How can I minimize heartbeat alerts for offline environments in an AWS Elastic Beanstalk environment?

AWS Elastic Beanstalk allows you to create multiple environments so that you can run different versions of an application at the same time. These environments usually include a production and development environment and often the development environment is powered down at night. When the development environment is brought back online in the morning, Deep Security will generate alerts related to communication problems for the period of time that it was offline. Although these alerts are actually false from your perspective, they are legitimate alerts from the perspective of Deep Security because an alert is generated whenever a specified number of heartbeats is missed.

You can minimize these heartbeat-related alerts or even prevent them from being generated for environments that you know will be offline for a period of time every day by creating a policy with specific heartbeat settings and applying that policy to the servers in those partially offline environments.

  1. Go to the Policies tab in the main Deep Security Manager window.
  2. Create a new policy or edit an existing one.
  3. Click the Settings tab in the Policy editorTo open the Policy editor, go to the Polices page and double-click the policy that you want to edit (or select the policy and click Details). and go to the Computer tab.
  4. Change one or both of the Hearbeat Interval and Number of Heartbeats that can be missed before an alert is raised setting to numbers that take into account the number of hours your Elastic Beanstalk environment will be offline.
    For example, if you know that a server will be offline for 12 hours a day and the Heartbeat Interval is set at 10 minutes, you could change the Number of Heartbeats that can be missed before an alert is raised setting to unlimited to never get an alert or you could increase the Heartbeat Interval to something greater than 10 to get fewer alerts.
  5. Click Save and apply the policy to all relevant servers.

For more information on using Deep Security in an AWS Elastic Beanstalk environment, you can watch the Trend Micro webinar Deploying Scalable and Secure Web Apps with AWS Elastic Beanstalk and Deep Security.