ON PREMISES SOLUTIONS

Getting started

Managing your EC2 instances

Once you have successfully set up the Amazon EC2 integration, the Amazon EC2 inventory will show up in GravityZone Control Center, in the Network page.

From this point, you can start installing the security agent on EC2 instances, apply security policies, and monitor the security events using the dashboard and the available reports.

Warning

Only the supported security modules will apply to target endpoints. On Amazon EC2 instances, only Antimalware, Advanced Threat Control and Device Control modules are supported.

GravityZone provides several options specifically designed for managing the EC2 instances. Find hereinafter a description of these features. For the rest of features available in GravityZone Control Center related to the security management of the network inventory, please refer to the Administrator's Guide available on Help & Support page.

Viewing the Amazon EC2 inventory

The Amazon EC2 inventory imported in GravityZone is grouped by Amazon regions and Availability Zones. You can find the Amazon EC2 inventory in the Network page, under Computer and Groups folder. You can view the Amazon EC2 group in the left-side pane of the Network page, while the instances contained in the selected group are displayed in the right-side pane.

gz_network-ec2.png

Terminated instances are grouped in a specific folder of the network tree. Previously managed (protected) instances that were terminated from the Amazon management console are stored under Terminated Managed Instances group placed in Amazon EC2 folder. You can still obtain information about these instances via reports. If no longer needed, terminated instances can be deleted from the network inventory.

You can recognize online and offline instances by their icon:

  • vm_online_unmanaged.png Offline instances

  • vm_online_managed.png Online instances

To obtain details about an EC2 instance, click on it in the Network page. The Information window will appear, providing various information about the instance, such as ID, DNS, IP, Region, etc.

gz_details-ec2.png
Filtering the Amazon EC2 instances

To access the network filtering options, select the group that you want in the left-side pane and click the Filters menu at the upper-side of the network panes area.

GravityZone Control Center provide several filtering options for the network inventory, including a few specific filters for Amazon EC2 instances:

  • Type: displays only EC2 instances.

    filters-eps-type_aws.png
  • Power: filters EC2 instances by their power status (running, stopped, terminated).

    filters-aws-power.png
  • Tag: filters instances by EC2 tags defined in your Amazon management console.

    filters-aws-tag.png
Synchronizing the Amazon EC2 inventory

Control Center automatically synchronizes with Amazon EC2 inventory every 15 minutes. You can also manually push the Amazon inventory synchronization using the sync_ec2.png Synchronize with Amazon EC2 button placed at the upper side of the Network page.

Creating Amazon EC2 specific reports

To generate a report in GravityZone Control Center, go to the Reports page and click the add.png Add button at the upper side of the table. A configuration window is displayed, where you can find several options for defining the report that you want.

GravityZone provides several types of reports for monitoring the security of your instances. For EC2 instances, you can choose the Amazon EC2 Monthly Usage report type:

  • Provides detailed information about the hourly usage for all managed instances belonging to the companies under your management.

  • A pie chart displays the hourly usage distribution per instance type across all your managed companies.

  • The table below the chart provides details regarding the company name, month, the total hourly usage for each company and the number of managed instances for each company.

  • The hourly usage number for a company is a link to a new window, where you can find detailed usage information for each managed instance belonging to the company (instance name, instance type, IP, hourly usage and parent company).

Monitoring the user activity logs

You can check the GravityZone user accounts activity records in the Accounts > User Activity page.

Control Center logs all the operations and actions performed by users. The user activity list includes the following Amazon EC2 specific events:

  • Creating, editing, synchronizing and deleting Amazon EC2 integrations

  • Creating and canceling Security for AWS subscriptions

gz-logs.png
Configuring the Amazon EC2 Control Center notifications

Control Center informs you about the security status of your environment via notifications, which appear at the right side of Control Center, in the Notification area.

gz-notifications.png

To view the notifications, click the notifications.png Notifications button and then click See All Notifications. A table containing all the notifications is displayed.

You can configure which types of notification you want to receive in Control Center or by email, and several other options. To configure notifications:

  • Click the notifications.png Notifications button at the right side of the menu bar and then click See All Notifications. A table containing all the notifications is displayed.

  • Click the configure.png Configure button at the upper side of the table. The Notification Settings window is displayed.

There are several Amazon EC2 notification types available in GravityZone Control Center:

  • Amazon EC2 Trial Expires in 7 Days. This notification informs you that your Amazon EC2 trial subscription will expire in 7 days.

  • Amazon EC2 Trial Expires Tomorrow. This notification is sent one day before the expiration of your Amazon EC2 trial subscription.

  • Amazon EC2 Licensing event. This notification informs you that your Amazon EC2 subscription has been successfully activated.

  • Amazon EC2 Invalid Credentials. This notification is triggered when the AWS credentials are no longer valid.

  • Amazon EC2 Cancellation event. This notification is triggered when the AWS subscription is canceled by the user.

Connecting to GravityZone Control Center

To access GravityZone Control Center, go to https://gravityzone.bitdefender.com and enter your GravityZone account credentials.