How to install supported Trellix products on Nutanix Acropolis Hypervisor

Technical Articles ID: KB96300
Last Modified: 2023-10-17 09:05:15 Etc/GMT

Environment

Data Exchange Layer (DXL) Broker 6.x
Data Loss Prevention (DLP) Prevent Appliance 11.10.400
ePolicy Orchestrator (ePO) 5.10.x
Threat Intelligence Exchange (TIE) Server 4.x
Trellix Endpoint Security (HX) 5.3.3

Nutanix Acropolis Hypervisor (AHV)

Summary

This article describes how to install supported Trellix products on the Nutanix platform.

Contents
Click the headings below to expand the section you want to view:

DLP Prevent Appliance installation on Nutanix AHV

To configure DLP Prevent Appliance on the Nutanix AHV environment, follow the steps mentioned in the DLP Prevent Installation Guide.

DXL and TIE installation on Nutanix AHV

Use these steps to configure DXL and TIE Broker on the Nutanix AHV environment:

Create and set up the VM:
1. Click the Create VM link.
2. Enter the basic configuration details:
  1. General Configuration:
    - Name: Unique name for the VM.
    - Description: Description for the VM.
    - Time zone: Select the required time zone.
  2. Compute Details:
    - vCPUs: Enter the number of CPUs required.
      
      NOTE: It's recommended to use one CPU for each TIE and DXL Broker.
    - Number of cores per vCPU: Enter the number of cores required.
      
      NOTE: The recommended number of cores per CPUs for TIE setup is 8, whereas for the DXL Broker setup is 4.
    - Memory: Enter the memory.
      
      NOTE: The recommended memory for TIE setup is 16 GB, whereas for the DXL Broker setup is 8 GB.
  3. Boot Configuration:
    - Select Legacy Bios.
3. Configure your Disk setup:
  1. Click the Add New Disk link.
  2. Enter the first disk setup details as required:
    - Type: Select the type as CD-ROM.
    - Operation: Select the option Clone from Image Service.
    - Bus Type: Select the bus type as IDE.
    - Image: Select the TIE iso / DXL Broker iso image. For more information, see Image Configuration.
    - Index: Set as Next Available.
    - Click Add.
  3. Add another disk set up details as required:
  - Type: Select the type as DISK.
  - Operation: Select the option Allocate on Storage Container.
  - Bus Type: Select the bus type as IDE.
  - Storage Container: In the drop-down, select a container from the list. For TIE / DXL Broker setup, use the Default container.
  - Size: You can set it as per usage.
    
    NOTE: The recommended size for the TIE server instance is 120 GB, whereas for the DXL Broker server instance is 25 GB.
  - Index: Set as Next Available.
  - Click Add.
4. Configure your Network Adaptors (NIC):
  1. Click Add new NIC.
  2. Configure the new adaptor:
    - Subnet Name: Select a subnet name according to the NICs defined in the Nutanix environment.
    - Network Connection State: Select Connected to connect to the network.
    - Private IP Assignment: If needed, Assign private IP.
    - Click Add.
      
      NOTE: For the TIE / DXL Broker setup on Nutanix, you don't need to set the VM host affinity.
  3. Review the new configurations and click Save.
Switch on the VM:
1. Open Recent Tasks and view the status of the new VM. You see the new VM is in the Switched Off state.
2. Right-click the VM and click Power On. Wait for the VM to start. Once Switched On, you see the status as a green dot beside the VM name.
3. Launch the VM console: Right-click the VM and click Launch Console.
Install the TIE / DXL Broker Server:

Once the VM Setup is completed, you have to install the TIE / DXL Broker. For help with installation, see the TIE 4.0.x Installation Guide and DXL Broker 6.0.x Installation Guide.

NOTE: You can safely ignore the steps related to OVA.

