ESXi
      Back to home
      1. Vali Cyber Knowledge Base
      2. ZeroLock®
      3. ESXi

      Deploying the ZeroLock OVA Directly on a Standalone ESXi Host

      ZeroLock OVA Deployment Strategy on Standalone ESXi Hosts

      Deploying the ZeroLock OVA (Open Virtual Appliance) directly on an ESXi host provides a lightweight, flexible solution for securing environments where vCenter is unavailable or required. This method is ideal for labs, edge deployments, air-gapped systems, or early-stage evaluations. Here's why it’s a recommended approach for standalone scenarios:

      • Lightweight Deployment for Small Environments:
        Ideal for labs, remote locations, or air-gapped systems where vCenter isn’t present. Keeps the ZeroLock footprint minimal while still delivering core protection capabilities.
      • No Dependency on vCenter:
        Designed for environments where vCenter is intentionally excluded for simplicity, security, or cost. This approach eliminates external dependencies while maintaining full protection coverage.
      • Fast Deployment and Configuration:
        The OVA can be deployed in minutes via the ESXi Embedded Host Client or CLI. Once deployed, the ZMC is ready for agent deployment, rule enforcement, and monitoring systems.
      • Supports Full Agent Lifecycle Management:
        Even without vCenter, administrators can deploy agents manually, configure protection rules, monitor endpoint activity, and review security events directly from the console.
      • Great for Testing and Proof of Concept (POC):
        An efficient option for validation testing or early product evaluations. Provides full visibility into ZeroLock’s ESXi protections, including tampering alerts, file protection, and runtime enforcement, without needing a full infrastructure stack.

      Together, these features make standalone ESXi deployments a flexible and efficient way to evaluate or operate ZeroLock in environments without a centralized infrastructure.

       

      Standalone Deployment of the ZeroLock Management Console on ESXi

      The following steps were performed using Vmware ESXi 8.0.3. While the interface may vary slightly regarding the UI layout or terminology, the overall workflow remains similar across most recent ESXi versions.

      1. In the ESXi Host Client, ensure you are on the Host tab. Click Create/Register VM.Step_1_ESXi Host Client_v4.1.10
      2. In the New virtual machine window, at Step 1 - Select create type, select Deploy a virtual machine from an OVF or OVA file. Click Next.Step_2_New VM Window_v4.1.10
      3. In the Select OVF and VMKD files step, enter a name for the ZMC OVA virtual machine. Click Select Files or drag/drop the OVA file into the upload area.Step_3_Select OVF_v4.1.10
      4. Double-click the ZMC .ova file you are provided with. After uploading the correct ZMC .ova file, click Next.Step_4_ZMC ova_v4.1.10
      5. In the Select Storage step, select the datastore location for the ZMC deployment. Click Next.Step_5_Select Storage_v4.1.10
      6. In the Deployment options step, select the Network and Disk Provisioning, then uncheck Power on automatically. Click Next.Step_6_Deployment Options_v4.1.10Step_6_Note
      7. In the Additional settings step, expand the Networking, enter the IP Address, subnet mask, gateway, and DNS you will assign to the ZMC. The hostname field will default to zerolock, but you may modify it as needed to align with your environment or naming conventions. Click Next.Step_7_Additional Settings_v4.1.10
      8. In the Ready to complete step, expand the Properties and review all configuration settings to ensure they were entered correctly. It is best practice to verify these values to confirm they align with your environment's requirements before proceeding with deployment. Click Finish.Step_8_Ready to Complete_v4.1.10
      9. Monitor the Recent Tasks pane and confirm the ZeroLock Management Console (ZMC) OVA was deployed successfully. Once the deployment is complete, navigate to the destination resource (host, cluster, or folder) and verify that the VM appears in the inventory. Ensure the configuration settings, such as CPU, memory, storage, and network assignment, match your intended values before powering on the virtual machine.Step_9_A_Recent Tasks_v4.1.10Step_9_B_ESXi Host Client_v4.1.10
      10. After verifying that the ZMC was successfully deployed and all settings are correct, power on the virtual machine. Once powered on, confirm that the deployment settings were applied as expected. Log in using the default credentials: username zerolock and password S3cureLinux!.
        Once logged in, execute the following commands:
        • vmtoolsd –cmd “info-get guestinfo.hostname”
        • vmtoolsd –cmd “info-get guestinfo.ipaddress”
        • vmtoolsd –cmd “info-get guestinfo.gateway”
        • vmtoolsd –cmd “info-get guestinfo.dns”

      Step_10_ZMC https_v4.1.10

      For more information, please visit the Vali Cyber Support page.