Cyberoam Virtual

UTM Appliance
Installation Guide for Version 10
Microsoft Hyper-V
Document Version 10.04.3543-03/07/2013

Cyberoam Virtual UTM Appliance Installation Guide for Microsoft Hyper-V

Contents

Preface................................................................................................................................. 4
Base Configuration ............................................................................................................. 4
Installation Procedure ........................................................................................................ 4
Cyberoam Virtual UTM Appliance Installation ........................................................................... 4

Cyberoam Virtual UTM Appliance Configuration............................................................ 18

Network Configuration Wizard ................................................................................................... 18
Configure Mode ..................................................................................................................... 19
Configure Internet Access ..................................................................................................... 21
Configure Mail Settings ......................................................................................................... 22
Configure Date And Time Zone ............................................................................................ 23

What Next? ........................................................................................................................ 25

Cyberoam Virtual UTM Appliance Installation Guide for Microsoft Hyper-V

Typographic Conventions
All contents in this guide including text or screenshots follow the given list of conventions.
Item

Convention

Server

Machine where Cyberoam Software - Server component is

installed
Machine where Cyberoam Software - Client component is
installed
The end user
Username uniquely identifies the user of the system

Client
User
Username
Topic titles

Example

Shaded
font
typefaces

Introduction

Subtitles

Bold & Black

typefaces

Navigation link

Bold typeface

Group Management Groups Create

it means, to open the required page click on Group
management then on Groups and finally click Create tab

Name
of
a
particular
parameter
/
field / command
button text
Cross
references

Lowercase
italic type

Enter policy name, replace policy name with the specific name
of a policy
Or
Click Name to select where Name denotes command button
text which is to be clicked
Refer to Customizing User database Clicking on the link will
open the particular topic

Notes & points

to remember

Bold typeface
between
the
black borders

Prerequisites

Bold typefaces
between
the
black borders

Hyperlink
in
different color

Notation conventions

Note

Prerequisite
Prerequisite details

Cyberoam Virtual UTM Appliance Installation Guide for Microsoft Hyper-V

Preface
Welcome to Installation and Deployment Guide for Cyberoam Virtual UTM Appliance for Microsoft
Hyper-V platform. This guide describes how you can download, deploy and run Cyberoam as a virtual
machine on Microsoft Hyper-V.

Base Configuration
There underlies a base virtual hardware configuration without which Cyberoam Virtual UTM Appliance
goes into FAILSAFE mode, which is as follows:

One vCPU

1GB vRAM

3 vNIC

Primary Disk with 4GB size

Auxiliary Disk with 80GB size

1 Serial Port

1 USB Port

To know more about what happens when your appliance goes into FAILSAFE mode and how to
recover from it, refer to the Cyberoam KB article Failsafe Troubleshooting for Virtual UTM Appliance.
Note
User loses access to the Cyberoam Virtual UTM for any changes in the vNIC configuration numbers post
deployment.

Installation Procedure
Pre-requisite
Make sure that Microsoft Hyper-V Server 2008/2012 is already installed in your network. For Microsoft
Hyper-V Server installation instructions, refer to the Microsoft documentation:
http://technet.microsoft.com/en-us/library/dd283085(v=ws.10).aspx
http://technet.microsoft.com/en-us/library/hh831620.aspx

Cyberoam Virtual UTM Appliance Installation

1. Download and Extract VHD Package
Download the .zip file containing the Cyberoam VHD image and store it in your machine. For details
on how you can obtain a Cyberoam Virtual UTM Appliance VHD Package, refer to the Cyberoam
Knowledge Base article How can I obtain a Cyberoam Virtual UTM Appliance?

Cyberoam Virtual UTM Appliance Installation Guide for Microsoft Hyper-V

2. Connect to Host Server

Open Hyper-V Manager and go to Action Connect to Server to connect to the host server on
which you want to deploy the VHD template. You will come across the following screen:

Screen - Select Host Server

Provide the IP Address of the Host Server click OK to continue.
3. Create New Virtual Machine
Go to Action New Virtual Machine to launch the New Virtual Machine Wizard.

Screen - Create New Virtual Machine

Cyberoam Virtual UTM Appliance Installation Guide for Microsoft Hyper-V

4. New Virtual Machine Wizard

The New Virtual Machine Wizard helps you deploy Cyberoam Virtual UTM Appliance
VHD template. Click Next to continue.

Screen - New Virtual Machine Wizard

Specify a name for the virtual machine.

By default, Cyberoam Virtual UTM Appliance is stored on the default folder configured for
the host server. Click Store the virtual machine in a different location if you wish to store
the virtual machine at a different location.

