Launching a Virtual Network Sensor instance on Azure

Procedure

1. Sign in to the Azure console.
2. In a separate tab, access the Trend Vision One console and go to Network Security → Network Inventory → Virtual Network Sensor.
3. Click Deploy Virtual Network Sensor.
   The Virtual Network Sensor Deployment panel appears.
4. Select Microsoft Azure for the platform.
5. Set the Admin password and confirm the password.
   The password must contain the following:

   • 12 to 32 characters
   • Both uppercase and lowercase characters
   • At least one number (0-9)
   • At least one special character: ~!`@#$%^&*()/_+=[]{}-\|<>',.?:;" or space

   Note This step is used to set the default admin password to access the Virtual Network Sensor command line interface after deployment.

6. Click Download Token to download the token file.
   The token file contains important information for the Virtual Network Sensor including the configured admin password and information that allows the Virtual Network Sensor to connect and on-board with Network Inventory automatically.
7. Once downloading completes, click Go to Azure Marketplace.
   The Azure Marketplace opens in a new tab with the Trend Vision One™ XDR for Networks page displayed.

   If the tab does not open, access the Marketplace from your Azure console and search for Trend Vision One™ XDR for Networks.
8. Click Create.
   The Create Trend Vision One™ XDR for Networks screen appears.
9. In the Basics tab, configure the Project details.
   1. Select the Subscription where you want to deploy the Virtual Network Sensor.
   2. Select the Resoruce group to manage the virtual Virtual Network Sensor.
10. Configure the Instance details.
    1. Select the Region where you want to deploy the Virtual Network Sensor.
    2. Specify a unique Appliance Name.
    3. Select the Appliance VM Size.
       The Virtual Network Sensor has been tested with the following recommended instance types. For more information, see Virtual Network Sensor system requirements.

       Recommended VM Sizes for Azure Deployment

       Throughput (Mbps)	Recommended instance type	Recommended virtual disk size (GB)
       100	D2s_v3	50
       500	D4s_v3	50
       1000	D8ds_v4	50
       2000	D8ds_v4	100
       5000	D16ds_v5	150
       10000	D32lds_v5	200

    4. Select a Diagnostics storage account for the Virtual Network Sensor, or create a new one.
11. Click Next.
12. Configure the settings on the Network tab.
    1. Select the Virtual network.
    2. Select the Management Subnet for the management port.
    3. Select the Data Subnet for the data port.
13. Click Next to go to the Advanced tab.
14. For Network Inventory registered file, click the browse button to locate and select the token file you downloaded.
15. Click Next to go to the Review + create tab.
16. Once the validation shows passed, click Create to begin deployment and installation.
    Deployment, installation, and on-boarding to Network Inventory might take some time to complete. Refresh the screen the Virtual machines screen to monitor the installation progress. You can also view the Network Inventory app in the Trend Vision One console to see when on-boarding completes.

    Once onboarding completes, configure traffic mirroring. Traffic mirroring is used to direct traffic to the Virtual Network Sensor data ports for scanning. You can use any third-party Network Packet Broker by following the setup instructions for your preferred solution. Trend Micro has tested the third-party solution Gigamon VUE Cloud Suite for Azure with the Virtual Network Sensor. For full deployment instructions, refer to the Gigamon documentation.