On This Page
Installing and Logging in to VMA
Before Installation
-
Confirm that you have either a Google Chrome or Mozilla Firefox internet browser.
-
Extensions applications may require additional hardware and resources, depending on utilization. Consider expanding your resources if heavy use of the application is intended.
-
If you are not using Tufin OS, we recommend that you open a support ticket for a walkthrough before installing an Extension application for the first time. Note the initial setup for all Extensions applications is the same.
- In SecureTrack:
- Create a user with Security Administrator level permissions. Log into SecureTrack with that user.
- Configure the relevant network zones.
- In SecureChange:
- Create a user with the permission: Create and handle tickets on behalf of another user (via API only). Log into SecureChange with that user.
- Create a server decommission workflow to be used when asset mitigation is needed.
- Access credentials that can make API calls to one of the following supported vulnerability management solutions:
- Rapid7 Nexpose
- Rapid7 InsightVM
- QualysGuard
- Qualys VMDR
- Nessus Professional
- Tenable.io
- Tenable.sc
Install Process
These instructions apply if you are:
-
Installing VMA for the first time.
-
Upgrading to a TOS Aurora version that requires a new installation.
-
Upgrading VMA.
Retrieve Installation File
You can download all Extensions application files, either locally or downloaded to a relevant server, from the Customer Portal Download Center.
-
From the Download Center, select the Extension to download.
-
Select the method for downloading the installation package: Download to Computer or Copy link (valid for 10m). Using the link requires the server to have access to download from https://tosportaldownloads.tufin.com.
-
If you downloaded the package, upload it from your local computer to the primary data node to the directory c:/opt. Upload the file as is; do not extract it first.
-
If you copied the link, run the following command. If the link has expired, get a new link from the Download Center.
where
-
<APP-VERSION> is the version number as seen in the file name in the Download Center.
-
<LINK> is the link you copied from the Download Center.
-
Procedure
-
Using SSH, log into the TOS Aurora server.
-
Create a directory called
/opt/extensions. -
Copy the installer run file (already downloaded) to
/opt/extensions. -
Go to
/opt/extensions. -
Go to the folder and run the installer file:
# sh vma-v<VERSION>.k3s.run
VMA is installed in the TOS Aurora cluster on the data node.
A license is required if you are running TOS Aurora R23-1 or earlier, or you have a legacy (non-tiered) TOS license - see Installing a License.
Troubleshooting Installation
|
Error Message |
Next Steps |
|---|---|
| Error: TOS isn't running | If you receive this message while trying to install an Extension and you are not using Tufin OS, the issue may be related to your OS user permissions. Please contact Tufin Support for instructions. |
Log into VMA
Vulnerability Mitigation App (VMA) is located in the SecureTrack server. To log in, you will need to enter your SecureTrack user credentials.
Your user credentials determine your level of access to VMA.
Access VMA from SecureTrack
From the app launcher icon (
), select Vulnerability Mitigation App.
Log in to VMA Directly
- In your browser, enter the following URL:
https://<SecureTrack_Host>/apps/public/vmawhere
<SecureTrack_Host>is your SecureTrack IP address. VMA uses SecureTrack for authentication.The Login page appears.
- Enter your SecureTrack user credentials and click Log In.
