Documentation Center
AlienVault® USM Anywhere™

Requirements for Hyper-V Sensor Deployment

Review the following prerequisites to ensure an efficient setup and configuration of a USM Anywhere Sensor on Hyper-V.

Minimum Requirements

  • Operating system must be Windows Server 2012 R2 with either Hyper-V Manager or System Center Virtual Manager (SCVMM) 2012, or Windows Server 2016
  • Hyper-V virtual machine with four cores and 12 GB of statically assigned memory
  • 150 GB of disk space (100 GB data device and 50 GB root device)
  • Internet connectivity from the virtual machine

Recommended Requirements

Sensor Ports and Connectivity

Before you deploy a USM Anywhere Sensor, you must configure your firewallVirtual or physical device designed to defend against unauthorized access to data, resources, or a private network. A firewall’s primary purpose is to create segregation between two or more network resources, blocking undesirable traffic between them. permissions to enable the required connectivity for the new Sensor. Initial deployment of a USM Anywhere Sensor requires that you open egress/outbound ports and protocols in the firewall for communication with USM Anywhere and AlienVault cloud resources. The USM Anywhere Sensor receives no inbound connections from outside the firewall.

Type Ports Inbound/Outbound Endpoints Purpose
TCP 80 Inbound IP address of the Sensor To launch the Sensor web UI during the initial setup. You can remove access to this port after the Sensor successfully connects to USM Anywhere.

Important: You do not need to allow inbound traffic to port 80 from the Internet.

TCP 443 Outbound update.alienvault.cloud Communication with AlienVault for initial setup and future updates of the Sensor
TCP 443 Outbound reputation.alienvault.com Ongoing communication with Open Threat Exchange®
TCP 443 Outbound your USM Anywhere subdomain
.alienvault.cloud
Ongoing communication with USM Anywhere
TCP 9443 Outbound vCenter Server Authenticate Sensor to ESXi
SSL / TCP 7100 Outbound your USM Anywhere subdomain
.alienvault.cloud
Ongoing communication with USM Anywhere
UDP 53 Outbound DNS Servers (Google Default) Ongoing communication with USM Anywhere
UDP 123 Outbound

0.amazon.pool.ntp.org

1.amazon.pool.ntp.org

2.amazon.pool.ntp.org

3.amazon.pool.ntp.org

Synch with NTP services in the AlienVault cloud

We also recommend that you configure outbound connectivity for port 22 and 443 to prod-usm-saas-tractorbeam.alienvault.cloud to support SSHProgram to securely log into another computer over a network, to execute commands in a remote machine, and to move files from one machine to another through SCP. communications with the USM Anywhere Remote Support server. For more information about remote technical support through the USM Anywhere Sensor console, see Troubleshooting and Remote Sensor Support.

Hyper-V Machine Deployment

You can deploy a Hyper-V virtual machine using either of the following management tools:

  • Microsoft Hyper-V Manager, which is an administrative tool for managing local and remote Hyper-V servers. For more information, see Create the VM with Hyper-V Manager.
  • System Center Virtual Machine Manager 2012, which is designed for managing large numbers of virtual servers, based on Microsoft Virtual Server and Hyper-V. For more information, see Create the VM with SCVMM 2012.