Footprint Cloud Appliance - AWS Marketplace Deployment

Coda Footprint Internal Scanner is now part of the AWS Marketplace

https://aws.amazon.com/marketplace/pp/prodview-qntaqfnnakfsw

Prerequisites:

• Have a running MSP Console instance that is reachable on HTTPS from the Internal Scanner that is to be deployed.

• Configure a FQDN for the MSP Console that can be resolved by the Internal Scanner.

• Have IP [OSI Layer 3] reachability from the AWS Subnet where the scanner is provisioned to the future Scan Target / Destination Subnets.

• Allow access from the Scanner to the Console Machine over HTTPS, TCP/15671, TCP/15672, TCP/5671, TCP/5672

Deployment:

In order to deploy an Internal Scanner in the AWS Marketplace you would need to follow the below instructions:

Connect to your AWS Management Console and choose “Launch instance”.

This would take you the the following screen:

Step 1: Browse to the search bar an look-up “Footprint Cloud Appliance”

Note that the AMI is listed under AWS Marketplace AMIs

Click “Select” and proceed to the next step.

The minimum specifications for the Footprint Cloud Appliance are 2 CPUs and 8 GB of RAM. The Recommended ones are 4 CPUs and 8(16) GB of RAM. Ideally we would want a machine with at least 4 CPUs and 16 GB of RAM for a larger Scan Surface target. So in this case we would proceed with the t3.large option.

Step 2: Choose an Instance Type

For this deployment we may choose a t3.large.

Step 3: Choose a key pair. This is optional but choosing a key pair would help future debugs if needed to connect on the SSH port

Step 4: Network Settings

Select the correct VPC and Subnet. If needed also assign a Public IP.

Make sure to assign an IP and write it down for later. Otherwise we will look for the DHCP IP after the deployment.

You would want to allow SSH and HTTP/8080 traffic from your Management Subnets or Jump Hosts. SSH is needed for troubleshooting purposes and HTTP/8080 is needed for the First Time Setup wizard to register your appliance to the console.

In terms of Subnet and VPC you may choose any of the options that provide suitable access to your future scan targets. Below values are just an example:

Make sure to allow SSH and HTTP TCP/8080 traffic inbound in order to configure the scanner. Later you may remove the ports or add restrictions to access only from your organizations source IPs.

You will also need to allow all outbound ports for better visibility into scans. Remember to also allow access into other Security Groups from the Internal Scanners IP address in order to be able to scan other subnets.

Step 5: “Configure Storage”

You need at least 120GB of disk according to the minimal requirements.

After going through the recommended settings you may proceed and click “Launch”

Kindly wait for the instance to finish launching.

After the process is finished you can now connect to the instance and configure the initial startup wizard.

The instance is being provisioned and when it is ready either connect from a Bastion Host o it’s Private IP or from an Elastic Public IP to it’s TCP/8080 interface using HTTP.

After the instance is provisioned you need to connect and assign the FQDN URL and TOKEN ID presented in the Scan Surface > Agentless Surface > Setup Scanners tab.

Add the Name, FQDN and TOKEN and press Save. Within a few minutes the scanner should change state to Online. The Internal Scanner will now pull all required updates.

Click Scan Surface > Agentless Surface > Deployed Scanners

Look for the new Internal Scanner by name and check that the State is Active to confirm that it is fully operational and can be used to add Scan Surface targets selecting this scanner.