Option 2: Use the Network Sensor AMI
The Network Sensor AMI allows you to skip some of the manual steps involved in deploying the sensor because it comes preloaded with Amazon Linux 2 and the Network Sensor.
To deploy using the Network Sensor AMI:
- Open the AWS console. From the “Services” page, select EC2 and click on AMIs on the left menu.
- Select Private Images and search for Rapid7 AWS Network Sensor for Insight IDR.
- Select the AMI and click Launch.
- On the “Choose an Instance Type” page, select instance size t3.xlarge.
- Select Next.
- On the “Configure Instance Details” page:
- Use “Network” to select the correct VPC to deploy the sensor
- Use “Subnet” to select the subnet for the Platform Comms interface.
- Use “Network Interfaces” to Add Device.
- Use “Subnet” to select the Mirror Traffic Subnet.
- Scroll down to “Advanced Details”, locate the “User Data” block and enter the Insight Platform install token as follows:
- Select Add Storage.
- Select Add Tags.
- Add tags as desired.
- Select Configure Security Group.
- Choose Select an existing security group.
- Select the Platform Comms Security Group.
- Select Review and Launch.
- Select Launch to launch the instance, choosing an appropriate KeyPair.
- Allow the instance to finish launching.
Complete your configuration
Now that you've deployed using the Network Sensor AMI, you'll need to complete the configuration in Insight Data Collection Management.