Security-as-a-Service for Amazon Web Services (AWS) is a malware protection service developed by Bitdefender for Amazon Elastic Cloud Compute (EC2) environments. Built on Security for Virtualized Environments (SVE) by Bitdefender, an innovative and comprehensive solution designed specifically for virtualized environments, Security-as-a-Service for AWS protects Amazon EC2 instances running Windows or Linux operating systems.
This article provides you with instructions on how to set up Security-as-a-Service for AWS in your Amazon EC2 environment. It is useful to first get familiar with the Security-as-a-Service for AWS components (described in this KB article).
Before you start, check Security-as-a-Service for AWS compatibility and requirements and make sure to have the required Amazon security credentials at hand. You can find all necessary information in this KB article.
To set up Security-as-a-Service for AWS on your Amazon EC2 instances:
When subscribing, you are required to sign in to Amazon Payments and authorize payments to Bitdefender for your Security-as-a-Service for AWS subscription. You can try Security-as-a-Service for AWS free of charge for a period of 30 days. During the trial period, you can cancel your subscription at any time without incurring any charges.
To subscribe to Security-as-a-Service for AWS:
Note: Your account login details will be sent to the provided address.
You can log in and proceed to set up the service.
Check your email to find out your account login details. If you do not find the email with your account details in your Inbox, check the Spam and Junk/Trash folders. Another email has been sent to your Amazon email address to inform you about the payment authorization.
Before you can use Security-as-a-Service for AWS, you must set up your company account, including integration with your Amazon Web Services (AWS) account.
To set up your company account:
Note: It is recommended that you change your automatically generated password.
Note: The Amazon Credentials button is unavailable until your Security Console company account is set up and synchronized with your AWS account. Amazon credentials are required for remote authentication and automatic deployment of Silent Agent on instances. More information is provided in the next section.
To protect instances with Security-as-a-Service for AWS, you must install Silent Agent (the client software) on each of them. Silent Agent manages protection on the local instance. It sends scan requests to the Security Virtual Appliance, which performs the actual scan. It also communicates with Security Console to receive the administrator's commands and to send the results of its actions.
Prepare for Silent Agent installation as follows:
You connect to individual instances via a SSH or Remote Desktop client and use the installation link from Security Console to download and install Silent Agent locally.
To obtain the download links for the installation files:
Run the installation file using administrator/root privileges.
On instances running Linux operating systems, you can install Silent Agent remotely, from Security Console, or automatically, using Amazon EC2 tags. For any of these methods, you must first specify the remote authentication credentials:
Remote Installation. To remotely install Silent Agent from Security Console:
You can view task execution status and results on the Computers > View Tasks page. Installation takes minutes to complete.
Automatic Deployment. Add the autodeployment tag to existing instances or to new instances (when you launch them) and Security Console automatically deploys Silent Agent on the tagged instances. The default details of the automatic deployment tag are:
Automatic deployment is completed within a few minutes after the tag has been added. Automatic deployment is performed in the background.