Deploy the ExtraHop ECA VM console on Linux KVM
This document provides information on how to install the ExtraHop virtual console on a Linux kernel-based virtual machine (KVM). This guide assumes that you are familiar with basic KVM administration.
If you have not already done so, download the ExtraHop virtual console file for KVM from the ExtraHop Customer Portal.
Important: | If you want to deploy more than one ExtraHop virtual sensor, create the new instance with the original deployment package or clone an existing instance that has never been started. |
Requirements
Before you can install the ExtraHop virtual console, make sure that your environment meets the following requirements:
- A KVM hypervisor environment capable of hosting a VM that has:
- 4 GB RAM
- Two vCPUs.
- One 4 GB boot disk (virtio-scsi interface recommended)
- One 40 GB or larger datastore disk (virtio-scsi interface recommended)
The hypervisor CPU should provide Supplemental Streaming SIMD Extensions 3 (SSSE3) support.
- An ExtraHop virtual console license key
Performance guidelines
The performance of the ECA VM console depends on the number of sensors you are deploying in combination with the number of devices you expect the system to discover in your environment. To determine the appropriate sizing, see the ECA VM Console Performance Guidelines.
Package contents
The installation package for KVM systems is a tar.gz file that contains the following items:
- eca.xml
- The domain XML configuration file
- eca.xml.md5
- An MD5 checksum file to verify the integrity of the eca.xml file.
- extrahop-boot.qcow2
- The boot disk
- extrahop-boot.qcow2.md5
- An MD5 checksum file to verify the integrity of the extrahop-boot.qcow2 file.
- extrahop-data.qcow2
- The datastore disk
- extrahop-data.qcow2.md5
- An MD5 checksum file to verify the integrity of the extrahop-data.qcow2 file.
Edit the domain XML configuration file
Edit the configuration file and create the ExtraHop virtual console.
(Optional) Configure a static IP address
By default, the ExtraHop system is configured with DHCP enabled. If your network does not support DHCP, you must configure a static address manually.
Thank you for your feedback. Can we contact you to ask follow up questions?