NetMon Freemium

Getting Started Guide

January 6, 2020

NetMon-4.0.1-FreemiumGettingStarted_revA
 – NetMon Freemium Getting Started Guide

© LogRhythm, Inc. All rights reserved

This document contains proprietary and confidential information of LogRhythm, Inc., which is protected by
copyright and possible non-disclosure agreements. The Software described in this Guide is furnished under
the End User License Agreement or the applicable Terms and Conditions (“Agreement”) which governs the use
of the Software. This Software may be used or copied only in accordance with the Agreement. No part of this
Guide may be reproduced or transmitted in any form or by any means, electronic or mechanical, including
photocopying and recording for any purpose other than what is permitted in the Agreement.

Disclaimer
The information contained in this document is subject to change without notice. LogRhythm, Inc. makes no
warranty of any kind with respect to this information. LogRhythm, Inc. specifically disclaims the implied
warranty of merchantability and fitness for a particular purpose. LogRhythm, Inc. shall not be liable for any
direct, indirect, incidental, consequential, or other damages alleged in connection with the furnishing or use of
this information.

Trademark
LogRhythm is a registered trademark of LogRhythm, Inc. All other company or product names mentioned may
be trademarks, registered trademarks, or service marks of their respective holders.

LogRhythm Inc.
4780 Pearl East Circle
Boulder, CO 80301

(303) 413-8745
www.logrhythm.com

LogRhythm Customer Support

support@logrhythm.com
 – NetMon Freemium Getting Started Guide

Contents
Overview .......................................................................................................................................... 1

Requirements ................................................................................................................................... 1

Download NetMon Freemium from LogRhythm ................................................................................. 1

Install NetMon Freemium from the .iso ............................................................................................ 2

Prerequisites .................................................................................................................................. 2
Installation .................................................................................................................................... 2

Install NetMon Freemium VM Image ................................................................................................ 4

Prerequisites .................................................................................................................................. 4
Installation .................................................................................................................................... 4

Log In to NetMon Freemium ............................................................................................................. 7

License NetMon Freemium ................................................................................................................ 9

(Optional) Verify a NetMon Freemium License ............................................................................... 11

Next Steps ...................................................................................................................................... 12

Links .......................................................................................................................................... 12
 – NetMon Freemium Getting Started Guide

Overview
This guide describes how to install and configure NetMon Freemium, including a virtual machine running Linux
OS. After installation, you can open the Freemium Web Management interface via a browser—Internet
Explorer 11 or the most recent version of Chrome or Firefox are recommended.

Customers can request Freemium from LogRhythm’s NetMon Freemium site. After installation, visit the
LogRhythm Community to post questions, follow NetMon support discussions, find instructional videos, and
access other resources.

Requirements
NetMon Freemium can be configured to run on a small footprint by using the configuration and performance
settings described in the table below. The minimum platform tested is:

System Requirement Minimum Evaluation Deployment

Free Disk Space 60 GB
Memory Recommended: 12 GB RAM
Minimum: 8 GB RAM
CPU/Processor Recommended: 4 cores
Minimum: 2 cores
Network Interface Recommended: 2 1-Gbps NICs
Controllers (NICs) Minimum: 1 1-Gbps NIC

NOTE: Analyzing TAP data from an external source requires two

NICs; with one NIC, you can only monitor network usage
from your computer.

If you use a small-footprint deployment, you will limit your data storage capacity. You will likely also impact
uptime, as core services will need to be restarted when resource limits are reached.

If you plan to convert to a fully licensed version of NetMon on this same system, it will need to meet the more
robust hardware requirements described in the NetMon Software Installation and Configuration Guide,
available on the Product Documentation & Downloads page of the LogRhythm Community.

Download NetMon Freemium from LogRhythm

1. Go to the NetMon Freemium download form at https://logrhythm.com/freemium-download-form.

2. Enter the required contact details, and then click View Now.

You will receive an email welcoming you to NetMon Freemium.

3. In the email, click either Download .ISO or Download VM Image to begin your download.

NOTE: If you have a VM infrastructure available or are comfortable using vSphere, installing from
the .iso might be preferable. If not, you should likely install from the VM image.

