After the AppDefense Appliance is installed, you must register the new appliance with vCenter Server.

Prerequisites

  • You have installed the AppDefense Appliance.
  • The AppDefense Appliance VM is powered-on.

Procedure

  1. Log in to the vSphere Client.
  2. Go to the AppDefense Appliance VM, and verify that the VM is powered-on. Note down the AppDefense Appliance IP address.
  3. Open a web browser, and navigate to AppDefense Appliance GUI at https://<appliance ip address>. The Select a certificate window appears.
  4. You can log in to the AppDefense Appliance using either the admin credentials or using the certificate.
    1. If you want to log in to the AppDefense Appliance using the admin credentials, click Cancel. Use the admin credentials that you added while installing the AppDefense Appliance OVA file.

      Important: Do not click OK to accept the certificate.
    2. If you want to log in to AppDefense Appliance using self-signed or CA certificate, then follow the procedure as described in the Log In to AppDefense Appliance With Certificate topic.
      The AppDefense Dashboard appears as a default home page.
  5. Go to the Appliance > Registration tab.
  6. In the AppDefense Manager section, Plug-in only or Non-SaaS is the default connection for the AppDefense plug-in. For more information on connectivity modes, refer to Connectivity With AppDefense Service.
  7. In the SSO lookup configuration section, click Edit and configure the following values.
    Note: Time must be synchronized between the AppDefense Appliance and the vCenter Single Sign On (SSO) server. NTP server must be specified so that the SSO server time and the AppDefense Appliance time are in sync. For details on how to configure the NTP server, refer to Configure NTP Server Settings topic.
    SSO lookup configuration Description
    SSO Hostname Enter the host name of the vCenter Single Sign On (SSO) and click Register.

    You must have time synchronization between SSO server and the AppDefense Appliance.

    User name and Password Enter user name and password for the vCenter SSO administrator. To add a member to the vCenter SSO administrator group, refer to the vSphere documentation available at https://docs.vmware.com/en/VMware-vSphere/6.7/com.vmware.psc.doc/GUID-CDEA6F32-7581-4615-8572-E0B44C11D80D.html.
    Thumbprint (SHA1) Verify the SHA1 thumbprint of the SSO server.
    Note: AppDefense Appliance uses a service account to interact with vCenter. This service account is created in your SSO server for the improved security and manageability. You need SSO administrator credentials for creating this service account. The SSO administrator credentials are only used for this session and are not persisted in AppDefense.
  8. In the vCenter Server details section, configure the following values.
    vCenter Server details Description
    vCenter Server Hostname Select the required vCenter Server host name from the list to be protected by AppDefense. You can install one AppDefense Appliance per vCenter Server.
    Plug-in Version of the registered AppDefense plug-in.
    Thumbprint (SHA256) Verify the SHA256 thumbprint of the vCenter Server.
    Click Register.
  9. You can configure AppDefense with the NSX Data Center. You can configure either NSX Data Center for vSphere or NSX-T Data Center. The NSX details section displays the details of the NSX Data Center that is registered with vCenter Server.
    1. To configure NSX Data Center, click Register and enter the following values.
    2. NSX User name and Password: Enter user name and password for the NSX-T Data Center administrator.

      -OR-

      Enter user name and password for the NSX Data Center for vSphere administrator.
    3. Verify the Virtual IP of the NSX-T Data Center.

      -OR-

      Verify the SHA256 thumbprint of the NSX Data Center for vSphere server.
    Note: Make sure that AppDefense Appliance and NSX Data Center are on common network as vCenter Server.
    Click Register.

Results

  • The AppDefense Appliance is registered with the vCenter Server. The AppDefense > Getting Started page gets replaced with the AppDefense > Dashboard page.
  • Log out and log in to the vCenter Server again with the same Administrator role used to register AppDefense Appliance. Alternatively, refresh the vSphere Client browser to reflect the changes.
  • After the AppDefense Appliance is registered with vCenter Server, you can log in to the AppDefense Appliance using the vSphere user credentials (for example, administrator@vsphere.local) as well.

What to do next

Install AppDefense Host Module. The AppDefense panel appears on the Summary and Configuration tab for any host in the vCenter Server inventory. You can install, upgrade, or view details about AppDefense from the panel.