Deploy a VM for integrations
When you integrate some third-party products with Sophos Central, you need a VM to collect data from them and forward it to Sophos.
After you've configured and downloaded an OVA for the integration, deploy it as described below. Then you can configure the third-party product to send data to it.
The OVA file is verified with Sophos Central, so it can only be used once. After it's been deployed, it can't be used again.
If you have to deploy a new VM, you must recreate the OVA file in Sophos Central. Go to Threat Analysis Center and add the integration again.
On your ESXi host, do as follows:
- Select Virtual Machines.
Click Create/Register VM.
In Select creation type, select Deploy a virtual machine from an OVF or OVA file. Click Next.
In Select OVF and VMDK files, do as follows:
- Enter the VM name.
- Click the page to select files. Select the OVA file you've downloaded.
- Click Next.
In Select storage, select Standard. Click Next.
In Deployment options, in SYSLOG enter the address that the third-party product will send data to. Click Next.
Skip the Additional settings step.
Click Finish. Wait for the new VM to appear in the VMs list. This can take a few minutes.
Power on the VM and wait for installation to complete. This can take up to 10 minutes.
In Sophos Central, go to the Integrations page for the product you're integrating and refresh it. The VM's status is now Connected.