VirtualBox

The following sections illustrate how to install a virtual cognitix Threat Defender using Oracle VirtualBox and to set it up so that it can see all traffic in the host system. This way you can run cognitix Threat Defender on a notebook or desktop computer to evaluate it.

Depending on your operating system, you may have to adapt some of the settings.

System Requirements

The host system has to meet the following requirements:

  • CPU:

    • CPU with SSE 4.2

    • Minimum of 4 threads, we recommend using 8 threads

  • RAM:

    • Minimum of 8GB

    • 16GB recommended

Preparations

  1. Install VirtualBox. For further information, see its documentation.

  2. Convert the cognitix Threat Defender installation image from .img to .vdi to make it readable for VirtualBox:

    • Download the installation image and store it in a dedicated folder.

    • Open a console window.

    • Enter the following command:

      VBoxManage convertfromraw --format vdi cgntx_installer_VERSION.img cgntx_installer_VERSION.vdi

      Where cgntx_installer_VERSION.img and cgntx_installer_VERSION.vdi have to be replaced by the actual file names.

      This command is identical for all operating systems as it calls the VBoxManage program.

Creating a Virtual Machine for cognitix Threat Defender

  1. Start VirtualBox.

  2. Create a new virtual machine with the following settings:

    • Operating system type: Linux

    • Version: Other Linux (64-bit)

    • Memory size: 8192MB (8GB)

    • Hard disk: Create a virtual hard disk now

    • Hard disk file type: VDI

    • Storage on physical hard disk: dynamically allocated

    • File location and size: minimum 32GB (64GB recommended); if there is enough space, we recommend using 120GB or more

  3. Configure the settings of the virtual machine as follows:

    • System:

      • Motherboard > Boot Order: disable floppy and optical

      • Motherboard > Extended Features: Enable EFI (special OSes only)

      • Processors: 4

    • Storage:

      • Under Controller: IDE add a hard disk.

      • Add the converted installation image in .vdi format to the new hard disk.

    • Network:

      Enable adapters 1 to 3 with the following settings:

      VM Settings

      Adapter 1

      Adapter 2

      Adapter 3

      Attached to

      Host-only adapter

      Bridged Adapter

      Bridged Adapter

      Name

      vboxnet0

      The (wireless) host network interface 1.

      The (wireless) host network interface 2.

      Adapter type

      Paravirtualized network

      Paravirtualized network

      Paravirtualized network

      Promiscuous mode

      Allow for all VMs and the host

      Allow for all VMs and the host
      1

      Choose the network interface used for network connections of the host system.

      2

      If there is a second network interface. Otherwise, it is not connected.

Installing cognitix Threat Defender

  1. Install cognitix Threat Defender with the following settings:

    • Management Interface: first interface, defined by the network settings of the virtual machine

    • IP address: in the 192.168.56.0/24 network, defined by vboxnet0

    • Gateway: empty

    • DNS server: empty

  2. Call the IP address assigned to cognitix Threat Defender in the browser.

cognitix Threat Defender can now see all the traffic in the host system.