Installing the Broker
note - all default passwords are listed in this article
Secfense Broker can operate as either a physical device or a virtual appliance, with the latter being more common and serving as the basis for this guide.
Secfense Broker is delivered as an image in Open Virtualization Format (OVA file) and can be installed on any type of hypervisor. However, we recommend and officially support VMware. The guest operating system running the appliance is Alma Linux 64-bit.
The minimal requirements to run the Broker are:
- 5.5 GB RAM
- 4 vCPU
- 40GB HDD
We recommend enabling the memory reservation option in VMware to avoid potential issues with RAM being allocated away from the containers.
Once the OVA file is imported, you will be informed about these requirements. These values can be increased.
If your environment has a DHCP server and the VM has network access, Secfense Broker will automatically be assigned an IP address. In this case, you can use a terminal emulator of your choice to connect to the system. Otherwise, you will need to complete the configuration in the console.
- Log in to device using default credentials (username: secfense; password secfense). The first login will enable the configuration wizard.
- Enter the Hostname (default: secfense)
- Select the interface used for traffic.
- Secfense Broker operates on a "one-legged" network design, meaning it uses a single interface and IP address.
- Confirm or add new IP address (remember the network mask)
- Confirm or change the gateway IP
- Confirm or change DNS address
At this stage, the wizard asks you to confirm the network settings. If the IP address changes from the default and you are using an SSH connection, the application will disconnect you, and you will need to reconnect and re-login.
- Configure the remote syslog IP (or skip, this can be added later)
- Configure NTP Server
Please note that this is very important. Without proper time synchronization, TOTP (Time-Based One-Time Password) authentication might not work properly.
At this stage, Secfense Broker will start configuring containers. This might take a few minutes. Once the process is finished, you will be asked to change your password.
- Enter the current "secfense" user password
- Type and retype new password
With these actions, the installation is concluded, and you are able to log in to Secfense Broker. You can choose to stay within the CLI scope; however, for most users, it is advised to move to a web browser. You can reach the application by navigating to its IP address on TCP port 8002. For example:
https://10.10.2.34:8002/
Default credentials are admin / 123456
You will be required to change the default password after the first login.
As of now, the web browser should display a certificate error. This is expected as the Broker uses a certificate issued by Secfense CA, and your browser needs to be explicitly configured to trust it. You can resolve this either by adding Secfense CA to your trust stores or by importing your own trusted certificate for the admin panel.
You can download the Secfense CA from the /ca.crt path of the application, e.g.:
You can upload your own certificate for the admin panel under the "Custom SSL/TLS Certificate for admin panel" in the Settings section: