Skip to content

HySecure HA Deployment

Environment

  • Hysecure Gateway Active Node Deployment in Azure Cloud
  • Gateway Version: v5299

Pre-Requisite

Create HySecure Active Node

Step 1: Create HySecure Virtual Machine using below link form Azure Marketplace.

or click on Create a Resource >> Azure Marketplace and Search for Accops to Deploy it.

img

Select the version to depoly it from dropdown menu of plan options.

img

Step 2: Add Project details, Instance Details and then Click on "Next : Disks".

img

Step 3: Add Disk Details and click on Next : Networking Tab.

img

Step 4: Add Networking Details and click on Next : Management Tab.

img

Step 5: Add Management Details and click on * Next : Advanced *.

img

Step 6: Add Advanced Details and Click on Next Tab * Tags*.

img

Step 7: Add Project Tags and Click on Next Tab Review + Create.

img

Step 8: Once VM validation is passed then click on * Create *.

img

Step 9: List Created VM in Azure Dashboard >> Virtual Machines.

img

Step 10: Connect newely created Virtual Machine using Private IP Address.

img

Tip

If Public Load Balancer is attached to Virtual machine then use Private IP to connect the VM, Please make sure you have Site-2-Site Connectivity to your Azure Network from the location you want to access the Accops Gateway. Another method to Access the Gateway is use Any Windows Virtual Machine toAccess the VM from Same Subnet or DIfferent Subnet, It may required Port opening in Firewall, Please Check with Your Azure Network/Security Team

Step 11: Connect to Serial Console of HySecure Active Node & Login with Default Credentials.

img

Step 12: For Network Configuration, Enter 1 .

img

Step 13: To Configure Ethernet Device, Enter 1.

img

Step 14: Enter the Device Number of Ethernet to configure it, Enter 0 for eth0 interface.

Example

for eth0, Enter 0. for eth1, Enter 1.

img

Step 15: Select Manually Configure ETH0, Select one of the option above : 1 and assign Same IP address which is shown in HySecure Serial Console as Static IP Address.

img

Step 16: Enter R to exit from IP configuration Menu.

img

Step 17: Enter R to exit from Ethernet Configuration Menu.

img

Step 18: Enter R to exit from Network Configuration Menu.

img

Step 19: Enter R to exit from HySecure Console Menu.

img

Step 20: Connect HySecure gateway using Public or Private IP from Browser.

img

Step 21: Ignore Certificate error and Click on Continue to ....

Step 22: Select Configure HySecure Now.

img

Step 23: Scroll down End User License Agreement and Select I Accept Tnc then Click on Submit.

img

Step 24: Select Preboot Type and then click on Submit.

img

Step 25: Change Hostname, Keep IP address Default, Update Date and Time select Timezone, and then click on Submit.

img

Step 26: Review Hostname, IP address and Interface Configuration and then click on Submit.

img

Step 27: Select Setup a New Installation Type and then click on Submit.

img

Step 28: Select Default Accops Internal CA and then click on Submit.

img

Step 29: Add CA Authority Details, and First Security Office Account Details and then click on Submit.

img

Step 30: Wait for Processing and then First Security Officer Account Passphrase will be shown.

img

Active Node Passphrase

Info

First Security Officer: SO_HySecure_Gateway

HySecure Active Node Passphrase: EV29DGQS7Q2FEJCY

Create HySecure Standby Node

Step 1: Create HySecure Virtual Machine using below link form Azure Marketplace.

or click on Create a Resource >> Azure Marketplace and Search for Accops to Deploy it.

img

Select the version to depoly it from dropdown menu of plan options.

img

Step 2: Add Project details, Instance Details and then Click on "Next : Disks".

img

Step 3: Add Disk Details and click on Next : Networking Tab.

img

Step 4: Add Networking Details and click on Next : Management Tab.

Info

While Creating Standby Node, keep the Load Balancing option blank/unchecked. Standby Node will participate in Load balancing once the Active Node Setup is completed and Active Cluster is ready to accept the request from Standby Node for High Availability.

img

Step 5: Add Management Details and click on * Next : Advanced *.

img

Step 6: Add Advanced Details and Click on Next Tab * Tags*.

img

Step 7: Add Project Tags and Click on Next Tab Review + Create.

img

Step 8: Once VM validation is passed then click on * Create *.

img

Step 9: List Created VM in Azure Dashboard >> Virtual Machines.

img

Step 10: Connect newely created Virtual Machine using Private IP Address.

img

Tip

If Public Load Balancer is attached to Virtual machine then use Private IP to connect the VM, Please make sure you have Site-2-Site Connectivity to your Azure Network from the location you want to access the Accops Gateway. Another method to Access the Gateway using any Windows Virtual Machine from Same Subnet or Different Subnet, It may required Port opening in Firewall, Please Check with Your Azure Network/Security/Firewall Team.

Step 11: Connect to Serial Console of HySecure Active Node & Login with Default Credentials.

img

Step 12: For Network Configuration, Enter 1.

img

Step 13: To Configure Ethernet Device, Enter 1.

img

Step 14: Enter the Device Number of Ethernet to configure it, Enter 0 for eth0 interface.

Example

for eth0, Enter 0. for eth1, Enter 1.

img

Step 15: Select Manually Configure ETH0, Select one of the option above : 1 and assign Same IP address which is shown in HySecure Serial Console as Static IP Address.

img

Step 16: Enter R to exit from IP configuration Menu.

img

Step 17: Enter R to exit from Ethernet Configuration Menu.

img

Step 18: Enter R to exit from Network Configuration Menu.

img

Step 19: Select cross to exit from HySecure Console Menu.

img

Step 20: Connect HySecure Standby Node using Private IP Address from Browser.

Tip

Below option can be used to Preboot Standby Node using Public/Private IP Address.

1: Temporarily Assign a Public IP address to Standby Node Server and Complete Preboot, post that You can remove the Public IP address from Standby Node. (Using 1st Method to Preboot Real Node)

2: Publish Standby Node in Active Cluster as an Application on port 443 then Create an Application and Assign it to Security Officer User and Preboot the Standby node Server.

3: Create a Windows VM (For Example: Jump Server/Existing Server ) in Azure Cloud within Same Subnet or Different Subnet and allow ports 443,3636 and 22 from Windows VM to Complete Preboot on Standby Node Server.

4: Create Site-2-Site Connectivity to Azure Cloud from the Network You want to Access the Standby Node.

img

Step 21: Ignore Certificate error and Click on Continue to ....

img

Step 22: Select Configure HySecure Now.

img

Step 23: Scroll down End User License Agreement and Select I Accept Tnc then Click on Submit.

img

Step 24: Select Preboot Type and then click on Submit.

img

Step 25: Change Hostname, Keep IP address Default, Update Date and Time select Timezone, and then click on Submit.

img

Step 26: Review Hostname, IP address and Interface Configuration and then click on Submit.

img

Step 27: Select Setup a New Installation Type and then click on Submit.

img

Step 28: Select Default Accops Internal CA and then click on Submit.

img

Step 29: Add CA Authority Details, and First Security Office Account Details and then click on Submit.

img

Step 30: Wait for Processing and then First Security Officer Account Passphrase will be shown.

img

Standby Node Passphrase

Info

First Security Officer: SO_HySecure_Gateway_Standby

HySecure Active Node Passphrase: 25TTFB88NV50RNI8

Create HySecure Real Node

Step 1: Create HySecure Virtual Machine using below link form Azure Marketplace.

or click on Create a Resource >> Azure Marketplace and Search for Accops to Deploy it.

img

Select the version to depoly it from dropdown menu of plan options.

img

Step 2: Add Project details, Instance Details and then Click on "Next : Disks".

img

Step 3: Add Disk Details and click on Next : Networking Tab.

img

Step 4: Add Networking Details and click on Next : Management Tab.

Info

While Creating Real Node, we can choose Load Balancing option if we have already Created a Public Load Balancer. Real Node will participate in Public Load balancing on External Port 443. We can add as many Real Nodes as we want as per the user loads.

img

Step 5: Add Management Details and click on * Next : Advanced *.

img

Step 6: Add Advanced Details and Click on Next Tab * Tags*.

img

Step 7: Add Project Tags and Click on Next Tab Review + Create.

img

Step 8: Once VM validation is passed then click on * Create *.

img

Step 9: List Created VM in Azure Dashboard >> Virtual Machines.

img

Step 10: Connect newely created Virtual Machine using Private IP Address.

img

Tip

If Public Load Balancer is attached to Virtual machine then use Private IP to connect the VM, Please make sure you have Site-2-Site Connectivity to your Azure Network from the location you want to access the Accops Gateway. Another method to Access the Gateway using any Windows Virtual Machine from Same Subnet or Different Subnet, It may required Port opening in Firewall, Please Check with Your Azure Network/Security/Firewall Team.

Step 11: Connect to Serial Console of HySecure Active Node & Login with Default Credentials.

img

Step 12: For Network Configuration, Enter 1 .

img

Step 13: To Configure Ethernet Device, Enter 1.

img

Step 14: Enter the Device Number of Ethernet to configure it, Enter 0 for eth0 interface.

Example

for eth0, Enter 0. for eth1, Enter 1.

img

Step 15: Select Manually Configure ETH0, Select one of the option above : 1 and assign Same IP address which is shown in HySecure Serial Console as Static IP Address.

img

Step 16: Enter R to exit from IP configuration Menu.

img

Step 17: Enter R to exit from Ethernet Configuration Menu.

img

Step 18: Enter R to exit from Network Configuration Menu.

img

Step 19: Select cross to exit from HySecure Console Menu.

img

Step 20: Connect HySecure Real Node using Private IP Address from Browser.

Tip

Below option can be used to Preboot Real Node using Private IP Address.

1: Temporarily Assign a Public IP address to Real Node Server and Complete Preboot, post that You can remove the Public IP address from Real Node. (Using 1st Method to Preboot Real Node)

2: Publish Real Node in Active Cluster as an Application on port 443 then Create an Application and Assign it to Security Officer User and Preboot the Real node Server.

3: Create a Windows VM (For Example: Jump Server/Existing Server ) in Azure Cloud within Same Subnet or Different Subnet and allow ports 443,3636 and 22 from Windows VM to Complete Preboot on Real Node Server.

4: Create Site-2-Site Connectivity to Azure Cloud from the Network You want to Access the Real Node.

img

Step 21: Ignore Certificate error and Click on Continue to ....

img

Step 22: Select Configure HySecure Now.

img

Step 23: Scroll down End User License Agreement and Select I Accept TnC then Click on Submit.

img

Step 24: Select Preboot Type and then click on Submit.

img

Step 25: Change Hostname, Keep Default Gateway as it is, Set Primary & Secondary DNS, Keep IP Interface Configuration Default, Update Date & Time, select Time Zone, Update NTP Server as per Your Requirement or Keep it Default then click on Submit.

img

Step 26: Review Hostname, IP address and Interface Configuration and then click on Submit.

img

Step 27: Select Setup a New Installation Type and then click on Submit.

img

Step 28: Select Default Accops Internal CA and then click on Submit.

img

Step 29: Add CA Authority Details, and First Security Office Account Details and then click on Submit.

img

Step 30: Wait for Processing and then First Security Officer Account Passphrase will be shown.

img

Real Node Passphrase

Info

First Security Officer: SO_HySecure_Gateway_Real

HySecure Active Node Passphrase: R2K9U4T1BUCD1SPL

What's Next

HySecure HA Configuration

Info

  • Enroll First Security Officer Account

  • Create New Cluster

  • Add Standby Nodes to New Cluster

  • Add Real Node to New Cluster

How to Enroll First Security Officer Account

How to Logging in as an SO

How to Configure HySecure Gateway For User Access

More Info About Accops HySecure

Help/Support

Please send a mail to support@accops.com for further Help/Support.

Back to top