Deploy the ExtraHop packetstore in AWS
In this guide, you will learn how to launch the ExtraHop packetstore AMI in your Amazon Web Services (AWS) environment.
Your environment must meet the following requirements to deploy a virtual packetstore in AWS:
- An AWS account
- Access to the Amazon Machine Image (AMI) of the ExtraHop Trace appliance
- An Extrahop packetstore product key
- An AWS instance type that most closely matches the packetstore VM size, as
Packetstore Supported Instance Types ETA 1150v m4.xlarge, m4.2xlarge Tip: You can resize your instance without redeploying the packetstore. See the AWS documentation for details.
Before you beginThe Amazon Machine Images (AMIs) of ExtraHop appliances are not publicly shared. Before you can start the deployment procedure, you must send your AWS account ID to firstname.lastname@example.org. Your account ID will be linked to the ExtraHop AMI.
- Sign in to AWS with your user name and password.
- Click EC2.
- In the left navigation panel, under Images, click AMIs.
- Above the table of AMIs, change the Filter from Owned by Me to Private Images.
- In the filter box, type ExtraHop and then press ENTER.
- Select the checkbox next to the ExtraHop packetstore AMI and click Launch.
Select one of the following supported instance types:
Instance Type Details m4.xlarge Recommended for most installations. m4.2xlarge Select m4.2xlarge if you need greater throughput. The cost for this instance is higher than for m4.xlarge.
- Click the Network drop-down list and select the default setting or one of the VPCs for your organization.
- (Optional): Click the IAM role drop-down list and select an IAM role.
- From the Shutdown behavior drop-down list, select Stop.
- Select the Protect against accidental termination checkbox.
- Click Next: Add Storage.
- In the Size (GiB) field for the root volume, type the size of the storage volume. The minimum packetstore size is 1000 GiB (1 TB) and the maximum datastore size is 2047 GiB (2 TB).
- From the Volume Type drop-down menu, select either Magnetic or General Purpose SSD (GP2). If you specify a size greater than 1024 GiB, you must select General Purpose SSD (GP2). GP2 provides better storage performance, although at a higher cost.
- Click Next: Add Tags.
- Click Add Tag.
- In the Value field, type a name for the instance.
- Click Next: Configure Security Group.
- Select an existing security group or create a new security group with the required ports.
Click Add Rule and add the following ports:
Type Port Range SSH 22 Custom TCP 443 Custom TCP 2003 Custom UDP 2003
TCP ports 22, and 443 are required to administer the ExtraHop system. TCP and UDP port 2003 is required for the packet forwarder.
- Click Review and Launch.
Select the boot volume option you selected in step 14 and then click
Note: If you select Make General Purpose (SSD)...(recommended), you will not see this step on subsequent instance launches.
- Review the AMI details, instance type, and security group information, and then click Launch.
- In the pop-up window, click the first drop-down list and select Proceed without a key pair.
- Click the I acknowledge… checkbox and then click Launch Instances.
Click View Instances to return to the AWS Management
From the AWS Management Console, you can view your instance on the Initializing screen.
Under the table, on the Description tab, you can find an address or hostname for the ExtraHop system that is accessible from your environment.
- Register your ExtraHop system
- Review the Trace Appliance Post-deployment Checklist.
- Connect the Command and Discover appliances to the Trace appliance.
- Configure remote packet capture (RPCAP) to forward traffic from remote devices to your virtual packetstore. For more information, see Configure RPCAP for an ExtraHop packetstore.
Thank you for your feedback. Can we contact you to ask follow up questions?