If using VMware vSphere, some configuration is required to enable the Vectra System to query the vCenter API. Enabling API access to vCenter provides a read-only view into the vSphere state, otherwise obtainable only by logging into vSphere itself.
Enabling the vCenter API query connectivity helps with vSensor deployment planning by identifying the physical hosts, clusters and data centers that currently have vSensor coverage, and those that do not have coverage.
Enabling the vCenter connection also shows available resources on physical VMware hosts, and exposes any configuration errors that might be affecting packet capture. This view, seen in the Vectra UI Manage > Physical Hosts page, helps the Vectra System operator identify the exact requirements that need to be conveyed to VMware operational teams.
Once this setting is enabled, the Manage > Physical Hosts page appears in the Vectra UI.
Through the vSphere connection, the Vectra Brain email notifications to the configured administrators about changes in the virtual environment that merit security consideration.
• A new physical server where a vSensor may be needed is added to the network
• vSensor has been moved or powered down
• VM is moved from a host that is monitored by a Sensor to a host that is not monitored by a Sensor
NOTE: Vectra strongly recommends enabling the VMware integration setting, as a best practice. More about this integration is covered in Deploy vSensors.
Prepare vSphere Account for Brain Access
To connect the Brain to vSphere, a vSphere user account and password must be configured into the Brain. The vSphere user account must have at least global, read-only rights.
To ensure that the vSphere user/group the Brain will use has global, read-only access, use the following steps in the vSphere UI:
1. From the vSphere Administration page select Access > Global Permissions.
2. Click the plus sign to display the global permissions dialog.
3. At the bottom of the left pane, click Add.
4. Ensure the domain is set to the proper domain, select the users or groups you intend to use in Vectra’s configuration to connect to vCenter’s API and click OK.
5. In the Assign Role section, select Read-Only from the drop-down list.
6. Make sure the Propagate to children checkbox is selected, and click OK.
vSphere API Access Settings
The following information is needed for setting up Brain access to vSphere:
|vCenter Server IP/ Domain name||Hostname or IP address of VMware vCenter|
|Port number||TCP port to which the Brain should send API requests (default 443)|
|User ID||Username for the Brain to use when logging into vSphere|
|Password||Password for the Brain to use when logging into vSphere|
Configure VMware integration
Log into the brain using vectra user and password.
Go to Settings -> External Connectors