.png){kind=logo}
System Deployment - Deploying the Virtual Appliance
- 3 Minutes To Read
-
Print
-
DarkLight
The Axonius solution is installed as a virtual appliance in either VMware ESXi or Amazon AWS.
Sizing Recommendations
| Count of Unique Assets or Adapters (whichever comes first) | RAM | CPU Cores | Disk | Disk IOPS |
|---|---|---|---|---|
| < 100k assets and / or < 10 adapters | 32 GB | 8 virtual cores | 500 GB | Any SSD |
| > 100k assets and / or > 10 adapters | 64 GB | 8 virtual cores | 500 GB | Any SSD |
| > 300k assets and / or < 20 adapters | 64 GB | 16 virtual cores | 1000 GB | > 10,000 IOPS |
| > 500k assets and / or > 20 adapters | 96 GB | 32 virtual cores | 1500 GB | > 15,000 IOPS |
| > 1,000k assets and / or > 20 adapters | Multi tiered architecture. Please contact Axonius | Multi tiered architecture. Please contact Axonius | Multi tiered architecture. Please contact Axonius | Multi tiered architecture. Please contact Axonius |
VMware ESXi Virtual Machine Installed as an OVA
The VM has the following minimum requirements:
- 8 CPU cores
- 32 GB RAM
- 500 GB Hard Drive (SSD)
- Dynamic or static IP address
- See the Sizing Recommendations above for additional sizing guidelines
Installation steps:
- Download the OVA from the location (URL) provided by your Axonius account representative.
- Install in ESXi via VMware vCenter.
Amazon AWS – Installed via AMI.
The instance has the following minimum requirements:
- 8 CPU cores
- 32 GB RAM
- 500 GB Hard Drive
- SSD
- "IO1" disk type with 10 IOPS per 1 GB of space is strongly recommended to ensure best performance
- Please reach out to Axonius Customer Success for additional questions
- See the Sizing Recommendations above for additional sizing guidelines
Installation Steps:
Please provide Axonius with your AWS account number and region, and we will make the AMI available to your account.
Once the AMI has been made available to your account, please deploy it using the following steps:
- Access the EC2 management console within AWS
- Navigate to the Images/AMI section
- Select “Private Images” from the dropdown next to the Search bar. You should see the Axonius AMI listed.
- Select the Axonius AMI and click “Launch.”
- When prompted for Family and Instance Type, select m4.2xlarge or t2.2xlarge.
- Complete any other required configuration and launch the instance.
Network/Firewall Ports
The virtual appliance is managed by Axonius and sends anonymized analytics back to Axonius, as well as allows remote troubleshooting via a Chef agent. Remote management/support along with the outbound access listed below is completely optional and is not required. Axonius can operate fully self contained. Please reach out to your CSM or support for more information.
| Direction | Source | Source Port | Destination | Destination Port (Protocol) | Description | Needed By |
|---|---|---|---|---|---|---|
| Inbound | Any / Internal | Any | Axonius Instance | 443 (HTTPS) | GUI / Web Interface (Required) | General Access |
| Inbound | Any / Internal | Any | Axonius Instance | 22 (SSH) | SSH / CLI Access | Advanced System Mgmt (granted only to approved admins) |
| Outbound | Axonius Instance | Any | diag-l.axonius.com diag-w.axonius.com diag-t.axonius.com diag-ws.axonius.com |
443 (HTTPS) | Axonius Management Infrastructure | Remote Management/Support |
| Outbound | Axonius Instance | Any | manage.chef.io | 443 (HTTPS) | Chef Access (used to manage our appliances) | Remote Management/Support |
| Outbound | Axonius Instance | Any | s3-external-1.amazonaws.com | 443 (HTTPS) | Chef dependency | Remote Management/Support |
| Outbound | Axonius Instance | Any | scalyr.com | 443 (HTTPS) | Log Management Platform | Remote Management/Support |
| Outbound | Axonius Instance | Any | upgrader-links.axonius.com | 443 (HTTPS) | Updates and upgrade packages | Online Updates |
| Outbound | Axonius Instance | Any | axonius-releases.s3-accelerate.amazonaws.com | 443 (HTTPS) | Updates and upgrade packages | Online Updates |
| Outbound | Axonius Instance | Any | axonius-common.s3-accelerate.amazonaws.com | 443 (HTTPS) | Updates and upgrade packages | Online Updates |
| Outbound | Axonius Instance | Any | nvd.nist.gov | 443 (HTTPS) | CVE Database Updates | CVE Data Enrichment |
NOTE
It is possible to scale to significantly larger environments using a more advanced multi-node configuration. If you require capacity for an environment larger than our recommendations, feel free to contact Axonius for assistance. Documentation for running additional Axonius nodes can be found here.
Was This Article Helpful?