USM Appliance Deployment Requirements

LevelBlue USM Appliance can run on both hardware and virtual machines. The network requirements and infrastructure requirements stay consistent regardless of which you are using. These prerequisites generally assume that you are using virtual machines.

Virtual Machine Requirements

  • See the USM Appliance data sheet for hardware specifications and virtual machine requirements on the USM Appliance Federation Server.

Network Requirements

  • NIDS (Network Intrusion Detection Systems) and NetFlow requirements:
  • Requires a span port, mirror port or tap to passively sniff traffic
  • Limited to 100MBps throughput for each LevelBlue USM Appliance All-in-One at customer site
  • For each customer, the home networks must be listed. These are the IP networks that define the customer's network range (such as or — for passive asset discovery
  • Vulnerability management:
  • Requires a local account for authenticated, local scans. See Creating Credentials for Vulnerability Scans for further assistance.
  • Requires unlimited network access to the scan targets (either by being in the same network or by allowing USM Appliance All-in-One to connect to each of the scan targets)
  • Customer network requirements:
  • Vulnerability scanner needs full access to all the relevant networks (all ports open), or needs to use separate sensors if access is not available
  • HIDS (Host-based Intrusion Detection Systems) agents need to communicate to the USM Appliance All-in-One or USM Appliance Sensors through UDP/1514

USM Appliance Hardware Management

Decide if out-of-band management will be used on USM Appliance hardware instances.  It is a best practice to use out-of-band management.

If you decide to operate USM Appliance hardware without out-of-band management, connect a mouse, keyboard, and monitor to USM Appliance and turn it on.

If you decide to operate USM Appliance hardware with out-of-band management, but you are not using DHCP Network protocol used to dynamically distribute network configuration parameters, such as IP addresses, for interfaces and services., obtain an IP address, netmask IP, and gateway IP. Then temporarily connect a keyboard, mouse, and monitor to USM Appliance. Next, connect the Ethernet cable from the IPMI/HPE iLO port to an operational switch. Follow the procedures on Configure the USM Appliance Hardware through IPMI to configure IPMI, or Configure the USM Appliance Hardware through HPE iLO to configure HPE iLO.