Scribd
Upload
54 views35 pages

SANGFOR - CCOM - v3.0.50c - VMware VCC Deployment Guide - EN

Uploaded by

autuladao11
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
54 views35 pages

SANGFOR - CCOM - v3.0.50c - VMware VCC Deployment Guide - EN

Uploaded by

autuladao11
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 35

Sangfor CCOM VMware vCC Deployment Guide

Sangfor Cyber Command


VMware vCC deployment Guide

Product Version 3.0.50c

Document Version 01

Released on Aug. 25, 2021

Version 01 (Mar.24, 2021) Confidentiality: Public in Company 1


Sangfor CCOM VMware vCC Deployment

Copyright © Sangfor Technologies Inc. 2021. All rights reserved.


Unless otherwise stated or authorized, Sangfor Technologies Inc. (hereinafter referred
to as "Sangfor") and its affiliates reserve all intellectual property rights, including but
not limited to copyrights, trademarks, patents, and trade secrets, and related rights to
text, images, pictures, photographs, audio, videos, charts, colors, and layouts as
presented in or concerning this document and content therein. Without prior
written consent of Sangfor, this document and content therein must not be
reproduced, forwarded, adapted, modified or displayed or distributed by any
other means for any purpose.
Disclaimer
Products, services or features described in this document, whether wholly or in part,
may be not within your purchase scope or usage scope. The products, services or
features you purchase must be subject to the commercial contract and terms as
agreed by you and Sangfor. Unless otherwise provided in the contract,
Sangfor disclaims warranties of any kind, either express or implied, for the
content of this document.
Due to product version upgrades or other reasons, the content of this
document will be updated from time to time. Unless otherwise agreed, this
document is used for reference only, and all statements, information, and
recommendations therein do not constitute any express or implied warranties.

Version 01 ( Jul.07,
Sangfor CCOM VMware vCC Deployment

Technical Support
For technical support, please visit: https://www.sangfor.com/en/about-
us/contact-us/technical-support
Send information about errors or any product related problem to
[email protected].

About This Document


This document describes the Integrated guidance of Sangfor Cyber Command
(CC) V3.0.60.

Intended Audience
This document is intended for:
⚫ Cyber Command user

Note Icons
English Icon Description

Indicates an imminently hazardous situation which, if not


avoided, will result in death or serious injury.

Indicates a potentially hazardous situation which, if not


avoided, could result in death or serious injury.

Indicates a hazardous situation, which if not avoided, could


result in minor or moderate injury.

Indicates a hazardous situation, which if not avoided, could


result in settings failing to take effect, equipment damage, or
data loss.
NOTICE addresses practices not related to personal injury.

Calls attention to important information, best practices, and tips.


NOTE addresses information not related to personal injury
or equipment damage.

Version 01 (Aug.2, 1
Sangfor CCOM VMware vCC Deployment

Change Log
Date Change Description

Aug. 25, 2021 This is the first release of this document.

May. 19, 2022 Added the precaution in section 2.1.2 for the support of GoldenEye and others
advanced feature.

Version 01 (Aug.2, 2
Sangfor CCOM VMware vCC Deployment

Contents
Change Log..............................................................................................................2
1 Introduction...........................................................................................................4
1.1Abbreviations and conventions....................................................................4
2 Deployment...........................................................................................................5
2.1Deployment Preparation Related to Customers...........................................5
2.1.1.................................................Resources Required for Deployment
............................................................................................................5
2.1.2...................................................................Deployment Notification
............................................................................................................5
2.2Deployment Process.....................................................................................6
2.3Business Verification After Deployment.......................................................6
2.4Rollback........................................................................................................7
3 Deployment Instruction.........................................................................................7
3.1Preparation Before Deployment...................................................................7
3.1.1............................................................................Deployment Tools
............................................................................................................7
3.1.2.................................................................Deployment Environment
............................................................................................................7
3.1.3........................................................................Customer Resources
............................................................................................................7
3.1.4...................................................Confirmation Before Deployment
.....................................................................................................7
3.2Deployment Procedure.................................................................................7
3.2.1.....................................................................Deployment Procedure
............................................................................................................7
3.3Connection with STA...................................................................................16
3.4VMware vSphere Client Deployment..........................................................19
3.5Check After Deployment............................................................................30
3.5.1................................................................................Platform Check
..........................................................................................................30
3.5.2........................................................................Business Verification
..........................................................................................................30
3.6Handling of Upgrade Failure.......................................................................31

Version 01 (Aug.2, 3
Sangfor CCOM VMware vCC Deployment

1 Introduction
1.1 Abbreviations and conventions
CCOM in this article refers to the SANGFOR Cyber Command device.

Version 01 (Aug.2, 4
Sangfor CCOM VMware vCC Deployment

2 Deployment
2.1 Deployment Preparation Related
to Customers

2.1.1 Resources Required for Deployment


You need to access the VMware cloud environment of the customer and be
familiar with the customer's network configuration.

Uploading the image to the cloud platform may take 50 minutes, and the entire
deployment may take 1.5 hours.

