This tutorial describes the possibilities and limitations of installing One Identity Safeguard for Privileged Sessions (SPS) 7.1 as a virtual appliance under a VMware ESXi server.
This tutorial describes the possibilities and limitations of installing One Identity Safeguard for Privileged Sessions (SPS) 7.1 as a virtual appliance under a VMware ESXi server.
The following describes how to install a new SPS under VMware ESXi or ESX.
To install a new SPS under VMware ESXi or ESX
Create the virtual machine for SPS using the following settings. Note that these settings are suitable for evaluation purposes. To test SPS under significant load, contact One Identity for recommendations.
Guest operating system: Linux/Ubuntu 64-bit
Allocate memory for the virtual machine. SPS requires a minimum of 8 GiB of memory. The recommended size for the memory depends on the exact environment, but consider the following:
The base system requires 8 GiB of memory.
SPS requires about 1-5 MiB of memory for every active connection, depending on the type of the connection — graphical protocols require more memory.
The hard disk controller must be LSI Logic Parallel.
Do not use RAID for the hard disk, use the data duplication features of your virtual environment instead. That way, a single hard disk is sufficient for the system. If you need to use the built-in RAID support of SPS for some reason, use two hard disks, and SPS will automatically use them in software RAID.
|
Caution:
Hazard of data loss When you install or reinstall SPS in a virtual environment, always create new hard disks. Using existing hard disks can cause unexpected behavior and operational problems. |
Configure a fixed size disk with at least 30 GiB space. About 15 GiB is required for the base system, the remaining disk space is used to store data. To increase the initial disk size, see Modifying the disk size of a SPS virtual appliance.
|
Caution:
The fixed disk size of 30 GiB is only a recommendation for test environments. The disk allocation of a production system has to be properly calculated, while planning with the implementation of the system. |
NOTE: SPS will use the network card with the lowest PCI ID as eth0 (Physical interface 1), the card with the second lowest PCI ID as eth1 (the Physical interface 2), and so on. In some cases, this might differ from the labels in the VMWare management interface, for example, it is possible that eth0 will be labeled as Network adapter 4, and as a result, the SPS Welcome Wizard will not be available on Network adapter 1.
SPS requires at least one network card (preferably VMXNET3) to function. Configurations can use up to 6 network cards.
NOTE: The fourth (eth3) network card is reserved for High Availability mode by default. Therefore, make sure you enable, but do not attach, the fourth (eth3) network card to a network.
After creating the virtual machine, edit the settings of the machine. Set the following options:
Under Options > VMware Tools enable the Shutdown, Suspend, Reset options, otherwise the SPS administrator will not be able to access these functions from the SPS web interface.
Under Options > Boot options enable the Force BIOS Setup option. This is required to be able to check the system time (and modify it if needed) before installing SPS.
Login to your support portal and download the latest One Identity Safeguard for Privileged Sessions installation ISO file. Note that you need to have purchased SPS as a virtual appliance or have partner access to download One Identity Safeguard for Privileged Sessions ISO files. If you are a partner but do not see the ISO files, you can request partner access within support portal.
Mount the ISO image and boot the virtual machine. Follow the on-screen instructions to install SPS.
The following limitations apply to running version 7.1 of SPS under VMware:
SPS can be installed under the following VMware versions:
VMware ESXi 5.5 or later.
VMware ESXi 6.0 or later.
VMware ESXi 6.5 or later.
VMware ESXi 7.0 or later.
SPS can only use fixed disk space assigned to the virtual host, it is not possible to use on-demand disk allocation scenarios. To increase the size of the virtual disk, see Modifying the disk size of a SPS virtual appliance.
If High Availability (HA) operation mode is required in a virtual environment, use the HA function provided by the virtual environment.
Hardware-related alerts and status indicators of SPS may display inaccurate information, for example, display degraded RAID status.
Creating Quiesced snapshots is not supported. Disable this option when taking a snapshot of your SPS appliance, otherwise the boot firmware of the appliance becomes tainted.
This tutorial describes the possibilities and limitations of installing One Identity Safeguard for Privileged Sessions (SPS) 7.1 as a virtual appliance under a Hyper-V server.
© 2024 One Identity LLC. ALL RIGHTS RESERVED. Conditions d’utilisation Confidentialité Cookie Preference Center