Document Version: 3.9

Date: 2020-10-05


Copyright

© 2021 Outpost24® All rights reserved. This document may only be redistributed unedited and unaltered. This document may be cited and referenced only if clearly crediting Outpost24® and this document as the source. Any other reproduction and redistribution in print or electronically is strictly prohibited without explicit permission.

Trademark

Outpost24® and OUTSCAN™ are trademarks of Outpost24® in Sweden and other countries.


Introduction

The purpose of this document is to describe the installation and configuration process when setting up the HIAB for the first time. This guide helps the HIAB administrator/network technician to set up the HIAB in the data center. Once the HIAB is enrolled and configured to send out the alerts through the proper channels, then the vulnerability program needs to be implemented (not covered in this document).

Setting Up the HIAB

Checklist

The below table displays the checklist for HIAB installation.

Number

Action

1

Setting up the HIAB.

2

Set up the IP assignment in the console.

3

Verify the required communication settings.

4

Enroll the server.

5

Log on to the portal interface.

6

Configure additional network settings.

7

Verify time zone.

8

Set up automatic updates.

9

Configure backup.

10

Set up events and notification.


Prerequisites

It is required to have access to an OUTSCAN account and a HIAB license to download the image. 

Getting Started

To launch the OUTSCAN application, navigate to https://outscan.outpost24.com.

Note

Use HTTPS protocol.

Login OUTSCAN


Log in using your credentials.

Downloading HIAB Image

To download the HIAB image:

  1. Open the Main Menu in the lower left corner of the screen and select Support.
  2. In the Support System window select the Virtual HIAB Appliance tab:



  3. Click on the link "here", it leads to a new view in the UI https://outscan.outpost24.com/portal/#/account/downloads.
  4. Log in to the portal using the same credentials as for https://outscan.outpost24.com.



  5. Available VMware and Hyper-V download options are displayed.




  6. Select the option that is most suitable for your virtual environment, and click on the Download button located on the bottom of each option. See Download Options for more information.
  7. Select a location to store the downloaded file. 

After downloading the HIAB image, follow the appropriate installation instructions to set up the appliance.

Installation Instructions for HIAB VMware Appliance

  1. Open the administration tool for the virtual environment.
  2. Select the option to deploy an OVF or OVA file.
  3. Follow the instructions in the application. For more information on Deploying OVF or OVA files see VMware documentation about Deploying OVF and OVA Templates.
  4. Start the virtual machine.


Note

Select any Linux 64-bit system as the type of operating system.

Once the machine is started, you are presented with the HIAB menu in the virtual console. Use the console to set up the virtual HIAB according to your network environment.

Installation Instructions for HIAB Hyper-V Appliance

The installation can be done by using Microsoft Hyper-V import guide as well as other management tools for Hyper-V. Following instructions are written for PowerShell Management Library for Hyper-V.

  1. Extract the downloaded ZIP-file to a directory on the Hyper-V server, for example C:\HIAB_HYPER-V.
  2. Run Show-HypervMenu from PowerShell on the server.
  3. Import the virtual machine by selecting [7] Import Virtual Machine.
  4. Enter the path to the directory holding the extracted files you want to import. For example C:\HIAB_HYPER-VHIAB_VIRTUAL01.

  5. Do you wish to re-use IDs?
    [  ] No

    Note

    If the virtual machine is unique on the Hyper-V server,  then IDs may be re-used. If the imported HIAB is a copy of an existing virtual HIAB on this server, then IDs cannot be re-used and attempt to import the machine fails.

  6. Are you sure you want to perform this action?
    [Y] Yes
  7. Start the virtual machine.

Note

Select any Linux 64-bit system as the type of operating system.

Once the machine is started, you are presented with the HIAB menu in the virtual console. Use the console to set up the virtual HIAB according to your network environment.


Note

The current Network Test may not provide adequate information with regards to access to the license server. This can be addressed using the Traceroute utility found under the Tools menu by manually testing access towards the host outscan.outpost24.com over TCP port 443.


Download Options
NameCPUsRAMHard drive
VMware
HIAB VMware Virtual Image (150 GB)28 GB150 GB
HIAB VMware Virtual Image (150 GB)832 GB150 GB
HIAB VMware Virtual Image (1024 GB)28 GB1024 GB
HIAB VMware Virtual Image (1 TB) (Recommended)832 GB1024 GB
Hyper-V
HIAB Hyper-V Virtual Image (150 GB)18 GB150 GB
HIAB Hyper-V Virtual Image (1 TB)18 GB1024 GB
HIAB Hyper-V Virtual Image (1 TB) (Recommended)832 GB1024 GB

Set up the IP Assignment in the Console


Once the HIAB has booted (or if you connect to the HIAB via SSH), the following screen is displayed on your monitor.

HIABSetup01


The main menu is a multi-choice menu allowing access to different sections of the configuration in the HIAB. From this menu, the HIAB can be configured, updated, and hardened.
To restrict the access, define a password.

  1. Select option M in the above menu and provide a password.

Important Note

Do not forget this password or you may be locked out of the console and require remote access to reset the password.

Static IP

Perform the following steps from the Main Menu to set up the HIAB to use a static IP:

  1. Select option n to configure Network Settings.

    Network Settings:
  2. Select option d (Devices) to see to the available devices.
  3. Use the arrow keys to select the right device.
  4. Select the option c to connect the selected device.
  5. Select option q to go back to the network settings menu.

