Deploy the Virtual Network Sensor on you Azure cloud environment.
If your security environment uses a hybrid deployment, or you do not have VMware or
Microsoft Hyper-V in your environment, you can leverage your Azure subscriptions to
deploy a Virtual Network Sensor instance.
NoteThe steps contained in these instructions are valid as of January 2024.
|
Before you begin, make sure you have completed the following tasks:
-
Choose or create a virtual network for the Virtual Network Sensor instance.
-
Choose or create the network security group and subnets for the Virtual Network Sensor data port and management port.Trend Micro recommends using different subnets for the data and management ports.
Procedure
- Sign in to the Azure console.
- In a separate tab, access the Trend Vision One console and go to .
- Click Deploy Virtual Network Sensor.The Virtual Network Sensor Deployment panel appears.
- Select Microsoft Azure for the platform.
- Set the Admin password and confirm the password.The password must contain the following:
-
12 to 32 characters
-
Both uppercase and lowercase characters
-
At least one number (0-9)
-
At least one special character: ~!`@#$%^&*()/_+=[]{}-\|<>',.?:;" or space
Note
This step is used to set the default admin password to access the Virtual Network Sensor command line interface after deployment. -
- Select the Connection method.
-
Direct connection: the Virtual Network Sensor connects to Trend Vision One directly. Make sure the Virtual Network Sensor is able to connect to the internet when using this configuration.
-
Connect using a custom proxy: the Virtual Network Sensor connects to Trend Vision One through a third-party proxy. After choosing this method, configure the following fields:
-
Proxy address: Specify the IP address of the proxy.
-
Proxy port: Specify the connecting port of the proxy.
-
Proxy server requires authentication: (Optional) Select if the proxy requires authentication credentials.
-
User name: Specify the user name for the proxy credentials.
-
Password: Specify the password for the proxy credentials.
-
-
Connect using a Service Gateway as proxy: the Virtual Network Sensor connects to Trend Vision One through a Service Gateway. Select a Service Gateway to use for this method.
Important
The Virtual Network Sensor must be able to connect to a Service Gateway with the Forward Proxy Service configured and enabled. For more information, see Managing services in Service Gateway.
-
- Click Download Token to download
the token file.The token file contains important information for the Virtual Network Sensor including the configured admin password and information that allows the Virtual Network Sensor to connect and on-board with Network Inventory automatically.
- Once downloading completes, click Go to Azure
Marketplace.The Azure Marketplace opens in a new tab with the Trend Vision One™ XDR for Networks page displayed.If the tab does not open, access the Marketplace from your Azure console and search for Trend Vision One™ XDR for Networks.
- Click Create.The Create Trend Vision One™ XDR for Networks screen appears.
- In the Basics tab, configure the Project
details.
- Select the Subscription where you want to deploy the Virtual Network Sensor.
- Select the Resoruce group to manage the virtual Virtual Network Sensor.
- Configure the Instance details.
- Select the Region where you want to deploy the Virtual Network Sensor.
- Specify a unique Appliance Name.
- Select the Appliance VM Size.The Virtual Network Sensor has been tested with the following recommended instance types. For more information, see Virtual Network Sensor system requirements.
Recommended VM Sizes for Azure Deployment
Throughput (Mbps)Recommended instance typeRecommended virtual disk size (GB)100D2s_v350500D4s_v3501000D8ds_v4502000D8ds_v41005000D16ds_v515010000D32lds_v5200 - Select a Diagnostics storage account for the Virtual Network Sensor, or create a new one.
- Click Next.
- Configure the settings on the Network tab.
- Select the Virtual network.
- Select the Management Subnet for the management port.
- Select the Data Subnet for the data port.
- Click Next to go to the Advanced tab.
- For Network Inventory registered file, click the browse button to locate and select the token file you downloaded.
- Click Next to go to the Review + create tab.
- Once the validation shows passed, click
Create to begin deployment and installation.Deployment, installation, and on-boarding to Network Inventory might take some time to complete. Refresh the screen the Virtual machines screen to monitor the installation progress. You can also view the Network Inventory app in the Trend Vision One console to see when on-boarding completes.Once onboarding completes, configure traffic mirroring. Traffic mirroring is used to direct traffic to the Virtual Network Sensor data ports for scanning. You can use any third-party Network Packet Broker by following the setup instructions for your preferred solution. Trend Micro has tested the third-party solution Gigamon VUE Cloud Suite for Azure with the Virtual Network Sensor. For full deployment instructions, refer to the Gigamon documentation.