Overview
Before You Begin
This document assumes that you have used AWS before and are familiar with AWS services.
If you are new to AWS, see the Getting
Started section
-
Amazon VPC
– The Amazon Virtual Private Cloud (Amazon VPC) service lets you provision a private, isolated section of the AWS Cloud where you can launch AWS services and other resources in a virtual network that you define. You have complete control over your virtual networking environment, including selection of your own IP address range, creation of subnets, and configuration of route tables and network gateways. -
Amazon EC2
– The Amazon Elastic Compute Cloud (Amazon EC2) service enables you to launch virtual machine instances with a variety of operating systems. You can choose from existing Amazon Machine Images (AMIs) or import your own virtual machine images. -
AWS CloudFormation
– AWS CloudFormation enables you to create and provision AWS infrastructure components reliably and predictably, using a JSON scripting environment. This Quick Start uses AWS CloudFormation templates to configure and automate the Trend Micro Deep Security deployment. -
Amazon RDS
– Amazon Relational Database Service (Amazon RDS) is a web service that makes it easy to set up, operate, and scale a relational database in the cloud. It provides cost-efficient, resizable capacity for an industry-standard relational database and manages common database administration tasks.
Cost and Licenses
You are responsible for the cost of the AWS services used while running this Quick Start reference deployment. There is no additional cost for using the Quick Start. The cost of the resources created by the Quick Start varies based on how many instances you want to protect. For details, see the pricing pages for each AWS service you will be using in this Quick Start.
Because this Quick Start uses AMIs from the AWS Marketplace
Architecture
This Quick Start will set up Deep Security to protect instances in the virtual private
cloud (VPC) where the Deep Security Manager is deployed.
You can subsequently modify your deployment to protect instances across your entire
AWS infrastructure.
For free assistance, please contact aws@trendmicro.com
The Quick Start builds the following environment in an existing VPC.

Figure 1: Trend Micro Deep Security architecture on AWS
Best Practices
The architecture built by this Quick Start supports AWS best practices for high availability and security:
-
The Amazon RDS database server used by the Deep Security Manager is deployed across two Availability Zones (where available), providing high availability at the database layer.
-
The AWS security groups created by the template are configured to only allow traffic that is required.