Footprint Cloud Appliance - AWS Marketplace Deployment

Coda Footprint Internal Scanner is now part of the AWS Marketplace

https://aws.amazon.com/marketplace/pp/prodview-qntaqfnnakfsw

Prerequisites:

• Have a running MSP Console instance that is reachable on HTTPS from the Internal Scanner that is to be deployed.

• Configure a FQDN for the MSP Console that can be resolved by the Internal Scanner.

• Have IP [OSI Layer 3] reachability from the AWS Subnet where the scanner is provisioned to the future Scan Target / Destination Subnets.

• Allow access from the Scanner to the Console Machine over HTTPS, TCP/15671, TCP/15672, TCP/5671, TCP/5672

Deployment:

In order to deploy an Internal Scanner in the AWS Marketplace you would need to follow the below instructions:

Connect to your AWS Management Console and choose “Launch a virtual machine”.

This would take you the the following screen:

Step 1: Choose an Amazon Machine Image (AMI)

Pick AWS Marketplace and write “Footprint Cloud Appliance” in the search bar

Click “Select” and proceed to the next step.

The minimum specifications for the Footprint Cloud Appliance are 2 CPUs and 4GB of RAM. The Recommended ones are 4 CPUs and 8 GB of RAM. Ideally we would want a machine with at least 2 CPUs and 8 GB of RAM for a larger Scan Surface target.

Step 2: Choose an Instance Type

For this deployment we may choose a t3.large.

Click “Next: Configure Instance Details“

Step 3: Configure Instance Details

Select the correct VPC and Subnet. If needed also assign a Public IP.

Make sure to assign an IP and write it down for later. Otherwise we will look for the DHCP IP after the deployment.

Click “Next: Add Storage”

Step 4: Add Storage

Check to have the minimal 50GB of disk space.

Click “Next:Add Tags“

Step 5: Add Tags

Add any relevant tags that may be used to identify this machine later and click “Next: Configure Security Group”

Step 6: Configure Security Group

Make sure to allow SSH and HTTP TCP/8080 traffic inbound in order to configure the scanner. Later you may remove the ports or add restrictions to access only from your organizations source IPs.

You will also need to allow all outbound ports for better visibility into scans. Remember to also allow access into other Security Groups from the Internal Scanners IP address in order to be able to scan other subnets.

Click “Review and Launch”

Click “Launch” and proceed to select a key pair to use for SSH management of this machine.

Check “I acknowledge” and proceed with clicking “Launch instances”

The instance is being provisioned and when it is ready either connect from a Bastion Host o it’s Private IP or from an Elastic Public IP to it’s TCP/8080 interface using HTTPS.

After the instance is provisioned you need to connect and assign the FQDN URL and TOKEN ID presented in the Scan Surface > Agentless Surface > Setup Scanners tab.

Add the Name, FQDN and TOKEN and press Save. Within a few minutes the scanner should change state to Online. The Internal Scanner will now pull all required updates.

Click Scan Surface > Agentless Surface > Deployed Scanners

Look for the new Internal Scanner by name and check that the State is Active to confirm that it is fully operational and can be used to add Scan Surface targets selecting this scanner.