Deploy the ExtraHop Trace Appliance on Google Cloud Platform

The following procedures explain how to deploy a virtual ExtraHop Trace appliance in a Google Cloud environment. You must have experience deploying virtual machines in Google Cloud within your virtual network infrastructure.

To ensure that the deployment is successful, make sure you have access and ability to create the required resources. You might need to work with other experts in your organization to ensure that the necessary resources are available.

System requirements

Your environment must meet the following requirements to deploy a virtual Trace appliance in GCP:

  • You must have a Google Cloud Platform (GCP) account
  • You must have the ExtraHop deployment file, which is available on the ExtraHop Customer Portal.
  • You must have an ExtraHop product key.
  • You must have packet mirroring enabled in GCP to forward network traffic to the ExtraHop system. Packet mirroring must be configured to send traffic to nic1 (not nic0) of the ExtraHop instance. See https://cloud.google.com/vpc/docs/using-packet-mirroring.
  • You must have firewall rules configured to allow DNS, HTTP, HTTPS, and SSH traffic for ExtraHop administration. Seehttps://cloud.google.com/vpc/docs/using-firewalls.
  • You must provision a GCP instance type that most closely matches the virtual Trace appliance size, as follows:
    Appliance Recommended Instance Type Packetstore Disk
    Reveal(x) ETA 1150v n1-standard-4 (4 vCPU, 15 GB memory) 1 TB to 2 TB standard persistent disk (pd-standard)

Upload the ExtraHop deployment file

  1. Sign in to your Google Cloud Platform account.
  2. From the navigation menu, click Cloud Storage > Browser.
  3. Click the name of the storage bucket where you want to upload the ExtraHop deployment file. If you do not have a preconfigured storage bucket, create one now.
  4. Click Upload files.
  5. Browse to the extrahop-eta-gcp-<version>.tar.gz file you previously downloaded and click Open. Wait for the file to upload, and then continue to the next procedure.

Create the image

  1. From the navigation menu, click Compute Engine > Images.
  2. Click Create Image and complete the following steps:
    1. In the Name field, type a name to identify the ExtraHop appliance.
    2. From the Source drop-down list, select Cloud Storage file.
    3. In the Cloud Storage file section, click Browse, locate the extrahop-eta-gcp-<version>.tar.gz file in your storage bucket and then click Select.
    4. Configure any additional fields that are required for your environment.
  3. Click Create.

Create the packetstore disk

  1. From the navigation menu, click Compute Engine > Disks.
  2. Click Create Disk and complete the following steps:
    1. In the Name field, type a name to identify the ExtraHop disk.
    2. From the Type drop-down menu, select Standard persistent disk.
    3. In the Source type section, click Image.
    4. From the Source image drop-down list, select the image you created in the previous procedure.
    5. In the Size (GB) field, type 1000. You can create a disk size between 1000 GB and 2000 GB.
    6. Configure any additional fields that are required for your environment.
  3. Click Create.

Create the VM instance

  1. From the navigation menu, click Compute Engine > VM instances.
  2. Click Create Instance and complete the following steps:
    1. In the Name field, type a name to identify the ExtraHop instance.
    2. From the Region drop-down list, select your geographic region.
    3. From the Zone drop-down list, select a location within your geographic zone.
    4. In the Machine configuration section, select General Purpose for the machine family, N1 for the series, and n1-standard-4 (4 vCPU, 15 GB memory) for the machine type.
    5. In the Boot disk section, click Change.
    6. Click Existing disks.
    7. From the Disk drop-down list, select the disk you created in the previous procedure.
    8. Click Select.
  3. Click Management, security, disks, networking, sole tenancy.
  4. Click Networking.
  5. In the Network tags field, type the following tag names:
    Important:Network tags are required to apply firewall rules to the ExtraHop instance. If you do not have existing firewall rules that allow this traffic, you must create the rules. See https://cloud.google.com/vpc/docs/using-firewalls.
    • https-server
    • http-server
    • dns
    • ssh-all


  6. In the Network interfaces section, click the edit icon to edit the management interface.
    1. From the Network drop-down list, select your management network.
    2. From the Subnetwork drop-down list, select your management network subnet.
    3. Configure any additional fields that are required for your environment.
    4. Click Done.
  7. Click Add network interface to configure the data capture interface.
    1. From the Network drop-down list, select your network that will mirror traffic to the ExtraHop system.
    2. From the Subnetwork drop-down list, select your network subnet.
    3. From the External IP drop-down list, select None.
    4. Configure any additional fields that are required for your environment.
    5. Click Done.
  8. Click Create.

Register the appliance

Open a web browser and navigate to the ExtraHop system through the configured management IP address. Accept the license agreement and then log in. The default login name is setup and the password is the VM instance ID. Type the product key to license the system.

Next steps

  • After the appliance is licensed and you have verified that traffic is detected, complete the recommended procedures in the Trace Post-deployment Checklist.
Last modified 2023-11-07