Image Configuration:
1. Click Settings (Gear icon), and then click Image Configuration, Upload Image.
2. Enter the following details:
  1. Name: A unique name for the image.
  2. Annotation: Description of the image.
  3. Image Type: ISO.
  4. Storage Container: In the drop-down, select a container from the list. For TIE / DXL Broker setup, use the Default container.
  5. Image Source: Enter a source URL (available in the Nutanix environment) of the iso file. Alternatively, browse to the local directory.
  6. Click Save. Wait for the image upload to complete.

Basic setup validation for TIE Server:

The following scenario helps verify that the TIE setup is working fine.

Scenario 1	Monitor the health status of your TIE Server instances.
Goal	Validate that the TIE Server Topology is healthy and works correctly.
Steps	Log on to the ePO - On-prem. Go to Menu, Server Settings, TIE Server Topology Management page and select the Primary server. Check that there are no warnings/errors on each health status field. Check that there are no warnings/errors on each health status field besides the Error in the "Database and storage" section.

Scenario 2	Sample creation and execution on client and check TIE Reputation
Goal	Validate whether the sample executed in the client system is reported on TIE Reputation. Override the reputation and verify it on file details. Validate whether ENS is communicating properly with TIE server.
Prerequisites	ENS – ATP and TP are installed in the endpoint machine. Set the Reputation source as "Use Trellix GTI if the TIE server is not reachable" in the ATP policy.
Steps	Install Trellix Agent and deploy endpoints on the client machine. Go to the System Tree page on ePO and verify the client machine attached. Go to the client machine and create a sample and execute. Go to the TIE Reputation page on ePO and verify the reported executed sample. Select the executed sample entry and click Action. Override the reputation to any desired reputation type (Trust Level). Verify the override reputation in file details.

Basic setup validation for DXL Broker Server:

To verify the DXL Broker installation, see the DXL Broker Installation Guide.

ePO installation on Nutanix AHV

Use these steps to configure ePO on the Nutanix AHV environment:

NOTE: For details about the ePO-supported environments, see KB51569 - Supported platforms for ePolicy Orchestrator.

Create and set up the VM:
1. Click the Create VM link.
2. Enter the basic configuration details:
  1. General Configuration:
    - Name: Unique name for the VM.
    - Description: Description for the VM.
    - Time zone: Select the required time zone.
  2. Compute Details:
    - See the "System requirements and recommendations" section under the Trellix ePolicy Orchestrator - On-prem 5.10.0 Installation Guide.
  3. Boot Configuration:
    - Select Legacy Bios.
3. Configure your Disk set up:
  1. Click the Add New Disk link.
  2. Enter the first disk setup details as required:
    - Type: Select the type as CD-ROM.
    - Operation: Select the option Clone from Image Service.
    - Bus Type: Select the bus type as IDE.
    - Image: Select the iso image. For more information, see Image Configuration.
    - Index: Set as Next Available.
    - Click Add.
  3. Enter the second disk set up details as required:
    - Type: Select the type as CD-ROM.
    - Operation: Select the option Clone from Image Service.
    - Bus Type: Select the bus type as IDE.
    - Image: Select Windows driver’s image. For more information, see Image Configuration.
    - Index: Set as Next Available.
    - Click Add.
  4. Add another disk set up details as required:
  - Click Add New Disk.
  - Type: Select the type as DISK.
  - Operation: Select the option Allocate on Storage Container.
  - Bus Type: Select the bus type as SCSI.
  - Storage Container: In the drop-down, select a container from the list. For this setup, use the Default container.
  - Size: You can set it as per usage.
  - Index: Set as Next Available.
  - Click Add.
4. Configure your Network Adaptors (NIC):
  1. Click Add new NIC.
  2. Configure the new adaptor:
    - Subnet Name: Select a subnet name according to the NICs defined in the Nutanix environment.
    - Network Connection State: Select Connected to connect to the network.
    - Private IP Assignment: If needed, assign a private IP.
    - Click Add.
      
