Roger Perkin

Learn Network Automation

You are here: Home / Network Security / Cisco Stealthwatch Installation and Setup

In this post I am going to be walking through the installation and setup of Cisco Stealthwatch. I will be doing this with virtual machines on VMWare.

I will be installing the StealthWatch Management Console (SMC) and one FlowCollector FC

Stealthwatch Management Console Installation & Sizing

I will be referring to the Stealthwatch Management Console VE and Flow Collector VE Installation and Configuration Guide version 6.10.1

All the installation guides can be found on the Cisco website – hereĀ 

For all appliances they are deployed via an OVF so this process is very straightforward. There is a sizing guide which recommends different settings for the size of your deployment, number of exporters, flows per second and number of concurrent users etc.

stealthwatch-management-console-sizing-guide-vmware

For this deployment I will be putting it into production so will be giving it 32GB or RAM and 4 x CPUs

As the Stealthwatch Management Console is not doing the heavy lifting (that is the job of the Flow Collector) it’s disk space requirement is not as big. Minimum disk space is 100GB

stealthwatch management console disk size

I will be giving this one 200GB

Once you have booted the VM and open the console you will be presented with the login screen

stealthwatch management console default password

The default username and password is sysadmin / lan1cope

Once logged in you will be presented with a configuration screen where you can change the management address

stealthwatch management ip address

Step through the screens and the appliance will reboot, when it’s back you should be able to https to the management page

You will get a Stealthwatch is initializing screen and then finally be presented with this screen

stealthwatch management console login screen

The default username / password for the https screen is admin / lan411cope

There is one more configuration screen to go through where you can define DNS, NTP, domain name and change the password and hostname if you want.

stealthwatch management console ve network setup

Whilst the Management Console is rebooting you should repeat the above process for the Flow Collector as the next step in the Management Console setup is to add the flow collectors.

stealthwatch flow collectors

Stealthwatch Flow Collector Virtual Setup

Once you have built the flow collector you need to go back to the Managemnt Console setup and add the IP address of your Flow Collector

Setting up and using Stealthwatch

TBC

 

 

 

 

 

Category: