How to Install Virtual Advanced Threat Defense (vATD)

Version 25

     

    Introduction

     

    This document will guide you through the process of downloading and installing your vATD on a VMware ESXi virtual machine environment.

     

    Video Tutorial

     

     

     

     

    Download vATD Software

     

    Go to Download My Products Login | McAfee Downloads. You will be prompted to enter your grant number.

     

     

     

    Once on the download page, navigate to "Virtual Advanced Threat Defense". For the purpose of this document, version 3.10 was used. Begin the download of the OVA for vATD.

     

        •     Tip: Saving the OVA on the local datastore of the host that vATD will deploy on will reduce the deployment time.

     

     

    Installing vATD

     

     

    • System Requirements

     

    To ensure that your deployment is successful, your environment must meet the following minimum requirements.

     

     

    • Memory and Disk Space Requirements

     

    Each vATD deployment will require a minimum of 32 GB of memory, 16 virtual CPU (4 x 4), and 750 GB hard disk space (both for Thin or Thick provisioning).

     

    If you select Thin provisioning while deploying the OVA, make sure that there's enough disk resource when multiple virtual machines are running simultaneously.

     

     

     

    • Installation Process

     

    Launch the vSphere client and from the File menu select Deploy OVF Template.

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

    A pop-up will appear, prompting to select the source location. Browse for the OVA and then click Next.

     

     

    Set the name of the vATD appliance in the Name text box, and choose the host in which you would like to deploy the appliance to. Then click Next.

     

    Choose Thick or Thin provisioning for the disk format. Then click Next.

     

     

    In Network Mapping, select the required network from the list of available networks. Then click Next.

     

     

    Review the configuration. If you need to perform any corrections, click Back and make the required changes. Select the Power on after deployment checkbox, and then click Finish.

     

     

    After you click Finish, the ESXi server will take some time to create the virtual machine and power it on. Once the VM has been created, you may proceed to configuration of the vATD appliance.

     

     

    Configuration

     

    • Management of the Appliance

     

    After vATD has finished booting, use the vSphere client to log into the CLI with the default credentials

     

        • Username : cliadmin
        • Password : atdadmin

     

     

    On the first login to the vATD CLI, you will be prompted to change the password for the cliadmin user. Provide the old password and then enter the new one.

    (The password must be an alphanumeric character string up to 25 characters. The string must begin with a letter, and can include hyphens, underscores, and periods, but not spaces.)

     

     

    Set a name for the McAfee Virtual Advanced Threat Defense. For example, set appliance name vATD_appliance_1.

     

     

     

    • Network Configuration

     

      1. Set the vATD management port IP address and subnet mask. For example, set appliance IP xx.xx.x.x 255.255.255.0
      2. Set the default gateway IP address. For example, set appliance gateway xx.xx.x.x.

     

     

    Do not assign the following class C network IP address:

     

        • 192.xxx.xx.0/24

     

     

                   Set the management port speed and duplex settings using of the following commands:

     

        • set mgmtport auto - Sets the management port in auto mode for speed and duplex.
        • set mgmtport speed (10|100) duplex (full|half) - Sets the speed to 10 Mbps or 100 Mbps in full or half-duplex mode.

     

                   Verify the configuration by running the show command.

     

        • Check the network connectivity by running the ping <IP address> command.

     

    Once you have verified your configuration, type reboot and press ENTER to restart the vATD and apply the changes.

     

     

     

    Log on to the vATD Appliance

     

    After completing the setup through the CLI, access your vATD appliance through an internet browser. The vATD URL will be:

    https://<McAfee Virtual Advanced Threat Defense host name or IP address>

     

    You will be prompted to add a security exception the first time logging on, confirm the security exception to proceed.

     

     

    Log on to the vATD interface using the default credentials.

     

        • Login ID -  admin
        • Password - admin

     

     

                   You will be prompted to change the default password. Once completed, proceed to the vATD web-interface.

     

     

    Licensing

     

                   Before you can create any VMs on the vATD appliance, you must license and activate the vATD software using a temporary or permanent license key.

     

                   The following license key types are supported:

     

        • 30-days trial key - A temporary license valid for 30 days is obtained on the initial purchase of the product. This license is based on the version of the McAfee Virtual Advanced Threat Defense software that you install.
        • Permanent license key - A permanent license is purchased for a certain period. At the time of the purchase, you can provide the end date of the permanent license. This license is based on the System ID of the McAfee Virtual Advanced Threat Defense instance.             

     

                       You also need the grant number to activate your product.

    When emailing MBlicensing@intel.com, you will need to provide the System ID or Device System ID. The System ID can be found through the Web-interface, or the Command line interface.

     

     

    • Activate the product using the temporary key

     

                   1. Save the temporary license key file to the desktop and make a note of your grant number from the grant email.

                   2. Log on to the McAfee Virtual Advanced Threat Defense Interface.

                   3. Select Manage | ATD Configuration | Licensing

                   4. Click Browse, located and select the temporary license file, then click Open.

                   5. Type the grant number, then click Activate.

     

     

    • Activate the product using the permanent key

     

    You will first need to obtain the System ID or Device System ID. The System ID can be obtained either from the Command line interface, or the Web-interface.

     

    Command line interface

     

    1. Log on to the command line interface with a valid user name.

         -  The default user name is cliadmin and password is atdadmin.

    2. Run show system id.

    3. From the result, make a note of the the System ID from the result.

     

     

    Web-interface

     

                   1. Log on to the vATD interface.

                   2. Select Manage | ATD Configuration | Licensing | Licensing

                   3. From the License information section, make a note of the Device System ID.

     

     


    After you receive an email with the grant number and license key from MBlicensing@intel.com,  register your product.

     

        1. Navigate to Manage | ATD Configuration | Licensing page.
        2. Click Browse, locate and select the permanent license file, then click Open.
        3. Type the grant number, then click Activate.

     

    Once the process is complete, the license details appear in the License Information section.