Deploy the ExtraHop Discover Appliance in AWS

The following procedure guides you through the deployment process of the ExtraHop Discover appliance AMI to monitor your Amazon Web Services (AWS) environment. You must have administrative access to launch a third-party AMI and an ExtraHop product key to complete these procedures.

Important:If you want to deploy more than one ExtraHop virtual appliance, do not clone an existing instance. Always start with the original deployment package when deploying additional instances.

Create the ExtraHop instance in AWS

  1. Sign in to AWS with your username and password.
  2. Click EC2.
  3. In the left navigation panel, under Images, click AMIs.
  4. Above the table of AMIs, change the Filter from Owned by Me to Public Images.
  5. In the filter box, type ExtraHop and then press ENTER.
  6. Select the checkbox next to the appropriate ExtraHop Discover Appliance AMI and click Launch.
  7. Select a supported instance type for the product you are installing, based on the information in the following table.
    Product Surported Instance Types
    EH1000v m3.large, c3.xlarge, c4.xlarge
    EH2000v m3.xlarge, c3.2xlarge, c4.2xlarge
    EH6100v c3.8xlarge, c4.8xlarge
    Note:C3 instance types deployed in a VPC will take advantage of Enhanced Networking capabilities. M3 instance types do not support Enhanced Networking.
  8. Click Next: Configure Instance Details.
  9. Click the Network drop-down list and select Launch into EC2-Classic or one of your organization’s VPCs.
    Note:If you launch into EC2-Classic, you will not get support for Enhanced Networking.
  10. From the Shutdown behavior drop-down list, select Stop.
  11. Click the Protect against accidental termination checkbox.
  12. Click the IAM role drop-down list and select an IAM role.
  13. If you launched into a VPC and want to have more than one interface, scroll down to the Network Interfaces section and click Add Device to add additional interfaces to the instance.
    Note:If you have more than one interface, make sure that each interface is on a different subnet.
  14. On the Configure Instance Details page, click Next: Add Storage.
  15. Accept the default storage settings and click Next: Tag Instance.
  16. In the Value field, enter a name for the instance.
  17. Click Next: Configure Security Group.
  18. On the Configure Security Group page, follow the procedure below with the table that follows to create a new security group or add ports to an existing group. If you already have a security group with the required ports for ExtraHop, you can skip this step.
    1. Select either Create a new security group or Select an existing security group. If you choose to edit an existing group, select the group you want to edit. If you choose to create a new group, enter a Security group name and Description.
    2. Click the Type drop-down list, and select a protocol type. Type the port number in the Port Range field.
    3. For each additional port needed, click the Add Rule button. Then click the Type drop-down list, select a protocol type, and type the port number in the Port Range field.
    The following ports need to be open for the ExtraHop AWS instance:

    TCP ports 22, 80, and 443 inbound to the ExtraHop system: These ports are used to download the installer and administer the ExtraHop system. If you cannot open port 80, you can copy the installer to each instance manually. Refer to Installing the Software Tap on a Linux Instance or Installing the Software Tap on a Windows Instance.

    TCP/UDP ports inbound to the ExtraHop system: Depending on the ExtraHop product, you must open a port (or a range of ports) for the software tap. See the following table for the default ports required for each product. You can use alterante port numbers, but you must add them to the security group. For the best performance, keep the port ranges for each product intact.

    Product TCP/UDP ports Range
    EH1000v 2003 1
    EH2000v 2003-2006 4
    EH6100v 2003-2010 8
  19. Click Review and Launch.
  20. Select Make General Purpose (SSD)... and click Next.
    Note:If you select Make General Purpose (SSD)..., then you will not see this step on subsequent instance launches.
  21. Scroll down to review the AMI details, instance type, and security group information, and then click Launch.
  22. In the pop-up window, click the first drop-down list and select Proceed without a key pair.
  23. Click the I acknowledge… checkbox and then click Launch Instance.
  24. Click View Instances to return to the AWS Management Console.
    From the AWS Management Console, you can view your instance on the Initializing screen. Under the table, on the Description tab, you can find the IP address or hostname for the ExtraHop appliance that is accessible from your environment.

Register an ExtraHop system in AWS

Complete the following steps to apply a product key supplied by ExtraHop Support in an AWS environment.

  1. In your browser, type the IP address of the ExtraHop appliance (https://<extrahop_management_ip>/admin).
  2. Review the license agreement, select I Agree, and click Submit.
  3. On the log in screen, type setup for the user name and the instance ID for the password.
    You can find the Instance ID on the Description tab of an instance selected on the Initializing screen. Type the string of characters that follow i- (but not i- itself), and then click Log In.
  4. Click Please apply license in Admin UI.
  5. Click Register.
  6. Enter the product key, and then click Register.
  7. Click Done.
Published 2017-11-20 17:13