SDDM Community Edition

From FireScope Documentation Site
Jump to: navigation, search

Minimum requirements (SaaS)

The following outlines the minimum requirements required for a SaaS-based implementation of FireScope SDDM Community Edition.

Edge Device System Requirements

The FireScope Edge virtual machine is responsible for executing Discovery, all data and flow collection, and accurately forwarding all this data to the FireScope cloud. The FireScope edge device is provided as an OVA file which must be imported into either a VMware ESX host (with or without VCenter), VMware workstation, Vmware player, or Oracle VirtualBox with at least the following minimum resources available:

  • 4 vCPU
  • 8 GB RAM
  • 100 GB local storage

Note: The storage requirement for the edge device is large to ensure enough storage space for caching in case of loss of connectivity with the FireScope cloud.


Web Browser

FireScope SDDM supports the following Web browsers:

Internet Explorer 8 and above *Compatibility mode not supported.
FireFox 6 and above
Safari 3.2 and above
Chrome 6.0 and above

Additionally, the following requirements apply to all browsers:

  • JavaScript is enabled
  • Minimum resolution: 1024 x 768

Pre-Flight Checklist

The following pre-deployment activities must be accomplished before a successful implementation of SDDM can be completed. All of these steps might require change requests or meetings with the appropriate teams to accomplish so plan in advance.

Edge VM Communication to the Cloud in a SaaS Implementation

Ports - These key ports are required for communication to SDDM

All communication between the Edge VM and cloud elements are initiated by the Edge as outbound connections.


Port Description Destination
5671 TLS, Flow Datagram communication to the cloud Cloud APP VIP
18060, 18061 TLS, Results from VMware, Topology, Network discovery as well as attribute collection.  REST communication. Cloud APP VIP
443 Updates, patches for the Edge VM controller.firescope.com


Internal Ports for Netflow / sFlow / Raw Packet flows


Flow Type Port Additional Information
NetFlow, IPFIX 2100 (UDP) NetFlow v1/v5/v7/v8/v9 and IPFIX are supported
sFlow 6343 (UDP) sFlow v2/v4/v5 supported
Promiscuous Mode / SPAN / Port Mirroring Same as original destination of packet

Services (IT/Business)

Identify one simple IT Service that you can monitor for testing purposes. NOTE: Service definition can be challenging in most environments, it is suggested to pick an IT Service that is easy to recognize such as exchange or an application so you can build out a Service Map.

Edge Device(s)

The Edge Device resides at each business location, performs Discovery and data collection, and pushes the resulting data up to the central FireScope SPM cloud. All Edge Device configuration is performed through the central FireScope SPM interface, enabling new business locations to be easily integrated into Dashboards by starting up a new Edge Device and pushing down configuration. Edge devices can be physical or virtual appliances, depending on the size of the environment they reside in and volume of data collected.

Communication with the central cloud can be over standard HTTP or HTTPS, is configurable per edge device, and leverages message queuing to ensure accurate delivery of data. Additionally, if an edge device loses connectivity to its cloud, data will be locally cached until connectivity is restored, at which time a secondary history queue is used to push cached attribute data without disrupting real-time data.

Image1.png


Deploy Edge Device(s)

NOTE: You should have downloaded your OVA with your welcome e-mail if you haven't please go download https://firescope.app.box.com/s/imglqzfflzuy4uzl352nozlhbx0x139e and come back here.

Once the file is downloaded successfully, connect to ESX Server via vSphere client or vSphere webclient

Image2.png Image3.png

Click on Deploy OVF Template and Deploy OVF Template wizard and follow along

Click on Browse and select the SEDGE.ova that was downloaded and click Next

Specify a Name of the VM (as per your company standards) and click Next

Select DataStore and click Next

Select Thin provision and click Next

Check the box Power on Deployment and Click Finish

After successful deployment, node will start. Once the node is started, follow steps below in your VM Console for Network and hostname assignments.


Enter 1 for Configure Network Settings

Image4.png

  • Select No

Image5.png

  • Enter the Hostname. Give the edge a hostname

Image6.png

  • Enter IP Address. Provide an open non-provisioned IP

Image7.png

  • Enter a Subnet Mask

Image8.png

  • Enter Gateway

Image9.png

  • Enter PRIMARY DNS Server

Image10.png

  • Enter SECONDARY DNS Server

Image11.png

  • Enter NTP Server. Provide either an internet or local NTP server.

Image12.png


Note: Once you enter all above details, SEDGE Node will be installing required modules / updates and Creates Database and tables etc.

Setup and Register Edge Device(s)

Create Edge Device

Next we need to setup and the Edge you deployed during your Pre-Flight check list and register it to your instance of FireScope.

Login into your instance of FireScope SDDM with FireScope Admin User Access level, this was granted to you on your first login.


Go to Configuration > Edge Devices > Create

Image13.png

  • Name your Edge Device
  • Description fill in with something to help you identify your Edge
  • IP Address this will auto-populate once you register your IP
  • Enable Data Collection Turn the toggle on Image14.png
  • Enable Network Traffic Collection Turn the toggle on Image14.png
  • Server Settings Nothing should need to be changed here

Network Traffic Collection menu appears

Now depending on how you want to gather your flow date you will toggle on all that apply (Netflow, sFlow, Promiscuous modes)

Enter the IP Exclusion List which is a comma-separated list of IPs to be excluded. The list you enter, uses normal IP range syntax, so it can include hostnames, CIDR netblocks, octet ranges, etc

Port Exclusion List: Enter a comma-separated list of ports you want to exclude. The list can be individual ports (8024,8025) or a range of port (8024-8034)

IP Inclusion List: Enter a comma-separated list of IPs to be the ONLY ones included in network traffic data collection. The list you pass in uses normal IP range syntax, so it can include hostnames, CIDR netblocks, octet ranges, etc

Port Inclusion List: Enter a comma-separated list of ports to be the ONLY ones included in network traffic data collection. The list can be individual ports (8024,8025) or a range of port (8024-8034)

Connect via Proxy Turn this on only if use a proxy to connect to the internet and a separate screen with open to put in your credentials

Now click Save and you will be taken to the list view of your Edge Device(s)

Now click on the   Link=  this will download the key typically to your windows download folder. 


Register Edge Device

Now open a separate browser and type http://<ip or dns of your newly deployed Edge Device>:8004 This is the IP you assigned during the Pre-flight deployment


Login page will be displayed. Enter Username and Password (your admin login). Click on Login


FireScope EMI menu page will be displayed.  


Image17.png


Next click on Administration > Edge Registration. 

You will now see the Edge Registration Key page will be displayed

Image18.png


Drag & Drop EDGE Registration Key or Browse and upload Key you downloaded locally during the setup

Click on the Validate Registration Key. Validation page will be displayed

Image19.png


Click on Submit the Registration Key. Edge Registration Complete page will be displayed

Image20.png


Click on Edge Registration Complete you can now close the page out

Refresh the your edge device page in your FireScope instance and you will see the register edge device.

Image21.png