Launching a Virtual Network Sensor AMI instance

Procedure

1. On the Trend Vision One console, go to Network Security → Network Inventory → Virtual Network Sensor.
2. Click Deploy Virtual Network Sensor.
   The Virtual Network Sensor Deployment panel appears.
3. Select Amazon Web Services for the platform.
4. Set the Admin password and confirm the password.
   The password must contain the following:

   • 12 to 32 characters
   • Both uppercase and lowercase characters
   • At least one number (0-9)
   • At least one special character: ~!`@#$%^&*()/_+=[]{}-\|<>',.?:;" or space

   Note This step is used to set the default admin password to access the Virtual Network Sensor command line interface after deployment.

5. Click Download Token to download the token file.
   The token file contains important information for the Virtual Network Sensor including the configured admin password and information that allows the Virtual Network Sensor to connect and on-board with Network Inventory automatically.

   After downloading, you can click Go to AWS Marketplace to access the Virtual Network Sensor AMI in a new tab, where you can launch the instance directly from the marketplace. The following steps provide a guide to accessing the Virtual Network Sensor AMI through the EC2 console.
6. In a new tab in the same browser session, sign in to the AWS Management Console.
7. Locate the EC2 service and click the link to access the EC2 dashboard.
8. In the top navigation bar, select the Region for your instance.

   Note The region can be set to any region you require the Virtual Network Sensor to be deployed. If you are unsure which region to select, use the default region for your AWS account.

9. Click Launch instance, then select Launch instance.
   The Launch an instance screen appears.
10. In the Names and tags section, provide a name or add tags to the instance.

    Tip Adding tags helps with managing instances by providing a way to track ownership or locate resources associated with deployed instances.

11. In the Application and OS Images (Amazon Machine Image) section, find and select the Virtual Network Sensor AMI.
    1. In the Application and OS Images (Amazon Machine Image) section, click Browse more AMIs.

       

    2. In the Choose an Amazon Machine Image (AMI) screen, select AWS Marketplace AMIs under the search bar.

       

    3. Search for Trend Vision One.
    4. Find Trend Vision One™ XDR for Networks (BYOL) and click Select.
       
    5. Review the details and click Continue.
12. In the Instance Type section, select an instance that meets the specifications for your deployment.
    The Virtual Network Sensor has been tested with the following recommended instance types. For more information, see Virtual Network Sensor system requirements.

    Throughput (Mbps)	Recommended Instance Type
    100	t3.large m5.large
    500	t3.xlarge m5.xlarge
    1000	t3.2xlarge
    2000	m5.2xlarge
    5000	m5.4xlarge
    10000	m5.8xlarge

13. In the Key pair (login) section, select Proceed without a key pair.
14. In the Network settings section, click Edit and configure the settings.
    1. Configure the network deployment settings.
       • Select the VPC to use for the instance.
       • Select a Subnet to use for the Virtual Network Sensor data port.
       • Set the Auto-assign Public IP to Disable.

       Important Do not select No preference for the subnet.

    2. Under Firewall (security groups), select Select existing security group.
    3. Do not select any Common security groups.
    4. Expand the Advanced network configuration section.

       Important To comply with the AWS environment, the Virtual Network Sensor uses Port 1 (eth1) for the management port, and Port 0 (eth0) for the data port. For the following steps, Port 0 is Network interface 1, and Port 1 is Network interface 2.

    5. Configure Network interface 1 for the data port.
       • Description: Provide a description for the interface.
         Adding a clear description such as Virtual Network Sensor Data Port makes it easier to locate when configuring your AWS network settings after deployment.
       • Subnet: The subnet you selected previously for the data port.
       • Security groups: Select the security group for the data port.
       • Primary IP: Specify an IP address available on the subnet, or leave blank to have AWS automatically assign the IP address.

       
    6. Click Add network interface.
    7. Configure Network interface 2 for the maintenance port.
       • Description: Provide a description for the interface.
         Adding a clear description such as Virtual Network Sensor Management Port makes it easier to locate when configuring your AWS network settings after deployment.
       • Subnet: Select the subnet for the maintenance port.
       • Security groups: Select the security group for the maintenance port.
       • Primary IP: Specify an IP address available on the subnet, or leave blank to have AWS automatically assign the IP address.
15. Use the Configure storage settings to specify the size of the root volume for your instance.
    Set the root volume size according to your throughput. For more information, see Virtual Network Sensor system requirements.

    Throughput (Mbps)	Recommended Volume Size (GB)
    100	50
    500
    1000
    2000	100
    5000	150
    10000	200

16. Expand the Advanced details section.
17. Locate User data - optional and click Choose file.
18. Select the token file you downloaded from Network Inventory.
19. Review the settings in the Summary panel and click Launch instance
    Once you launch the instance, the Virtual Network Sensor begins installation. Installation may take a few minutes to complete. You can view the status of the instance in the EC2 console by going to Instances → Instances.

    The Virtual Network Appliance is ready to connect and configure when the Instance state is Running and the Status check shows 2/2 checks passed.
20. Once the appliance is ready, configure your network settings based on your security environment needs.
    • Configure traffic mirror settings.
    • Configure a network load balancer.