Professional Documents
Culture Documents
DE P L O Y M E N T CH E C K L I ST
Background
Thank you for your interest in AlienVault. This checklist will help to ensure a quick and easy deployment of your USM Free Trial.
Please have all of the below steps completed before your scheduled setup call. Please notify your AlienVault sales representative if
you are unable to complete these steps prior to the scheduled call.
Scope
For trials we leverage our USM All-In-One (AIO) virtual appliance, which is our entry-level appliance. The scope, therefore, needs to
be limited as we do not want to overload the AIO. This is especially important when deploying into larger environments. Ideally we
will limit the Events Per Second (EPS) to no more than 600 for a trial and limit the mirror / SPAN port traffic to no more than 100 Mbps.
Overloading the AIO will cause performance issues and will impact your ability to properly evaluate the appliance.
e. Activate the trial license using your email address (access the USM IP via a browser to complete the activation)
f. Once activated, please create the administrator account, login and then wait at the USM Getting Started Wizard. We will
begin here during the scheduled setup call
1 AlienVault USM trials are only supported on VMware environments (4.x and higher).
www.alienvault.com
AL I E N V A U L T U S M T RIAL DE P L O YM E N T C H E C K L I S T
3. Sign up for the Open Threat Exchange (OTX)™. Leverage Pulses from the AlienVault Labs Team from day one.
a. This is where we will leverage the spare NIC on the VMware host. The goal at
this point is to have the traffic available to the USM VM via the VMware Host
6. Identify the networks that contain the assets you are interested in monitoring (CIDR
notation, e.g. 192.168.1.0/24). Typically, we will want to limit the networks to around 3
subnets, depending on the environment. We will be entering these networks as part of the
USM configuration
7. Please install the full-feature GoToMeeting desktop software onto your laptop or other computer that will be used during the
scheduled calls. This will allow us to leverage shared keyboard/mouse control.
a. Download the GoToMeeting desktop software here and install prior to our setup call
8. Be prepared to deploy a lightweight Host IDS (HIDS) agent to your domain controller and other critical servers. We will need:
a. For example, custom reporting on account lockouts; File Integrity Monitoring (FIM); Alarm notification (or other event
notification), etc.
We appreciate your time and effort and look forward to a successful evaluation of USM!
FAQ
1. Can I deploy the USM Trial to hypervisor environments other than VMware, like Hyper-V?
a. Unfortunately, no. Only VMware is supported at this time
2. Where can I find AlienVault USM documentation?
2 Please keep in mind that large enterprise firewalls will produce substantial EPS and
select accordingly (per the Scope section above).
8/26/2016 www.alienvault.com