Deploy the Deep Security AMI manually

We recommend that you use the Quick Start to deploy the Deep Security AMI. That method uses AWS CloudFormation templates for quick deployment in about 1 hour. However, if you need to manually deploy the AMI, follow the instructions in this section.

You might want to deploy the AMI manually if:

• You only need one manager node instead of the two offered by the Quick Start.
• You require additional manager nodes beyond those offered by the Quick Start.

You can find the supported deployment models for Deep Security Manager in section 3.3 of the Deep Security Best Practice Guide (PDF). Please note that auto-scaling of manager nodes is not supported.

Install Deep Security Manager

1. Subscribe to Trend Micro Deep Security on AWS Marketplace. The Deep Security AMI has two billing models:
   • Pay as you Go (also called 'Per Protected Instance Hour')
   • Seat-based (also called 'Bring your own License (BYOL)')
2. Install a database. You can install your own database or you can use the Amazon RDS Management Console to create a database instance (PostgreSQL, Microsoft SQL, or Oracle). Refer to the Amazon RDS Documentation for instructions.
3. Configure the database for Deep Security. See Configure the database.
4. Launch the Deep Security AMI from the Trend Micro Deep Security page on AWS Marketplace.
5. When AMI has finished launching, go to https://<instance IP or hostname>:8080 to access the Deep Security Manager installer and finish the installation.
6. When the installation is complete, the Deep Security Manager console is displayed. Log in with the username and password that you specified during the Deep Security Manager installation process. Note the URL used to access the Deep Security Manager console.
7. (Optional) Install another manager node. See Install Deep Security Manager on multiple nodes.

Next steps

After installing the manager, you are ready to deploy a Deep Security Relay and Deep Security Agents.