The deployment environment should have enough resources and space (at
least 8C32G+128G+4T).

2.1.2 Deployment Notification


The English version of the 3.0.50C image can only be deployed in VMware
virtual environment and cannot be deployed with physical hardware.
Deployment of 3.0.50C English version is only compatible with VMware ESXI5.0
\VMware ESXI 6.0\VMware ESXi 7.0
The following CPU models are measured: (Include but not
limited):
48 CPUs x Intel(R) Xeon(R) Gold 5220R CPU @ 2.20GHz

28 CPUs x Intel(R) Xeon(R) CPU E5-2680 v4 @ 2.40GHz

44 CPUs x Intel(R) Xeon(R) CPU E5-2699 v4 @ 2.20GHz

20 CPUs x Intel(R) Xeon(R) Silver 4210 CPU @ 2.20GHz

The English version of 3.0.50C can only support the following configuration:

Version 01 (Aug.2, 5
Sangfor CCOM VMware vCC Deployment

Configuration

Scenario Supported Memory CPU Disk NICs

System:
128G

Yes 32G 8 cores Data: 4T 4

System:
128G
Virtual Environment
Deployment Yes 96G 32 cores Data: 4T 4

VMware ESXi System:


5.0.0/6.0.0/7.0.0 128G

Yes 128G 40 cores Data: 4T 4

System:
128G

Yes 256G 40cores Data: 4T 4

Physical Hardware
Deployment No

Table 1: Virtual Environment Spec description

If you required the advanced features like Golden eye, the memory required
minimum 96G and above to support the advanced features.

2.2 Deployment Process


Prepare the ISO image of Cyber Command 3.0.50C.

Import the image, configure the environment and start the auto installation.
This may take 1.5 hours.

2.3 Business Verification After Deployment


Check whether you can log in normally without errors displayed.

Version 01 (Aug.2, 6
Sangfor CCOM VMware vCC Deployment

If STA is connected, go to the Logs page to check whether new logs are
generated constantly.

Check as required whether customer business is usual.

2.4 Rollback
None.

3 Deployment Instruction
3.1 Preparation Before Deployment

3.1.1 Deployment Tools


Prepare the ISO image of Cyber Command 3.0.50C.

3.1.2 Deployment Environment


None.

3.1.3 Customer Resources


Refer to the chapter Deployment Preparation Related to Customers.

3.1.4 Confirmation Before Deployment


Refer to the chapter Deployment Impacts.

3.2 Deployment Procedure

3.2.1 Deployment Procedure


Cyber Command 3.0.50C Deployment:

Version 01 (Aug.2, 7
Sangfor CCOM VMware vCC Deployment

Step 1. Get the ISO image of 3.0.50C and import it to the customer's VMware
cloud environment.
Step 2. Configure the virtual machine. Select ISO image of 3.0.50C for the virtual
CD/DVD drive.
Step 3. Power on the virtual machine and select automatic installation
Step 4. Wait for the System to install automatically.

VMware ESXi Deployment:


Step 1. Upload the obtained image to VMware, which may take about 50
minutes.

Step 2. Click Create / Register VM.

Step 3. Select Create a new virtual machine.

Version 01 (Aug.2, 8
Sangfor CCOM VMware vCC Deployment

Step 4. Select VMware ESXi 7.0 (you can also select VMware ESXi 5.0 or
VMware ESXi 6.0). Select Linux OS and CentOS 7 (64-bit) version as below.

Step 5. Select storage, ensuring that the environment has enough space.
Then, click Next.

Version 01 (Aug.2, 9
Sangfor CCOM VMware vCC Deployment

Step 6. Configure the virtual machine as following: 8-core CPU, 32G memory,
128 GB system disk, and 4 TB data disk. Version 3.0.50C supports 1 to 4 NICs.

Step 7. Select an image to be added to the virtual CD/DVD drive.

Version 01 (Aug.2, 1
Sangfor CCOM VMware vCC Deployment

Step 8. Select Connect at power on.

Step 9. Click Finish.

Version 01 (Aug.2, 1
Sangfor CCOM VMware vCC Deployment

Step 10. Select the created virtual machine.

Step 11. Click Power on button after you select the virtual machine. You will go to
the installation page. Press Enter to select the automatic installation.

Version 01 (Aug.2, 1
Sangfor CCOM VMware vCC Deployment

Step 12. Wait during the automatic installation, which may take 1.5 hours.

Version 01 (Aug.2, 1
Sangfor CCOM VMware vCC Deployment

Step 13. After the automatic installation is complete, click Reboot.

Version 01 (Aug.2, 1
Sangfor CCOM VMware vCC Deployment

Step 14. After installation, You are required to find a PC which the same IP
segment with the vCC 10.251.251.252 to continue the setup.

The default login account of the Web console is "admin" with the password
"admin".

Licensing is required to use the product. Otherwise, you can only enter the
page about system settings.

After entering the web console, you need to add the permanent route and IP
address manually. Otherwise, the IP address information just configured will be

Version 01 (Aug.2, 1
Sangfor CCOM VMware vCC Deployment

invalid after the device restarts.

