Custom Ivanti Connect Secure Deployment on AWS Portal
Prerequisites and System Requirements on AWS
To deploy the Ivanti Connect Secure Virtual Appliance on AWS, you need the following:
•An AWS account
•Access to the AWS portal (https://console.aws.amazon.com/)*
•Ivanti Connect Secure Virtual Appliance AMI ID
•AWS CloudFormation template
•Ivanti Connect Secure licenses **
•Site-to-Site VPN between AWS and the corporate network (optional)
Note: This is needed only if the Ivanti Connect Secure users need to access corporate resources.
•Ivanti License Server (optional)**
•Located at corporate network, accessible through site-to-site VPN
•Ivanti Connect Secure configuration in XML format (optional)
Ivanti Connect Secure Virtual Appliance can be deployed only through AWS CloudFormation style.
Deploying Ivanti Connect Secure on Amazon Web Services
As depicted in the below diagram, a remote user can use Ivanti Connect Secure to securely access cloud resources as well as corporate resources. To access corporate resources, the Ivanti Connect Secure administrator needs to ensure that site-to-site VPN is already established between AWS and the corporate network.
Supported Platform Systems
This section helps you in choosing the instance types that should be deployed with Ivanti Connect Secure for AWS.
•ISA4000-V
•ISA6000-V
•ISA8000-V
|
Model |
vCPU |
RAM |
Disk Space in 22.6R2 and Later |
Disk Space prior to 22.6R2 |
|---|---|---|---|---|
|
ISA4000-V (M5.xlarge - 3 NICs) |
4 |
16 GB |
80 GB |
40 GB |
|
ISA6000-V ( M5.2xlarge - 3 NICs) |
8 |
32 GB |
80 GB |
40 GB |
|
ISA8000-V (M5.4xlarge - 3 NICs) |
16 |
64 GB |
80 GB |
40 GB |
|
ISA4000-V (t3.xlarge - 3 NICs) |
4 |
16 GB |
80 GB |
40 GB |
|
ISA6000-V (t3.2xlarge - 3 NICs) |
8 |
32 GB |
80 GB |
40 GB |
Customs Templates
To deploy 2-NIC or 3-NIC in an existing VPC respectively using the links below:
•Ivanti-2nic-existing-vpc.json
•Ivanti-3nic-existing-vpc.json
To deploy 2-NIC or 3-NIC in a new VPC respectively using the links below:
Registering the AMI
This section describes the steps to register the AMI. This is the one-time activity to be followed to deploy Ivanti Connect Secure on AWS.
To register AMI, do the following:
1.Login to AWS Portal.
2.Search for the AMI name in the Public images: ISA-V-NITRO-ICS-22.2R1-657.1-SERIAL-nitro.img. Images can be searched under public AMI section and copy AMI ID for custom deployment using custom templates.
To deploy 2-NIC or 3-NIC in an existing VPC and new VPC respectively using the links above.
ICS gateway AMIs are available in all AWS regions (except China).