- Overview
- Installing the Cisco VSG and the Cisco Prime NSC-Quick Start
- Installing Cisco Prime Network Services Controller
- Installing the Cisco VSG
- Registering Devices With the Cisco Prime NSC
- Installing the Cisco VSG on a Cisco Cloud Services Platform Virtual Services Appliance
- Upgrading the Cisco VSG and the Cisco Prime NSC
- Examples of Cisco Prime NSC OVA Template Deployment and Cisco Prime NSC ISO Installations
Installing Cisco Prime Network Services Controller
This chapter contains the following sections:
- Information About the Cisco PNSC
- Installation Requirements
- ESXi Server Requirement
- VMware Installation Overview
- Installing Prime Network Services Controller Using the OVA Image
- Installing Prime Network Services Controller Using an ISO Image
Information About the Cisco PNSC
The Cisco Prime Network Services Controller (Cisco PNSC) is a virtual appliance that provides centralized device and security policy management for Cisco virtual services. Designed to support enterprise and multiple-tenant cloud deployments, the Cisco PNSC provides transparent, seamless, and scalable management for securing virtualized data center and cloud environments.
Installation Requirements
Cisco PNSC System Requirements
Requirement |
Description |
||
---|---|---|---|
Virtual Appliance |
|||
Four Virtual CPUs |
1.8 GHz for each virtual CPU |
||
Memory |
4 GB RAM |
||
Disk Space |
One of the following, depending on InterCloud functionality: |
||
Management interface |
One management network interface |
||
Processor |
x86 Intel or AMD server with 64-bit processor listed in the VMware compatibility matrix.
|
||
VMware |
|||
VMware vSphere |
5.5, 6.0, and 6.5a with VMware ESXi (English only) |
||
VMware vCenter |
5.5, 6.0, and 6.5a with VMware ESXi (English only) |
||
Interfaces and Protocols |
|||
HTTP/HTTPS |
— |
||
Lightweight Directory Access Protocol (LDAP) |
— |
||
Intel VT |
|||
Intel Virtualization Technology (VT) |
Enabled in the BIOS |
Hypervisor Requirements
Cisco PNSC is a multi-hypervisor virtual appliance that can be deployed on VMware vSphere.
For more information on VMware compatibility with your hardware platform, see the VMware Compatibility Guide.
Requirement | Description |
---|---|
VMware |
|
VMware vSphere |
5.5, 6.0, and 6.5a with VMware ESXi (English only) |
VMware vCenter |
5.5, 6.0, and 6.5a with VMware ESXi (English only) |
Note | Cisco PNSC running as a virtual machine with version 3.4.1b and later can be hosted on VMware vSphere ESXi 6.0 hosts that are managed by VMware vCenter Server 6.0. |
Web-Based GUI Client Requirements
Requirement |
Description |
||||
---|---|---|---|---|---|
Operating system |
|
||||
Browser |
Any of the following browsers:
|
||||
Flash Player |
Adobe Flash Player plugin 11.9 or higher |
Firewall Ports Requiring Access
Requirement |
Description |
---|---|
22 |
TCP |
80 |
HTTP/TCP |
443 |
HTTPS |
843 |
Adobe Flash |
Information Required for Configuration and Installation
Required Information | Your Information/Notes |
---|---|
For Preinstallation Configuration |
|
ISO or OVA image location |
|
ISO or OVA image name |
|
Network / Port Profile for VM management 1 |
|
VM name |
|
VMware datastore Location |
|
For Prime Network Services Controller Installation |
|
IP address |
|
Subnet mask |
|
Hostname |
|
Domain name |
|
Gateway IP address |
|
DNS server IP address |
|
NTP server IP address |
|
Admin password |
|
Shared secret password for communication between Prime Network Services Controller and managed VMs. (See Shared Secret Password Criteria.) |
Shared Secret Password Criteria
A shared secret password is a password that is known to only those using a secure communication channel. Passwords are designated as strong if they cannot be easily guessed for unauthorized access. When you set a shared secret password for communications between , VSG, and VSM, adhere to the following criteria for setting valid, strong passwords:
-
Do not include special characters or spaces.
-
Make sure your password contains the characteristics of strong passwords and avoids the characteristics of weak passwords as described in the following table:
Examples of strong passwords are:
Configuring Chrome for Use with Prime Network Services Controller
To use Chrome with Prime Network Services Controller, you must disable the Adobe Flash Player plugins that are installed by default with Chrome.
Note | Because Chrome automatically enables Adobe Flash Player plugins each time the system reboots, you must perform this procedure each time your client machine reboots. |
ESXi Server Requirement
You must set the clock to the correct time on all ESXi servers that will run Cisco PNSC, ASA 1000V instances, Cisco VSG, or VSM. If you do not set the correct time on the server, the Cisco PNSC CA certificate that is created when the Cisco PNSC VM is deployed might have an invalid time stamp. An invalid time stamp can prevent you from successfully registering ASA 1000V instances to the Cisco PNSC.