Virtualization deployment requires a basic configuration. For example, if CPU cores, memory size,
system disk, and data disk size are non-standard, the System may fail to start, or the gateway
may be unreachable.

3.3 Connection with STA


When Cyber Command is licensed, it needs to be connected with a Stealth
Threat Analytics (STA) device to receive traffic. The following operations should be
performed on STA:
Step 1. Log in to STA.

Version 01 (Aug.2, 1
Sangfor CCOM VMware vCC Deployment

Step 2. Ensure that the customer's traffic is connected and will be forwarded
from the switch's mirror port. It also depends on the customer's network
configuration.

Step 3. Go to STA and specify a Cyber Command IP address to be connected and


test connectivity.
Step 4. Choose the log transmission mode, which is usually set to the
Advanced logs mode.

Version 01 (Aug.2, 1
Sangfor CCOM VMware vCC Deployment

Step 5. Check the STA status on Cyber Command and ensure that STA is
connected.

The following figure shows that Cyber Command has processed traffic normally.

Version 01 (Aug.2, 1
Sangfor CCOM VMware vCC Deployment

3.4 VMware vSphere Client Deployment


Step 1. Upload ISO file to VMware datastore.

Step 2. The upload may take 30 minutes. The ISO file in the following screenshot
is just an example.

Step 3. Click Create a new virtual machine.

Step 4. Select Typical to create a new virtual machine and then click Next.

Version 01 (Aug.2, 1
Sangfor CCOM VMware vCC Deployment

Step 5. Select a host and click Next.

Step 6. Select a resource pool and click Next.

Version 01 (Aug.2, 2
Sangfor CCOM VMware vCC Deployment

Step 7. Select storage size, ensure the storage is according to the spec listed
in the Virtual Environment Spec description.

Version 01 (Aug.2, 2
Sangfor CCOM VMware vCC Deployment

Step 8. Select Linux OS and CentOs 4/5/6/7 (64-bit) version for the
virtual machine. Then, click Next.

Step 9. Version 3.0.50C supports 1 to 4 NICs. Supported NIC types:


VMXNET3, VMXNET2 (enhanced), and e1000.

Version 01 (Aug.2, 2
Sangfor CCOM VMware vCC Deployment

Step 10. Add a 128 GB system disk. Then, click Next.

Step 11. Click Continue to finish specific configurations for the virtual machine.

Version 01 (Aug.2, 2
Sangfor CCOM VMware vCC Deployment

Step 12. Change CPU to 8 cores and change memory size to 32GB.

Version 01 (Aug.2, 2
Sangfor CCOM VMware vCC Deployment

Step 13. Add a 4TB data disk, ensuring that the environment has sufficient resources.

Version 01 (Aug.2, 2
Sangfor CCOM VMware vCC Deployment

Step 14. Click Next.

Version 01 (Aug.2, 2
Sangfor CCOM VMware vCC Deployment

Step 15. Click Next.

Step 16. Click Next.

Version 01 (Aug.2, 2
Sangfor CCOM VMware vCC Deployment

Step 17. Click Finish to complete the steps to add a disk.

Step 18. Select an image to be added to the virtual CD/DVD drive. Select
Connect at power on. Browse the Datastore to start uploading ISO.

Version 01 (Aug.2, 2
Sangfor CCOM VMware vCC Deployment

Version 01 (Aug.2, 2
Sangfor CCOM VMware vCC Deployment

Step 19. After adding the file, click Finish and wait for VMware to create a new
virtual machine.

Step 20. Select the newly created virtual machine and click Power on to go to
the automatic installation page. The operation steps are the same as VMware ESXi
and will not be repeated here.

3.5 Check After Deployment

3.5.1 Platform Check


Log in to the web console and go to System > Update > Cyber
Command to check that the version is SIS3.0.50C.

3.5.2 Business Verification


Verify the basic functions used by customers. Log in and go to the Logs page to
check whether there are new logs synchronized from STA.

Version 01 (Aug.2, 3
Sangfor CCOM VMware vCC Deployment

3.6 Handling of Upgrade Failure


Scenario 1: Fail to start the automatic installation.

Troubleshooting:
1. Check whether the host resources on the deployment environment are
sufficient.
2. Check whether Power on is not selected when the image is selected for the
added virtual CD/DVD drive.

Scenario 2: Console cannot be accessed when deployment is finished


and the network has been configured.

Troubleshooting:
1. Check the resource configuration of the deployment environment. For
example, check whether the data disk is configured and whether the data
disk size is too small.
2. Check whether the MAC address of the management interface matches the MAC
address of the NIC that the virtual machine uses to access the network.

Scenario 3: Network error occurs after login to console

Troubleshooting:
1. Errors occur on pages of the console when the Elasticsearch database is not
started. In this case, wait for the Elasticsearch database to be started.

Version 01 (Aug.2, 3
Sangfor CCOM VMware vCC Deployment

2. Log in to the background to check the console version. It has to be Cyber


Command 3.0.50C.

Version 01 (Aug.2, 3
SANGFOR

You might also like