VMware vSphere — Point & Click (GUI)

Deploy the RTA using the vSphere Client Deploy OVF Template wizard. This method works against both vCenter Server and standalone ESXi hosts via the Host Client.

Before you start

Review the VMware vSphere overview. You'll need the OVA URL or file and the network port group name from your engagement lead, plus access to your vSphere Client.

1. Start the Deploy OVF Template wizard

1. Open vSphere Client and connect to your vCenter Server or ESXi host.
2. In the inventory, right-click the target host, cluster, or resource pool and select Deploy OVF Template.

2. Select the OVA source

1. Choose URL and paste the OVA download URL provided by your engagement lead, or choose Local file and browse to the downloaded .ova file.
2. Click Next.

3. Name and location

1. Enter a name for the VM (e.g. rta).
2. Select the datacenter or folder where the VM should be created.
3. Click Next.

4. Choose a compute resource

1. Select the host, cluster, or resource pool that will run the VM.
2. Click Next.

5. Review details

Review the OVA summary (publisher, download size, storage size). Click Next.

6. Select storage

1. Choose a disk format — Thin Provision is fine for most engagements.
2. Select the datastore provided by your engagement lead (<DATASTORE>).
3. Click Next.

7. Map networks

1. On the Select networks page, find the source network listed in the OVA (typically VM Network).
2. Map it to the port group provided by your engagement lead (<NETWORK>). This port group must have Layer-2 connectivity to the engagement targets.
3. Click Next.

Use a port group with L2 access to targets

Do not map the NIC to an isolated, NAT, or management-only network. The appliance needs to be a first-class Layer-2 peer on the engagement LAN to discover and test hosts.

8. Finish the import

Review the summary and click Finish. The OVA import task appears in the Recent Tasks panel — wait for it to complete (typically 2–10 minutes depending on OVA size and network speed).

9. Set CPU and memory (if needed)

The OVA ships with default sizing. If the defaults are below the recommended 4 vCPU / 8 GB:

1. Right-click the VM → Edit Settings.
2. Set CPU to 4 (minimum 2).
3. Set Memory to 8192 MB (minimum 4096 MB).
4. Click OK.

10. Power on

Right-click the VM and select Power On. The appliance is customized for your engagement, so it boots already registered, brings up its outbound VPN tunnel, and connects to the Sophos headend automatically — there is no activation step.

Verify

The appliance comes up pre-registered — you typically do not need to interact with it. To confirm it is running:

1. Right-click the VM → Open Remote Console (or Launch Web Console).
2. The console shows a live status and troubleshooting dashboard — network interface, VPN tunnel, and connectivity health. Use it to confirm the tunnel is up; if it reports a problem, pass what the dashboard shows to your engagement lead.

Network access

The appliance makes one connection to do its job: an outbound tunnel to the Sophos headend. Nothing inbound is ever required — you never open or forward any ports to the appliance.

Allow this outbound destination

Destination	connect.remotetesting.secureworks.com
IP addresses	3.33.194.251 and 15.197.255.2 (static — these do not change)
Port / protocol	TCP 443, carrying OpenVPN (not HTTPS)
Direction	Outbound only

Allow egress on TCP/443 to that destination from the appliance's network. On a next-generation firewall or NAC-controlled network, an L3 "allow 443" rule is often not enough — Layer-7 application control, TLS/SSL decryption, or NAC can still drop the tunnel even when the port is open. See Connectivity Troubleshooting for the exact firewall and NAC exceptions to request.

Troubleshooting

Deployed but something isn't right?

See VMware vSphere troubleshooting for the most common issues on this platform and how to fix them.