The Virtual Appliance has limited disk space and is only intended for product evaluation purposes.
It is NOT intended for enterprise and production deployments.
- Deploying the Virtual Appliance
- Powering on the Virtual Appliance
- Administering the Virtual Appliance
- Updating the host's operating system
- Logging onto the Security Console
- Frequently Asked Questions
Read this section to learn how to deploy the Virtual Appliance in one of the supported environments.
The Virtual Appliance is tested and supported in the following environments:
- VMware Player 6 or later
- VMware Workstation 9 or later
- VMware Fusion 8 or later
- VMware vCenter 5.5, 6.0
- VMware ESXi 5.5, 6.0
Rapid7 provides the Virtual Appliance as an Open Virtualization Archive (OVA) file. You can download either a Virtual Appliance Security Console (VA) or the Virtual Appliance Scan Engine (VASE). The Rapid7 OVA can be downloaded from our help.rapid7.com site here.
- In VMware Player and VMware Workstation, click "File" -> "Open".
- In the dropdown list, select the group that includes *.ova.
- Select the Virtual Appliance file, and click "Open".
The "Import Virtual Machine" window will appear.
You can rename the Virtual Appliance file name if desired.
- Specify the storage path for the Virtual Appliance.
- Click "Import".
The import process converts the Virtual Appliance file to a Virtual Machine Disk Format (VMDK) file. When the import process is complete, the Virtual Appliance appears on the list of available virtual machines in VMware Player.
- Select the Rapid7 Virtual Appliance, and click "Play" or "Power On this Virtual Machine" if using VMware Workstation.
- In vCenter or VMware ESXi, click File | Deploy OVF Template...
The Deploy OVF template window appears.
The Deploy OVF template window
- Locate the downloaded Virtual Appliance file, and click Next.
The OVF Template Details panel appears for configuring Virtual Appliance set-
The OVF Template details panel
- Enter a name for the Virtual Appliance.
- Select an inventory location, and click Next.
- Select a host or cluster for the Virtual Appliance, and click Next.
- Select a resource pool, and click Next.
- Select a datastore, and click Next.
- Select Thin or Thick (recommended) Provision for the disk format, and click Next.
- Select a network mapping, and click Next.
- Click Finish.
- When the import process is complete, select the Virtual Appliance from the list of available virtual machines.
- Click Power on.
- Click the Console tab to view a terminal window for the Virtual Appliance.
Log in to the Virtual Appliance after it starts to perform any necessary administrative functions. The operating system for the Virtual Appliance is a CIS hardened, minimal install of Ubuntu Server 16.04 LTS.
When startup is complete, the Virtual Appliance window displays a login prompt. If you are logging in for the first time, you will be asked to change the current UNIX password:
- Enter the default username:
- Enter the default password:
Your password keystrokes will not appear in the terminal as you type them. Take care that you input the password accurately.
- When prompted, enter the default password again.
- Enter your new password according to the complexity requirements.
Password Complexity Requirements
Passwords must at least 14 characters long and contain at least one uppercase letter, one lowercase letter, one number, and one special character.
- Enter your new password again to confirm the change.
You need the IP address of the Virtual Appliance in order to login to to the Web interface. Run
ifconfig -a to view the IP address.
As a security best practice, make sure to keep your operating system current with the latest updates.
To apply an update, take the following steps:
- Access the operating system of your Virtual Appliance using SSH or by
opening the a virtual console.
- Run the following command to update all operating system packages to the
sudo apt-get update && sudo apt-get upgrade
The unattended-updates package is installed and configured to automatically apply security updates when available. The virtual appliance requires access to us.archive.ubuntu.com and security.ubuntu.com to retrieve updated packages. Unattended update logs can be reviewed in /var/log/unattended-upgrades/unattended-upgrades.log
You perform all Security Console operations through a Web-based interface, which supports the browsers listed at https://www.rapid7.com/products/nexpose/system-requirements/.
To log onto the Security Console take the following steps:
- Open a web browser.
- Enter the URL for the Virtual Appliance. https://<Virtual_Appliance_IP>:3780
- Enter the default username (nxadmin) and password (nxpassword).
- Click the Logon button.
Upon first login the Security Console will prompt you to change your password. Enter the default username and password: nxadmin and nxpassword. Enter a new password, and confirm the new password.
If you are a first-time user and have not activated your license, the Security Console displays an activation dialog box. Enter your license key.
If you do not have a license key, visit https://www.rapid7.com/products/insightvm/download/ to start your 30-day free trail.
After you receive the license key, login and enter the license key in the
After you login, you’re ready to start using the Virtual Appliance. See https://insightvm.help.rapid7.com/docs/using-the-web-interface for more information on using the web interface.
There are two different ways to set up a static IP.
- Option 1 - edit one file only
Edit the /etc/network/interfaces config with the following code. Note that you do not need to do the
/etc/resolvconf/resolv.conf.d/tail section if you add the dns-nameservers to the
/etc/network/interfaces conf file.
auto ens32 iface ens32 inet static address 192.168.0.16 netmask 255.255.255.0 gateway 192.168.0.1 dns-nameservers 126.96.36.199 188.8.131.52
- Option 2 - Edit two files
/etc/network/interfaces file with the following command:
sudo nano /etc/network/interfaces
Match the corresponding lines to the following values:
auto ens32 iface ens32 inet static
Add the following address, netmask, and gateway lines and specify the values as desired.
Values shown here are only examples.
ens32 is the default network interface for the OVAs. Run
ifconfig to display existing network interfaces to confirm which interface is in use.
address 10.0.0.100 netmask 255.255.255.0 gateway 10.0.0.1
/etc/resolvconf/resolv.conf.d/tail file with the following command:
sudo nano /etc/resolvconf/resolv.conf.d/tail
Add the following lines and specify values according to your configuration requirements:
nameserver 184.108.40.206 nameserver 220.127.116.11 search local.company.com internal.company.com
In order for the static IP and DNS changes to take effect, the existing IP must be flushed with the following command:
sudo ip addr flush ens32
To restart the networking service, use the following command:
sudo systemctl restart networking.service
The virtual appliance comes preinstalled with chrony. To check the current system time, run the
chronyc tracking command.
Chrony can be configured by editing the
Please see https://chrony.tuxfamily.org/faq.html for complete documentation.
To manually sync the time, run the following commands:
sudo service chrony stop sudo chronyd -q 'pool pool.ntp.org iburst' sudo service chrony start
To change the timezone, run
sudo dpkg-reconfigure tzdata and select the desired timezone.
sudo systemctl status nexposeconsole.service sudo systemctl start nexposeconsole.service sudo systemctl stop nexposeconsole.service
sudo systemctl status nexposeengine.service sudo systemctl start nexposeengine.service sudo systemctl stop nexposeengine.service
Accounts will get locked out after 5 invalid login attempts. Accounts will get automatically unlocked after 15 minutes.
Can I update my existing Rapid7 Virtual Appliance that is running on Ubuntu 12.04 or 14.04 to Ubuntu 16.04?
Operating system maintenance and upgrading is beyond the scope of Support. Please consult your Linux administrator for assistance with upgrading the OS.
Please note that our Virtual Appliances are pre-hardened, and upgrading the OS will break the pre-hardening.
We strongly recommend that you perform a backup before doing any OS upgrades.
The Rapid7 Virtual Appliance runs Ubuntu Server 16.04. You can perform a backup on an existing Virtual Appliance and do a restore on a new Virtual Appliance. Please see Database backup/restore and data retention for instructions on how to move to a new host.