Screen - Specify Name and Location

Cyberoam Virtual UTM Appliance Installation Guide for Microsoft Hyper-V

Assign vRAM to be used by the virtual machine. Click here for model-wise recommended
vRAM configurations.

Screen - Assign Memory

Select the Virtual Network Interface from the list.

Screen - Configure Virtual Network Interface

Cyberoam Virtual UTM Appliance Installation Guide for Microsoft Hyper-V

Select Use an existing virtual hard disk to browse to the folder containing Cyberoam
Virtual UTM Appliance VHD file titled <Appliance Key>-disk1.vhd, where <Appliance
Key> stands for your Cyberoam Virtual UTM Appliance key.

Screen - Connect Virtual Hard Disk

Screen - Select Primary Disk (.vhd) File

Click Open to open the selected .vhd file.

Cyberoam Virtual UTM Appliance Installation Guide for Microsoft Hyper-V

Screen - Connect Virtual Hard Disk

Click Next to continue to the next step.

Verify the selected deployment options and click Finish to start the deployment process.

Screen - Deployment Summary

Cyberoam Virtual UTM Appliance Installation Guide for Microsoft Hyper-V

Screen - Deployment Progress

This installs Cyberoam Virtual UTM Appliance on your machine.
Note:

To optimize the performance of your Virtual Appliance, configure vCPU and vRAM according
to the license you have obtained. While configuring number of vCPUs, ensure that you do not
exceed the maximum number limit specific to your license else Cyberoam will go into
FAILSAFE mode. For example, for a CRiV-4C you can allocate a maximum of 4 vCPUs.
Any number higher than that will put the Virtual Appliance into FAILSAFE mode.
Following is the Model wise recommended vRAM:
CRiV-1C & CRiV-2C: 1GB
CRiV-4C & CRiV-8C: 2GB
CRiV-12C & CRiV-UNL: 4GB

Cyberoam Virtual UTM Appliance does not recognize more than 4GB of vRAM, if configured.

Cyberoam Virtual UTM Appliance allows you to configure a maximum of 26 vNICs. However,
this number varies according to your hypervisor. For example Microsoft Hyper-V 2008 or later
allows allotment of a maximum of 12 vNICs (or maximum of 4 Legacy Network Adapters) to a
virtual machine.

For details on how to modify allotted virtual hardware configurations, refer to

http://www.microsoft.com

Cyberoam Virtual UTM Appliance Installation Guide for Microsoft Hyper-V

5. Attach Auxiliary Disk to the Virtual Machine

Before you power on the deployed Cyberoam Virtual UTM Appliance, you need to attach
the 80GB Auxiliary Disk to the virtual machine.
Select the newly deployed virtual machine i.e. Cyberoam Virtual UTM Appliance from
Microsoft Hyper-V Manager and go to Action Settings to attach the Auxiliary Disk
with the virtual machine.

Screen - Configure Cyberoam Virtual UTM Appliance

Go to Hardware IDE Controller 1 DVD Drive. You need to remove the

DVD Drive to be able to attach Auxiliary Disk to the virtual machine.

Screen - Remove DVD Drive

Cyberoam Virtual UTM Appliance Installation Guide for Microsoft Hyper-V

Click Remove to remove the DVD Drive from IDE Controller 1 section.

You need to add a Hard Drive under IDE Controller 1 section to be able to mount the
Auxiliary Disk.
Go to Hardware IDE Controller Hard Drive and click Add.

Screen - Add Hard Drive

You can now mount the Auxiliary Disk VHD file to the newly created Hard Drive. To do so,
go to Hardware IDE Controller 1 Hard Drive Media.
Select Virtual hard disk (.vhd) file and click Browse to select the complete path to the
Auxiliary Disk .vhd file.

Cyberoam Virtual UTM Appliance Installation Guide for Microsoft Hyper-V

Screen - Select Auxiliary Disk (.vhd) file

Note:

While attaching the Primary Disk to the Virtual Machine, it is mandatory to use following
configurations, else the Cyberoam Virtual UTM Appliance goes into KERNEL PANIC:
Select Controller as IDE Controller 0 and Location as 0 (in use)

While attaching the Auxiliary Disk to the Virtual Machine, it is mandatory to use following
configurations, else the Cyberoam Virtual UTM Appliance goes into FAILSAFE MODE.
Select Controller as IDE Controller 1 and Location as 0 (in use)

Select the Auxiliary Disk titled <Appliance Key>-disk2.vhd, where <Appliance Key> stands for your
Cyberoam Virtual UTM Appliance key. Click Open to continue.

