You are on page 1of 17

Nexpose Virtual Appliance Deployment Guide

Copyright 2013 Rapid7, LLC. Boston, Massachusetts, USA. All rights reserved. Rapid7 and Nexpose are trademarks of Rapid7, LLC. Other names appearing in this content may be trademarks of their respective owners.

This documentation is for internal use only.

Revision history
Revision Date
December 10, 2012 April 24, 2013

Description
Doc version 1.0. Created document. Doc version 1.1. Updated screen shots to reflect current Nexpose Web interface.

Nexpose Virtual Appliance Deployment Guide

Contents
Contents ................................................................................................................................ 3 About this guide ..................................................................................................................... 4 What is the Virtual Appliance? ................................................................................................ 4 Components of the Virtual Appliance ..................................................................................... 4 Other documents and Help ..................................................................................................... 5 Document conventions ........................................................................................................... 6 For technical support .............................................................................................................. 6 Deploying the Virtual Appliance ............................................................................................. 7 Supported environments ......................................................................................................... 7 Downloading the Virtual Appliance ......................................................................................... 7 Deploying in VMware Player ................................................................................................... 8 Deploying in VMware Workstation ....................................................................................... 10 Deploying in vCenter or VMware ESX(i) ................................................................................ 12 Administering the Virtual Appliance ...................................................................................... 15 Logging onto the Security Console ........................................................................................ 16

Nexpose Virtual Appliance Deployment Guide

About this guide


Use this guide to learn how to deploy the Virtual Appliance in one of the supported VMware environments. This guide also provides steps for logging onto the Nexpose application and getting started using it.

What is the Virtual Appliance?


The Virtual Appliance is a fully functioning virtual machine version of Nexpose. You can deploy it quickly and easily in one of several supported virtual environments. Nexpose is a unified vulnerability detection and management solution that scans networks to identify the devices running on them and to probe these devices for vulnerabilities. It analyzes the scan data and processes it for reports. You can use these reports to help you assess your network security at various levels of detail and remediate any vulnerabilities quickly. The vulnerability checks identify security weaknesses in all layers of a network computing environment, including operating systems, databases, applications, and files. The application can detect malicious programs and worms, identify areas in your infrastructure that may be at risk for an attack, and verify patch updates and security compliance measures.

Components of the Virtual Appliance


The Nexpose application consists of two main components:

Scan Engines perform asset discovery and vulnerability detection operations. You can deploy them outside your firewall, within your secure network perimeter, or inside your DMZ to scan any network asset. The Security Console communicates with Scan Engines to start scans and retrieve scan information. All exchanges between it and Scan Engines occur through encrypted SSL sessions over a dedicated TCP port that you can select. For better security and performance, Scan Engines do not communicate with each other; they only communicate with the Security Console.

When an asset is scanned for the first time, the Security Console creates a repository of information about that asset in its database. With each ensuing scan of the asset, the console updates the information in the repository. The Security Console includes a Web-based interface for configuring and using the application. An authorized user can log on to this interface securely using HTTPS to perform any task that his or her role permits. See the section Managing users and authentication in the administrator's guide. The authentication database is stored in an encrypted format on the console server, and passwords are never stored or transmitted in plain text. Other Security Console functions include generating user-configured reports and regularly downloading patches and other critical updates from the central update system. When you deploy the Virtual Appliance, you will operate a Security Console with a local Scan Engine.

Nexpose Virtual Appliance Deployment Guide

Other documents and Help


After you deploy the Virtual Appliance, use the Help site and other documents to help you operate and administer Nexpose. Click the Help link on any page of the Security Console Web interface to find information quickly. Click the Support link to download any of the following documents from the Support page in Help.

Quick-start guide
The quick-start guide provides simple steps for running scans, viewing results, and creating reports.

Users guide
The users guide helps you to gather and distribute information about your network assets and vulnerabilities using the application. It covers the following activities:

logging onto the Security Console and familiarizing yourself with the Web interface managing vAsset discovery setting up sites and scans running scans manually viewing asset and vulnerability data creating remediation tickets using preset and custom report templates using report formats reading and interpreting report data configuring scan templates configuring other settings that affect scans and reports

Administrators guide
The administrators guide helps you to ensure that Nexpose works effectively and consistently in support of your organizations security objectives. It provides instruction for doing key administrative tasks:

configuring host systems for maximum performance planning a deployment, including determining how to distribute scan engines managing users and roles maintenance and troubleshooting

Nexpose Virtual Appliance Deployment Guide

Document conventions
Words in bold are names of hypertext links and controls. Words in italics are document titles, chapter titles, and names of Web interface pages. 1. Steps of procedures are indented and are numbered.

