Professional Documents
Culture Documents
Virtual Machine Installation Guide: Sightline
Virtual Machine Installation Guide: Sightline
Version 9.2
Legal Notice
The information contained within this document is subject to change without notice. Arbor Networks, Inc. makes
no warranty of any kind with regard to this material, including, but not limited to, the implied warranties of
merchantability and fitness for a particular purpose. Arbor Networks, Inc. shall not be liable for errors contained
herein or for any direct or indirect, incidental, special, or consequential damages in connection with the
furnishings, performance, or use of this material.
© 2019 Arbor Networks, Inc. All rights reserved. Proprietary and Confidential Information of Arbor Networks, Inc.
Document Number: SP-VM-92-2019/12
06 December, 2019
Contents
Preface
About the Sightline and Threat Mitigation System (TMS) Documentation 6
Conventions Used in this Guide 8
Contacting the Arbor Technical Assistance Center 10
Introduction
This guide describes how to install Sightline software in a VM and configure it for your
network. It also describes how to convert a physical Sightline appliance to a VM.
Audience
This guide is intended for system administrators who are responsible for installing,
configuring, and maintaining Sightline.
In this section
This section contains the following topics:
Sightline and Threat Mitigation Instructions and information that explain how to
System User Guide configure and use Sightline and TMS appliances and
software using the Sightline web user interface (UI).
Sightline and Threat Mitigation Online help topics from the User Guide and
System Help Advanced Configuration Guide. If you are a
managed services customer, it shows only the online
help topics from the Managed Services Customer
Guide. The Help is context-sensitive to the Sightline
web UI page from which it is accessed.
Sightline and Threat Mitigation Instructions and information for the managed
System Managed Services services customers who use the Sightline web user
Customer Guide interface.
Sightline and Threat Mitigation Instructions for remotely accessing Sightline and
System API Guide TMS using the REST, SOAP, and Arbor Web Services
APIs.
Sightline and Threat Mitigation Descriptions of each Sightline and TMS software
System Licensing Guide licensing mode, how to obtain licenses to run your
Sightline and TMS software, and how to add and
change the licensed capabilities and capacities in
your deployment.
Sightline and Threat Mitigation Descriptions of the support for multi-version, multi-
System Compatibility Guide platform Sightline and TMS deployments
Sightline and Threat Mitigation Lists the enforced limits and guideline limits for
System Deployment and Sightline and Sightline/TMS deployments. It also
Appliance Limits covers the enforced limits and guideline limits for
each currently supported Sightline and TMS
appliance.
Monospaced A file name, folder name, path Type the server's IP address or
italics name, or other information hostname.
that you must supply.
The following table shows the syntax of commands and expressions. Do not type the
brackets, braces, or vertical bar in commands or expressions.
[ ] (square brackets) A set of choices for options or variables, any of which is optional.
For example: [variable1 | variable2].
Contact methods
You can contact the Arbor Technical Assistance Center as follows:
n Phone US toll free — +1 877 272 6721
Example
SP-VM-92-2019/12
Page 9
You can deploy Sightline in a virtual machine (VM). Doing so allows you to dynamically add
routers to your deployment so that you can monitor more of your infrastructure and
improve performance. It also frees you from managing a large deployment of physical
Sightline appliances. You must read this section for information you need to know prior to
installation.
In this section
This section contains the following topics:
Hypervisor Information 12
Hardware Environment Information 13
Additional Recommendations 14
Reference Benchmarks 15
Hypervisor Information
Sightline VM instances are compatible with the following hypervisors:
n VMware vSphere Hypervisor software (formerly known as ESXi)
Note
We recommend running the Sightline leader and the Sightline traffic and routing analysis
role in separate VM instances. If a single VM is used as both the leader and a device with
the traffic and routing analysis role, the VM should be provisioned with the
recommended hardware specifications, listed below.
Important
Do not configure more than two
Sightline VM instances to share a
network interface, especially if they
have the traffic and routing analysis
role.
Additional Recommendations
Note the following additional recommendations concerning Sightline VM instances:
n Time service
If you are using VMware, the guest VM currently synchronizes time automatically from
the host, and you cannot configure NTP servers on the guest VM. Make sure that the
host is synchronized using NTP to a time source that is in sync with the other Arbor
appliances in your deployment.
If you are using KVM or Xen, configure NTP servers on the guest VM that are in sync
with the other Arbor appliances in your deployment.
Note
Sightline versions higher than 9.2 will not support Xen.
n Storage device
Sightline is very disk intensive. For this reason:
l When running Sightline in a VM, we strongly recommend using a solid-state drive
(SSD) as the storage device.
l Each Sightline VM instance should have its own storage device.
l If a Sightline VM instance must share a disk with another VM instance, the disk must
be an SSD.
n VM server load
For best performance, do not run other applications or services on the VM server that
runs the Sightline VM instance.
n VMware vMotion
You can use vMotion to move a Sightline VM instance to another VM host server. Arbor
recommends that you stop Sightline services on the VM instance before you move the
VM instance.
Important
Both VM instances must use the same network name.
n VMware provisioning options
When configuring the VMware settings, use the default settings except for the following
settings:
Setting Selection
Network adapter E1000
Reference Benchmarks
This section lists performance benchmarks when using Arbor appliances. We recommend
that your Sightline VM instances provide similar performance.
ApacheBench benchmarks
Expected Flow
Performance Requests Bytes Request Rate
Cores (Flows/sec) Completed Transferred (Requests/sec)
32 200,000 37,790 8,842,860 62.98
Note
Benchmarks should be generated without services running.
Command Description
/ system This command starts the benchmarking with the apachebench and
benchmark run bonnie++ systems.
/ system This command displays whether any benchmark tests are running
benchmark show and when the last benchmark test was run. It also displays a
summary of some of the statistics from the most recent
benchmark run.
Command Description
/ system This command stops a benchmark test that is in progress.
benchmark stop
/ system This command produces the test results in CSV format after
benchmark show benchmarks are run. The output also includes a legend.
raw To show what each entry in the comma-separated output stands
for, you can import the legend into a spreadsheet program along
with the comma-separated output. Fields in the < > brackets
change, while the values “bonnie,” “ab,” and “sysinfo” are static
fields. The format for most of the fields in the < > brackets is “test
type: subtype; units.”
The following sections describe how to install Sightline 9.x and later in a VM. The following
table describes the CLI command syntax used in these sections:
In this section
This section contains the following topics:
Configuring Interfaces
To configure interfaces:
1. Determine if you are using the listed interface.
2. If you are not using the interface, press ENTER.
3. If you are using the interface, do the following:
a. Enter an IP_address for the listed interface.
b. Enter a netmask for the interface.
c. At the media type prompt, press ENTER.
4. Repeat Step 1 through Step 3 for each interface on the appliance.
5. Enter the IP_address of the default route gateway.
Note
With Xen version 7.5.0 and 7.5.1, NTP does not work.
Note
Sightline versions higher than 9.2 will not support Xen.
Important
If you upload external certificate files, make sure they are properly formatted and the
lines are terminated with UNIX-style newline characters.
Important
Sightline does not support password-protected certificates.
Note
Installing an SSL certificate on an appliance is optional.
In this section
This section contains the following topics:
The conversion method depends on the type of appliance you are converting:
n Leader appliances