Screen - Open Auxiliary Disk (.vhd) file

Cyberoam Virtual UTM Appliance Installation Guide for Microsoft Hyper-V

6. Configure Virtual Network Interfaces

Prerequisite
It is mandatory to configure at least three Virtual Network Interfaces and all three of them must be Legacy
Network Adapters. Configuration of a Virtual Network Interface of type other than Legacy Network
Adapter does not work with Cyberoam Virtual UTM Appliance.
To configure vNICs, go to Hardware Add Hardware Legacy Network Adapter
and click Add to continue.

Screen - Add Legacy Network Adapter

This adds a Legacy Network Adapter to the Virtual Machine.
You can now configure the newly added Virtual Network Adapter as LAN/WAN/DMZ port. Go to
Hardware Legacy Network Adapter Network and select any port you wish to
configure to the selected Network Adapter.

Cyberoam Virtual UTM Appliance Installation Guide for Microsoft Hyper-V

Screen - Configure Legacy Network Adapter

Click OK to configure the selected port to the Legacy Network Adapter.
Repeat the same procedure to configure at least 3 Virtual Network Interfaces (Legacy Network
Adapters) to the Cyberoam Virtual UTM Appliance.

Cyberoam Virtual UTM Appliance Installation Guide for Microsoft Hyper-V

7. Connect to the Cyberoam Virtual UTM Appliance

Right click the deployed Cyberoam Virtual UTM Appliance from the Microsoft Hyper-V
Manager and click Connect to connect to the Virtual Machine. You will come across the
following screen:

Screen - Connect to the Virtual Machine

Click Start icon to Power on the Cyberoam Virtual UTM Appliance.

Screen - Start Virtual Machine

Cyberoam Virtual UTM Appliance Installation Guide for Microsoft Hyper-V

Enter the administrator password i.e. admin to continue to the Main Menu of the
Cyberoam Virtual UTM Appliance.

Screen Enter administrator password

Cyberoam Virtual UTM Appliance Installation Guide for Microsoft Hyper-V

Cyberoam Virtual UTM

Appliance Configuration
To configure Cyberoam Virtual UTM Appliance, you need to log into the Cyberoam Web Admin
Console. From the management computer:

Browse to https://172.16.16.16

Log on to the Cyberoam Web Admin Console using default username admin and default
password admin.

Click Wizard icon to launch the Network Configuration Wizard.

Network Configuration Wizard

After logging into the Cyberoam Web Admin Console, click Wizard icon on the top right corner of your
Cyberoam Dashboard to launch the Network Configuration wizard.

Screen 1 Launch Network Configuration Wizard

Network Configuration Wizard guides you step-by-step through configuration of the network
parameters like IP Address, subnet mask, and default gateway for Cyberoam. Use the configuration
settings you noted earlier.
Click Start to start the Network Configuration Wizard.

Cyberoam Virtual UTM Appliance Installation Guide for Microsoft Hyper-V

Screen 2 Network Configuration Wizard

Configure Mode
Cyberoam Virtual UTM Appliance can be deployed in Gateway Mode. To configure Cyberoam in
Gateway mode, select Gateway Mode and click

Follow the on screen steps to:

Configure Interface:
Configure IP Address, Subnet Mask and Zone for each port. By default, Cyberoam binds
ports A, B and C to LAN, WAN and DMZ zones, respectively.
To enable interface for PPPoE, provide PPPoE details: Username and Password (only
for WAN zone)
Click Next to repeat the steps given above for each port.

Cyberoam Virtual UTM Appliance Installation Guide for Microsoft Hyper-V

Screen 3 Configure Interface

Configure DNS server address:

Click Obtain an IP from DHCP to override appliance DNS and use DNS received from
the external DHCP server.

Screen 4 DNS Configuration

Cyberoam Virtual UTM Appliance Installation Guide for Microsoft Hyper-V

Configure Internet Access

Configure Internet access policy for LAN to WAN traffic.
Monitor Only policy allows LAN to WAN traffic
1

General Internet policy enables IPS and Virus scanning and allows LAN to WAN traffic except
Unhealthy Web and Internet traffic as defined by Cyberoam. This will include sites related to Adult
contents, Drugs, Crime and Suicide, Gambling, Militancy and Extremist, Violence, Weapons, Phishing
and Fraud and URL Translation sites.
1

Strict Internet policy enables IPS and Virus scanning and allows only authenticated LAN to WAN
traffic.

Click

button to configure the mail settings.

Screen 5 Configure Internet Access

Note
1
2

Until Intrusion Prevention System module is subscribed, IPS scanning will not be effective.
Until Gateway Anti Virus module is subscribed, virus scanning will not be effective.

