New Quick Start: Standardized Architecture for NIST High-Impact Controls on AWS Featuring Trend Micro Deep Security
This new Quick Start deploys a standardized environment that helps organizations meet the following requirements:
- National Institute of Standard and Technology (NIST) SP 800-53 (Revision 4) high-impact security control baseline. This baseline is for workloads that are categorized as high-impact systems, per NIST FIPS Publication 199.
- The Committee on National Security Systems (CNSS) Instruction 1253
- Federal Risk and Authorization Management Program (FedRAMP)
- The DoD Cloud Computing Security Requirements Guide (SRG)
- NIST SP 800-171
- The OMB Trusted Internet Connection (TIC) Initiative – FedRAMP Overlay (pilot)
The Quick Start was built in collaboration with Trend Micro and features the Trend Micro Deep Security product.
The deployment is automated by AWS CloudFormation templates and scripts that build an example multi-tier, Linux-based web application in the AWS Cloud with comprehensive protection using Trend Micro Deep Security. The deployment guide provides step-by-step instructions for deploying and configuring the environment. The Quick Start also includes a security controls matrix, which maps the architecture decisions, components, and configuration in the Quick Start to security requirements within NIST, TIC, and DoD Cloud SRG publications.
Quick Starts are automated reference deployments for key workloads on the AWS Cloud. Each Quick Start launches, configures, and runs the AWS compute, network, storage, and other services required to deploy a specific workload on AWS, using AWS best practices for security and availability.
To get started, use the following resources:
- View deployment guide
- View security controls matrix (Microsoft Excel format)
- Browse and launch other AWS Quick Start reference deployments
If you need assistance with an enterprise implementation of the capabilities introduced through this Quick Start, AWS Professional Services can guide and assist with the training, customization, and implementation of deployment and maintenance processes. Please contact your AWS Account Manager for further information, or send an inquiry to compliance-accelerator@amazon.com.