1 Overview:
2 Phase One:
- 2.1 Complete this Google Form
  - 2.1.1 On-Prem VM Requirements
  - 2.1.2 On-Prem VM Configuration
- 2.2 VM Options
  - 2.2.1 Option 1: DHCP
  - 2.2.2 Option 2: Single Interface Static IP
  - 2.2.3 Option 3: Dual Interface Static IP
  - 2.2.4 Need More than 1 VM?
3 Phase Two:
- 3.1 Step 1: Install VM file provided by Degree Analytics on VM Hypervisor or Management software.
- 3.2 Step 2: Configure Network Devices or Wireless Controllers to Forwarding Log Traffic
  - 3.2.1 For SNMP TRAP Traffic (Cisco Catalyst)
  - 3.2.2 For Syslog Traffic (Aruba, Extreme, Ruckus)
  - 3.2.3 Firewall Configuration

Overview:

The School will have to meet all the steps in “Phase One” so the data ingestion team can create the VM file that will be sent to the customer. This would apply for Cisco Catalyst, Aruba, Extreme, and Ruckus systems.

In Phase Two the school will take the VM file that Degree Analytics has provided them, install it, and make the necessary firewall/network changes are applied. This will allow the VM to start forwarding traffic and so we can manage it via SSH.

Flow Diagram:

Phase One:

Complete this Google Form

Send VM Hypervisor or Management software information:
- We need the Version and Vendor type of the Hypervisor you plan to run the VM on.

On-Prem VM Requirements

1 CPU
2 GB of Ram
40gb of Disk Space
1 Virtual network interface
Technical contact: Please provide email/contact information should we need to escalate for any VM streaming issues

On-Prem VM Configuration

VM Options

Option 1: DHCP

Just state this is your preferred configuration

Option 2: Single Interface Static IP

Please provide the following information:

Static IP Address
Subnet Mask/CIDR
Gateway IP Address
DNS Server IP Addresses (minimum one address)

Option 3: Dual Interface Static IP

If you are running a dual network, we need a little bit more information.

WAN Static IP Address
WAN Subnet Mask/CIDR
WAN Gateway IP Address
WAN DNS Server IP Addresses (minimum one address)
LAN Static IP Address
LAN Subnet/Mask
LAN Gateway IP Address

Need More than 1 VM?

If you have more than 1 wireless controller or multiple On-Prem systems, please let us know. Depending on the system load, it may be necessary to provide 2+ on-prem VMs

Phase Two:

Step 1: Install VM file provided by Degree Analytics on VM Hypervisor or Management software.

Import the VM into your Hypervisor and allocate 1 virtual network interface in the subnet of the VM IP address.
Ensure the VM starts without errors. If you see the console output or VM screen with a login prompt, that is considered working.
- If there are errors importing, please send error logs to us.

Step 2: Configure Network Devices or Wireless Controllers to Forwarding Log Traffic

For SNMP TRAP Traffic (Cisco Catalyst)

Refer to the Degree Analytics SNMP TRAP Guide for the configuration of your wireless controller.
Forward traffic to VM IP address
Community String is not required. Set this to anything you like.

For Syslog Traffic (Aruba, Extreme, Ruckus)

Forward traffic to VM IP address
Will vary on system
- Extreme
  - logging <IP of VM> configure syslog add <IP of VM> vr <virtual-router> enable log target syslog <IP of VM> vr <virtual-router> configure log target syslog <IP of VM> vr <virtual router> level informational
- Ruckus
  - System -> General Settings -> Syslog
  - Enable logging to remote syslog server
  - Enter <IP Address of VM> as the syslog server, on port 514
  - Of the Event Filter, we want all events
    - informational
- Aruba:
  - Can use the UI to set User and Wireless at the Notice or Notification level with bsd format
  - Terminal Commands:
    - (Aruba Controller) > enable (Aruba Controller) # configure terminal // set logging levels and format (Aruba Controller) (config) # logging level notice user (Aruba Controller) (config) # logging level notice wireless (Aruba Controller) (config) # logging format syslog bsd // Following is optional, but can assign these logs to a particular facility if you have other facilities already enabled (Aruba Controller) (config) # logging facility local0 // To Confirm Logging (Aruba Controller) # show logging // To write (Aruba Controller) # write memory

Firewall Configuration

Destination NAT or an external/public IP address we can use to access the VM via ssh. (ex. public IP address -> VM IP address)

Inbound access (To VM IP address)
- Outside Network Access Options:
  - Option A: Allow SSH (port TCP 22) from our IP address 18.213.99.13 to the VM IP address.
  - Option B: Provide a Client VPN Connection Option to connect to port 22
- For SNMP TRAPS Traffic
  - Allow SNMP TRAPs Traffic (port UDP 162) from your source (ex. wireless controller IP address) or internal network range
- For SYSLOG Traffic
  - Allow SYSLOG traffic (port UDP 514) from your source (ex. syslog server) or internal network range
Outbound Access (from VM IP address)
- HTTPS and HTTP (port TCP 9443 TCP 443 and TCP 80) to anywhere)
- TSL port 8000 to anywhere or 0.0.0.0/0 (Degree Analytics Management Software)
- UDP port 53 DNS to the VM DNS servers IP address
- UDP port 4242 to anywhere or 0.0.0.0/0 (Degree Analytics Management Software)
- UDP port 123 NTP to anywhere or 0.0.0.0/0 (NTP service)

DegreeAnalyticsPublicDocumentation

VM Install (Aruba, Cisco Catalyst, Extreme, Ruckus)