Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

FAQ - Deploying the Bit9 Security Platform in Amazon Web Services (AWS)

FAQ - Deploying the Bit9 Security Platform in Amazon Web Services (AWS)

Q: What does moving to AWS mean for the Bit9 license since this a completely new environment; is the license tied to a particular piece of hardware?

A: Bit9 licenses are not tied to hardware. The server license will continue to operate as before without any interruption. Additionally, a license key can be used simultaneously on multiple machines. So you can install the Bit9 Server in AWS while still running your on-premise production server until you’re ready to move over to AWS.

Q: How can I migrate my Bit9 installation from on-premise to AWS?

A: This scenario is similar to moving from one on-premise machine to another with one caveat. You will want to do the following:

  1. Stop all incoming requests to the Bit9 server by stopping Bit9 website and placing the DAS database into single-user mode
  2. Stop both Bit9 Security Platform services (Bit9 Security PlatformServer and PlatformReporter)
  3. Back up the DAS database
  4. Restore the DAS database to your AWS SQL Server instance
  5. Install Bit9 server on AWS
  6. Update the DNS record to point the Bit9 server domain name to the IP of the server at Amazon
  7. Set the DAS database back into multi-user mode

However, before attempting to migrate your server to the cloud you need to ensure that your current DNS name is something that can be pointed to the cloud. For example, if you set up your Bit9 server with an internal name like bit9.mydomain.local instead of bit9.mydomain.com, you wouldn’t be able set up your AWS machine with this DNS.


Q: Can you test the Bit9 server in parallel in the AWS environment before shutting down an old VMware Server?

A: Yes, you can have two servers running at the same time. However, an agent cannot communicate with two servers at once.
It is also worth noting, we do not recommend taking a copy of a VMware Server and putting it up in AWS. A potential problem with this is that the two servers will look the same to the Software Reputation Service (SRS) – which can corrupt the SRS data in the back end.


Q: Are there any recommended security-oriented best practices when running a Bit9 server in a public cloud like AWS, as opposed to on premise, customer-managed hardware?

A: A Bit9 Server in the cloud should be secured in the same way that you would secure any publically available server: unnecessary ports should be disabled, IIS best practices should be adhered to, etc.
By default, the Bit9 Agent communicates to the Bit9 Server over port 41002 using TCP. Unless you have changed this to another port, ensure that this port is open for inbound and outbound traffic. Additionally, certain diagnostic and upgrade functions go over port 443. You will need to make sure that port 443 is open for traffic to and from services.bit9.com so that the server can communicate with the Bit9 cloud service.
Communication between your web browser and the Bit9 Server Console web application occurs over port 80 and 443 as well.
We also recommend limiting access to the Console to the range of IP addresses at your office and VPN. You can do this via the IIS Manager and/or using Amazon’s Security Groups.


Q: What are hardware and storage requirements for the Bit9 server in AWS?
A: The Bit9 OER outlines the hardware requirements for the Bit9 Server which are the same for on-prem and in AWS.


Q: Are the Bit9 server and agents supported on paravirtualized VMs?
A: No. Only HVM is supported.

Q: How much bandwidth will I need for communication between the Bit9 Server hosted on AWS and all of my agents?
A: For every 1000 agents, you can expect server bandwidth to average about:

  • Inbound: 200kb/s
  • Outbound: 50kb/s

Q: What operating systems do you support on AWS for the Bit9 agent?
A:

The Bit9 agent 7.2.1 P7 and newer are supported with the following Windows operating systems.

Microsoft Operating Systems Supported for Bit9 Platform Agents 7.2.1

Operating System

Architecture

Service Pack

Additional Notes/Requirements

Windows Server 2008 R2

x64

SP1

HVM virtualization only

Windows Server 2012

X64

SP3

HVM virtualization only

Windows Server 2012 R2

X64

HVM virtualization only

See this document for more information on 7.2.1 Agent Supported Operating Systems.

The Bit9 Linux agent 7.2.0 P14 and newer are supported with the following Linux operating systems.

