reference deployment

Deep Security on AWS

Deploy and configure Trend Micro Deep Security

This Quick Start deploys Deep Security using AWS CloudFormation templates and offers two license models. You can also launch this Quick Start with either licensing option in the AWS GovCloud (US) Region.

The default configuration protects instances in the virtual private cloud (VPC) where the Deep Security Manager is deployed. After deployment, you can modify your setup to protect instances across your entire AWS infrastructure.

Trend_Micro_200x100

This Quick Start was developed by Trend Micro in collaboration with AWS. Trend Micro is an AWS Partner.


AWS Service Catalog administrators can add this architecture to their own catalog.

GovCloud_logo
This Quick Start supports the AWS GovCloud (US) Region.
  •  What you'll build
  •  How to deploy
  •  Cost and licenses
  •  What you'll build
  • This Quick Start sets up the following:

    • A highly available architecture that spans two Availability Zones.*
    • A VPC configured with public and private subnets, according to AWS best practices, to provide you with your own virtual network on AWS.*
    • An internet gateway that connects the VPC to the internet.
    • In the public subnets:
      • Amazon Elastic Compute Cloud (Amazon EC2) instances for Deep Security Manager.
      • Elastic Load Balancing that distributes incoming traffic across the Amazon EC2 instances (not shown).
    • In the private subnets:
      • Amazon Relational Database Service (Amazon RDS) to set up, operate, and scale a relational database.
  •  How to deploy
  • To deploy this Quick Start, follow the steps in the deployment guide, which includes these steps. The stack takes about 1 hour to launch.:

    1. If you don't already have an AWS account, sign up at https://aws.amazon.com and set up your VPC. The VPC must have two private subnets in different Availability Zones, and one public subnet with an attached internet gateway.
    2. Subscribe to Deep Security, choosing the Per Protected Instance Hour or BYOL licensing option.
    3. Launch the Quick Start for the licensing option you selected. Each deployment takes less than an hour. You can choose from four options:
    4. Log in to the Deep Security Manager console.
    5. Deploy agents to protect your instances.

    Amazon may share user-deployment information with the AWS Partner that collaborated with AWS on the Quick Start.  

  •  Cost and licenses
  • You are responsible for the cost of the AWS services and any third-party licenses used while running this Quick Start reference deployment. There is no additional cost for using the Quick Start.

    Because this Quick Start uses Amazon Machine Images (AMIs) from AWS Marketplace, you must subscribe to Trend Micro Deep Security. There are two licensing options:

     
    Note: This Quick Start supports a deployment of up to 2,000 protected instances. If you are protecting more than 2,000 instances, contact aws@trendmicro.com for assistance.
     
    Tip: After you deploy the Quick Start, create AWS Cost and Usage Reports to track costs associated with the Quick Start. These reports deliver billing metrics to an Amazon Simple Storage Service (Amazon S3) bucket in your account. They provide cost estimates based on usage throughout each month and aggregate the data at the end of the month. For more information about the report, see What are AWS Cost and Usage Reports?