4Install the Virtual Center

You need to complete several steps to install the Virtual Center:

1. Retrieve the Cisco Cyber Vision installaon le.

2. Create a Virtual Machine on ESXi and deploy Cisco Cyber Vision ova le on the VM.

Create a Virtual Machine on Hyper-V, set the disk size, create and map the network

interfaces.

The only conguraons that may be required during deployment are memory and

disks size customizaon.

3. Congure the Cisco Cyber Vision Center.

Retrieve the installation file

Before starng the VM installaon, you must retrieve the virtual machine installaon ova

le.

To retrieve the virtual machine installaon le:

1. Access Cisco Cyber Vision Soware Download plaorm.

2. Download the ova le from the last version released.

To verify the le integrity (recommended):

To verify that the le you just downloaded is healthy, use the SHA256 checksum provided

by Cisco.

1. Linux users can type on their shell prompt the command:

sha256sum CiscoCyberVision-<TYPE><VERSION>.<EXT>

2. Compare both checksums.

If both checksums are idencal it means the le is healthy.

If the checksums do not match try to download the le again.

If, aer downloading the le again the checksums sll don’t match,

please contact Cisco support.

Cisco Cyber Vision Center VM Installaon Guide

Rev. 0.0.1

Page 8Install the Virtual

Center

4.2

4.2.1

ESXi

Create a Virtual Machine

Before taking the steps below to create a VM on ESXi, you must set two network

interfaces (the Administraon and the Collecon network interfaces) accordingly to the

infrastructure of the network. To do so, refer to VMware ESXi documentaon.

To create the Virtual Machine and deploy Cisco Cyber Vision:

1. Login to VMware EXSi.

2. Click Create/Register VM.

The wizard to create a new virtual machine opens.

3. Click Deploy a virtual machine from an OVF or OVA le.

Cisco Cyber Vision Center VM Installaon Guide

Rev. 0.0.1

Page 9Install the Virtual

Center

4. Give a name to the virtual machine and select the Cisco Cyber Vision OVA le.

5. Select a disk with sucient storage. Refer to Requirements for installaon (page 7).

Cisco Cyber Vision Center VM Installaon Guide

Rev. 0.0.1

Page 10Install the Virtual

Center

♦

6. Map the network interfaces you have previously created to the VM's ports (1), as

shown below:

The Administraon network interface as eth0.

The Collecon network interface as eth1.

7. Set disk provisioning as Thin (2).

8. Disable the virtual machine's automac start (3).

Cisco Cyber Vision Center VM Installaon Guide

Rev. 0.0.1

Page 11Install the Virtual

Center

9. Check the new VM's sengs before clicking Finish.

Your new VM is displayed in the virtual machine list.

Cisco Cyber Vision Center VM Installaon Guide

Rev. 0.0.1

Page 12Install the Virtual

Center

4.2.2 Boot the Virtual Machine

Aer creang the VM, you can proceed to its rst boot.

1. Click the VM in the list.

2. Power on the VM.

Cisco Cyber Vision Center VM Installaon Guide

Rev. 0.0.1

Page 13Install the Virtual

Center

3. Wait a few moments for the VM iniaon to complete. The following screen is

displayed:

4. Press Ctrl+Alt to retrieve the control of your keyboard and mouse.

The Virtual Center is now ready for basic conguraon.

Cisco Cyber Vision Center VM Installaon Guide

Rev. 0.0.1

Page 14Install the Virtual

Center

4.3

4.3.1

Hyper-V

Create a Virtual Machine

To create a new VM:

1. Open Hyper-V Manager.

The following home screen appears:

2. Access the New Virtual Machine Wizard by clicking Acon > New > Virtual Machine.

The New Virtual Machine Wizard is displayed.

Cisco Cyber Vision Center VM Installaon Guide

Rev. 0.0.1

Page 15Install the Virtual

Center

3. Click Next to start.

4. Give the new VM a name (e.g. 'Center').

5. If necessary, give the Virtual Center a dierent locaon on the server than the one

set by default. In any case, the locaon chosen must have enough remaining space in

case you plan to create snapshots (i.e. VM backups).

6. Set the VM as Generaon 1.

Cisco Cyber Vision Center VM Installaon Guide

Rev. 0.0.1

Page 16Install the Virtual

Center

7. Assign memory to the VM.

Note

The minimum conguraon required is 8192 MB.

8. Leave the network connecon disconnected.

9. Select 'Use an exisng hard disk' and choose the VHDX le.

Cisco Cyber Vision Center VM Installaon Guide

Rev. 0.0.1

Page 17Install the Virtual

Center

4.3.2

10. Click 'Finish' to create the VM and close the wizard.

The Virtual Center created is displayed inside Hyper-V Manager home screen.

Configure the disk size

To congure the disk size:

1. In the Hyper-V Manager select the Center.

2. Click Acon > Sengs.

Cisco Cyber Vision Center VM Installaon Guide

Rev. 0.0.1

Page 18Install the Virtual

Center

3. Click Hard Drive, then Edit.

The Edit Virtual Hard Disk Wizard displays.

4. Click Next to proceed unl the Choose Acon tab.

Cisco Cyber Vision Center VM Installaon Guide

Rev. 0.0.1

Page 19Install the Virtual

Center

♦

5. As you are on the Choose Acon tab select the Expand opon.

6. Congure a new size for the virtual hard disk.

It is recommended:

that you set the minimum size at 16GB for a demo installaon with

small amounts of data.

that you set the minimum size at 64GB for a cartography.

that you set the minimum size at 250GB for a producon

environment.

The size you set here is a maximum. The virtual drive will expand as

data is wrien on the virtual disk.

Cisco Cyber Vision Center VM Installaon Guide

Rev. 0.0.1

Page 20Install the Virtual

Center

Page is loading ...

Cisco Cyber Vision Installation guide

Cisco Cyber Vision Installation guide

Cisco Cyber Vision Installation guide

Related papers

Other documents