Items in Courier font are commands, command examples, and directory paths. Items in bold Courier font are commands you enter. Variables in command examples are enclosed in box brackets. Example: [installer_file_name] Options in commands are separated by pipes. Example: $ /etc/init.d/[daemon_name] start|stop|restart Keyboard commands are bold and are enclosed in arrow brackets. Example: Press and hold <Ctrl + Delete>
NOTES, TIPS, and WARNINGS appear in the margin.

NOTES contain information that:

enhances a description or a procedure. provides additional details that only apply in certain cases.

TIPS provide hints, best practices, or techniques for completing a task. WARNINGS provide information about how to avoid potential loss of data or damage to data or a loss of system integrity. Throughout this document, Nexpose is referred to as the application.

For technical support


You have several options for technical support:

Send an e-mail to support@rapid7.com (Enterprise and Express Editions only). Click the Support link on the Security Console Web interface. Go to community.rapid7.com.

Nexpose Virtual Appliance Deployment Guide

Deploying the Virtual Appliance


Read this section to learn how to deploy the Virtual Appliance in one of the supported environments. This section includes the following topics:

Supported environments on page 7 Downloading the Virtual Appliance on page 7 Deploying in VMware Player on page 8 Deploying in VMware Workstation on page 10 Deploying in vCenter or VMware ESX(i) on page 12 Administering the Virtual Appliance on page 15

Supported environments
The Virtual Appliance is tested and supported in the following environments:

VMware Player 4.x or later VMware Workstation 8.x or later VMware vCenter 4.1 or later VMware ESX(i) 4.1 or later

Downloading the Virtual Appliance


Rapid7 provides the Virtual Appliance as an Open Virtualization Format (OVF) file. Download the file from an e-mail that Rapid7 sent to you, and note the location of the downloaded file.

Nexpose Virtual Appliance Deployment Guide

Deploying in VMware Player


1. 2. In VMware Player, click File | Open. VMware Player displays the Open Virtual Machine window. In the Files of type: dropdown list, select the group that includes *.ova.

The Open Virtual Machine window

3.

Locate the downloaded Virtual Appliance file, and click Open. VMware Player displays the Import Virtual Machine window.

The Import Virtual Machine window

4. 5. 6.

Optional: Rename the Virtual Appliance file name if desired. Specify the storage location for the Virtual Appliance. Click Import. The import process converts the Virtual Appliance file to a Virtual Machine Disk Format (VMDK) file. When the import process is complete, the Virtual Appliance appears on the list of available virtual machines in VMware Player.

Nexpose Virtual Appliance Deployment Guide

7.

Select the Virtual Appliance, and click Play virtual machine. VMware Player displays a window with for the Virtual Appliance as it starts up.

Playing the Virtual Appliance

Nexpose Virtual Appliance Deployment Guide

Deploying in VMware Workstation


1. 2. In VMware Workstation, click File | Open. VMware Workstation displays a navigation window for locating the file. In the drop-down list next to the File name: field, select Open Virtual Machine Format Images.

The navigation window for locating the Virtual Appliance file

3.

Locate the downloaded Virtual Appliance file, and click Open. VMware Workstation displays the Import Virtual Machine window.

The Import Virtual Machine window

4. 5. 6.

Optional: Rename the Virtual Appliance file name if desired. Specify the location for the Virtual Appliance once it is imported. Click Import. The import process converts the Virtual Appliance file to a Virtual Machine Disk Format (VMDK) file.

7.

When the import process is complete, select the Virtual Appliance from the list of available virtual machines in VMware Workstation.

Nexpose Virtual Appliance Deployment Guide

10

8.

Click Power on this virtual machine. VMware Workstation displays a window with for the Virtual Appliance as it starts up.

Powering on the Virtual Appliance

Nexpose Virtual Appliance Deployment Guide

11

Deploying in vCenter or VMware ESX(i)


1. In vCenter or VMware ESXi, click File | Deploy OVF Template... The Deploy OVF template window appears.

The Deploy OVF template window

2.

