Deploy Lumu VA in AWS

Deploy Lumu VA in AWS

Lumu Virtual Appliance (VA) is a virtualized machine that provides you with all the elements required to collect network metadata to provide you with maximum visibility when it comes to identifying compromised network endpoints within your infrastructure. This guide contains the necessary steps to deploy a Virtual Appliance on Amazon Web Services Elastic Compute Cloud (AWS EC2) on a Virtual Private Cloud (VPC).

Requirements

To ensure the successful deployment of a Lumu VA on AWS, you must meet the following minimum requirements:

  1. AWS EC2 privileges to launch instances.

AWS Set Up

To create a cloud collector, you must first obtain the virtual appliance image in AWS.
Contact Lumu support, providing your AWS account Id and your preferred region. We will use this information for sharing the Lumu Virtual Appliance AMI with you directly via AWS.
AWS Accounts settings area AWS Accounts settings area
1. After receiving the confirmation email from Lumu, go to the AWS panel, navigate to EC2 > AMIs and select “Private images”.
AWS AMI settings area AWS AMI settings area


2. Launch the new instance from the AMI shared with you by the Lumu Customer Success or Support team. During the launch, you will be prompted to configure the instance.
Review our sizing guidelines to evaluate the virtual hardware considerations.

Remember to confirm that inbound rules are set for allowing access to UDP port 53 for the VPC.

Inbound rules Inbound rules

Activate and Configure the Virtual Appliance

Once you have configured AWS for the Lumu Virtual Appliance, you are ready to activate and explore the VA general settings. See the Configure Virtual Appliance for detailed guidance.

AWS Network Setup

After having your VA activated and configured, set the Lumu Virtual Appliance you created as the DNS name server.

1. On the AWS VPC console, go to the DHCP options set and create a new DHCP options set adding the Lumu Virtual Appliance you created as DNS name server. The DHCP is responsible for allocating IP addresses and other information to requesting clients.

Creating DHCP options set for Lumu VA Creating DHCP options set for Lumu VA

2. Associate the new DHCP options set to your VPC by selecting the option to edit options set on the action list.

Associating DHCP options set to a VPC. Associating DHCP options set to a VPC
Once you associate a new set of DHCP options with a VPC, any existing instances, and all new instances that you launch in that VPC use those options.

In the DHCP options set list, select the DHCP options set you created on step 5.

Associating DHCP options set to a VPC Associating DHCP options set to a VPC

Flush the DNS cache

All the instances of the VPC will automatically pick up the changes within a few hours, depending on how frequently the instance renews its DHCP lease. You don't need to restart or relaunch the instances.

For the new DNS settings to take effect immediately on existing servers, you have the option to explicitly renew the lease being used on each server by the instance, see Flushing DNS Cache for guidance.

Validate your settings

The final step is to verify that your DNS connections are correctly routed through Lumu. See Validate your DNS Settings for more information.


        • Related Articles

        • Deploy Virtual Appliances

          To get started and review requirements for Lumu Virtual Appliances, consult our document Introduction to Virtual Appliances. Follow these simple steps to create and download a pre-configured Virtual Appliance and start illuminating threats and ...
        • Deploy Lumu VA in Google Cloud

          Lumu Virtual Appliance (VA) is a virtualized machine that provides you with all the elements required to collect network metadata to provide you with maximum visibility when it comes to identifying compromised network endpoints within your ...
        • Deploy Lumu VA in VirtualBox

          Lumu Virtual Appliance (VA) is a virtualized machine that provides you with all the elements required to collect network metadata to provide you with maximum visibility when it comes to identifying compromised network endpoints within your ...
        • Deploy Lumu VA in VMware Workstation

          Lumu Virtual Appliance (VA) is a virtualized machine that provides you with all the elements required to collect network metadata to provide you with maximum visibility when it comes to identifying compromised network endpoints within your ...
        • Deploy Lumu VA in VMware ESXi

          Lumu Virtual Appliance (VA) is a virtualized machine that provides you with all the elements required to collect network metadata to provide you with maximum visibility when it comes to identifying compromised network endpoints within your ...