Before you can create index templates for DLP dictionaries (i.e., Exact Data Match (EDM) templates), you must install and configure the virtual machine (VM) image for the Index Tool.
As the Index Tool provides access to highly sensitive information, ensure that everyone who has access to it is authorized and authenticated.
Index Tool VM Specifications and Sizing Guidelines
- Hypervisor: VMware ESX/ESXi version 5.0 or later, Oracle VM VirtualBox
- CPUs: 4 CPUs. Each CPU will independently handle a portion of the traffic for the VM
- If your index templates include more than 300 million records, then use at least 32 GB
- If your index templates include less than 300 million records, then use at least 16 GB
- Disk: 500 GB (thin provisioned)
Configuring the Index Tool VM
- Go to Administration > Index Tool.
- Make sure you have added an Index Tool Configuration. You will need this configuration in order to complete the VM setup.
- Click Download Index Tool.
- In ESX/ESXi or VirtualBox, install the Index Tool VM image you downloaded previously.
- Boot up the VM and login as user zsroot. The initial root password for this user is randomly generated.
- Change the root password:
- Enter the following command: sudo zadp change-password
- Type in the initial root password, the one that was randomly generated for you.
- Type in a new root password.
- Re-type the new root password.
After the password is changed, you will need to log into zsroot again using the new password.
- (Optional) By default the VM will start using DHCP to obtain the IP address and default router information. If there's no DHCP server available, you can configure this manually:
- Enter the following command: sudo zadp configure-network
- For nameserver, type c to change the IP address and press Enter.
- Type in the IP address and press Enter.
- If you want to add a new nameserver type y, otherwise type n, and press Enter.
The VM will restart the network and check the connection.
- Go back to the Admin Portal, and go to Administration > Index Tool.
- Locate the Index Tool Configuration you added previously, and under the SSL Certificate column click Download.
- Copy over the SSL client certificate .zip file to the VM and install it:
- In this example, we're using scp to copy over the file:
scp <SSL_certificate_zip_filename> zsroot@<vm_ip>:~/
For example: scp EdmClientCertificate.zip email@example.com:~/
- Enter the following command to install the SSL certificate: sudo zadp configure <SSL_certificate_zip_filename>
For example: sudo zadp configure EdmClientCertificate.zip
- Enter the domain name that will be used for the Index Tool's fully qualified domain name (FQDN). For example, if the Index Tool is reachable from indextool.mycompany.com, then the domain name entered here would be mycompany.com. The self-signed certificate would be generated for *.mycompany.com.
- Enter a passphrase, then re-enter the passphrase to confirm it.
- You are prompted to type in the full path name to the text file where the passphrase will be stored. You can also press Enter twice to accept the default location and file, /home/zsroot/zscaler_zadp_webui_certificate_pass.txt.
If the service was configured properly, it will:
- Check if the network is configured correctly
- Install the SSL client certificate you specified
- Generate a self-signed SSL server certificate. If you need to install a custom server certificate, see step 11 below.
- Download the latest install package
- Start the service
- (Optional) If you need to install a self-signed or custom SSL server certificate:
- Enter the following command to install the server certificate: sudo zadp install-server-cert
- Type in the full path to the PEM formatted certificate file.
- Enter the following command to restart the Index Tool service: sudo zadp restart
After the Index Tool service has started, you can log in and create Index Templates to use when creating DLP dictionaries. To learn more, see Creating an Exact Data Match Template.
Updating the Index Tool VM
If you successfully configured the Index Tool, the service will automatically download the latest install package before it starts. To manually update the service:
- Enter the following command to stop the service: sudo zadp stop
- Enter the following command to install the update: sudo zadp update-now
- Enter the following command to start the service: sudo zadp start
Useful Index Tool VM Commands
The following commands can be used to configure, update, and troubleshoot your VM.
|sudo zadp stop
||Stops the Index Tool service
|sudo zadp start
||Starts the Index Tool service
|sudo zadp restart
||Restarts the Index Tool service
|sudo zadp status
||Displays whether the Index Tool service is running or stopped
|sudo zadp update-now
||Updates the Index Tool service. The service must be stopped before you can run this command.
|sudo zdap force-update-now
||Forces the Index Tool service to update to the latest version regardless of what version is on the VM. The service is automatically stopped before the update begins.
|sudo zadp troubleshoot
||Runs a series of checks to help troubleshoot issues, such as checking the installed certificates, the zcloud server configuration, all services, and whether or not an update is needed.