Skip to content

Oracle VirtualBox — VirtualBox Manager (GUI)

Deploy the RTA using the VirtualBox graphical manager. You import the OVA through the File menu, fix the firmware and network settings in the VM's Settings dialog, and then start the VM.

Before you start

Review the VirtualBox overview. You'll need the OVA file from your engagement lead and VirtualBox 7.x installed on your host.

1. Import the OVA

  1. Open VirtualBox Manager.
  2. Go to File → Import Appliance (or press Ctrl+I / Cmd+I).
  3. Click the folder icon and browse to <OVA_PATH>, then click Next.
  4. Review the appliance settings. Adjust the following before importing:
    • CPU: set to 4 (minimum 2).
    • RAM: set to 8192 MB (minimum 4096 MB).
    • Leave all other settings at their defaults.
  5. Click Finish and wait for the import to complete (~40 GB).

You can change CPU and RAM after import too

If you skip the adjustment here, you can change the values later in Settings → System → Motherboard (RAM) and Settings → System → Processor (CPU), as long as the VM is powered off.

2. Enable EFI (UEFI firmware)

This step is mandatory — do not skip it

VirtualBox defaults every new VM to Legacy BIOS. The RTA image uses a GPT disk with an EFI System Partition and will not boot under BIOS.

  1. Select the newly imported VM in the VirtualBox Manager sidebar.
  2. Click Settings (or press Ctrl+S / Cmd+S).
  3. Go to System → Motherboard.
  4. Under Extended Features, tick Enable EFI (special OSes only).
  5. Click OK.

Secure Boot

Secure Boot is off by default in VirtualBox 7.x — leave it that way. The appliance bootloader is unsigned; enabling Secure Boot will prevent the VM from booting.

3. Set the network adapter to Bridged

  1. In the VM's Settings, go to Network → Adapter 1.
  2. Ensure Enable Network Adapter is ticked.
  3. In the Attached to drop-down, select Bridged Adapter.
  4. In the Name drop-down, choose the host NIC that is connected to the engagement LAN (typically your wired Ethernet adapter).
  5. Click OK.

NAT is fine for isolated lab use

If you are running the appliance in an isolated lab with no real LAN targets, NAT is sufficient for the outbound VPN tunnel. For actual engagements where the appliance must have Layer-2 adjacency to targets, Bridged Adapter is required.

4. Start the VM

  1. Select the VM in the sidebar and click Start (the green arrow).
  2. The VM console window opens. The appliance is customized for your engagement, so it boots already registered and connects automatically — the console shows its live status dashboard.

Verify

The appliance boots pre-registered and connects to the Sophos headend over its outbound VPN tunnel — there is no activation step, and you do not normally need to log in. To confirm the VM is running and check connectivity:

  • Watch the VM console window — it shows a live status and troubleshooting dashboard (network interface, VPN tunnel, connectivity health).
  • If you closed the console, go to Machine → Console in VirtualBox Manager to reopen it.

Default admin user

The default admin username is swag. You can SSH into the VM from your host if you know its IP address, but the appliance does not need any inbound access for normal operation.

Network access

The appliance makes one connection to do its job: an outbound tunnel to the Sophos headend. Nothing inbound is ever required — you never open or forward any ports to the appliance.

Allow this outbound destination
Destination connect.remotetesting.secureworks.com
IP addresses 3.33.194.251 and 15.197.255.2 (static — these do not change)
Port / protocol TCP 443, carrying OpenVPN (not HTTPS)
Direction Outbound only

Allow egress on TCP/443 to that destination from the appliance's network. On a next-generation firewall or NAC-controlled network, an L3 "allow 443" rule is often not enough — Layer-7 application control, TLS/SSL decryption, or NAC can still drop the tunnel even when the port is open. See Connectivity Troubleshooting for the exact firewall and NAC exceptions to request.

Troubleshooting

Deployed but something isn't right?

See Oracle VirtualBox troubleshooting for the most common issues on this platform and how to fix them.