Enterprise Recon Cloud 2.12.0
How To Plan The ER Cloud Deployment
This section covers the following topics:
- Identify the Deployment Size
- Choose the Virtual Private Cloud (VPC)
- Migrate Existing Master Server Instance
- Configuration Considerations in ER Cloud
- Begin Deployment
Identify the Deployment Size
During deployment of the Enterprise Recon Cloud, you will be asked to select the deployment size of your Master Server.
There are three deployment size options for ER Cloud:
| Deployment Size | Instance Type | Disk Size (for user data) | Memory (RAM) | Number of pre-verified proxy agents |
|---|---|---|---|---|
| small | m5.xlarge | 80 GB | 16 GB | 2 |
| medium | m5.2xlarge | 120 GB | 32 GB | 4 |
| large | m5.4xlarge | 200 GB | 64 GB | 4 |
Depending on the number of Targets you intend to add and scan, and the potential number of match locations, you need to identify the deployment size that suits your needs. For more information, refer to the System Requirements section.
Choose the Virtual Private Cloud (VPC)
You may choose to either deploy Enterprise Recon Cloud in a new or in an existing Virtual Private Cloud (VPC).
Using an existing VPC might be more suitable if you are an experienced AWS user, as you can benefit from the already-established security configurations within your existing VPC. However, if your familiarity with AWS is limited, or if you prefer to begin the configuration from scratch, deploying in a new VPC might be more suitable.
Consult your local AWS administrator for more guidance to ensure your deployment setup is tailored to your needs.
Migrate Existing Master Server Instance
If you have an existing ER2 Master Server (on-premises), you can easily migrate your Master Server instance to Enterprise Recon Cloud.
For more information, refer to the Migrate to Enterprise Recon Cloud section.
Configuration Considerations in ER Cloud
To effectively plan your deployment, be aware of the important configuration considerations in ER Cloud.
Connecting to Internal Network
If you want to connect ER Cloud to your organization's internal resources (such as Active Directory), you need to establish proper connectivity to your internal network. This may involve VPN and DNS configuration to assign your private domain name system to your virtual private cloud (VPC).
Connectivity to internal network impacts certain features in ER Cloud, including Active Directory and Network Discovery. Other features such as Data Access Management PRO and Risk Scoring and Labeling PRO may have limited functionality if/when Active Directory is not used.
There are various methods available to establish connectivity, one of which is configuring a site-to-site VPN with AWS. Methods vary depending on your organization’s network setup. However, you are responsible for ensuring that necessary connectivity setup is in place. Please note that Ground Labs does not provide support for configuring your connectivity to your internal network.
Changing API Port
Using an API port value other than the default value is not supported in ER Cloud. When enabling the API feature, use only the default value 8339 to ensure that the API feature will work.
For more information, refer to the Use API Framework section.
Begin Deployment
After planning, refer to the Deploy Enterprise Recon Cloud section to start deploying the ER Cloud Master Server, or refer to the Getting Started section for the overview on deployment, licensing, activation, and usage of the ER Cloud features.