Learn how to deploy your own Virtual Network Sensor with KVM, using Red Hat Enterprise Linux 9.2 as an example.
Virtual Network Sensor is a lightweight network sensor that scans your network
activity and feeds network activity data to Trend Vision One and allows you
to discover unmanaged assets and gain a holistic view of your attack surface. Before
using the features of Network Security, you
need to set up your Virtual Network Sensor and connect your sensor to Trend Vision One.
 |
ImportantIf the throughput exceeds 2000 Mbps, Trend Micro recommends configuring your
Virtual Network Sensor using a PCI passthrough that is compliant with the
following drivers: Broadcom tg3 and bnxt_en, and Intel i40e, igb, ixgbe, and
e1000.
|
 |
NoteBefore deploying the Virtual Network Sensor, ensure that you have adequate system resources and prepare the following:
|
Procedure
- In the Red Hat Enterprise Linux 9.2 environment (KVM host), install the required software.
- On the KVM host CLI, ensure that you have root privileges and create your destination folder and the data and management ports.
- On the Trend Vision One console, go to .
- Click Deploy Virtual Network Sensor.The Virtual Network Sensor Deployment panel appears.
- Select KVM for the platform.
- Set the Admin password and confirm the password.The password must contain the following:
-
12 to 32 characters
-
Both uppercase and lowercase characters
-
At least one number (0-9)
-
At least one special character: ~!`@#$%^&*()/_+=[]{}-\|<>',.?:;" or space
Note
This step is used to set the default admin password to access the Virtual Network Sensor command line interface after deployment. -
- Select the Connection method.
-
Direct connection: the Virtual Network Sensor connects to Trend Vision One directly. Make sure the Virtual Network Sensor is able to connect to the internet when using this configuration.
-
Connect using a custom proxy: the Virtual Network Sensor connects to Trend Vision One through a third-party proxy. After choosing this method, configure the following fields:
-
Proxy address: Specify the IP address of the proxy.
-
Proxy port: Specify the connecting port of the proxy.
-
Proxy server requires authentication: (Optional) Select if the proxy requires authentication credentials.
-
User name: Specify the user name for the proxy credentials.
-
Password: Specify the password for the proxy credentials.
-
-
Connect using a Service Gateway as proxy: the Virtual Network Sensor connects to Trend Vision One through a Service Gateway. Select a Service Gateway to use for this method.
Important
The Virtual Network Sensor must be able to connect to a Service Gateway with the Forward Proxy Service configured and enabled. For more information, see Managing services in Service Gateway.
-
- Click Download Disk Image.
- Extract the disk image zip file.
- On the KVM host CLI, execute $ cp -a cacert.pem checksum checksum.p7 vns_deploy.sh vns_meta.iso \vns_system.qcow2 <destination_folder>/ to copy the files to the destination folder.
- Execute $ bash ./vns_deploy.sh --mgmt <mgmt_network> --data
<data_network> to deploy Virtual Network Sensor.Your Virtual Network Sensor deploys and automatically connects to Network Inventory.
- To confirm that your Virtual Network Sensor has successfully deployed, go to on the Trend Vision One console to view information about your deployed
Virtual Network Sensor.
Tip
-
For information about troubleshooting Virtual Network Sensor, see Virtual Network Sensor CLI commands.
-
The Virtual Network Sensor default IP allocation is DHCP. For more information about changing the IP settings and registering manually, go to Virtual Network Sensor FAQs.
-