Installing and activating Deep Security Agent via deployment script in private subnet

Product / Version includes:

Deep Security As A ServiceAll , Cloud One - Endpoint and Workload SecurityAll

Last updated: 2021/08/28

Solution ID: KA-0008805

Category: Install

Summary

In Deep Security, deployment scripts can be generated to automatically add protection when Amazon Web Services (AWS) instances are added. The deployment scripts can be used with leading operations management tools such as Chef, Puppet, RightScale, OpsWorks, Salt and others. This article focuses on leveraging the AWS User Data in the Advanced Details section to help auto-install and activate agent through scripts in private subnet.

The following procedure has been tested in the environment specified below:

Deep Security Manager: Deep Security as a Service
Deep Security Agent: Deep Security Agent 11.0.0-326 for Windows -x86_64 (10.0.1.202)
AWS VPC: Public subnet and private subnet; No NAT, instead of proxy only
Proxy server: Squid 3.5.27 (Public IP: 13.231.198.161; Private IP: 10.0.0.143) Port 3128

To install and activate the agent:

Register the proxy (Squid Proxy) in Deep Security as a Service Manager and connect the agents, appliances, and relays to security updates via proxy.
1. On the console, go to Administration > System Settings.
2. Select Proxies tab.
3. Under Proxy Server Use section, select Squid Proxy.
Create a policy for AWS EC2 instance (e.g. Windows Server 2016 policy).
Connect the agents to security services via proxy.
1. Go to Settings > General tab.
2. Under Network Setting for Census, Good File Reputation, and Predictive Machine Learning Service section, select Squid Proxy.
Set up a proxy to the Smart Protection Network for Anti-Malware.
1. Navigate to Anti-Malware > Smart Protection tab.
2. Under Smart Protection Server for File Reputation Service section, enable When accessing Global Smart Protection Service, use proxy and select Squid Proxy from the drop-down list.
Set up a proxy to the Smart Protection Network for Web Reputation.
1. Navigate to Web Reputation > Smart Protection tab.
2. Under Smart Protection Server for Web Reputation Service, enable When accessing Global Smart Protection Service, use proxy and select Squid Proxy from the drop-down list.
Configure the deployment scripts.
1. For the Security Policy, choose the policy that you created from Step 2 (e.g. Windows Server 2016).
2. Select Squid Proxy for Proxy to contact Deep Security Manager and Proxy to contact Relays(s).
3. Click Copy to Clipboad to copy the script for AWS EC2 creation later.
Launch a new AWS EC2 instance in private subnet.
On the Advanced Details section, paste the deployment script in the User data field.
Check the Instance ID and verify the Instance State.
Check the Agent status. No need for a manual step to help the agent to run.
Double-check the agent status in host. It should be running as expected.

Was this article helpful?

Featured

Automation Center

Education Portal

Online Help Center

Service Status

TrendConnect

Installing and activating Deep Security Agent via deployment script in private subnet

Installing and activating Deep Security Agent via deployment script in private subnet

Product / Version includes:

Summary