Skip to content

Installation

Minimum system requirements

Server minimum system requirements

CYBERQUEST is a virtual appliance but can be installed as a physical appliance as well.

In order to install CYBERQUEST 2.20 physical or virtual machines must be provided. CYBERQUEST 2.20 resides on a Linux Debian 10 instance.

  • For all CYBERQUEST residing virtual machines resources must be reserved (CPU cores and RAM).

  • For CYBERQUEST best performance 6th gen Intel CPU’s or equivalent must be provided.

Minimum recommended resources, as per the standard versions (no add-ons installed and for CYBERQUEST 2.20 Ultimate – 8 CPU cores license) are:

Version of CYBERQUEST 2.20 Minimum RAM recommended Minimum Storage Recommended - GB (for data only)
Logger 8* 100**
Light 8* 200**
Advanced 16* 500**
Enterprise 32* 1000**
Ultimate 32* 1000**

*This is the minimum recommended RAM to be granted to virtual machines hosting CYBERQUEST instances. As the solutions may scale, higher RAM capacity must be allocated. For such situations, a certified CYBERQUEST technician must be consulted.

**This is the minimum recommended storage capacity – for data only. The retention period (data availability for hot searches and archive) is directly proportional with the storage capacity. For situations where online and offline data must cover longer periods, a certified CYBERQUEST technician must be consulted in order to provide requirements for storage capacity.

User(client) web application minimum system requirements:

  • Web Browsers: Firefox (86+), Chrome (83+)

  • Resolution: Full HD Display (1980x1080)

Windows collector (agent)

  • .Net Framework 4.8

  • Windows Server operating System (2012+) x64 operating system

  • Visual C++ redistributable 2019+

Supported virtual enviroments

VMware is a virtualization computing software. With VMware server virtualization, a hypervisor is installed on the physical server to allow for multiple virtual machines (VMs) to run on the same physical server. Each VM can run its own operating system (OS), which means multiple operating systems can run on one physical server. All the VMs on the same physical server share resources, such as networking and RAM.

Hyper-V is Microsoft's hardware virtualization product, each virtual machine runs on virtual hardware. Hyper-V runs each virtual machine in its own isolated space, which means you can run more than one virtual machine on the same hardware at the same time. Hyper-V allows you to create virtual hard drives, virtual switches and a host of other virtual devices, all of which can be added to virtual machines.

AIO

Installation for VMware

Prior installation system requirements

In order to configure the virtual machine, the following requirements must be met first:

  • ESXi 6.0 or later (VM version 11);
  • 4 CPU cores;
  • minimum 32 GB RAM (64 GB recommended);
  • DISK1: 100 GB;
  • DISK2: minimum 10 GB (1 TB recommended, but not exceeding 3,5 TB).

Download the CYBERQUEST server from here. Click on Download Free Edition button, select vmware option, complete the download form and press Download button.

Installing CYBERQUEST

A. OVA Deployment

For deploying the CYBERQUEST virtual machine (OVA file), follow these steps:

1.Connect to vCenter (or ESXi Hypervisor). Open vSphere Client or the web interface. Fill in the username and password credentials.

Alt Image

2.Right click on Virtual Machines and select Create/Register VM

Alt Image

3.In this window, select Deploy a virtual machine from an OVF or OVA file and click on Next

Alt Image

4.Choose a name for the virtual machine ("CyberQuest" in this example), and click on Click to select files or drag/drop to select files for CYBERQUEST server deployment.

Alt Image

5.In the new window, locate the CYBERQUEST virtual machine, select the files and click Open > Next.

Alt Image

Alt Image

6.Choose the storage where to import the virtual machine on and click Next.

Alt Image

7.Select the network and VLAN and check the box for Thin in Disk provisioning, then click Next.

Alt Image

8.Review the previously selected parameters, click Finish and wait for the import of CYBERQUEST virtual machine to be complete.

Alt Image

Alt Image

B. CYBERQUEST virtual machine configuration

1.Power on the CYBERQUEST virtual machine from the vSphere client (or from the web interface) by clicking on the Power on button in the top menu.

