Introduction and requirements
Introduction to Stream deployment, licensing steps, and connectivity requirements.
Introduction
This deployment guide describes the steps that needed to deploy Vectra Stream. Stream delivers security-enriched network metadata to a data lake or SIEM of the customer’s choice. Stream requires a Vectra Brain and Sensor(s) to be deployed and capturing network traffic. Stream supports both Respond UX and Quadrant UX deployments. For more detail on Respond UX vs Quadrant UX please see Analyst User Experiences (Respond vs Quadrant).
One of the below guides should be the starting point for your overall Vectra deployment:
Most customers choose to deploy as a virtual machine (VM) running on supported hypervisors or IaaS clouds. Stream is also available on a physical appliance (M series appliances such as the M29 or M47) for customers who lack the required resources to deploy Stream virtually or require higher throughput than a virtual Stream deployment can handle.
Licensing
Your deployment needs to be licensed for Stream. For cloud-connected systems, Vectra licenses your deployment automatically from the cloud. For offline systems, manual licensing of Stream is possible (see below).
Navigate to Configuration → SETUP → Licensing and copy the authorization code from the bottom box.
In another browser tab from a system with internet access, navigate to https://support.vectra.ai/vectra/additional-resources. If you are not already authenticated, you will be redirected to authenticate to your Vectra support account.
If you do not have a Vectra support account, you can self-register at the login screen, but licensing will not be available until your account is validated as being a Vectra customer or prospect involved in a trial.
If you prefer, your Vectra account team can also exchange your authorization code for a license.
Paste the license information you copied into the Enter Authorization Code section of the Configuration → SETUP → Licensing screen and click Generate License Key. You should get a message at the top and a key in the License Key box. Copy the license key using the Copy License Key button and go back to your Vectra UI in your other tab or window to input the license.
Once the license is enabled, the UI will reflect the correct status of the license and expiry.
License renewals are automatically handled for cloud connected systems. For offline systems (Quadrant UX deployments only), customers should follow this same process to renew a license.
License status can also be seen at:
Configuration → SETUP → Stream → Vectra Stream License
Discover → Platform → System Health → Deployments
Please note that Stream must have a valid (not expired) license for metadata to be forwarded from your Brain to your data lake or SIEM. If your license expires, metadata flow STOPS.
Connectivity Requirements
The Respond UX deployment guide or Quadrant UX deployment guide details basic connectivity requirements for initial platform deployment. It also gives guidance on firewall/proxy SSL inspection, Internet access to and from the Brain, and guidance for air-gapped environments (Quadrant UX only). For full detail on all possible firewall rules that might be required in your environment, please see firewall requirements.
Connectivity Requirements for Stream
Source
Destination
Protocol/Port
Description
Admin Hosts
Stream
TCP/22 (SSH)
CLI access to Stream
Brain
Stream
TCP/22 (SSH)
Remote management and troubleshooting
Stream
Brain
TCP/22 (SSH)
TCP/443 (HTTPS)
Pairing, metadata transfer, and ongoing communication
Stream
Data lake (as configured)
TCP (as configured)
Metadata streaming to data lake
Please note:
Stream does not communicate directly with the Vectra Cloud.
All communication sessions with Stream are initiated from Stream to the Brain (except troubleshooting).
Updates for Stream are downloaded to the Vectra Brain and Stream retrieves them from the Brain.
Last updated
Was this helpful?