Deploy the BeyondTrust SRA Virtual Appliance into a VMware Environment

Review Prerequisites for VMware

You must have a VMware account and environment already configured.

Before beginning the BeyondTrust SRA Virtual Appliance setup, please review the following prerequisites:

  • VMware vCenter 6.5+ and virtual hardware versions 13+.
  • At least 4GB of memory available.
  • At least 140GB of storage available.
  • One 32GB partition for the BeyondTrust OS, and at least 100GB available for logs and recordings.
  • External IP SANs require a 1Gbit or 10Gbit reserved network with a 10K RPM disk or better.

For more information about sizes, please see Review License and Sizing Conditions.

  • A static IP for your SRA Virtual Appliance.
  • A private DNS A-record resolving to the static IP of your SRA Virtual Appliance. A public A-record and a public IP are also required if public clients access the B Series Appliance. The DNS A-record is the fully qualified domain name (FQDN) of your site (access.example.com, for example).

"Public clients" include any client software (browsers, BeyondTrustaccess consoles, endpoint clients, etc.) which connect from external networks and VPN(s) local to the B Series Appliance's network.

  • A valid NTP server that is reachable by the B Series Appliance.
  • Ensure that the system time between the host ESXi server and the guest BeyondTrust OS are in sync. Variations by only a few seconds can potentially result in performance or connectivity issues.

Deploy the SRA Virtual Appliance

To deploy the BeyondTrustSRA Virtual Appliance into a VMWare environment, follow the steps below:

PRA Virtual Appliance Software Email

  1. Open the email you received from BeyondTrust Technical Support and click the link to download the BeyondTrust SRA Virtual Appliance OVA file.

 

Deploy OVF Template

  1. Log in to your virtual infrastructure client. You must use an account with permissions to deploy a virtual machine as an OVF template.

 

Deploy OVF Template

  1. On the Select an OVF Template screen, select the BeyondTrust.ova file.

 

Deploy OVF Template: Review Details Screen

  1. Review the OVF template details.

 

End User License Agreement

  1. Read and accept the end user license agreement.

 

Name and Location

  1. Specify a name for this OVF template, and select a location in the inventory to which you have rights.

 

Deployment Configuration

  1. Select a configuration of Small, Medium, or Large. This selection defines your default resource allocations. Choose a configuration based on your usage needs and available resources.

For more information about sizes, please see Review License and Sizing Conditions.

 

Resource Pool

  1. Select a resource pool to which you have rights.

 

Select Datastore

  1. Select the datastore on which you want the SRA Virtual Appliance to run. This is where the operating system and session data is stored.

 

Network Mapping

  1. Select the appropriate network mapping for your environment. Your SRA Virtual Appliance can function anywhere in your network with internet access. If you plan to access systems outside of your network, security practices recommend that you place the SRA Virtual Appliance in a DMZ or outside of your internal firewall. Network location considerations are outlined in the table below.

 

Network Location Considerations for B Series Appliances
Network Location Advantages/Disadvantages

Outside your firewall

Does not require that ports 80 and 443 be open inbound for TCP traffic on your firewall. Simplifies the setup process significantly because both the representative and customer clients are built to resolve to a specific DNS; if your registered DNS resolves to a public IP address directly assigned to your B Series Appliance, no additional setup is required by you to initiate a session.

DMZ

Might require additional setup depending on your router or routers.

Inside your firewall

Requires port forwarding on your firewall and possibly additional setup of your NAT routing and internal DNS.

 

Appliance License Key details.

  1. Return to the email you received from BeyondTrust Technical Support, and copy the Appliance License Key. In the Deployment Wizard, paste the key into the field.

If for some reason you are unable to provide the Appliance License Key at this time, you can manually enter it later, from the virtual machine console.

 

Ready to complete

  1. Review your settings and click Finish.
  2. The SRA Virtual Appliance deploys in the location and with the resources you have specified.

 

For detailed information about network locations, please see The BeyondTrust Appliance B Series in the Network.