Alt Image

2.To open the console, press right click on the virtual machine, press click on Console > Launch remote console. You can also use the Console menu button.

Alt Image

3.Connect using the username “root” and password “toor1”.

Alt Image

4.Open the main configuration menu.

Alt Image

5.Use the keyboard's arrows, TAB, ESC and Enter keys for navigating the main menu. First, navigate to Setup and press Enter.

Alt Image

6.On Set TimeZone button, press Enter again to choose the correct timezone. Select the Geographic area and press Enter. Then, select the city/region and press Enter.

Alt Image

Alt Image

7.Configure the network by going to Setup, then press Enter. Select Network and press Enter.

Alt Image

8.Select eth0 and press Enter. Select STATIC and press Enter. Modify the designated fields and press Submit.

Alt Image Alt Image Alt Image

9.Configure "Hosts" by selecting Setup, then press Enter. Select Hosts and press Enter.

Alt Image Alt Image

10.Change the IP address with the CYBERQUEST IP address and press Enter. At the prompt press "y" and Enter to confirm the change.

Alt Image Alt Image

11.In order to increase the storage partition /data, follow these steps:

  • Open the vSphere Client, locate the CYBERQUEST virtual machine on the left side tree, right click on CYBERQUEST virtual machine, select Power and click on Power Off.

    Alt Image

  • After the CYBERQUEST VM is powered off, click on it, select Snapshot and click on Manage snapshots

    Alt Image

  • In the new window, check if CYBERQUEST VM has no previous snapshot. If it has previous snapshots, delete them by selecting Snapshot then click on Delete.

Alt Image

  • Right click on CYBERQUEST VM and select Edit Settings

    Alt Image

  • In the left side list select Hard disk 2 and in the right side increase the disk with a new size alocated for CYBERQUEST, then click on Save.

    Alt Image

  • Right click on CYBERQUEST virtual machine, select Power and click on Power on

    Alt Image

  • Open the console, press right click on the virtual machine, press click on Console > Launch remote console. You can also use the Console menu button.

    Alt Image

  • Connect with the username "root" and password "toor1", then open Main Menu configuration.

    Alt Image

  • Access GrowPartition, press Enter and wait for the process to finish. After the process is finished, select Reboot and press Enter for finalizing the storage partition resizing.

    Alt Image Alt Image

Installation for Hyper-V

Prior installation system requirements

In order to configure the virtual machine, the following requirements must be met first:

  • HyperV (minimum Windows 2016);
  • VM Gen 1 compatible;
  • 4 CPU cores;
  • minimum 32 GB RAM (64 GB recommended);
  • DISK1: 100 GB;
  • DISK2: minimum 10 GB (1 TB recommended, but not exceeding 3,5 TB).

Deployment Guide for Hyper-V

To deploy the CYBERQUEST server in a Hyper-V environment do the following steps:

Step 1: Download the CYBERQUEST server from here. Click on Download Free Edition button, select Hyper-V option, complete the download form and press Download button.

Step 2: Extract the content of the archive

Step 3: Open Hyper-V Manager from Start > Windows Administrative Tools

CYBERQUEST server can be deployed by create a virtual machine and attach the 2 virtual disks.

Create a virtual machine and attach the CYBERQUEST virtual disks

A. To create CYBERQUEST virtual machine please follow the steps from bellow:

1.In the top left corner right click on the Hyper-V server go to: New > Virtual Machine

Alt Image

2.Click Next in the Before You Begin section

Alt Image

3.In the Specify Name and Location section, enter a name for the CYBERQUEST server and select the folder where to store the virtual machine

Alt Image

4.In the Specify Generation section, select the appropriate Generation type for your environment and click Next

Alt Image

5.In the Assign Memory section, input the amount RAM memory for the CYBERQUEST server and click Next

Alt Image

6.In the Configure Networking section, select the network switch and click Next

Alt Image

7.In the Connect Virtual Hard Disk section, select Attach a virtual hard disk later and click Next

Alt Image

8.In the Summary section, click Finish

Alt Image

B. To attach the CYBERQUEST virtual disks please follow the steps from bellow:

1.Right click on the new created Virtual Machine and select Settings

Alt Image

2.In the Settings window select IDE Controller 0. In the right side select Hard Drive option and click Add

