Deploy the ExtraHop Command Appliance in AWS
This guide explains how to launch the ExtraHop Command appliance AMI to monitor your Amazon Web Services (AWS) environment. You must have administrative access to AWS to launch a third-party AMI and an ExtraHop product key to complete these procedures.
Before you deploy the Command appliance, determine the optimal provisioning needs for your environment. For more information, see the Performance guidelines section.
The following table provides guidelines that can help you optimize the performance of the Command appliance. These guidelines are minimum requirements that you might need to adjust based on the size and needs of your environment.
|Scalability||Connected ExtraHop Appliances||1-8||9-24||25-64|
|Provisioning Requirements||Recommended Instance Type||c5.xlarge (4 vCPU and 8 GB RAM)||c5.2xlarge (8 vCPU and 16 GB RAM)||c5.4xlarge (16 vCPU and 32 GB RAM)|
|Boot Disk||4 GB||4 GB||4 GB|
|Datastore and Utility Disk||40 GB||48 GB||64 GB|
|Disk Total||44 GB||52 GB||68 GB|
Create the ExtraHop instance in AWS
Before you begin
The Amazon Machine Images (AMIs) of ExtraHop appliances are not publicly shared. Before you can start the deployment procedure, you must send your AWS account ID to email@example.com. Your account ID will be linked to the ExtraHop AMIs.
- Sign in to AWS with your username and password.
- Click EC2.
- In the left navigation panel, under Images, click AMIs.
- Above the table of AMIs, change the Filter from Owned by Me to Private Images.
- In the Search AMIs… field, type ExtraHop.
- Select the checkbox next to the ExtraHop Command appliance AMI, and click Launch.
- On the Choose an Instance Type page, select the instance type that meets the provisioning requirements specified in the performance guidelines table above.
- Click Next: Configure Instance Details.
Click the Network drop-down list and select one of the
VPCs for your organization.
You must launch the Command appliance in the same environment as the ExtraHop Discover appliances.
- Select Stop as the default shutdown behavior.
- Click the Protect against accidental termination checkbox.
- (Optional): Click the IAM role drop-down list, and select an IAM role.
If you want to configure two interfaces for VPC, scroll down to the
Network Interfaces section and click Add
Device to associate another interface with your instance.
The default number of network interfaces is one. The two interfaces must be on two different subnets.
- Click Next: Add Storage.
- Accept the defaults and click Next: Tag Instance.
- In the Value field, enter a name for the instance.
- Click Next: Configure Security Group.
On the Configure Security Group page, follow the procedure
below to create a new security group or add ports to an existing group. If you
already have a security group with the required ports for ExtraHop, you can skip
- Select either Create a new Security Group or Select an existing security group. If you choose to edit an existing group, select the group you want to edit. If you choose to create a new group, type a name for the Security group and type a Description.
- From the Type drop-down list, select a protocol. Type the port number in the Port Range field.
For each additional port, click the Add Rule
button. Then, from the Type drop-down list,
select a protocol, and type the port number in the Port
The following ports and IP addresses must be opened for the ExtraHop AWS instance:
- TCP ports 22, 80, and 443 inbound to the Command appliance
- These ports must be open to download the installer and administer the ExtraHop system.
- IP addresses of the ExtraHop Discover appliances that are connected to the Command appliance
- After the Command appliance is launched, you must modify the security groups of the connected Discover appliances to allow traffic in from the Command appliance.
- Click Review and Launch.
- Scroll down to review the AMI details, instance type, and security group information, and then click Launch.
- In the pop-up window, from the first drop-down list, select Proceed without a key pair.
- Click the I acknowledge… checkbox and then click Launch Instance.
Click View Instances to return to the AWS Management
When you return to the AWS Management Console, you can view your instance on the Initializing screen.
Register the ExtraHop system
Complete the following steps to apply your product key and register the system.
If you do not have a product key, contact your ExtraHop account team.
|Tip:||To verify that your environment can resolve DNS entries for the
ExtraHop licensing server, open a terminal application on your Windows, Linux, or
Mac OS client and run the following
nslookup -type=NS d.extrahop.com
If the name resolution is successful, output similar to the following appears:
Non-authoritative answer: d.extrahop.com nameserver = ns0.use.d.extrahop.com. d.extrahop.com nameserver = ns0.usw.d.extrahop.com.
- In your browser, type the IP address of the ExtraHop system (https://<extrahop_management_ip>).
- Review the license agreement, select I Agree, and click Submit.
On the log in screen, type setup for the user name and
the instance ID for the password.
You can find the Instance ID on the Description tab of an instance selected on the Initializing screen. Type the string of characters that follow i- (but not i- itself), and then click Log In.
- Enter your product key, and then click Register.
Thank you for your feedback. Can we contact you to ask follow up questions?