Setting Up vGW Series

After you download and deploy the vGW Series and power on the vGW Security Design VM, you can configure basic operating system parameters such as the vGW Security Design VM IP address. You use a Web browser to access the vGW Security Design VM.

To determine the IP address, from the vCenter server, select the vGW Security Design VM in the vCenter console, and select the Summary tab. Alternatively, you can display the IP address by selecting the Console tab.

If DHCP is not available on the vGW Security Design VM network:

  1. Log in to the console using admin for both the username and the password.
  2. At the command prompt, enter config network, and specify the options to assign an IP address.

    After an IP address is set through DHCP or a static IP address is assigned, you can access the vGW Security Design VM using a Web browser.

  3. Using a supported Web browser, connect to the vGW Security Design VM management interface through HTTPS.

    Enter admin for both the username and password. See Figure 11.

    vGW Series supports the following Web browsers:

    • Microsoft Internet Explorer 7 and 8
    • Mozilla Firefox 3 or later

      Figure 11: vGW Series Security Design VM Login Screen

      vGW Series Security Design VM Login
Screen
  4. Read the information message, and review the process overview shown in the Wizard Progress pane.
  5. Change the default vGW Global Admin account password—admin—that you used to log in.

    You must change the default password. Store the new password in a secure location. It is difficult to recover a lost or forgotten password.

    Tip: You can integrate administration accounts with the vGW Security Design VM after the installation is complete.

  6. Configure networking parameters for the vGW Security Design VM.

    Set the correct destination network for vGW Management Network and leave the VMsafe Network unchanged.

  7. If you changed the IP address, you must log in to the system again. Changes to the IP address take effect immediately.

    Note: The system tries to verify the DNS server entries. You can safely ignore the warning message.

  8. Set the system time.

    Set the correct time zone, and then specify the NTP servers for your environment.

    The vGW Series components require that the correct system time be set on all ESX/ESXi hosts.

    If you do not have an NTP server, you can use a predefined server. If you do not have outbound Internet access to contact the NTP servers and if you do not have an internal NTP server, then you must clear all entries shown in this window and set the time manually.

    To set the time manually, log in to the console, and use the vGW Series command-line utility.

    At this point, the wizard confirms that a database disk was created and initialized properly. If you have not defined the database disk properly, the wizard displays a message.

    If you are using a 30-day evaluation license, you can continue to use the vGW Series in that mode, or you can enter your permanent licenses. See Figure 12.

    Figure 12: vGW Series Licensing

    vGW Series Licensing
  9. Insert the appropriate authentication information, then click Next to perform an authentication test. See Figure 13.

    Figure 13: Authenticating to the vGW Installation Wizard

    Authenticating to the vGW Installation Wizard

    For the vGW Series to query the vCenter for the VM inventory and other operations, you must have an account with read and write access.

    • If the connection works properly, a message appears that shows the number of ESX/ESXi hosts and Take tVMs discovered.
    • If there is a connection issue, you are notified. In that case, ensure that you have the correct credentials and that IP connectivity to the vCenter system exists.

    In some cases, you may need to insert another vNIC into the vGW Security Design VM. Under these circumstances, you must connect that vNIC to the network that connects to the vCenter server.

  10. (Optional) Configure the e-mail server that you want to use to send reports.

    Using this option, you can configure the vGW Series to send reports on system activity through e-mail. Additionally, you can configure basic information used in the report, such as the subject, the content of standard report e-mail, and so on. After you configure these parameters, you can test the e-mail connection.

    You can also configure this information later or change it after the installation completes using the Applications section of vGW Security Design VM Settings module.

  11. Define a template for deploying the vGW Security VMs to secure the environment.

    If you have not downloaded the vGW Security VM and converted it to a template, do so now. You can define:

    • How the vGW Series responds when a VM tries to connect to an ESX/ESXi host on which the VMsafe kernel module cannot be loaded or is not present.
    • Whether the VMsafe Monitor Mode installation screen appears.

    Unless you plan to deploy the product in monitor mode, leave the Monitoring-only option for VMsafe unchecked.

    Also, unless you want to drop network traffic to VMs when the vGW Series fails to load, you should leave the default option of Allow All traffic. You can change this option later, if you want to change the behavior for one or more VMs.

  12. Click Done to complete the vGW Security Design VM setup.

    The vGW Security Design VM appears. You use this module to deploy vGW Security VMs to the ESX/ESXi hosts to be secured, to configure other vGW Series features, and to view specific and summary results information and reports.

Related Documentation