Alt Image

3.In the Media section, click Browse and navigate where the CYBERQUEST server virtual Hard Disks are stored

Alt Image

4.Select CyberQuest_2.20-Prerelease-Buster.70-1.vhdx file, click Open and Apply

Alt Image

5.In the Settings window select IDE Controller 0. In the right side select Hard Drive option and click Add

Alt Image

6.In the Media section, click Browse and navigate where the CYBERQUEST server virtual Hard Disks are stored

Alt Image

7.Select CyberQuest_2.20-Prerelease-Buster.70-2.vhdx file, click Open and Apply

Alt Image

8.Click OK to finish adding the CYBERQUEST Virtual Hard Disks

Alt Image

Installation Bare metal

A. Prerequisites

To install CYBERQUEST, download the following prerequisites:

B. Installing Debian 10

  • Create a bootable disk with Debian 10 ISO image

  • Boot the system using ISO image with Debian 10

  • Select the Install option from the boot menu of the installation disk

Alt text

  • Select English language and press Enter Alt text

  • Select Other -> Europe -> Romania from the Continent or Region menu and press Enter

Alt text Alt text Alt text

  • Select United States from the Country to base default local settings on menu and press Enter

Alt text

  • Select American English from the Keymap to use menu and press Enter

Alt text

  • Set the name of the machine then navigate to Continue and press Enter

Alt text

  • Set the domain of the machine then navigate to Continue and press Enter

Alt text

  • Set the password of the root user of the machine then navigate to Continue and press Enter

Alt text

  • Re-enter the password then navigate to Continue and press Enter

Alt text

  • Set username (superadmin) then navigate to Continue and press Enter

Alt text

  • Set username of a user (superadmin) then navigate to Continue and press Enter

Alt text

  • Set the superadmin user password then navigate to Continue and press Enter

Alt text

  • Re-enter the password then navigate to Continue and press Enter

Alt text

  • Select Manual from the Partitioning method menu then press Enter

Alt text

  • Select space available for partition 1 (sda) previously configured when creating and press Enter

Alt text

  • Select Create a new partition and press Enter

Alt text

  • Select the partition size as required and press Enter

Alt text

  • Select Primary from the Type for the new partition menu and press Enter

Alt text

  • Select Beginning from the Location for new partition menu and press Enter

Alt text

  • Select Done setting up the partition from Partition settings menu and press Enter

Alt text

  • Select available space for partition 1 (sda) previously configured when creating and press Enter

Alt text

  • Select Create a new partition and press Enter

Alt text

  • Select the partition size as required and press Enter

Alt text

  • Select Primary from the Type for the new partition menu and press Enter

Alt text

  • Select Beginning from the Location for new partition menu and press Enter

Alt text

  • Select Mount point from the Partition settings menu and press Enter

Alt text

  • Select Enter Manually from the Mount point for this partition menu and press Enter

Alt text

  • Add /var/log in the Mount point for this partition menu, navigate to Continue and press Enter

Alt text

  • Select Done setting up the partition from the Partition settings menu and press Enter

Alt text

  • Select the available space for partition 2 (sdb) previously configured at creation and press Enter

Alt text

  • Select Create a new partition and press Enter

Alt text

  • Select the partition size as required and press Enter

Alt text

  • Select Primary from Type for the new partition menu and press Enter

Alt text

  • Select Beginning from the Location for the new partition menu and press Enter

Alt text

  • Select Mount point from the Partition settings menu and press Enter

Alt text

  • Select Enter Manually from the Mount point for this partition menu and press Enter

Alt text

  • Add /data to the Mount point for this partition menu, navigate to Continue and press Enter

Alt text

  • Select Done setting up the partition from the Partition settings menu and press Enter

