Views:

Deploy a Virtual Network Sensor to your AWS cloud environment.

If your security environment uses a hybrid deployment, or you do not have VMware or Microsoft Hyper-V in your environment, you can leverage your Amazon Web Services (AWS) accounts to deploy a Virtual Network Sensor.
AWS_VNS=GUID-6b88d3c8-219c-44c0-b5e7-4bed21f2ce11.jpg
Example mapping of a Virtual Network Sensor deployment within the AWS environment
Before you begin, review the Virtual Network Sensor system requirements and ensure you have a sign in with permission to access the EC2 service.
To deploy the Virtual Network Sensor, you must complete the following steps:
  1. Choose or create a VPC for the Virtual Network Sensor instance.
  2. Choose or create the subnets for the Virtual Network Sensor data port and management port.
    Trend Micro recommends using different subnets for the data and management ports. For more information on how to set up a VPC and subnet, refer to the Amazon documentation.
  3. Create security groups for the data port and management port.
  4. Launch an instance using one of the following deployment methods:
    1. Use an Amazon Machine Image (AMI)
    2. Use a CloudFormation template
  5. Verify the Virtual Network Sensor can connect with Network Inventory.
    If the Virtual Network Sensor does not appear in Network Inventory after deployment, verify the following settings:
    • Network settings (NIC/vNIC setting and order)
    • Firewall settings
    • Proxy settings if using a proxy
    • Review the Virtual Network Sensor FAQ to verify and test the connection
  6. Configure the network settings for the Virtual Network Sensor.
    After configuring your network settings, access the Virtual Network Sensor console and use the command show traffic to verify the Virtual Network Sensor is receiving traffic. For more information about troubleshooting, see Virtual Network Sensor FAQ and Virtual Network Sensor CLI commands.
Related information