PAGE 1
 – NetMon Freemium Getting Started Guide

• To install from the .iso, follow the instructions outlined in the Install NetMon Freemium from
the .iso section that follows.

• To install the VM image, skip ahead and follow the instructions outlined in the Install NetMon
Freemium VM Image section of this document.

Install NetMon Freemium from the .iso

LogRhythm provides an .iso disk image to simplify the installation of NetMon. The .iso is a bootable image that
installs CentOS 7.4 Minimal and NetMon.

NOTE: When installing CentOS, all of the required disk partitions will be created and sized according to
LogRhythm’s recommendations.

The .iso can be used to install CentOS and NetMon on a physical or virtual system with a primary disk as small
as 60 GB.

NOTE: The .iso installation is supported on systems containing up to four physical disks.

Prerequisites
• If you have not already registered, you can sign up for an account on the LogRhythm Community.
Click Not a Member, and then complete the New Member Registration. Your registration confirmation
is emailed to you. Check your spam folder in case the approval email is not recognized.

NOTE: Although strongly recommended, this step is not required before installing NetMon.

• If you have not yet obtained the NetMon installation .iso, download the .iso from the Community.
After logging in, click NetMon Resources, click the version of NetMon Freemium you would like to
run, and then click Network Monitor ISO (Checksum) under the Installation Files header.
• For a virtual installation, create a new VM that meets the following requirements:
o OS Type is Linux
o OS Version is Linux 64-bit or Other 64-bit
o Hard drive, RAM, and processor meet the requirements stated in the Requirements section of
this guide
o Primary network adapter is in “bridged” mode, and promiscuous mode is set to allow all traffic
o VMware Workstation is powered on as “Startup Guest”; VirtualBox VM is powered on as
“Normal Start”

Installation
To install CentOS 7.4 Minimal and NetMon using the LogRhythm .iso:

1. If you are installing on a physical computer, burn the .iso image to a writeable CD or DVD, or build a
NetMon USB. For a virtual install, you can mount the .iso for the installation.
2. Boot the computer from the CD, DVD, or USB, or start the VM with the mounted .iso.

PAGE 2
 – NetMon Freemium Getting Started Guide

3. When the welcome screen loads, select Install LogRhythm Network Monitor.

The installer completes the installation and the system reboots. This process might take several
minutes.
4. Skip to page Error! Bookmark not defined., Log In to NetMon Freemium.

PAGE 3
 – NetMon Freemium Getting Started Guide

Install NetMon Freemium VM Image

Using a pre-configured virtual machine (VM), you can deploy NetMon Freemium in minutes and start getting
valuable information about potential threats in your network.

Prerequisites
• The Freemium VM is supported on Oracle VM VirtualBox 5.1.

NOTE: If you are using a VM infrastructure other than VMware, follow the instructions in the Install
Freemium from the .iso section to install Freemium.

• The computer where you are deploying the VM needs to be connected to a wireless network—the most
common installation will be on a laptop with a wireless network adapter.
• The wireless network must be able to accept requests and assign IP addresses via DHCP.

Installation
Follow these steps to install VirtualBox and deploy the Freemium VM:

1. Install VirtualBox on the destination machine (for help with installation, see
https://www.virtualbox.org).
2. Start VirtualBox and note the location of the default machine folder—this is where you will copy the
VDI and VBOX files from the Freemium VM .zip file.
• On the File menu, click Preferences.
• On the General tab, note the file path for Default Machine Folder.

On Windows 7 and later, this should be C:\Users\<username>\VirtualBox VMs. On Mac OSX

this should be ~/VirtualBox VMs.
3. In the default machine folder, create a new folder called FreemiumNetMon. For example:
C:\Users\john.doe\VirtualBox VMs\FreemiumNetMon
4. Locate the FreemiumNetMon.vbox and FreemiumNetMon.vdi files that you extracted from the
Freemium VM .zip file and move them to the new FreemiumNetMon.

PAGE 4
 – NetMon Freemium Getting Started Guide

5. In VirtualBox, click the Machine menu, click Add, select the FreemiumNetMon.vbox that you just
moved, and then click Open.

6. In VirtualBox, select the FreemiumNetMon VM, and then click Start.

IMPORTANT: If you are running VirtualBox on Windows, you may see an error about network
interfaces when starting the VM.

