CloudLens with Moloch example

Azure Public Test Date Azure Public Test Result

Azure US Gov Last Test Date Azure US Gov Last Test Result

Best Practice Check Cred Scan Check

Deploy To Azure Deploy To Azure US Gov Visualize

  1. Solution Overview
  2. Solution Architecture
  3. Licenses and Costs
  4. Prerequisites
  5. Deployment Steps
  6. Support

Solution Overview

This Quick Start deployment guide provides step-by-step instructions for deploying Moloch and CloudLens in the Azure Cloud.

This Quick Start is for users who need to gain more visibility into their Azure VNets.

Solution Architecture

This template will deploy:

  • Two storage accounts
  • One Virtual Network
  • 2 Public IP’s, one for the tapping vm and one for the Moloch tool
  • Two UbuntuServer 16.04.0-LTS VMs

Deployment Solution Architecture

Licenses and Costs

You are responsible for the cost of the Azure services used while running this Quick Start deployment. There is no additional cost for using the Quick Start.

The Azure template for this Quick Start includes configuration parameters that you can customize. Some of these settings, such as vm size, will affect the cost of deployment. For cost estimates, see the pricing pages for each Azure service you will be using. Prices are subject to change.

CloudLens will be configured to use a free trial account, the user can convert at any time to a paid account.

Prerequisites

Azure Subscription with ability to launch VMs.

Deployment Steps

Step 1. Prepare Your CloudLens Account

  1. Create a CloudLens free trial account at https://ixia.cloud/free-trial?isQuickstart=true by following the on-screen instructions.
  2. Activate your free trial account by visiting the link provided in the email.
  3. Login to CloudLens. A project will be automatically created for you with all the required infrastructure: one group for source instances and one group for tool instances, a connection between the two groups. The groups are automatically configured with filters that match the agents that will be started later by the Quick Start template.
  4. Select the project by clicking the tile having the name “QUICKSTART_PROJECT”.
  5. On the project page click on SHOW PROJECT KEY to display the project key and copy it, since you will need it to deploy the template.

Step 2. Launch the Quick Start

Create your CloudLens environment on Azure in a few simple steps:

  • Launch the Template by click on 'Deploy to Azure' button.
  • Fill in all the required parameter values. Accept the terms and conditions and click on 'Purchase'.

Step 3. Play with the environment

After the deployment is ready (~ 6 minutes):

  • Check the CloudLens portal to see if the agents have connected and are part of the 2 groups (should say '1 instance' under each group).
  • Login in the Moloch web ui (https://{moloch-vm-ip}:8005) with admin/moloch.
  • Generate some network traffic from the tapping vm
  • Check the Moloch Web UI (wait for about a minute for the sessions view to update)

Support

For any support related questions, issues or customization requirements, please contact cloudlens@keysight.com.

https://www.ixiacom.com/products/cloudlens-public

Tags: Microsoft.Storage/storageAccounts, Microsoft.Network/publicIPAddresses, Microsoft.Network/networkSecurityGroups, Microsoft.Network/virtualNetworks, Microsoft.Network/networkInterfaces, Microsoft.Compute/virtualMachines, Microsoft.Compute/virtualMachines/extensions, CustomScript