VMware Installation Overview
You can install Prime Network Services Controller on VMware by using either an ISO or an OVA image. The installation time varies from 10 to 20 minutes, depending on the host and the storage area network load.
To install Prime Network Services Controller on VMware, complete the following tasks:
Task | Comments |
---|---|
Required for ISO installations only. |
|
2. Installing Prime Network Services Controller |
Use the procedure appropriate for your environment: |
Required for all installations. |
Installing Prime Network Services Controller Using the OVA Image
This procedure describes how to deploy the Prime Network Services Controller OVA image on VMware.
-
Set your keyboard to United States English.
-
Confirm that the Prime Network Services Controller OVA image is available from the VMware vSphere Client.
-
Make sure that all system requirements are met.
-
Gather the information identified in Information Required for Configuration and Installation.
Installing Prime Network Services Controller Using an ISO Image
To install Prime Network Services Controller in a VMware environment using an ISO image, complete the tasks described in the following topics:
- Configuring VMware for Prime Network Services Controller
- Installing Prime Network Services Controller Using the ISO Image
Configuring VMware for Prime Network Services Controller
Before you install Prime Network Services Controller (PNSC) on VMware using an ISO image, you must configure a VM for Prime Network Services Controller. This procedure describes how to configure the VM so that you can install Prime Network Services Controller on it.
-
Confirm that the system requirements have been met.
-
Gather the information required for configuration as identified in Information Required for Configuration and Installation.
Step 1 | Download a Prime Network Services Controller ISO image to your client machine. In case of vSphere 6.5 and greater, upload the PNSC ISO image to datastore. | ||||||||||||||||||||||||||
Step 2 | Open the VMware vSphere Client (for version 5.5 or 6.0) or Web client (version 6.5a). | ||||||||||||||||||||||||||
Step 3 | Right-click the host on which to install the ISO image, and then choose New Virtual Machine. | ||||||||||||||||||||||||||
Step 4 | Create a new VM
by providing the information as described in the following table:
| ||||||||||||||||||||||||||
Step 5 | For VMware vSphere version 5.5 and 6.0, in the Ready to Complete screen, review the information for accuracy, check the Edit the Virtual Machine Settings Before Completion check box, and then click Continue. | ||||||||||||||||||||||||||
Step 6 | In the Virtual
Machine Properties dialog box in the Hardware tab, do the following:
| ||||||||||||||||||||||||||
Step 7 | In the Options tab, choose Boot Options, check the Force BIOS Setup check box, and then click Finish. | ||||||||||||||||||||||||||
Step 8 | After the new VM is created, power it on. | ||||||||||||||||||||||||||
Step 9 | For VMware vSphere 5.5 and 6.0, mount the ISO to the VM CD ROM drive as follows: |
What to Do Next
Install Prime Network Services Controller as described in Installing Prime Network Services Controller Using the ISO Image.
Installing Prime Network Services Controller Using the ISO Image
This procedure describes how to install the ISO image on a VM that has been configured for Prime Network Services Controller.
Confirm the following items:
-
All system requirements are met.
-
You have the information identified in Information Required for Configuration and Installation.
-
You have configured the hypervisor for the Prime Network Services Controller installation procedure.
-
A VM has been created for Prime Network Services Controller and has network access.
-
You can access the VM console.
Step 1 | Open the VM console if it is not already open. If you have just finished configuring the hypervisor, the Prime Network Services Controller installer displays within a few minutes. | ||
Step 2 | In the Network Configuration screen, click Edit in the Network Devices area, enter the IP address and netmask for the Prime Network Services Controller VM, and click OK. | ||
Step 3 | In the Network Configuration area, enter the hostname, domain name, and IP addresses for the gateway, DNS server, and NTP server. | ||
Step 4 | In the Modes screen, choose the required modes, and click Next: | ||
Step 5 | In the
Administrative Access screen, enter the administrator and shared secret
passwords with confirming entries.
For information on creating a strong password, see Shared Secret Password Criteria.
| ||
Step 6 | In the Summary screen, confirm that the information is accurate, and then click Finish. Prime Network Services Controller installs on the VM. This takes a few minutes. | ||
Step 7 | When prompted, disconnect from the media source and then click Reboot. For vSphere 6.5a Webclient, you need to power off the VM and edit the configuration to uncheck the Connect check box for ISO disk and then power on the VM again to complete the reboot. Prime Network Services Controller is then installed on the VM. | ||
Step 8 | To confirm that Prime Network Services Controller is accessible, connect to Prime Network Services Controller through the console for the CLI or a browser for the GUI. |