      NOTE: For the Windows Server setup on Nutanix, you don't need to set the VM host affinity.
  3. Review the new configurations and click Save.
Switch on the VM:
1. Open Recent Tasks and view the status of the new VM. You see that the new VM is in the Switched Off state.
2. Right-click the VM and click Power On. Wait for the VM to start. Once Switched On, you see the status as a green dot beside the VM name.
3. Launch the VM console: Right-click the VM and click Launch Console.
Product setup:

Once the VM setup is completed, you have to install ePO. For help with installation, see the ePolicy Orchestrator 5.10.0 Installation Guide.

Image Configuration:
1. Click Settings (Gear icon), and then click Image Configuration, Upload Image.
2. Enter the following details:
  1. Name: A unique name for the image.
  2. Annotation: Description of the image.
  3. Image Type: ISO.
  4. Storage Container: In the drop-down, select a container from the list. For this setup, use the Default container.
  5. Image Source: Enter a source URL (available in the Nutanix environment) of the iso file. Alternatively, browse to the local directory.
  6. Click Save. Wait for the image upload to complete.

Basic setup validation for ePO Server:

Log on to the ePO Server (https://servername:port) from a web browser and verify the ePO Server version.

The ePO console showing the installed ePO version details.

The ePO console showing the installed ePO version details.

HX installation on Nutanix AHV

Use these steps to configure HX on the Nutanix AHV environment:

Download, extract, and transfer the vmdk file to your environment:
1. Download the ova package from the Trellix Downloads site.
2. Move the ova package to your Nutanix environment.
3. Extract the contents of the ova file using an archive tool of your choice.
  You see the following extracted files:
  - vmdk file
  - mr file
  - ovf file
Upload the HX image:
1. Click Settings (Gear icon), and then click Image Configuration, Upload Image.
2. Enter the following details:
  - Name: A unique name for the image.
  - Annotation: Description of the image.
  - Image Type: DISK.
  - Storage Container: In the drop-down, select a container from the list. For HX setup, use the Default container.
  - Image Source: Enter a source URL (available in the Nutanix environment) of the image file.
    Alternatively, browse to the local directory you placed the vmdk file in.
3. Click Save.
  Wait for the image upload to complete.
Create and set up the VM:
1. Click the Create VM link.
2. Enter the basic configuration details:
  1. General Configuration:
    - Name: Unique name for the VM.
    - Description: Description for the VM.
    - Time zone: Select the required time zone.
  2. Compute Details:
    - vCPUs: Enter the number of CPUs required.
    - Number of cores per vCPU: Enter the number of cores required.
    - Memory: Enter the memory.
      
      NOTE: The compute details vary depending on the HX model. See the Deployment Guide for details of each model's requirements.
  3. Boot Configuration:
    - Select Legacy Bios.
3. Configure your Disk setup:
  1. Add a new disk:
    Click Add New Disk.
  2. Enter the disk set up details as required:
    - Type: Select the type as Disk.
    - Operation: Select the option Clone from Image Service.
    - Bus Type: Select the bus type as IDE.
    - Image: Select the HX image file that you uploaded earlier.
    - Size: The size of the disk is automatically picked up based on the image selected.
    - Index: Set as Next Available.
  3. Add your configured disk:
    Click Add.
4. Configure you Network Adaptors (NIC)
  1. Click Add new NIC.
  2. Configure the new adaptor:
    - Subnet Name: Select a subnet name according to the NICs defined in the Nutanix environment.
    - Network Connection State: Select Connected to connect to the network.
    - Private IP Assignment: None.
  3. Click Add.
5. Review the new configurations and click Save.
Switch on the VM:
1. Open Recent Tasks and view the status of the new VM.
  You see that the new VM is in the Switched Off state.
2. Right-click the VM and click Power On.
  Wait for the VM to start. Once Switched On, you see the status as a green dot beside the VM name.
3. Launch the VM console:
  Right-click the VM and click Launch Console.

Affected Products

Languages:

This article is available in the following languages:

Knowledge Center

How to install supported Trellix products on Nutanix Acropolis Hypervisor

Environment

Summary

Affected Products

Languages:

Title

Title

Knowledge Center

How to install supported Trellix products on Nutanix Acropolis Hypervisor

Environment

Summary

Affected Products

Languages:

Choose your region

Title

Title