Alt text

  • Select Finish partitioning and write changes to disk and press Enter

Alt text

  • Select NO to the swap space question and press Enter

Alt text

  • Select YES to write changes to disk and press Enter

Alt text

  • Select NO to do not scan another CD/DVD and press Enter

Alt text

  • Select NO to do not use mirror during installation and press Enter

Alt text

  • Select NO to do not send statistics and press Enter

Alt text

  • Check the SSH server and standard system utilities options (navigate and press Space) then navigate to Continue and press Enter

Alt text

  • Select YES for installing GRUB and press Enter

Alt text

  • Select /dev/sda as the installation device and press Enter

Alt text

  • Select Continue to complete installation and restart the machine

Alt text

C. Install CYBERQUEST

  • Using ssh, connect to Debian 10 machine

  • Copy the installing script file EZinstallOnlineCloudRepo.sh to Debian 10 machine

  • Run the script using the following command:

sudo bash EZinstallOnlineCloudRepo.sh 'buster-prerelease'

To access Web Interface, open a web browser and type the application's address or DNS name. The default address initially assigned to Web Interface is: https://CyberquestIPAddress (example).

CYBERQUEST Vulnerability scanner

There are three ways to install OpenVas. You can create the machine from scratch, import the machine into VMware or Hyper-V environment.

1. Installing OpenVas from scratch

A. Prerequisites

To install OpenVas, download the following prerequisites:

B. Installing Debian 10

To see how to install Debian 10, please follow the link: Debian 10

C. Install OpenVas

  • Using ssh, connect to Debian 10 machine

  • Copy the installing script file EZOpenvasServer.sh to Debian 10 machine

  • Run the script using the following command:

sudo bash EZOpenvasServer.sh

2. Import OpenVas machine in VMware environment

A. Prior installation system requirements

In order to configure the virtual machine, the following requirements must be met first:

  • ESXi 6.0 or later (VM version 11);
  • 4 CPU cores;
  • minimum 16 GB RAM;
  • DISK1: 100 GB;
  • DISK2: minimum 10 GB.

Download the OpenVas server from here and extract the archive.

B. Installing OpenVas

For deploying the OpenVas virtual machine (OVA file), follow these steps:

1.Connect to vCenter (or ESXi Hypervisor). Open vSphere Client or the web interface. Fill in the username and password credentials.

Alt Image

2.Right click on Virtual Machines and select Create/Register VM

Alt Image

3.In this window, select Deploy a virtual machine from an OVF or OVA file and click on Next

Alt Image

4.Choose a name for the virtual machine ("OpenVas" in this example), and click on Click to select files or drag/drop to select files for OpenVas server deployment.

Alt Image

5.In the new window, locate the OpenVas virtual machine, select the files and click Open > Next.

Alt Image

Alt Image

6.Choose the storage where to import the virtual machine on and click Next.

Alt Image

7.Select the network and VLAN and check the box for Thin in Disk provisioning, then click Next.

Alt Image

8.Review the previously selected parameters, click Finish and wait for the import of OpenVas virtual machine to be complete.

Alt Image

3. Import OpenVas machine in Hyper-V environment

A.Prior installation system requirements

In order to configure the virtual machine, the following requirements must be met first:

  • Hyper-V (minimum Windows 2016);
  • VM Gen 1 compatible;
  • 4 CPU cores;
  • minimum 16 GB RAM;
  • DISK1: 100 GB;
  • DISK2: minimum 10 GB.

Download the OpenVas server from here and extract the archive.

OpenVas server can be deployed by create a virtual machine and attach the 2 virtual disks.

B.Create a virtual machine and attach the OpenVas virtual disks

To create OpenVas virtual machine please follow the steps from bellow:

1.In the top left corner right click on the Hyper-V server go to: New > Virtual Machine

Alt Image

2.Click Next in the Before You Begin section

Alt Image

3.In the Specify Name and Location section, enter a name for the OpenVas server and select the folder where to store the virtual machine

Alt Image

4.In the Specify Generation section, select the appropriate Generation type for your environment and click Next

Alt Image

5.In the Assign Memory section, input the amount RAM memory for the OpenVas server and click Next

Alt Image

6.In the Configure Networking section, select the network switch and click Next

Alt Image

7.In the Connect Virtual Hard Disk section, select Attach a virtual hard disk later and click Next

