Connect to Reveal(x) 360 from self-managed sensors

This guide provides instructions for connecting Reveal(x) 360 to the self-managed sensors and Trace appliances that are deployed on-premises or in AWS, Azure, and Google Cloud Platform (GCP) cloud service providers.

Before you begin

  • You must have an Okta user account with OktaAdmin privileges to configure Reveal(x) 360. See the Reveal(x) 360 Setup and Administration Guide to learn how to configure Reveal(x) 360 and create users before completing the steps in this guide.
  • You must have a Reveal(x) 360 user account with Unlimited privileges.
  • Your Discover and Trace appliances must be connected to ExtraHop Cloud Services before connecting to Reveal(x) 360. For more information, see Connect to ExtraHop Cloud Services.
  • If you have a firewall, all traffic must be permitted outbound to TCP 443 to connect to ExtraHop Cloud Services and the ExtraHop Cloud Recordstore. For more information, see Configure your firewall rules.
Note:For ExtraHop-managed sensors, see Deploy Reveal(x) 360 sensors for AWS.

Generate a token

Generate a token for each sensor that you want to connect to Reveal(x) 360.

  1. Log in to the Reveal(x) 360 Console.
  2. Click the System Settings icon at the top right of the page and then click Administration.
  3. Click Connect Appliances in the left-hand pane.
    The Generate Token dialog appears.
  4. Click Generate Token.
    Note:Each sensor or Trace appliance that you want to connect to Reveal(x) 360 requires a unique token.
  5. Copy the generated token.

Connect your sensor

  1. Log in to the Administration settings on your self-managed sensor through https://<extrahop-hostname-or-IP-address>/admin.
  2. In the ExtraHop Command Settings section, click Connect Command Appliances.
  3. Click Add Appliance.
  4. Paste the token you generated from the Reveal(x) 360 Console into the Generated Token field.
  5. Type a name into the Discover Appliance Nickname field to identify this sensor in the Reveal(x) 360 Console.
  6. Click Connect.

Connect your Trace appliance

  1. Log in to your self-managed Trace appliance through https://<extrahop-hostname-or-IP-address>/admin.
  2. In the Trace Cluster Settings section, click Connect to Reveal(x) 360.
  3. Paste the token you generated from the Reveal(x) 360 Console into the Generated Token field.
  4. Type a name into the Trace Appliance Nickname field to identify this appliance in the Reveal(x) 360 Console.
  5. Click Connect.

Connect sensors to your Trace appliance

You must establish a connection from all of your sensors to your Trace appliances before you can query for packets.

  1. Log in to the Administration settings on your self-managed sensor through https://<extrahop-hostname-or-IP-address>/admin.
  2. In the ExtraHop Trace Settings section, click Connect Trace Appliances.
  3. Type the hostname or IP address of the Trace appliance in the Appliance hostname field.
  4. Click Pair.
  5. Note the information listed in the Fingerprint field. Verify that the fingerprint listed on this page matches the fingerprint of the Trace appliance listed on the Fingerprint page in the Administration settings of the Trace appliance.
  6. Type the password of the Trace appliance setup user in the Trace Setup Password field.
  7. Click Connect.
  8. To connect additional Trace appliances, repeat steps 2 through 7.
    Note:You can connect up to 4 Trace appliances to a sensor.

Test the configuration

Verify that you can view traffic from your connected sensors on the Reveal(x) 360 Console.

  1. Log in to the Reveal(x) 360 Console.
  2. Click Dashboards at the top of the page.
  3. In the left pane, under System Dashboards, click Network. The charts should display data from the traffic.
    Note:It can take up to ten minutes after the traffic session is created before data appears.

Learn more about Reveal(x) 360

After traffic data appears, you can begin exploring Reveal(x) 360. Check out our documentation website, which includes general concepts, how-to guides, and walkthroughs. For example, you can learn how to create a dashboard or activity map, prioritize the devices on your network for advanced analysis, and investigate security detections.

Published 2020-12-04 17:03