Locate the downloaded Virtual Appliance file, and click Next. The OVF Template Details panel appears for configuring Virtual Appliance settings.

The OVF Template details panel

3. 4. 5.

Enter a name for the Virtual Appliance. Select an inventory location, and click Next. Select a host or cluster for the Virtual Appliance, and click Next.

Nexpose Virtual Appliance Deployment Guide

12

6. 7. 8. 9.

Select a resource pool, and click Next. Select a data store, and click Next. Select Thick Provision (recommended setting) for the disk format, and click Next. Select a network mapping, and click Next.

10. In the Networking Properties pane, enter network-related information for the Virtual Appliance OR If you are using network auto-configuration through DHCP, leave the fields blank, and click Next.

The Network Properties pane

11. Click Finish.

Nexpose Virtual Appliance Deployment Guide

13

12. When the import process is complete, select the Virtual Appliance from the list of available virtual machines.

Powering on the Virtual Appliance

13. Click Power on. Then click the Console tab to view a window for the Virtual Appliance appears as it starts up.

Nexpose Virtual Appliance Deployment Guide

14

Administering the Virtual Appliance


After the Virtual Appliance starts, you can log onto it to perform any necessary administrative functions. The operating system for the Virtual Appliance is Ubuntu 12.04, and your account includes sudo permissions. When startup is complete, the Virtual Appliance window displays a logon prompt. Enter the default user name and password. Both are nexpose.

Logging onto the Virtual Appliance

It is strongly recommended that you change the Virtual Appliance logon password. To do so, enter the following command:
passwd

In response to the following prompts, enter your current password, enter your new password, and then re-enter the new password for confirmation. You will need the IP address of the Virtual Appliance in order to log onto to the Web interface and start performing Nexpose operations. To find out the address, run the following command:
ifconfig eth0

The Virtual Appliance displays its IP address.

Nexpose Virtual Appliance Deployment Guide

15

Logging onto the Security Console


You perform all Security Console operations through a Web-based interface, which supports the following browsers:


1.

Internet Explorer 7.0.x, 8.0.x, and 9.0 Mozilla Firefox 10.0.x Google Chrome

To log onto the Security Console take the following steps:


TIP: If there is a usage conflict for port 3780, you can specify another available port in the [installation_directory]\nsc\conf \httpd.xml file. You also can switch the port after you log on. . NOTE: It is highly recommended that you change your credentials after logging on the first time.

Start a Web browser. Enter the URL for the Virtual Appliance. Indicate HTTPS protocol, and specify port 3780. Example: https://10.0.0.1:3780 Your browser displays the Logon window.

2.

Enter the default user name (nxadmin) and password (nxpassword). User names and passwords are case-sensitive and non-recoverable.

Logon window

NOTE: If the logon window indicates that the Security Console is in maintenance mode, then either an error has occurred in the startup process, or a maintenance task is running. .

3. 4.

Click the Logon button. If you are a first-time user and have not yet activated your license, the Security Console displays an activation dialog box. Enter your product key. If you do not have a product key, click the link to request a key for the Community Edition. Doing so will open a page on the Rapid7 Web site, where you can register to receive a key by e-mail. OR Go to the Rapid7 Web site (rapid7.com) to request evaluation versions of other Nexpose editions, such as Enterprise Edition.

Nexpose Virtual Appliance Deployment Guide

16

After you receive the product key, log on again and enter the product key in the activation window.

Activate License window

NOTE: If the Security Console displays a warning that authentication services are unavailable, and your network uses an external authentication source, have your Global Administrator verify that the source is online and correctly configured. .

5. 6.

Click Activate to complete this step. The Security Console displays the Home page. Click the Help link on any page of the Web interface for information on how to use the application.

The first time you log on, you will see the News page, which lists all updates and improvements in the installed system, including new vulnerability checks. If you do not wish to see this page every time you log on after an update, clear the check box for automatically displaying this page after every logon. You can view the News page by clicking the News link that appears near the top right corner of every page of the console interface. After you log on, youre ready to start using the Virtual Appliance. For simple steps to get started with scanning and running reports, download the quick-start guide by clicking the Support link that appears on any page of the Web interface. For more detailed instructions, download the users guide from the Support page, or click Help.

Nexpose Virtual Appliance Deployment Guide

17

You might also like