VirtualBox
The following sections illustrate how to install a virtual cognitix Threat Defender using Oracle VirtualBox and to set it up so that it can see all traffic in the host system. This way you can run cognitix Threat Defender on a notebook or desktop computer to evaluate it.
Depending on your operating system, you may have to adapt some of the settings.
System Requirements
The host system has to meet the following requirements:
- CPU:
CPU with SSE 4.2
Minimum of 4 threads, we recommend using 8 threads
- RAM:
Minimum of 8GB
16GB recommended
Preparations
Install VirtualBox. For further information, see its documentation.
Convert the cognitix Threat Defender installation image from
.img
to.vdi
to make it readable for VirtualBox:Download the installation image and store it in a dedicated folder.
Open a console window.
Enter the following command:
VBoxManage convertfromraw --format vdi cgntx_installer_VERSION.img cgntx_installer_VERSION.vdi
Where
cgntx_installer_VERSION.img
andcgntx_installer_VERSION.vdi
have to be replaced by the actual file names.This command is identical for all operating systems as it calls the VBoxManage program.
Creating a Virtual Machine for cognitix Threat Defender
Start VirtualBox.
Create a new virtual machine with the following settings:
Operating system type: Linux
Version: Other Linux (64-bit)
Memory size: 8192MB (8GB)
Hard disk: Create a virtual hard disk now
Hard disk file type: VDI
Storage on physical hard disk: dynamically allocated
File location and size: minimum 32GB (64GB recommended); if there is enough space, we recommend using 120GB or more
Configure the settings of the virtual machine as follows:
System:
Motherboard > Boot Order: disable floppy and optical
Motherboard > Extended Features: Enable EFI (special OSes only)
Processors: 4
Storage:
Under
Controller: IDE
add a hard disk.Add the converted installation image in
.vdi
format to the new hard disk.
- Network:
Enable adapters 1 to 3 with the following settings:
VM Settings
Adapter 1
Adapter 2
Adapter 3
Attached to
Host-only adapter
Bridged Adapter
Bridged Adapter
Name
vboxnet0
The (wireless) host network interface 1.
The (wireless) host network interface 2.
Adapter type
Paravirtualized network
Paravirtualized network
Paravirtualized network
Promiscuous mode
Allow for all VMs and the host
Allow for all VMs and the host
Installing cognitix Threat Defender
Install cognitix Threat Defender with the following settings:
Management Interface: first interface, defined by the network settings of the virtual machine
IP address: in the
192.168.56.0/24
network, defined byvboxnet0
Gateway: empty
DNS server: empty
Call the IP address assigned to cognitix Threat Defender in the browser.
cognitix Threat Defender can now see all the traffic in the host system.