Checklist: Planning to Deploy ArcSight Capabilities on Azure
In order to perform the deployment of ArcSight capabilities on Azure, you need the following:
- An active Azure subscription.
- Permissions to create:
- Resource groups.
- An Azure Container Registry (ACR).
- A service principal.
- Azure virtual machines (VMs).
- Storage disks.
- OWNER rights on the created resource group.
- If using a NetApp NFS (network file system): The Azure subscription needs to be granted access to the Azure NetApp Files service (details are described in the procedure).
After you have installed and configured an Azure jump host, you can run all Azure Cloud Shell (
az cli) commands from the jump host instead of the Azure Cloud Shell.The complete process of deploying Azure includes the following broad steps. You can perform most steps using either the Azure Portal or through the Azure Cloud Shell, and each method is explained (where possible).
|
|
Task |
See |
|---|---|---|
|
1. Create the Azure Container Registry (ACR) and the Azure resource group which will contain the deployment resources. |
Preparing the Azure Container Registry and Resource Group |
|
|
2. Prepare the Azure Kubernetes Service (AKS). | Preparing the Azure Kubernetes Service |
|
|
3. Prepare the NFS (Network File System) subnet. |
Preparing the Subnet for the NFS Server and Jump Host |
|
|
4. Create the jump host virtual machine and configure the jump host for connectivity to the cluster. |
Preparing the Jump Host Virtual Machine |
|
|
5. Prepare the Network File System (NFS) server. |
Configuring the NFS Server |
|
|
6. Create and configure the volumes. | Creating and Configuring the Volumes |
|
|
7. Create and attach the data disk to nodes. | Creating and Attaching the Data Disk to Nodes |
|
|
8. Prepare the private DNS zone. | Preparing the Private DNS Zone |
|
|
9. Label nodes in your cluster to indicate their functionality. | Labeling Azure Kubernetes Service Nodes |
|
|
10. Upload product images to the Azure Container Registry for installation. | |
|
|
11. Install the CDF installer script and install CDF to Azure. | Installing CDF |
|
|
12. Configure and deploy the Kubernetes cluster of AKS nodes. | Configuring the Kubernetes Cluster |
|
|
13. Patch and configure your load balancing capability with the latest updates. | Patching the Load Balancer |
|
|
14. Open the CDF management portal. | Opening the Management Portal |
|
|
15. Configure and deploy, using the CDF Management Portal, Transformation Hub to run in the CDF-managed Kubernetes cluster. | Deploying ArcSight Products |
|
|
16. Configure the Management Center (ArcMC) to recognize and manage the platform. | Managing Your ArcSight Infrastructure with ArcMC |
|
|
17. Configure your SmartConnectors and Collectors as producers of events into Transformation Hub, as well as configure event Consumers such as Logger and ESM. | Integrating the Platform Into Your Environment |
|
|
18. Apply the hotfix to remediate the log4j vulnerability | Applying the CDF 2021.05 log4j Hotfix |
|
|
19. Get the latest security fixes and enhancements | Upgrading to 22.1.2 |