Initial Deployment

Import the Virtual Machine Appliance

The Virtual Machine includes all the specification in the manifest, so there is no manual configuration of CPU, Memory or Hard Disk Drive required to deploy it. You can simply import the appliance and power it on. For more information about the specification, see the Specification section of the Virtual Appliance data sheet.

Verify download (optional)

Warning

It is optional but recommended, that you verify the Virtual Machine OVA file download with the contents of the provided MD5 checksum file download. This is to avoid importing a corrupted OVA file due to an interrupted download.

You can use any md5 checksum program to generate an MD5 checksum of the OVA file to perform this task. Here is an example command using the Microsoft fciv.exe binary (File Checksum Integrity Verifier version 2.05) which is not included with Microsoft Windows, but available as a separate download from Microsoft.

_images/2020-05-04_09-44-20.png

Note that the two highlighted checksums match. If they do not match, this means your download is corrupted. Please download the OVA file again and re-perform this check.

Import process - VMware

To import the Virtual Appliance into vSphere, we use the ‘Deploy OVF Template’ option in the vSphere ‘ACTIONS’ menu. In this example we are using the Web based vSphere Client of ESXi v6.5.0:

_images/2020-05-04_09-30-12.png

Select the OVA file as the OVF template to deploy:

_images/2020-05-04_10-41-33.png

Select the host you want to deploy to, followed by the storage and networks. Give the appliance a name in accordance with your organisation’s naming conventions.

Hint

We recommend that you deploy the disk as thick provisioned to ensure that your Swivel Secure appliance has dedicated disk resource.

Import process - Hyper-V

Extract the provided zip file.

Run Hyper-V Manager, select a host that you’d like to import the VM to.

Then select Action -> Import Virtual Machine.

Ensure that you have the ‘Copy the virtual machine and create a new ID’ Radio Button selected when prompted. Then point to the folder you extracted previously which contains the ‘Snapshots’, ‘Virtual Hard Disks’ and ‘Virtual Machines’ directories contained within. Once you’ve selected the directory, click ‘Import’ to start the import process.

Hint

We recommend that you deploy the disk as thick provisioned to ensure that your Swivel Secure appliance has dedicated disk resource.

Login to the Appliance Console

Power on the appliance and wait for the console to appear.

To login to the console and display the Console Management Interface (CMI), enter the default appliance credentials:

Username Default Password
admin securebox

Hint

It is recommended that you change the default password as soon as possible after deployment.

_images/2020-05-04_11-30-08.gif

Configure Networking

Login to the CMI as per the previous section. This will display the main menu. From here, select option 2 (Network).

_images/2020-05-04_11-39-05.gif

From the Network menu, we will configure the following:

  • Hostname
  • IP Address
  • Subnet Mask
  • Default Gateway
  • DNS

Configure Hostname

From the Network menu, select option 1 (Change Hostname) and enter a new hostname for the appliance. Restart Sendmail when prompted for the change to take effect.

Hint

Ensure that your local DNS server holds a record for the hostname you specify here and the IP address you’re going to assign to the appliance.

_images/2020-05-04_11-44-51.gif

Configure IP Address

From the Network menu, select option 2 (Change Interface IP Addresses), then option 1 (eth0), then option 1 (Change IP Address). Enter a new IP address at the prompt. Go back to the Networking menu and restart the network interface when prompted.

_images/2020-05-04_11-56-52.gif

Configure Netmask

From the Network menu, select option 2 (Change Interface IP Addresses), then option 1 (eth0), then option 2 (Change Netmask). Enter a new subnet mask at the prompt. Go back to the Networking menu and restart the network interface when prompted.

_images/2020-05-04_13-15-52.gif

Configure Default Gateway

From the Network menu, select option 2 (Change Interface IP Addresses), then option 3 (Change Default Gateway). Enter a new Default Gateway at the prompt. Restart the network interface when prompted.

_images/2020-05-04_13-22-44.gif

Configure DNS

From the Network menu, select option 5 (DNS), then option 1 (Add DNS Server). Enter a new DNS server at the prompt. Restart the network interface when prompted. You may need to remove any irrelevant pre-configured DNS servers that ship with the default appliance build.

Hint

Typically you would configure the customer’s internal DNS servers here. However, if the Swivel Virtual Appliance is deployed into the DMZ (the most typical scenario) then you could enter an external DNS server if the customer does not intend to open DNS server access from the DMZ to their internal segments. This will at least allow you to be able to perform updates over the Internet, as documented in the next section.

_images/2020-05-04_13-46-58.gif

Update the Appliance

Overview

Now that networking is configured, you should perform an initial update procedure to the appliance. This is recommended so that you can obtain the latest software features and security enhancements that have been produced since the appliance build was created.

Warning

If you’re reading this section and have an active deployment, updates will have a service impact. Also consider taking a virtual appliance snapshot prior to performing the update steps.

Connectivity

Source Destination Port Protocol Description
AuthControl Sentry yum.swivelsecure.net 80 TCP Download updates

Update process

From the Main menu, to get to the Update Menu, select option 6 (Administration), then option 6 (Update Appliance):

_images/2020-05-04_14-05-07.png

Using the Update Menu, we will perform the following steps:

Warning

It is essential to follow the steps below to logout of the CMI exactly as directed, so that the new CMI is loaded. Otherwise you may miss out on essential feature or security updates!

  • Flush cache
  • Update System
  • Logout of CMI
  • Login to CMI (this will load the latest version of the CMI software)
  • Flush cache (again)
  • Update System (again)
  • Reboot

Here is an example of the above steps:

_images/2020-05-04_14-21-07.gif

Hint

Updates can contain feature enhancements, security updates and new OS kernels. This is a good opportunity to take a snapshot of the virtual machine to save your progress so far.