Deploying Ivanti Policy Secure on AWS using AWS Portal

Once the access to the AMI file and CloudFormation template is obtained as mentioned in the above section, proceed with the Ivanti Policy Secure deployment.

Ivanti Policy Secure can be deployed:

• on a new Virtual Private Cloud or
• on an already existing Virtual Private Cloud
• as a license server

Deploying IPS on New Virtual Private Cloud

This section describes IPS deployment with three NIC cards and two NIC cards.

Deployment on VM with Three NIC Cards

To deploy Ivanti Policy Secure on AWS using the AWS portal, do the following:

1. Select AWS Services > CloudFormation and click Create stack > With new resources (standard).

   

2. Select Upload a template file. Click Choose File and select “pulsesecure-IPS-3-nics-new-network.json” template file for the new VPC. Click Next.

   

3. In the Specify stack details page, fill or modify the following parameters.

   Before proceeding with deployment, ensure that the attribute “accept-license-agreement” in IPSConfigData is set to “y”.

   

   • Stack name: Specify the stack name in which Ivanti Policy Secure needs to be deployed
   • New VPC address space: Virtual private cloud address space
   • Internal Subnet address space: Subnet from which Ivanti Policy Secure internal interface needs to lease IP
   • External Subnet address space: Subnet from which Ivanti Policy Secure external interface needs to lease IP
   • Management Subnet address space: Subnet from which Ivanti Policy Secure management interface needs to lease IP
   • IPS AMI ID: ID of the uploaded AMI file
   • Instance Type: Size of the instance – t2.medium or t2.xlarge or t2.2xlarge.
   • IPS Config Data: Provisioning parameters in an XML format. For details, see Ivanti Policy Secure Provisioning Parameters.
   • SSH Key Name: This key is used to access IPS via SSH. The SSH keys are generated using ssh-keygen on Linux and OS X, or PuTTyGen on Windows. For details about generating the SSH key pairs, refer http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html.

4. Click Next. Review the specified details and click Create Stack stack. Observe the deployed IPS in a few minutes.

   

Deployment on VM with Two NIC Cards

To deploy Ivanti Policy Secure on AWS using the AWS portal, do the following:

1. Select AWS Services > CloudFormation and click Create stack > With new resources (standard).

   

2. Select Upload a template file. Click Choose file and select “pulsesecure-IPS-2-nics-new-network.json” template file for the new VPC. Click Next.

   

3. In the Specify Details page, fill or modify the following parameters.

   Before proceeding with deployment, ensure that the attribute “accept-license-agreement” in IPSConfigData is set to “y”.

   

   • Stack name: Specify the stack name in which Ivanti Policy Secure needs to be deployed
   • New VPC address space: Virtual private cloud address space
   • Internal Subnet address space: Subnet from which Ivanti Policy Secure internal interface needs to lease IP
   • External Subnet address space: Subnet from which Ivanti Policy Secure external interface needs to lease IP
   • IPS AMI ID: ID of the uploaded AMI file
   • Instance Type: Size of the instance – t2.medium or t2.large
   • IPS Config Data: Provisioning parameters in an XML format. For details, see Ivanti Policy Secure Provisioning Parameters.
   • SSH Key Name: This key is used to access IPS via SSH. The SSH keys are generated using ssh-keygen on Linux and OS X, or PuTTyGen on Windows. For details about generating the SSH key pairs, refer http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html.

4. Review the specified details and click Create stack. Observe the deployed IPS in a few minutes.

   

Deploying IPS on an Existing Virtual Private Cloud

This section describes IPS deployment with three NIC cards and two NIC cards.

Deployment on VM with Three NIC Cards

To deploy Ivanti Policy Secure on AWS using the AWS portal, do the following:

1. Select AWS Services > CloudFormation and click Create stack > With new resources (standard).

   

2. Select Upload a template file. Click Choose file and select “pulsesecure-IPS-3-nics-existing-vpc.json” template file for existing VPC. Click Next.

   

3. In the Specify Stack Details page, fill or modify the following parameters.

   Before proceeding with deployment, ensure that the attribute “accept-license-agreement” in IPSConfigData is set to “y”.

   

   • Stack name: Specify the stack name in which Ivanti Policy Secure needs to be deployed
   • Existing VPC ID: Virtual private cloud ID
   • Internal Subnet ID: Subnet from which Ivanti Policy Secure internal interface needs to lease IP
   • External Subnet ID: Subnet from which Ivanti Policy Secure external interface needs to lease IP
   • Management Subnet ID: Subnet from which Ivanti Policy Secure management interface needs to lease IP
   • IPS AMI ID: ID of the uploaded AMI file
   • Instance Type: Size of the instance – t2.medium or t2.large
   • IPS Config Data: Provisioning parameters in an XML format. For details, see Ivanti Policy Secure Provisioning Parameters.
   • SSH Key Name: This key is used to access IPS via SSH. The SSH keys are generated using ssh-keygen on Linux and OS X, or PuTTyGen on Windows. For details about generating the SSH key pairs, refer http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html.

4. Review the specified details and click Create stack. Observe the deployed IPS in a few minutes.

Deployment on VM with Two NIC Cards

To deploy Ivanti Policy Secure on AWS using the AWS portal, do the following:

1. Select AWS Services > CloudFormation and click Create new stack.

   

2. Select Upload a template to Amazon S3. Click Browse and select “pulsesecure-IPS-2-nics-existing-vpc.json” template file for existing VPC. Click Next.

3. In the Specify Stack Details page, fill or modify the following parameters.

   Before proceeding with deployment, ensure that the attribute “accept-license-agreement” in IPSConfigData is set to “y”.

   

   • Stack name: Specify the stack name in which Ivanti Policy Secure needs to be deployed
   • Existing VPC ID: Virtual private cloud ID
   • Internal Subnet ID: Subnet from which Ivanti Policy Secure internal interface needs to lease IP
   • External Subnet ID: Subnet from which Ivanti Policy Secure external interface needs to lease IP
   • IPS AMI ID: ID of the uploaded AMI file
   • Instance Type: Size of the instance – t2.medium or t2.large
   • IPS Config Data: Provisioning parameters in an XML format. For details, see Ivanti Policy Secure Provisioning Parameters.
   • SSH Key Name: This key is used to access IPS via SSH. The SSH keys are generated using ssh-keygen on Linux and OS X, or PuTTyGen on Windows. For details about generating the SSH key pairs, refer http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html

4. Review the specified details and click Create stack. Observe the deployed IPS in a few minutes.