Alt Image

8.In the Summary section, click Finish

Alt Image

To attach the OpenVas virtual disks please follow the steps from bellow:

1.Right click on the new created Virtual Machine and select Settings

Alt Image

2.In the Settings window select IDE Controller 0. In the right side select Hard Drive option and click Add

Alt Image

3.In the Media section, click Browse and navigate where the OpenVas server virtual Hard Disks are stored

Alt Image

4.Select OpenVas-CyberQuest-1.vhdx file, click Open and Apply

Alt Image

5.In the Settings window select IDE Controller 0. In the right side select Hard Drive option and click Add

Alt Image

6.In the Media section, click Browse and navigate where the OpenVas server virtual Hard Disks are stored

Alt Image

7.Select OpenVas-CyberQuest-2.vhdx file, click Open and Apply

Alt Image

8.Click OK to finish adding the OpenVas Virtual Hard Disks

Alt Image

Configure Web Application

Navigate to Settings > Application Settings > Integrations.

Integrations

In the Integrations page, complete the following fields:

  • In Integrations_OpenVasHost field, insert OpenVas IP address.

  • In Integrations_OpenVasPassword field, complete with OpenVas password.

  • In Integrations_OpenVasUsername field, complete with OpenVas UserName.

Agent Installation

Windows Agent

Manual deployment

How to manually deploy agent for Windows based collections

To install the CYBERQUEST agent on the Windows target machine, the following prerequisits must be met:

  1. Install vcredist_x64_2010.exe
  2. Install vcredist_x64_2012.exe
  3. Install vc_redist_x64_2019.exe
  4. Install Microsoft .NET Framework 4.8

Authentication

To access Web Interface, open a web browser and type the application's address or DNS name. The default address initially assigned to Web Interface is https://CyberquestIPAddress (example).

The browser automatically redirects you to CYBERQUEST's authentication page:

Alt Image

How to manage Credentials

Creating the credentials set the agent is using for collecting data.

Please follow the link for more details.

Installing the CYBERQUEST agent

To manually deploy the agent, download or copy the agent kit on the target machine.

Navigate to "Settings > Management > Agent Manager.

Alt Image

"Download windows agent" to download the latest version of the CYBERQUEST agent. The agent must be installed on a Windows machine.

Alt Image

Execute the .msi file and press the "Run anyway" button to install the agent. The agent is installed in: "C: \ Program Files \ CyberQuestAgent".

Alt Image

Go to "C:\Program Files\CyberQuestAgent\configurator" and run cyberquest-agent-configurator.exe as an Administrator. Add the IP address of the CYBERQUEST server in the field "Message Queue server" and press the "Save Settings" button.

Alt Image

Go to Windows services and restart the CYBERQUEST agent service.

Registering the agent

Registering the agent in the CYBERQUEST server:

Navigate to "Settings > Management > Agent Manager".

Press Alt Image button to register the agent.

Alt Image

Complete the following fields: "Agent name", "Agent note", assign credentials for the agent and press "Save" button.

Alt Image

Alt Image

After deployment you have to press the Alt Image button, to set the agent as manually deployed.

Adding a new data sources

The Windows agent is used to connect and collect Windows based data-sources like :

GPO deployment

Deploy CYEBERQUEST agent from GPO

To deploy CYBERQUEST Agent from GPO, please follow the steps described bellow:

1.Create a share accessible from all clients where the AgentCQ will be Deployed.

2.Copy the the following files: Alt ImageAlt ImageAlt Image

3.Edit file Copy config.ps1

Copy-Item -Path \\FS_server\CQDeployShare\agent.settings.json -Destination "C:\Program Files\CyberQuestAgent"
Stop-Service -Name CyberQuestAgent
Start-Sleep -s 30
Start-Service -Name CyberQuestAgent

