Brain deployment
Overview of the QUX deployment process, deployment steps along with requirements and documentation links, and how to do your initial login.
Brain Deployment Process Overview
Deployment can be done by the customer, partner, or with the assistance of Vectra.
Once you can login to your Brain appliance QUX UI, changing the default admin administrator login password is recommended.
Guidance for intial QUX configuration settings in the next page of this guide.
Cloud data sources can be added at any time
Cloud (non-network data sources) such as IDR for Azure AD (Entra ID), CDR for M365, and CDR for AWS can be added at any time. See configuring data sources for details.
Add network data sources (Sensors)
Network Sensors allow you to capture network traffic for analysis by your Vectra deployment. See configuring data sources for details.
Sensors are deployed and paired with your Vectra Brain.
Traffic capture is initiated.
Traffic is validated to ensure the observed traffic meets quality standards for algorithm processing.
See this page of the guide for best practices, configuring backup for your Brain appliance, and other recommended next steps.
Login and Change the “admin” Password
Once an IP has been configured for the MGT1 interface of your Brain, you can access it using a modern browser such as Edge, Chrome, or Safari (see Vectra UI Supported Browsers for more detail) at https://configured_IP or the hostname (if configured in your DNS). The GUI can also be accessed via MGT2 (on physical appliances) at https://169.254.0.10. The default username is admin and the default password is changethispassword .
Please note that by default, Vectra uses a self-signed certificate to secure the user interface. As a result, the certificate causes SSL warnings in most web browsers. Instructions for how to replace this with a customer-provided signed certificate can be found in the following Vectra support portal article:
After logging in to the GUI, it is recommended to immediately change the admin password.
Navigate to My Profile on the left-hand side of the screen
Click on Change Password in the username/password area, fill in and save the form
Password requirements - must be at least 8 characters long and contain at least
1 digit (0-9), 1 upper case letter (A-Z), 1 lower case letter (a-z)
One symbol from: (~!@#$%^&*_-+=`| \ ( ){ }[ ]:;”’<>,.?/)
Brain Deployment / Documentation Links
Deploy your Brain appliance using one of the linked guides below. After deployment, come back here and continue.
For physical Brain appliances
You will need CLI (Command Line Interface) access to the appliance.
The initial configuration at the CLI is covered in the Quick Start Guide for your appliance.
Please refer to that guide to configure an IP address, network mask, and default gateway.
If required, a proxy can also be configured at the CLI but can also be done later in the GUI.
Quick start guides for physical appliances that can support Brain or Mixed mode use are listed here:
X-Series guides - These appliances support Brain or Mixed mode deployment.
B-Series guides - These appliances only support Brain mode deployment.
The quick start physical appliance guides are meant just for getting the appliance installed and available on your network.
For virtual Brains deployed in traditional hypervisor environments (VMware, Nutanix, etc) or in IaaS clouds (AWS, Azure, GCP, etc)
Please the Brain guide for your platform in NDR virtual / cloud appliances.
Please see the appropriate deployment guide below for your supported IaaS cloud:
You may have already configured DNS following the QuickStart for your physical appliance or the deployment guide for your virtual Brain. If you did not configure DNS as part of your initial Brain deployment, this guide will cover configuration of DNS later in the Data Sources > Network > Brain Setup section. It is recommended have your Brain registered in your DNS to make failover scenarios easier to deal with.
Last updated
Was this helpful?