BlueCat Edge User Guide system setup - BlueCat Edge - Service Point v4.x.x

BlueCat Edge User Guide

Locale
English
Product name
BlueCat Edge
Version
Service Point v4.x.x

For more information on BlueCat Edge, refer to the Deployment Guide, User Guide, and API Guide available on the BlueCat Product Documentation Portal.

If you'd like to opt-in to receive e-mail notifications about BlueCat Edge product updates, click here.

System setup

To ensure that all BlueCat Edge features work properly, ensure that your network configuration meets the following requirements.

Environment

BlueCat Edge supports IPv4 and IPv6 environments.
Attention: IPv6 support is only available with Service Point v4 instances.

Cloud Access

Your firewall should allow for:

  • Inbound and outbound access as described in BlueCat Edge ports.
  • HTTPS proxy bypass (if relevant).

For service points to successfully register and communicate with the BlueCat Edge cloud, they must be able to connect to and resolve the endpoints listed in the Cloud access requirements.

For Service Point v3, if the service point isn't configured with a custom static NTP server, it must be able to communicate with the default group of NTP sources:
  • *.coreos.pool.ntp.org (include the asterisk)
For Service Point v4, if the service point isn't configured with a custom static NTP server, it must be able to communicate with the default group of NTP sources:
  • *.debian.pool.ntp.org (include the asterisk)

Network Bandwidth

BlueCat recommends having a minimum network bandwidth of 50 Mbps for networks where service points are deployed. Service point containers are stored in the US East (N. Virginia) region so you must also consider the latency between your location and where the service point containers are stored.
Note: If your network cannot meet the minimum network bandwidth, you must increase the timeout period to pull the service point image. For more information, refer to article KI-024972 on BlueCat Customer Care.

Virtual Machine

Service Point v3

The following is the minimum requirements for your Service Point v3 virtual machine virtual machine:

  • 4 GB of memory, 2 vCPU @ 2 GHz, 20 GB of disk space
Attention:
  • BlueCat recommends using thick provisioning when allocating disk space.
  • BlueCat recommends upgrading the memory capacity to 8GB when using Threat Protection policies.
  • BlueCat Edge does not support the oversubscription of resources.

It's best to deploy the virtual machine in a network with access to a DHCP server.

To learn how to install the site image, click here.

If you need to use a static IP, click here for guidelines.

Service Point v4

The following is the minimum requirements for your Service Point v4 virtual machine:

  • 8 GB of memory, 4 vCPUs, 100 GB of disk space
Attention:
  • Branch deployments on Cisco ENCS devices require at least 3 GB of memory, 2 CPU cores, and 15 GB of disk space.
  • Any service point with less than 5 GB of memory will have deployed services disabled during platform updates. Services are re-enabled once the platform upgrade is complete or rolled back.
  • BlueCat recommends using thick provisioning when allocating disk space.
  • BlueCat recommends configuring an additional 4 GB of memory when using Threat Protection policies or larger domain lists.
  • BlueCat Edge does not support the oversubscription of resources.

To learn how to install the Service Point v4 instances, click here.

Client devices

You should configure client devices on your network to point at the BlueCat Edge site IP address as the resolver. Deploy the site in the same network as the DNS clients (or in such a way that no translation of address is performed) so the site can see the client IP addresses part of UDP datagrams.

BlueCat Edge administration device

The client device from which you log in to the BlueCat Edge web application must have unrestricted HTTPS access to the following end points (where <customerURL> is the URL of your BlueCat Edge instance):
  • <customerURL>
  • api-<customerURL>
Attention:
  • You must add security exceptions for the BlueCat Edge web application in any privacy browser extensions.
  • You must enable third party cookies on your browser to access the BlueCat Edge web application.
Note: To upload a list of domains, the client device from which you log in to the BlueCat Edge web application must allow multipart/form-data uploads.

Forwarding DNS

The default DNS forwarder is set to 8.8.8.8. After you log in to BlueCat Edge, you can customize the default DNS forwarders for your organization to save time when you create your sites. See Namespaces and forwarders.