Before you can install McAfee ePO on an AWS server, you must create the server with the proper settings and create a connection to your enterprise network.
Before you begin
You must have an Amazon Web Services account to complete this process.
This example, and the selected values, describe creating a McAfee ePO server to manage about 30,000 client systems. The values you select might be different. See the McAfee ePolicy Orchestrator Installation Guide for CPU, storage, and memory requirements.
Task
1 Log on to the AWS console to display the AWS Console page.
Figure 5-2 AWS Console page
2 Set the AWS data center region to the location closest to most of the client systems you will manage with McAfee ePO. To select the region, click the list on the right side of the navigation bar on the AWS Console page.
5
Installing McAfee ePO on an AWS server Create the AWS server3 Under Compute, double-click EC2 (Amazon Elastic Compute Cloud) from the Compute list to open Step 1: Choose an Amazon Machine Image (AMI).
Figure 5-3 Step 1: Choose an Amazon Machine Image (AMI)
In this example, the server instance is a 64-bit server with a Microsoft Server 2012 with SQL Standard Edition already installed.
Always select an AMI with a SQL database included.
4 Scroll to the image you want, then click Select, to open Step 2: Choose an Instance Type.
Figure 5-4 Step 2: Choose an Instance Type
5 In this example, to manage 30,000 clients, in the Family column, select the instance type General purpose, and configure these settings:
• Type — m3.2xlarge • Instance Storage (GB) — 2 x 80 (SSD)
• vCPUs — 8 • EBS Optimized Available — Yes
• Memory (GiB) — 30 • Network Performance — High
The instance type you choose depends on many factors in your managed network. For example, the number of managed clients, network geography, and connectivity between locations. See the Server hardware requirements on page 18 and use the McAfee ePO server CPU cores, RAM, and hard drive suggestions to select you comparable instance type.
5
Installing McAfee ePO on an AWS server Create the AWS server6 Click Next: Configure Instance Details to open Step 3: Configure Instance Details.
Figure 5-5 Step 3: Configure Instance Details
7 For this example, configure these instance details settings:
• Number of Instances — Type 1.
• Purchasing option — Deselect Request Spot instances.
• Network — Select Launch into EC2-Classic.
• Availability Zone — Select No Preference.
• IAM role — Select None from the list.
• Shutdown behavior — Select Stop.
Do not select Terminate. If you do, when you stop your AWS server the server instance is deleted and you must completely reconfigure it to start again.
• Enable termination protection — Click Protect from accidental termination.
Termination protection is another way to keep you from accidentally terminating your AWS server.
• Monitoring — Deselect Enable CloudWatch detailed monitoring.
• EBS-optimized instance — Click Launch as EBS-optimized instance.
8 Click Next: Add Storage to open Step 4: Add Storage page.
Figure 5-6 Step 4: Add Storage page
9 In this example, configure these storage settings:
a Type Root — For the server operating system partition, configure these settings:
• Device — Leave the default.
• Snapshot — Leave the default.
• Size (GiB) — Type 100.
• Volume type — Select General Purpose (SSD).
• IOPS — (Input/Output Operations Per Second) Accept the default.
For IOPS configuration information, see Disk RAID and IOPS Calculator.
• Delete on Termination — Deselect.
b Type — For the McAfee ePO server partition, select EBS (Elastic Block Store) and configure these settings:
• Device — Select an individual device name from the list.
• Snapshot — Leave blank.
• Size (GiB) — Type 300.
• Volume type — Select General Purpose (SSD).
5
Installing McAfee ePO on an AWS server Create the AWS server10 Click Next: Tag Instance to open Step 5: Tag Instance page.
Figure 5-7 Step 5: Tag Instance page
11 Configure a specific tag and value used to identify this AWS server, then click Next: Configure Security Group to open Step 6: Configure Security Group page.
Tags don't have any semantic meaning to Amazon EC2 and are interpreted strictly as a string of characters. Also, tags are not automatically assigned to your resources.
Figure 5-8 Step 6: Configure Security Group
12 In this example, configure these security group settings:
• Assign a security group — Click Create a new security group.
• Security group name — Type a name for the security group.
• Description — Type a description for the security group.
• Using Add Rule, configure this list of ports and matching protocols.
To configure these Security Group port settings, see the Ports used to communicate through a firewall on page 223.
5
Installing McAfee ePO on an AWS server Create the AWS server13 Click Review and Launch to open Step 7: Review Instance Launch.
Figure 5-9 Step 7: Review Instance Launch
14 Confirm your settings, then click Launch to Create a new key pair.
Figure 5-10 Create a new key pair
15 Create a security key pair, with these settings, to generate an encrypted password when you first log on to this AWS server.
a Select Create a new key pair from the list.
b Type a name for the key pair .pem file.
5
Installing McAfee ePO on an AWS server Create the AWS serverc Click Download Key Pair to copy the .pem file to your local computer.
d Click Launch Instances after the .pem file is saved to your local computer.
Figure 5-11 Launch Status
16 On the Launch Status page, click View Instances to confirm the status of the AWS server.
Figure 5-12 Launch instance status page
You have created your AWS server. Continue with the connection process and create a static IP address for your AWS server.