  6. Select option c (Connections) to go the connections window.
  7. Use the arrow keys to select the right connection.
  8. Select option a to activate the selected connection.

    Modify selected connection:
  9. Still in the n (Network Settings) > c (Connections), select option m to modify the selected connection.
  10. Select option a (Addresses) to go to the addresses window.
  11. Select option 4 or 6 depending on which IP version that are used.

    Note

    An IP address need to be added before setting the IPv4/v6 to manual.

  12. Type manual and press Enter.
  13. Select option a to Add IP.
  14. Enter the wanted IP address, for example 192.168.2.3/24 and press Enter.

    Note

    Specified in CIDR

  15. Exit the addresses menu q and go to r (Routes) to specify a default gateway. A default gateway is usually required for the communication from and to the HIAB.
  16. Select option q twice to go back to Connections.
  17. Select option d and thereafter a to reactivate the interface.

DHCP Assigned IP for IPv4/IPv6

To enable the server to be granted an IP address via DHCP, please perform the following steps from the Main Menu.

  1. Select option n to configure network settings.
  2. Select option c (Connections) from the network settings menu.
  3. Use the arrow keys to select an interface which you wish to change.
  4. Select option m to modify the selected connection.
  5. Select option a to modify the addresses for the interface.
  6. Select option 4 or 6 to set DHCP for an IPv4 or IPv6 address.
  7. Type auto and press Enter.
  8. Select option q twice to go back to Connections.
  9. Select option d and thereafter a to reactivate the interface.


Verify the Required Communication Settings

During the installation, it is required that the HIAB is able to communicate with the following locations:


To verify if the HIAB is able to communicate with the above locations, perform the following steps from the Main Menu.

  1. Select option t to test network connections
  2. Select option r to run network tests
  3. Select option q to go back

Refer to HIAB 64-Bit Console Manual for information regarding additional ports required for full functionality.

Note

The update connection in the network tests will fail if the HIAB is not enrolled due to the required certificate not yet being obtained. The certificate is obtained during the license check with OUTSCAN during the enrollment procedure.

Enroll the Server

The HIAB needs to be registered to the correct account to be able to perform any scanning. Therefore, you need to pair it with the Main Account, this is done through an enrollment process.
You can enroll the HIAB through console or portal interface.
If you are enrolling using console, you need to perform the following steps:

  1. Select option m (Maintenance), from the main menu.
  2. Select option u (Update).
  3. Select option e to enroll.
  4. Insert the user name for the HIAB license, which you have received in an email from Outpost24 and press Enter.
  5. Type the password given in the email and press Enter.

    Note

    Make sure that the correct K (Keymap) in Main Menu has been selected before typing in the password for enrollment.

  6. Now the HIAB connects to the update server to register.


If you are enrolling through portal interface, you need to perform the following steps:

  1. Navigate to https://<hiab-ip>.
  2. Provide your details and click Enroll.

    HIABSetup02


You can also configure your Network settings and Activate Remote Support.

Note

Use the main account or any account with the Allow enroll HIAB option checked on the OUTSCAN system, to enroll the HIAB.


Note

The Enrollment Package is bound to the generated key, in other words, it can only be uploaded on the specific HIAB on which the key was generated. Similarly, the key is bound to the HIAB on which it was generated.

The Enrollment Package contains:

  • An SQL file with license information, containing username, name, email, and hashed password. 
  • A key file containing a unique key. The key file does not contain any information about MAC or IP.
  • Rules update.
  • Exploits update.
  • Updated RPM packages.
  • A certificate used for enrolling.


Log on to the Portal Interface


Once you enroll the server, you are able to see the below screen available at https://<hiab-ip>.

Example: If your assigned IP is 192.168.2.3, navigate to https://192.168.2.3


HIABSetup03
Log on using your credentials.

Configure Additional Network Settings


Once logged in, you are able to set up any additional network interfaces and define any additional routes if required. 

The network settings are available in the Main Menu > Settings > Server, under the Network tab.

HIABSetup04

NTP Settings

NTP settings can be configured in the Servers tab under: Main Menu > Settings > Server


HIABSetup05

Verify Time Zone


All references to time can be modified to reflect the time in the current time zone. Click on the time section of the window in the lower right corner of the window to modify the time zone offset from GMT.

You can also change the date and time format and what is considered the first day of the week.

HIABSetup07

Set up Automatic Updates


Before you start using your HIAB, it is a good idea to set up automatic updates. This enables you to always receive the latest vulnerability tests and provide you with new features as they become available.
To schedule your updates, go to Main Menu > Settings > Maintenance, select the Update tab.

HIABSetup08


Here you can define if the updates are allowed to terminate any running scans (they resume afterwards if they are still within their scanning window).

Select the frequency for the update and provide a start time, then click Save to save the current settings.

Configure Backup


The HIAB can be set up to perform regular backups and transfer them over various protocols to a remote location for safekeeping. To configure these settings, go to Main Menu > Settings > Maintenance, select the Backup tab.

HIABSetup09


Refer to HIAB Maintenance Settings guide for detailed information about Update and Backup.

Set up Events and Notifications


The HIAB can send you the notifications either through email, Syslog or SNMP traps. The supported events that can be defined are located under Main Menu > Settings > Event notifications.

HIABSetup10


Click on + New button, to add a new event to the system. Right click on any event and select edit to set the event notification.

HIABSetup11


Click on ? (help button) on the top right corner of the window to know more details about the available options.