How to install Small Office Security (on-premise console)
Bitdefender Small Office Security (on-premise console) allows organizations to host security in their own infrastructure and easily deploy, administer and monitor protection for PC and Mac desktops and file servers, featuring leading antimalware detection as well as the latest administration console developed by Bitdefender.
This article explains how to import and deploy the Small Office Security (on-premise console) appliance into your virtualization environment and how to initialize the first Control Center user account.
- Prepare for Installation
- Deploy and Set Up Small Office Security Appliance
- Initialize the first Control Center User Account
The Small Office Security installation is fairly easy. All you need to do is to import the Small Office Security image into your virtualization environment, deploy it on a hypervisor and set up the network and proxy settings (if needed). Then you are ready to access the Control Center console.
For installation and initial setup, you must have the following at hand:
The Small Office Security virtual appliance image. You can obtain the Small Office Security image download link by registering for a trial on the Small Office Security product page.
The Small Office Security appliance image is available in several different formats, compatible with the main virtualization platforms:
- OVA, compatible with VMware vSphere
- VHD, compatible with Microsoft Hyper-V
XVA, compatible with Citrix XenServer, XenDesktop, VDI-in-a-Box
Note: Support for other formats and virtualization platforms may be provided on request.
- DNS name or fixed IP address (either by static configuration or via a DHCP reservation) for the Small Office Security appliance
- If needed, proxy server settings
- Username and password of a domain administrator (when using Active Directory)
- License key (check the trial registration or purchase email)
GravityZone appliance comes with a basic configuration interface, available from the management tool used to manage the virtualized environment where you have deployed the appliance. To configure a new GravityZone virtual appliance CLI after it was imported on a virtualized hosts running on ESXi, XenServer, Hyper-V or KVM, follow the next steps:
Upon the first boot of a new virtual machine, you are required to configure the password for the built-in bdadmin system administrator account:
Login to the CLI menu using the bdadmin account password configured above.
From the Appliance Options menu, configure the following options:
Configure Hostname Settings
Configure Network Settings
The appliance can be configured to automatically receive the network settings from a DHCP server or can have the network settings configured manually. If the DHCP configurations are used, make sure the IP address is reserved and will not be changed upon renewal.
Configure Proxy Settings
Each GravityZone instance requires Internet connectivity during the initial configuration. If the Internet access is routed through a proxy server, configure its address using the following syntax:
If the proxy server does not require authentication:
If the proxy server requires authentication:
- If the proxy server does not require authentication:
This setting controls the CLI language and can be configured to English, French, Spanish or German.
Select Automatic installation and follow the prompts in order to start the install. All of the roles will be automatically installed:
- Database Server
- Update Server
- Web Console
- Communication Server
Configure Communication Server
GravityZone contains the Security for Mobile Devices module allowing the GravityZone administrator to manage the users' mobile devices. The management tasks for mobile devices are executed over the Internet and for that reason the GravityZone Communication Server has to be configured with an external network address from which it receives communication from the managed mobile devices.
To facilitate this communication, the infrastructure administrators have to configure a NAT rule on the border firewall to correlate the external address with the internal communication server address.
If the configured Communication Server load balancing address is already configured as an external address, that address can be used.
The External Communication Server address is configured in the GravityZone following the next steps:
- Select option 4 MDM Communication Server -> 2 Configure MDM Server external address.
- Enter the external address.
Use the following syntax: https://‹IP/Domain›:‹Port›.
- If you use port forwarding, you must enter the public IP address or domain name and the port open on the gateway.
If you use a public address for the Communication Server, you must enter the public IP address or domain name and the Communication Server port. The default port is 8443.
- Configure Hostname Settings
Now you have to connect to the Control Center web interface and configure the administrator account.
- In the address bar of your web browser, enter the IP address or the DNS hostname of the Control Center appliance (using the https:// prefix). A configuration wizard will appear.
You must first register your Small Office Security deployment to a Bitdefender account. Provide the username and password of your Bitdefender account. If you do not have a Bitdefender account yet, click the corresponding link to create one.
Click Next to continue.
Provide the license key required for validating Small Office Security. Check the trial registration or purchase email to find your license key. Enter the license key in the Key field and click the Add button. Wait until the license key is validated. You can also view the expiry date for your license key in the corresponding column.
Click Next to continue.
Specify the required details for your company administrator account: username, email address and a password. Password must contain at least one upper case character, at least one lower case character and at least one digit or special character.
Click Create Account.
The company administrator account will be created and you will automatically log on with the new account to Bitdefender Control Center.
The first screen opens the Essential Steps guide. You can read it, and then proceed with configuring Control Center settings.