Skip to main content

Deploy a Virtual IDS Appliance

Updated

This article reviews the steps to deploy a virtual Identity Server (IDS) appliance. The virtual IDS appliance can be a Windows application or a virtual machine (VM) that includes all of the software and hardware requirements in one convenient package. It eliminates the need for physical IDS appliances and allows you to host IDS in your organization's existing infrastructure.

Currently, VMware ESXi, Microsoft Hyper-V, and Oracle VM VirtualBox are supported for deploying the IDS VM. To request support for other Virtual Infrastructure, please contact Princeton Identity Support

Please note that a static MAC address should be used when deploying the server, as dynamic MAC addresses will cause the licenses to become invalid.

NOTE:

Please review the Minimum Installation Requirements and ensure that your device meets them prior to proceeding.
The face matcher we currently ship with the Identity Server relies on FMA3 instructions (for hardware acceleration). This feature can be detected by running Microsoft's Coreinfo program. If you don't have it enabled, please follow the instructions below.

Extract the contents of Coreinfo.zip from that article to a folder (generally System32 or System64) and run Coreinfo or Coreinfo64.exe from a command prompt. If this feature is enabled, you should see the following line appear in the output list (note that the * character means it's available):

FMA             *       Supports FMA extensions using YMM state

Also note, data at rest encryption will be the responsibility of the customer. Princeton Identity recommends enabling disk level encryption.

In order to obtain the latest version of the virtual IDS appliance please follow the article here: How to obtain the latest version of Princeton Identity software

Creating the virtual IDS

Directions from your hypervisor's provider should be followed for deploying the virtual IDS appliance.

For VMware, you will be deploying an OVF template and you should follow the directions provided by VMware. These directions can be found here.

For Hyper-V, please follow the instructions from Microsoft to Import a Virtual Machine.

For VirtualBox, please follow the knowledge base article found here: Configuring the virtual IDS appliance on VirtualBox

For a Windows application install, please follow the guide found here: Windows Installation

Accessing your IDS

Ensure the IDS virtual machine is powered on in your hypervisor. The IDS VM may take several minutes to start. Assuming DHCP is available, determine the VM IP address from your hypervisor. Navigate to https://<ip-address>:8443 using a web browser.

If DHCP is not available, refer to Appendix A in order to set the IP address of the VM manually.

mceclip3.png

The IDS will open to the login screen. The first time login information is:

Username: admin
Password: password

You will then be taken to the setup screen.

mceclip4.png

Click on "Get Started".

mceclip5.png

This will set the admin password for your Identity Server. We recommend a password of at least 8 characters.

mceclip6.png

Click on "Continue".

mceclip7.png

On this page you can change the name of your server. Click on "Change name" and then enter the new name and click "Save".

mceclip8.png

On this page you can configure your retention policy. Click on "Configure retention policy" to change settings. Settings can be modified using the check boxes and also by changing the values individually. When you have the policy set appropriately according to your desired requirements click "Save", and then click "Accept and Continue" on the page.

mceclip9.png

The IDS setup is now complete! Click the "Done" button and you will be directed to the home page of your IDS.

 

Appendix A

If DHCP is not available for your virtual machine network, then follow the directions below.

1. Access the console of the virtual machine. This is typically done by clicking on the preview screen in your hypervisor.

2. Login using the following credentials:

Username: idsadmin
Password: password

3. In the console run the following commands. The example below is for the static IP 192.168.1.100, but this should be changed to your desired static IP.

The commands for Hyper-V are:

sudo nmcli connection add type ethernet ifname eth0
sudo nmcli connection modify ethernet-eth0 ipv4.address 192.168.1.100/24 ipv4.method manual
sudo nmcli con up ethernet-eth0

The commands for VMware are:

sudo nmcli connection add type ethernet ifname ens192
sudo nmcli connection modify ethernet-ens192 ipv4.address 192.168.1.100/24 ipv4.method manual
sudo nmcli con up ethernet-ens192

Related articles

Powered by Zendesk