DeepSurface: Virtual Box
DocumentationInstallation GuideOverviewLet DeepSurface Host For YouGetting StartedSystem RequirementsSelf Hosted Quick Start - Installing to Cloud PlatformsSelf Hosted - Installation Using an OVARegistration, Package Installation, and InitializationFirst Steps After Initialization of the ConsoleDeployment OptionsMain and Subordinate ConsolesAgent-Based DeploymentUser Managed Scan DeploymentCredentialed Scanning DeploymentMixed EnvironmentDeployment ToolsActive Directory Group PolicyMicrosoft Endpoint Configuration Manager (part of InTune)Tanium DeployHCL BigFixIvantiVirtual MachinesVMWareVirtual BoxVirtualBox Guest AdditionsAWS EC2 (BYOL)AWS EC2 (Usage Based)Azure CloudGoogle CloudAdditional Items to ConsiderMain Console Server CertificatesLDAPTOFUClock SyncDeepSurface CommandsMultiple Vulnerability SourcesAPI DocumentationUser GuideReportingDashboardsExportsRisk InsightHostsPatchesVulnerabilitiesVulnerability InstancesUsersRemediation Workflow ManagerPlansSettingsIntegrationsWorkflowExportingAccepted Risk PlansAccepted Risk WorkflowExploreModelPathsActivityTasksConfiguration AlertsScan LogsNotification SettingsScanningStatusAgentsUser ManagedCredentialed Scanning SettingsCredentialsScan GroupsGeneral SettingsCloud ScanningNetwork ConnectivitySubordinatesVulnerability SourcesSetupSensitive Assets: PolicesSensitive Assets: ManualAdmin SettingsSMTP SettingsCertificatesOutbound ProxyAuthentication ProvidersUsersTagsIntegrations GuideVulnerability SourcesCrowdStrike SpotlightSentinelOneCarbon Black CloudMicrosoft Defender for EndpointWazuhLansweeper CloudNessus APITenable.io APISecurity Center/Tenable.sc APIRapid7 InsightVM APIQualys APINozomi GuardianEclypsiumAWS InspectorRemediationJira SoftwareTanium (BETA)Authentication ProvidersLDAP (Active Directory)SAML (Azure Active Directory)SAML (Google)SAML (Okta)PAMCyberArkDelinea (Thycotic)Microsoft LAPSSecurity GuideFirewall ConfigurationBase Network RequirementsAgent Network RequirementsCredentialed Scanning Network RequirementsAPI Network RequirementsHow DeepSurface Scans WorkDomain (LDAP) ScanningHost Scanning RoutineReasons for the Administrative Access RequirementEndpoint Protection ConsiderationsOther ItemsScope of Data Storage and RetentionIPS/IDS ConsiderationsLoggingResetting the DSADMIN passwordProduct InformationChangelogsOpen source LicensesEnd User License Agreement (EULA)
While VirtualBox on a desktop is likely not the best place set up a production deployment of DeepSurface, it's perfectly fine for doing experimentation and evaluation. In this section, we show the steps for using VirtualBox, but these steps will be similar for any OVA installation.
The Diagram below represents the basic flow of installation:
Download VirtualBox and the Import DeepSurface OVA
Download VirtualBox here (provided VirtualBox is not already installed)
Download the appliance from DeepSurface Security. You should have been provided a URL and an installation code. If you don't have these, please request them from your DeepSurface Security support contact.
In VirtualBox, choose File > Import Appliance
- Choose the OVA you downloaded from DeepSurface Security as the image
- In the options deselect the import as vdi checkbox. It's not necessary.
- Select "Import"
It will take some time to complete the import.
Configure a Network Adapter (before starting the VM)
For this example, we will choose NAT from Settings > Network > Attached to as shown in the following screenshot.
Optional: Setup Port Forwarding
If you chose NAT, you should set up port forwarding so your local machine (where you will run the DeepSurface web console) can easily SSH into the virtual machine. In this example, I have chosen port 2222 on the local machine (host) and select the default SSH port on the VM (guest) (port 22). HTTPS can also be configured so you can access the web console of your VirtualBox image. See the screen shot which follows.
For this example, you can login to the DeepSurface VM using this command:
ssh -L 8443:127.0.0.1:443 -p 2222 dsadmin@localhost
To view the web console in a browser, set <DS_IP>
to the IP address of the DeepSurface VM. You can get the IP address of the machine when you are SSH'd in and reading the output of hostname -I
. Then navigate to 127.0.0.1:8443 while the VM is running.
If you are familiar with VirtualBox, feel free to configure any other settings you like. Now we are ready to start the virtual machine.
Proceed to Installation using an OVA to register with DeepSurface and begin the system initialization process.