7. If you see the network interface error, click Change Network Settings.

PAGE 5
 – NetMon Freemium Getting Started Guide

8. Confirm the following settings:

• Ensure that the wireless network adapter is selected.
• Click the Advanced drop-down menu, and then ensure that the Cable Connected check box is
selected.

9. Click OK.
When the VM is loaded, you will see the probe login prompt in the console.

PAGE 6
 – NetMon Freemium Getting Started Guide

Log In to NetMon Freemium

1. Log in to the Freemium console using logrhythm as the login and changeme as the password.
2. To change the password for the logrhythm user, type the command passwd, type the default
password (changeme), and then type and verify your new password.

NOTE: You will need to change the input interface for analyzing network traffic in the NetMon Web
Management UI. By default, this field is set to bond0. For more information, refer to
“Changing Engine Parameters” in the NetMon online Help or the NetMon User Guide.

3. To get the IP address of your Freemium VM, type ip address, and then press Enter.

4. Locate the inet address of the first Ethernet adapter. In the example above, the address is
172.20.10.6.

PAGE 7
 – NetMon Freemium Getting Started Guide

5. Open your browser (Internet Explorer 11 or the latest version of Firefox or Chrome) and type the
Freemium IP address for the URL. For example, https://172.20.10.6.

NOTE: You may see a warning in your browser that the connection is not safe. This is expected
because you have not installed any SSL certificates for Freemium. Click through to
proceed.

The NetMon login page appears.

6. Log in with username admin and password changeme.

7. In the Change Password for admin panel, type the default password (changeme), type and verify your
new password, and then click Update.
8. Log in to Freemium with your user ID and new password.

IMPORTANT: After installing and logging in to your NetMon software, do not update the CentOS
operating system using yum or any other method. An update could leave your
NetMon system in an unusable state.

PAGE 8
 – NetMon Freemium Getting Started Guide

License NetMon Freemium

NOTE: This section only pertains to users who installed Freemium from an .iso image. If you installed the
Freemium VM image, skip to Verify a NetMon Freemium License.

After downloading and installing the software, follow these instructions to access the Freemium edition of
NetMon:

1. If you have not already done so, log in to NetMon.

When accessing NetMon for the first time, the Network Monitor License page appears.

2. In the Network Monitor Freemium panel, click Select.

NOTE: Do not click Select in the NetMon panel, as this version requires a paid license.

3. When prompted, click Confirm to confirm your selection.

The NetMon license agreement appears.

PAGE 9
 – NetMon Freemium Getting Started Guide

4. Read the license agreement, select the check box to confirm that you have read and accept the terms
of the agreement, and then click Confirm.

The Register admin dialog box appears. NetMon Freemium requires users to register basic contact
information to obtain a license.

5. Enter your first name, last name, and email address in the Register admin dialog box, and then click
Register.

NetMon reboots to complete the licensing. This might take a few minutes.

When the system starts again, you will have access to the NetMon Freemium console. For more
information on the console, check out the NetMon Demos videos on the NetMon Freemium download
page.

PAGE 10
 – NetMon Freemium Getting Started Guide

(Optional) Verify a NetMon Freemium License

If you need to view or verify your NetMon license, click the Help icon on the top navigation bar, and then
click About NetMon. Your NetMon license type, application version, and other system information are
displayed at the top of the page.

PAGE 11
 – NetMon Freemium Getting Started Guide

Next Steps
Visit the NetMon Community (community.logrhythm.com) to learn how to use NetMon Freemium, or if you
require assistance with your deployment. Our Community offers extensive product documentation, as well as
Getting Started tutorials and advanced NetMon use case videos. You can also research frequently asked
questions and ask your own specific questions. The Community is monitored by NetMon software engineers,
LogRhythm Labs team members, technical support, and, of course, other NetMon users. We ensure that all
questions posted to the forum are responded to in a timely manner.

Links
• NetMon Discussions – Find or ask questions related to NetMon
• NetMon DPA Rules – Post your Deep Packet Analytics rules for other Community members
• NetMon Resources – Access reference guides, documentation, and NetMon videos

PAGE 12