Views:

Learn how to deploy your own Virtual Network Sensor on Nutanix AHV.

Virtual Network Sensor is a lightweight network sensor that scans your network activity and feeds network activity data to Trend Vision One and allows you to discover unmanaged assets and gain a holistic view of your attack surface. Before using the features of Network Security, you need to set up your Virtual Network Sensor and connect your sensor to Trend Vision One.
Important
Important
If the throughput exceeds 2000 Mbps, Trend Micro recommends configuring your Virtual Network Sensor using a PCI passthrough that is compliant with the following drivers: Broadcom tg3 and bnxt_en, and Intel i40e, igb, ixgbe, and e1000.
Note
Note
Review the Virtual Network Sensor system requirements before starting and ensure you have adequate resources for Virtual Network Sensor.

Procedure

  1. On the Trend Vision One console, go to Network SecurityNetwork InventoryVirtual Network Sensor.
  2. Click Deploy Virtual Network Sensor.
    The Virtual Network Sensor Deployment panel appears.
  3. Select Nutanix AHV from the disk image type dropdown.
  4. Click Download Disk Image.
  5. Extract the installation zip file for files that will be accessed later in this procedure.
  6. From the Nutanix AHV console, click Settings.
  7. Click Image Configuration on the right navigation bar.
  8. Click Upload Image and then click Upload a file.
  9. Among the files that you extracted in step 5, upload the vns_meta.iso file and then do the same to upload the vns_system.qcow2 file.
  10. From the Nutanix AHV console, click VM.
  11. From the Overview page, click Network Config to create subnets and a virtual switch. If you already have these, skip to step 12.
    1. From the Network Configuration dialog, click Create VS under Virtual Switch to create the virtual switch.
    2. From the Network Configuration dialog, click Create Subnets under Subnets to create two subnets: one for the management port and one for the data port. Each of these subnets must be created on its own virtual switch.
  12. From the Overview page, click Create VM to create the virtual network sensor.
  13. In the Create VM dialog:
    1. Enter a name for your virtual network sensor.
    2. For Compute Details, refer to Virtual Network Sensor system requirements in order to specify adequate throughput values.
    3. For Disks, click the pencil icon to configure a disk with the following values and click Update:
      • Operation: Clone from Image Service
      • Bus Type: IDE
      • Image: the vns_meta.iso file from step 9.
    4. Click Add New Disk to configure another disk with the following values and click Update:
      • Type: DISK
      • Operation: Clone from Image Service
      • Bus Type: SATA
      • Image: the vns_system.qcow2 file from step 9.
    5. For Network Adapters (NIC), click Add New NIC to specify your management port first.
      Your Virtual Network Sensor must be able to connect to Trend Vision One through this port. To navigate any firewall rules, refer to Ports and URLs used by Virtual Network Sensor.
    6. For your second Network Adapters (NIC), click Add New NIC to specify your data port.
      The network traffic that is monitored must be mirrored to this port.
    7. Click Save.
    8. To adjust the sizes of the disks you added in substeps c and d, right-click your VNS and select Update.
      Click the pencil icon next to the disk you want to edit, adjust the size according to Virtual Network Sensor system requirements, and click Update.
    9. Verify your size change and click Save.
  14. To apply your settings automatically, right-click your VNS and select Power on.
Related information