Deploy an ExtraHop sensor in Azure
The following procedures explain how to deploy an ExtraHop Discover virtual appliance in a Microsoft Azure environment. You must have experience administering in an Azure environment to complete these procedures.
Before you begin
- You must have experience deploying virtual machines in Azure within your virtual network infrastructure. To ensure that the deployment is successful, make sure you have access to, or the ability to create the required resources. You might need to work with other experts in your organization to ensure that the necessary resources are available.
- You must have a Linux, Mac, or Windows client with the latest version of Azure CLI installed.
- You must have the ExtraHop virtual hard disk (VHD) file, available on the ExtraHop Customer Portal. Extract the VHD file from the downloaded .zip archive file.
- You must have an ExtraHop product key.
Important: | To ensure the best performance for initial device synchronization, connect all sensors to the console and then configure network traffic forwarding to the sensors. |
System requirements
The table below shows the environmental parameters that you need to configure, or might have already configured in your Azure environment to successfully deploy your ExtraHop virtual sensor.
Parameter | Description |
---|---|
Azure account | Provides access to your Azure subscriptions. |
Resource Group | A container that holds related resources for the ExtraHop sensor. |
Location | The geographic region where the Azure resources are located to sustain your virtual sensor. |
Storage account | The Azure storage account contains all of your Azure Storage data objects, including blobs and disks. |
Blob storage container | The storage container where the ExtraHop sensor image is stored as a blob. |
Managed disk | The disk required for ExtraHop sensor data storage. Specify the StandardSSD_LRS storage SKU when you create the disk. |
Network security group | The network security group contains security rules that allow or deny inbound network traffic to, or outbound network traffic from the ExtraHop sensor. |
Azure VM instance size | An Azure instance size that most closely matches the sensor VM size, as follows: EDA 1000v: Standard_DS2_v2 (2 vCPU and 7 GiB RAM) Reveal(x) EDA 1100v: Standard_A4_v2 (4 vCPU and 8 GiB RAM) EDA 2000v: Standard_DS4_v2 (8 vCPU and 28 GiB RAM) EDA 6100v: Standard_D16_v3 (16 vCPU and 64 GiB RAM) |
Optional Packet Capture Disk | (Optional) A storage disk for deployments that include precision packet
capture. Specify the Standard_LRS storage SKU when you create and add the disk.
|
Public or private IP address | The IP address that enables access to the ExtraHop system. |
Deploy the sensor
Before you begin
The procedures below assume that you do not have the required resource group, storage account, storage container, and network security group configured. If you already have these parameters configured, you can proceed to step 6 after you log in to your Azure account to set Azure environment variables.(Optional) Add a disk for precision packet captures
Next steps
- Open a web browser and navigate to the ExtraHop system through the configured management IP address. Accept the license agreement and then log in. The default login name is setup and the password is default. Follow the prompts to enter the product key, change the default setup and shell user account passwords, connect to ExtraHop Cloud Services, and connect to a console.
- After the sensor is licensed, and you have verified that traffic is detected, complete the recommended procedures in the post-deployment checklist.
Thank you for your feedback. Can we contact you to ask follow up questions?