Configuring Your Laptop for a Laptop Proof of Concept

Summary:

This document provides a step-by-step guide for setting up a laptop with a virtual machine to be remotely accessible, primarily focusing on configuring networking and security settings for both VMware Workstation and Check Point Endpoint Security. The primary goal is to ensure remote system access to the virtual machine through various means like a Connector, web browser, or console. **Key Steps:** 1. **Networking Configuration**: Configure default gateway, DNS settings, and entries in the hosts file if the remote system is not on the same local Ethernet segment. Ensure proper networking setup as per VMware Workstation documentation. 2. **Check Point Endpoint Security Setup**: - Uninstall any existing VPN client. - Install the Check Point client using `msiexec /i CheckPointEndpointSecurity_R75.msi FW_INSTALL=NO`. - Set up the VPN site with appropriate options. 3. **VMware Workstation Configuration**: - Use VMware bridging and bridged interface to connect remotely to the virtual machine. Adjust VM settings as needed based on host configuration (Ethernet/Wireless). 4. **Network Adapter Settings in Virtual Machines**: - Configure Network Adapter/VMnet8 for NAT or adjust according to host network interfaces. 5. **Express/ESM Reconfiguration**: Map eth1 to VMnet0, configure static IP address and default gateway, DNS settings as per local Ethernet segment. 6. **McAfee Host Intrusion Prevention**: Adjust firewall rules to allow necessary ports for remote system communication (e.g., TCP 8443, TCP 9443, TCP 443, TCP 9000). Temporarily disable McAfee antivirus during the proof of concept. The document also provides additional troubleshooting tips and directs to a link for obtaining the latest McAfee unlock password.

Details:

This document outlines how to configure a laptop for use in a "laptop proof of concept," ensuring remote system access to a virtual machine running on the laptop. The configuration involves setting up networking so that a remote system can communicate with the VM, which could be accessed via a Connector, web browser, Express/ESM Console, or other means. First, configure the default gateway, DNS settings, and entries in the hosts file if the remote system is not on the same local Ethernet segment. Refer to VMware Workstation documentation for more detailed information about VMware networking configurations. Next, follow these steps related to Check Point Endpoint Security: 1. Uninstall any existing VPN client. 2. Open Command Prompt as an administrator and install the Check Point client using `msiexec /i CheckPointEndpointSecurity_R75.msi FW_INSTALL=NO`. 3. After installation, set up the VPN site with the options provided (e.g., valkyrie.arcsight.com). For VMware Workstation configuration: 1. Use the VMware bridging and bridged interface to connect from a remote host to the virtual machine. The default product demonstration images have two interfaces configured: Network Adapter/VMnet8 for NAT and Network Adapter 2/VMnet0 for Bridged. 2. If multiple network interfaces are enabled on the host (e.g., Ethernet and Wireless), change VMNet0 to be bridged to a specific Ethernet interface on the laptop. 3. Adjust the virtual machine settings by changing the Network Adapter/VMnet8 setting as needed. These steps aim to facilitate remote access and connectivity between the laptop's virtual machine and other systems, enhancing the capabilities of a "laptop proof of concept." This summary outlines steps for configuring network settings in two virtual machines (Logger and Express/ESM) and reconfiguring them for offsite access using NAT networking. Here's a breakdown of the process: 1. **Network Configuration in Logger Virtual Machine:**

• Configure NAT for VMnet0 bridged interface.

• Unselect Connected and Connect at power on options.

• Assign static IP address from local Ethernet segment.

• Configure default gateway, DNS, hosts file, and other networking if remote system is not on the same local Ethernet segment.

2. **Network Configuration in Express/ESM Virtual Machine:**

• Map eth1 to VMnet0 bridged interface.

• In Linux, navigate to System, Administration, Network. Log in as arcsight user for root credentials.

• Edit eth1, select Activate device when computer starts, assign static IP address from local Ethernet segment.

• Configure default gateway, DNS, hosts file, and other networking if remote system is not on the same local Ethernet segment.

• Manually activate adapter after configuration. Restart Express/ESM services once eth1 is changed and activated.

3. **Reconfiguring for Offsite Access:**

• Change Network Adapter/VMnet8 to NAT-configured VMnet0, reselect Connected and Connect at power on options in virtual machine settings.

• Ensure HP laptop hosts file is configured for proper host names and addresses (172.16.100.X).

4. **McAfee Host Intrusion Prevention:**

• By default, McAfee firewall blocks necessary ports for remote system connection.

• Open McAfee interface, select Firewall Policy, add rules for required ports. Additional ports may be needed based on proof of concept.

The text indicates a situation where there is an issue with allowing ICMP (ping) requests from a remote system to a virtual machine, specifically mentioning TCP 8443, TCP 9443, TCP 443, and TCP 9000 ports. It also advises about disabling McAfee antivirus software temporarily for running a proof of concept, providing steps on how to disable it safely while ensuring no firewall protection is lost. The text concludes by directing the user to retrieve the latest McAfee unlock password from the provided link: http://itsupport.hp.com/portal/site/sg/documentdetail?docid=KM028832