Linux Supported for Bit9 Platform Agents 7.2.0

Distribution

Release

Architecture

Kernel

Additional Notes/Requirements

RHEL

x64

6.2, 6.3, 6.4, 6.5, 6.6, 6.7

2.6.32-220.x.x.el6
2.6.32-279.x.x.el6
2.6.32-358.x.x.el6
2.6.32-431.x.x.el6
2.6.32-504.x.x.el6
2.6.32-573.x.x.el6

HVM virtualization only

CentOS

See this document for more information on 7.2.0 Agent Supported Operating Systems.

Q: What operating systems do you support on AWS for the Bit9 server?
A:

Operating System

Architecture

Service Pack

Additional Notes/Requirements

Windows Server 2008 R2

x64

Use Latest

HVM Virtualization only

Windows Server 2012 R2

x64

Use Latest

HVM Virtualization only

Windows Server 2016 (Cb Protection v8+ only)x64Use LatestHVM Virtualization only

See Cb Protection Operating Environment Requirements v8.0.0 or Bit9 Security Platform v7.2.3 - Operating Environment Requirement

Q: What versions of SQL Server and RDS SQL Server do you support on AWS?
A:
Bit9 Security Platform Database: Supported SQL Server Versions

Database System

Architecture

Service Pack

Additional Notes/Requirements

SQL Server Express 2008 R2

x64

Use Latest

Limited to 1 CPU Socket (or 4 cores)

Maximum memory utilized: 1Gb

Maximum database size: 10Gb

SQL Server 2008 R2

x64

Use Latest

SQL Server Express 2012

x64

Use Latest

Limited to 1 CPU Socket (or 4 cores)

Maximum memory utilized: 1Gb

Maximum database size: 10Gb

SQL Server 2012

x64

Use Latest

Standard edition for < 10K endpoints, Enterprise edition for larger deployments.
See “Bit9 Security Platform Server Architecture by Endpoint Count” below for more details.

SQL Server 2014

x64

Use Latest

Same as SQL Server 2012.

Bit9 Security Platform Database: Supported AWS RDS MS SQL Server Versions

Database System

DB Engine Versions

Additional Notes/Requirements

SQL Server Express

11.00.5058.0.v1

10.50.6000.34.v1

Limited to 1 CPU Socket (or 4 cores)

Maximum memory utilized: 1Gb

Maximum database size: 10Gb

SQL Server Standard

12.00.4422.0.v1

11.00.5058.0.v1

10.50.6000.34.v1

Standard edition for < 10K endpoints, Enterprise edition for larger deployments. See “Bit9 Security Platform Server Architecture by Endpoint Count” below for more details.

SQL Server Enterprise

12.00.4422.0.v1

11.00.5058.0.v1

10.50.6000.34.v1

Standard edition for < 10K endpoints, Enterprise edition for larger deployments. See “Bit9 Security Platform Server Architecture by Endpoint Count” below for more details.

Q: Do you support Amazon WorkSpaces?
A: Yes. According to Amazon, Amazon WorkSpaces provides a “Windows 7 Experience, provided by Windows Server 2008 R2.” Bit9 supports the Bit9 agent on Windows Server 2008 R2.

Q: Do you support Amazon GovCloud?
A: No. At this time there are some technical limitations that prevent us from supporting the Bit9 Server and Agents in Amazon's GovCloud.

Labels (1)
Comments

Hello Tim, I can't find any document guides to move from one on-premise machine to another.  I will be moving the Bit9 Server and SQL Server.

I would want to keep the old server live until the new setup is ready and gradually move agents over.

Thanks

I'd recommend reaching out to support to get more detailed instructions for this.

Would it be possible to expand on the technical limitations for GovCloud?

Hi Tim, we are looking at migrating our CBEP server, so I'm resurrecting the thread. Endpoints will continue to be non-cloud-based.

Do you recommend using Provisioned IOPS and if so, what level for the newest server version and about 2500 endpoints? I'm looking at this doc in particular:

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-io-characteristics.html

Hi,

We recommend getting the best performing storage that you can. With that said, you might want to get on a call with Support or Services to see what they have seen in the field.

Tim

Article Information
Author:
Creation Date:
‎11-06-2015
Views:
4865
Contributors