Installing the JATP Appliance Virtual Core OVA
Juniper’s Advanced Threat Prevention extensible deployment options include a Virtual Core (vCore) detection engine product as an Open Virtual Appliance, or OVA, that runs as a virtual machine. Specifically, an OVA-packaged image is available for VMware Hypervisor for vSphere 6.5, 6.0, 5.5, and 5.0.
The OVF package consists of several files contained in a single directory with an OVF descriptor file that describes the Juniper ATP Appliance virtual machine template and package (metadata for the OVF package and a Juniper ATP Appliance software image). The directory is distributed as an OVA package (a tar archive file with the OVF directory inside).
Juniper generates an .ovf and a .vmdk file for every JATP build. Download both the OVF and the VMDK into the same directory. Then, from the vSphere client, click on File -> Deploy OVF Template. Choose the .ovf file and then complete the deployment of the ovf wizard. The configuration wizard prompts for collector/core properties such as IP address, hostname, device key. Log in to the CLI and configure each setting.
vCore Provisioning Requirements and Sizing Options
Table 1: Provisioning Requirements
VM vCenter Version Support
Recommended vCore ESXi Hardware
VM vCenter Server Versions: 6.5, 6.0, 5.5, and 5.0
vSphere Client Versions: 6.5, 6.0, 5.5, and 5.0
ESXi version: 5.5.1, and 5.5
Processor speed 2.3-3.3 GHz
As many physical CORES as virtual CPUs
Hyperthreading: either enable or disable
CPU Reservation: Default
CPU Limit: Unlimited
Hyperthreaded Core Sharing Mode: None (if Hyperthreading is enabled on the ESXi)
Memory Reservation: Default
Memory Limit: Unlimited
Table 2: Sizing Options
Number of vCPUs
Disk 1: 512 G
Disk 2: 1 TB
Disk 1: 512 G
Disk 2: 2 TB
Install the JATP OVA to a VM
- Download the Juniper ATP Appliance OVA file from the location specified by your Juniper ATP Appliance s support representative to a desktop system that can access VMware vCenter.
- Connect to vCenter and click on File>Deploy OVF Template.
- Browse the Downloads directory and select the OVA file, then click Next to view the OVF Template Details page.
- Click Next to display and review the End User License Agreement page.
- Accept the EULA and click Next to view the Name and Location page.
- The default name for the Virtual Core is Juniper ATP Appliance Virtual Core Appliance. If desired, enter a new name for the Virtual Core.
- Choose the Data Center on which the vCore will be deployed, then click Next to view the Host/Cluster page.
- Choose the host/cluster on which the vCore will reside, then click Next to view the Storage page.
- Choose the destination file storage for the vCore virtual
machine files, then click Next to view the Disk Format page. The default
is THICK PROVISION LAZY ZEROED which requires 512GB of free space
on the storage device. Using Thin disk provisioning to initially save
on disk space is also supported.
Click Next to view the Network Mapping page.
- Set up the vCore interface:
Management (Administrative): This interface is used for management and to communicate with the Juniper ATP Appliance Traffic Collectors. Assign the destination network to the port-group that has connectivity to the CM Management Network IP Address.
Click Next to view the Juniper ATP Appliance Properties page.
- IP Allocation Policy can be configured for DHCP or Static
addressing-- Juniper ATP Appliance recommends using STATIC addressing.
For DHCP instructions, skip to Step 12. For IP Allocation Policy as
Static, perform the following assignments:
IP Address: Assign the Management Network IP Address for the vCore.
Netmask: Assign the netmask for the vCore.
Gateway: Assign the gateway for the vCore.
DNS Address 1: Assign the primary DNS address for the vCore.
DNS Address 2: Assign the secondary DNS address for the vCore.
- Enter the Search Domain and Hostname for the vCore.
- Complete the Juniper ATP Appliance vCore Settings:
New Juniper ATP Appliance CLI Admin Password: this is the password for accessing the vCore from the CLI.
Juniper ATP Appliance Central Manager IP Address: If the virtual core is stand-alone (no clustering enabled) or Primary (clustering is enabled), the IP address is 127.0.0.1. If the virtual core is a Secondary, the Central Manager IP address will be the IP address of the Primary.
Juniper ATP Appliance Device Name: Enter a unique device name for the vCore.
Juniper ATP Appliance Device Description: Enter a description for the vCore.
Juniper ATP Appliance Device Key Passphrase: Enter the passphrase for the vCore; it should be identical to the passphrase configured in the Central Manager for the Core/CM. Click Next to view the Ready to Complete page.
- Do not check the Power-On After Deployment option because you must first (next) modify the CPU and Memory requirements (depending on the vCore model--either 500Mbps, or 1Gbps; refer to Install the JATP OVA to a VM for sizing information.. It is important to reserve CPU and memory for any virtual deployment.
- To configure the number of vCPUs and memory:
Power off the virtual collector.
Right click on the virtual collector -> Edit Settings
Select Memory in the hardware tab. Enter the required memory in the Memory Size combination box on the right.
Select CPU in the hardware tab. Enter the required number of virtual CPUs combination box on the right. Click OK to set.
- To configure CPU and memory reservation:
For CPU reservation: Right click on vCore-> Edit settings:
Select Resources tab, then select CPU.
Under Reservation, specify the guaranteed CPU allocation for the VM. It can be calculated based on Number of vCPUs *processor speed.
For Memory Reservation: Right click on vCore -> Edit settings.
In the Resources tab, select Memory.
Under Reservation, specify the amount of Memory to reserve for the VM. It should be the same as the memory specified by the Sizing guide.
- If Hyperthreading is enabled, perform the following selections:
Right click on the vCore -> Edit settings.
In the Resources tab, select HT Sharing: None for Advanced CPU.
- Power on the Virtual Core (vCore).
- Log into the CLI and use the server mode “show uuid” command to obtain the UUID; send to Juniper to receive your license. Refer to the Operator’s Guide for licensing instructions.
To install the JATP Appliance OVA to a VM
- Unpack the Juniper ATP Appliance Server and mount it in a 19’ rack; follow the instructions included with the rail kit.
- Connect the management port eth0 to the management network.
The Juniper ATP Appliance Server eth0 management port is used to access the Command Line Interface (CLI) and browser-based Web UI. It is also the interface through which the Juniper ATP Appliance Server communicates with the Collectors, sends email notifications for detected threats, and executes infection verifications (IVP) at enterprise endpoints, downloads detection intel, and performs logging and SIEM integration.
- Connect a VGA monitor and USB keyboard to the Juniper ATP Appliance Server to perform the initial configuration. Alternatively, you may perform initial configuration using the serial console (Baud Settings: 115,200 baud, 8N1, no hardware flow control, no XON/XOFF)
Connect the power cable and power up the appliance.
When an OVA is cloned to a create another virtual Secondary Core, the value for column "id" in the Central Manager Appliance table is the same by default. Admins must reset the UUID to make it unique. A new Virtual Core CLI command “set id” is available to reset the UUID on a cloned Virtual Core from the CLI’s core mode. Refer to the Juniper ATP Appliance CLI Command Reference to review the Core mode "set id" and "show id" commands. Special characters used in CLI parameters must be enclosed in double quotation marks.