The path for the copyed files in step 2 is: \FS_server\CQDeployShare\

4.Edit agent.settings.json file

{
"mqPassword": "VRW7Zl7RreWg9Q==",
"eventSyncQueueSize": 5000,
"compressData": false,
"encryptData": false,
"cleanupOlderLogsDays": 7,
"throttleCollection": 1000000,
"mqHost": "0.0.0.0", //CYBERQUEST Server IP Address
"mqUserName": "cq",
"mqUseSSL": false,
"useHTTPSTransport": false,
"rejectUnauthorized": false,
"EventsThrottleQueueMaxSize": 100000,
"mqPort": 5672,
"mqSSLPort": 5671,
"tenant": "danielt-pc",
"HttpTransportUrl": "",
"CLIENT_ACCESS_TOKEN": ""
}

5.Go to Domain Controller and open Group Policy Management

6.Right click on the Organization Unit where the Policy will be applied (Ex: “Computers” OU) and select Create a GPO in this domain, and Link it here.

7.Name the new GPO CQ Deploy GPO and click OK button

Alt Image

8.Right click on the new created GPO and select Edit option

9.Navigate to Computer Configuration > Policies > Software Settings > Software Installation

10.Right click on Software Installation and select New > Package…

11.Browse to the share location created in step 1 and configured in step 3 (\FS_server\CQDeployShare), select the MSI file and click Open button

12.Select Assigned option and click OK button

Alt Image

13.Navigate to Computer Configuration > Policies > Windows Settings > Scripts (Startup/Shutdown), right click on Startup and select Proprieties

14.Go to PowerShell Scripts tab and press on Show Files… button

15.In the new File Explorer window copy the PowerShell script file (Copy config.ps1) from the shared folder created on step 1

Alt Image

16.Click on Add… button, click on Browse button, select the PowerShell Script Copy config.ps1 and click Open and then OK > Apply > OK

Alt Image

17.Close Group Policy Management Editor, right click on the new GPO and select Enforced option

Alt Image

Remote installation

To install the CYBERQUEST agent on the Windows target machine, the following prerequisits must be met:

  1. Install vcredist_x64_2010.exe
  2. Install vcredist_x64_2012.exe
  3. Install vc_redist_x64_2019.exe
  4. Install Microsoft .NET Framework 4.8

To start, first configure the deploy credentials. Please follow the link for more details about creating credentials.

Deploying CYBERQUEST agent on Windows

The next step is to deploy the CYBERQUEST agent on Windows operating system, by clicking on Settings > Management > Agent Manager, and click on Alt Image button.

To register a new agent, the user will first be asked the operating system on which to deploy the agent, with the option of Windows or Linux.

Alt Image

Once selected, the settings of the agent deployment will be filled in. Complete the following fields: ”Agent name”, “Computer“, select “Agent deployment credentials“ and press "Save" button.

Alt Image Alt Image

Lastly, data sources can be linked to the CYBERQUEST agent.

The Windows agent is used to connect and collect Windows based data-sources like :

Managing Windows Gathering Agent

Manage CYBERQUEST Log Gathering configuration files

For more details about manually deploy Agent and assign data sources, please access the following link: How to manually deploy agent and assign data sources

Please note that in order to successfully change entries in configuration files, the agent service must be in stopped state:

a. Using an administrative account, authenticate to the Windows log gathering computer having the agent installed and open Services management console

b. Stop CYBERQUEST Log Gathering Agent service.

c. After finished performing changes, start CYBERQUEST Log Gathering Agent service.

To see how to manually deploy the agent, please follow the link: How to manually deploy the agent

DataServer

Manual Deployment of CYBERQUEST Linux Agent

A. Prerequisites

To install DataServer, download the following prerequisites:

B. Installing Debian 10

To see how to install Debian 10, please follow the link: Debian 10

C. Install DataServer package

  • Using ssh, connect to Debian 10 machine

  • Copy the data-server package to: /home/superadmin to Debian 10 machine

  • Install DataServer package using the following command:

sudo dpkg -i data-server-2.20.50-debian_buster.deb

D. Configure DataServer settings

  • Using ssh, connect to Debian 10 machine

  • Open localSettings.ini using the following command:

sudo nano /var/opt/cyberquest/dataserver/bin/localSettings.ini
  • Add CYBERQUEST server IP to ConfigurationServerURL, Save and exit

  • Start DataServer service using the following command:

systemctl start data-server.service