AWS Quick Starts

Symantec Protection Engine on AWS

Malware protection and content scanning services on the AWS Cloud

Deploy SPE into a new VPC on AWS

or deploy SPE into your existing VPC

(Deployment requires subscription to an SPE AMI)

View deployment guide

Quick Start architecture for Symantec Protection Engine on the AWS Cloud

The Quick Start includes AWS CloudFormation templates that automatically deploy SPE in a highly available, secure AWS Cloud environment. The Quick Start also includes a guide with step-by-step deployment and configuration instructions.

To deploy Symantec Protection Engine on AWS, view the Quick Start deployment guide. To try out additional Quick Starts, view our complete catalog.

symantec-logo


Use this Quick Start to deploy Symantec Protection Engine (SPE) for Cloud Services on AWS in less than an hour.

SPE enables you to incorporate malware and threat detection technologies into your application. SPE includes Symantec's malware protection and proprietary, patented URL categorization technology. It provides fast, scalable, and reliable content scanning services to protect your data and storage systems against the ever-growing malware threat landscape.

You can integrate SPE with almost any application through the Internet Content Adaptation Protocol (ICAP) by using .NET APIs for C, Java, and C#. This Quick Start aids integration with proxies such as F5, Squid, etc., and is designed for enterprise administrators who want to scan their ingress/egress traffic for viruses, trojans, and other kinds of malware.

  • What you'll build

    Use this Quick Start to set up the following SPE environment on AWS:

    • A virtual private cloud (VPC) spanning two Availability Zones and configured with public subnets. This provides the network infrastructure for your SPE deployment.*
    • An Internet gateway to provide access to the Internet.*
    • An Elastic Load Balancing (ELB) load balancer that distributes the incoming loads to multiple scanners.
    • In the public subnets, SPE instances that are configured automatically with the load balancer.
    • Your choice to create a new VPC or deploy into your existing VPC on AWS. 


    The template that deploys the Quick Start into an existing VPC skips the components marked by asterisks above.

    For details, see the Quick Start deployment guide.

  • Deployment details

    You can deploy SPE on AWS in less than an hour, by following a few simple steps:

    1. Subscribe to the SPE AMI in AWS Marketplace. You can choose the paid pricing or the BYOL licensing option. If you choose the BYOL option, place the license key file in an Amazon S3 bucket and note its location.
    2. Sign up for an AWS account at https://aws.amazon.com.
    3. Launch the Quick Start into a new VPC, if you want to build a new AWS infrastructure. (View template)
      -or-
      Launch the Quick Start into an existing VPC, if you already have your AWS environment set up. (View template)
      The deployment takes approximately 30-45 minutes.
    4. Use the command-line scanner that comes with SPE and an anti-malware test file to test the deployment.


    To customize your deployment, you can choose different instance types for your resources, choose Availability Zones, and change the number of SPE instances you want to deploy.  

    For detailed instructions, see the Quick Start deployment guide.

  • Cost and licenses

    You are responsible for the cost of the AWS services and SPE licenses used while running this Quick Start reference deployment. There is no additional cost for using the Quick Start.

    The AWS CloudFormation template for this Quick Start includes configuration parameters that you can customize. Some of these settings, such as instance type, will affect the cost of deployment. See the pricing pages for each AWS service you will be using for cost estimates.

    This Quick Start requires a subscription to an Amazon Machine Image (AMI) for the SPE software, which is available from AWS Marketplace. You can choose from two pricing models:

    • Paid pricing: With this option, you’ll pay an hourly fee based on the Amazon Elastic Compute Cloud (Amazon EC2) instance type.
    • Bring Your Own License (BYOL): If you already have a current, valid license for SPE, you can use it for the AWS Quick Start deployment.