Cyberoam Virtual UTM Appliance Installation Guide for Microsoft Hyper-V

Configure Mail Settings

Click

Specify Administrator Email ID.

Specify Mail server IP address.

Specify email address that should be used to send the System Alerts.

Click Authentication Required to enable SMTP authentication, if required and specify

username and password.
button for Date and Time zone configuration.

Screen 6 Configure Mail Settings

Cyberoam Virtual UTM Appliance Installation Guide for Microsoft Hyper-V

Configure Date And Time Zone

Set time zone and current date.
Enable clock synchronization with NTP server to tune Cyberoam's clock using global time servers.

Screen 7 Configure Date and Time

Click

button to view the configured details. Copy the configured details for future use.

Click 'Finish'. It will take few minutes to save the configuration details.

Screen 8 Network Configuration Wizard

Cyberoam Virtual UTM Appliance Installation Guide for Microsoft Hyper-V

On successful configuration following page will be displayed.

Screen 9 Network Configuration Wizard

Please wait for Cyberoam to restart before clicking the URL to access the Web Admin Console. Click
Close to close the Network Configuration Wizard window.
Congratulations!!!
This finishes the basic configuration of Cyberoam.
Your network is now protected from Internet-based threats and access to Adult contents, Drugs,
Crime and Suicide, Gambling, Militancy and Extremist, Violence, Weapons, Phishing and Fraud and
URL Translation sites will be blocked.
Note
Cyberoam Virtual UTM Appliance needs to be connected to the Internet for at least 3 days in a row, failing
to do which will result into de-activation of your appliance. In case of appliance de-activation, contact
support@cyberoam.com.

Cyberoam Virtual UTM Appliance Installation Guide for Microsoft Hyper-V

What Next?
1. Avail Subscriptions

To subscribe for free 15-days trial subscription of Web and Application Filtering, IPS, Anti
Virus and Anti Spam, browse to http://customer.cyberoam.com and login with the
credential provided at the time of account creation.

Access Cyberoam Web Admin Console

Browse to https://<IP address of cyberoam> and log on using the default username
(admin) and password (admin).
Note: Internet Explorer 7+ or Mozilla Firefox 1.5+ is required to access the Cyberoam Web
Admin Console.

Go to System Maintenance Licensing page and synchronize the registration

details. Registration and subscription details will be displayed only after synchronization.

2. Configure DNS
Configure the correct firewall rule for your Domain Name Server (DNS). You may not be able to
access Internet if not configured properly.
3. Enable Virus Scanning
Go to Firewall Rule Rule and edit default firewall rules to enable virus scanning.
4. Set authentication parameters
Go to Identity Authentication Authentication Server to define the authentication
parameters.
5. Access Help
For accessing online help, click the Help button or F1 key on any of the screens to access the
corresponding topic's help. Use the Contents and Index options to navigate through the entire online
help.

Cyberoam Virtual UTM Appliance Installation Guide for Microsoft Hyper-V

Additional Resources
Visit following links for more information to configure Cyberoam
Technical Documentation - http://docs.cyberoam.com
Cyberoam Knowledge Base - http://kb.cyberoam.com
Cyberoam Security Center - http://csc.cyberoam.com
Cyberoam Upgrades - http://customer.cyberoam.com

Important Notice
Cyberoam Technologies Pvt. Ltd. has supplied this Information believing it to be accurate and reliable at the time of printing, but
is presented without warranty of any kind, expressed or implied. Users must take full responsibility for their application of any
products. Cyberoam Technologies Pvt. Ltd. assumes no responsibility for any errors that may appear in this document.
Cyberoam Technologies Pvt. Ltd. reserves the right, without notice to make changes in product design or specifications.
Information is subject to change without notice.

USERS LICENSE
Use of this product is subject to acceptance of the terms and conditions of Cyberoam End User License Agreement (EULA) at
the time of installation.

RESTRICTED RIGHTS
Copyright 1999 - 2013 Cyberoam Technologies Private Ltd. All rights reserved. Cyberoam, Cyberoam logo are trademark of
Cyberoam Technologies Pvt. Ltd.

Corporate Headquarters
Cyberoam Technologies Pvt. Ltd.
901, Silicon Tower, Off. C.G. Road,
Ahmedabad - 380 006, INDIA
Phone: +91-79-66065606
Fax: +91-79-26407640
Web site: www.cyberoam.com

Technical Support
You may direct all questions, comments, or requests concerning the software you purchased, your registration status, or similar
issues to Customer care/service department at the following address:
Email: support@cyberoam.com
Web site: www.cyberoam.com
Visit www.cyberoam.com for the regional and latest contact information.