Page Comparison

...

This topic only applies to Armor's private cloud users who are account administrators and new to the Armor Management Portal (AMP).

As a first-time user in AMP, you must:

Complete the onboarding / invitation process
Access AMP
Invite users
Set up your infrastructure

Note

Before you begin, Armor recommends that you review pre-installation/pre-deployment information, such as virtual machine offerings and supported browsers.

To learn more, see Pre-deployment considerations for Armor's private cloud.

...

title	Step 1: Open the Account Signup Email

...

Note
This topic only applies to Armor Enterprise Cloud users who are account administrators and new to the Armor Management Portal (AMP).

As a first-time user in AMP, you must:

Complete the onboarding / invitation process
Access AMP
Invite users
Set up your infrastructure

Note

Before you begin, Armor recommends that you review pre-installation/pre-deployment information, such as virtual machine offerings and supported browsers.

To learn more, see Pre-deployment considerations for Armor Enterprise Cloud.

Expand

title	Step 1: Open the Account Signup Email

In the email from Armor, click the link.
- You will be redirected to enter your account security information, including payment information.
  - If you already coordinated your payment process with Armor, then you will not see the payment screen.

Expand

title	Step 2: Complete Your Security Information

Note
In this step, you will add your phone number to your account. This phone number will be used for multi-factor authentication. To complete the account signup process and to log into AMP, you must be near this phone number.

Note your Armor username.
- The Username will be pre-populated with the email address of the Primary Contact for the account.
In Password and Confirm Password, create and enter an account password.
- Your password must be at least 12 characters in length.
- Your password must contain an upper-case character, a lower-case character, a number, and a special character.
- Your password cannot contain personal information, such as your name, email address, birthday, etc. For example, if your name is John Smith, then you cannot use joh or smi in your password.
- You can only change your password once every 24 hours.
- Passwords expire after 60 days.
- After 6 failed login attempts, you will be locked out of your account for an hour. To resolve this, you must contact your account administrator or contact Armor Support.
- After 15 minutes of no activity, you will be logged out of the Armor Management Portal (AMP).
Complete the Challenge Phrase and Challenge Response.
- If you call Armor for technical support, you will be asked the Challenge Phrase, and you must correctly answer the Challenge Response.
- Do not use inappropriate language or suggestive material.
- The answer must be at least five characters long.
In Phone Number, select your country code / flag, and then enter your phone number.
- This phone number will be used for multi-factor authentication (MFA). Every time you log into the Armor Management Portal (AMP), you will receive a phone call in order to complete the login process.
- You can enter a phone number with spaces and special characters, such as (555) 555-555.
- (Optional) If your phone number contains an extension, enter the number in Extension. You cannot include spaces or special characters in this field.
Click Validate to validate the phone number entered.
- You will receive a phone call; answer the phone, and then follow the instructions.
- (Optional) After you complete the signup process, you can configure your account to use the Microsoft Authenticator application for MFA. To learn how to use this application, see Configure multi-factor authentication for your account.
Click Continue.

Note
If you already coordinated with Armor to pay with a check, then you will be redirected to Armor Management Portal (AMP) login screen.

Expand

title	Step 3: Complete Your Payment Information

In Currency, select your currency.
(Optional) If your business is tax exempt, select I'm tax exempt.
- In Tax Exempt ID, enter a valid tax exempt ID.
For Payment Method, mark the desired payment (credit card or bank account).

Option 1: Credit card

Note
Cardholder Name, Address, City, State, and Postal Code will be pre-populated with the name and contact information for the Primary Contact on the account.

In Card Number, enter the credit card number.
In Expiration Date, select the appropriate month and year.
In CVV, enter the verification number for the credit card
In Country, select the corresponding country.
Click Submit.
- You will be redirected to Armor Management Portal (AMP) login screen.

Option 2: ACH Bank Debit

In ABA / Routing Number, enter the corresponding banking number.
In Bank Account Number, enter the account number.
Select the appropriate Account Type.
In Bank Name, enter the name of the banking institution.
In Account Holder Name, enter the name of the account holder.
Click Submit.
- You will be redirected to Armor Management Portal (AMP) login screen.

Expand

title	Step 2: Complete Your Security Information

Note
In this step, you will add your phone number to your account. This phone number will be used for multi-factor authentication. To complete the account signup process and to log into AMP, you must be near this phone number.

Note your Armor username.
- The Username will be pre-populated with the email address of the Primary Contact for the account.
In Password and Confirm Password, create and enter an account password.
- Your password must be at least 12 characters in length.
- Your password must contain an upper-case character, a lower-case character, a number, and a special character.
- Your password cannot contain personal information, such as your name, email address, birthday, etc. For example, if your name is John Smith, then you cannot use joh or smi in your password.
- You can only change your password once every 24 hours.
- Passwords expire after 60 days.
- After 6 failed login attempts, you will be locked out of your account for an hour. To resolve this, you must contact your account administrator or contact Armor Support.
- After 15 minutes of no activity, you will be logged out of the Armor Management Portal (AMP).
Complete the Challenge Phrase and Challenge Response.
- If you call Armor for technical support, you will be asked the Challenge Phrase, and you must correctly answer the Challenge Response.
- Do not use inappropriate language or suggestive material.
- The answer must be at least five characters long.
In Phone Number, select your country code / flag, and then enter your phone number.
- This phone number will be used for multi-factor authentication (MFA). Every time you log into the Armor Management Portal (AMP), you will receive a phone call in order to complete the login process.
- You can enter a phone number with spaces and special characters, such as (555) 555-555.
- (Optional) If your phone number contains an extension, enter the number in Extension. You cannot include spaces or special characters in this field.
Click Validate to validate the phone number entered.
- You will receive a phone call; answer the phone, and then follow the instructions.
- (Optional) After you complete the signup process, you can configure your account to use the Microsoft Authenticator application for MFA. To learn how to use this application, see Configure multi-factor authentication for your account.
Click Continue.

Note
If you already coordinated with Armor to pay with a check, then you will be redirected to Armor Management Portal (AMP) login screen.

Expand

title	Step 3: Complete Your Payment Information

In Currency, select your currency.

(Optional) If your business is tax exempt, select I'm tax exempt.

In Tax Exempt ID, enter a valid tax exempt ID.

For PaymentMethod, mark the desired payment (credit card or bank account).

Option 1: Credit card

NoteCardholder Name,Address,City,State, andPostal Codewill be pre-populated with the name and contact information for thePrimary Contacton the account.

In Card Number, enter the credit card number.

In Expiration Date, select the appropriate month and year.

In CVV, enter the verification number for the credit card

In Country, select the corresponding country.

Click Submit.You will be redirected toArmor Management Portal (AMP) login screen.

Option 2: ACH Bank Debit

In ABA / Routing Number, enter the corresponding banking number.

In Bank Account Number, enter the account number.

Select the appropriate Account Type.

In Bank Name, enter the name of the banking institution.

In Account Holder Name, enter the name of the account holder.

Click Submit.You will be redirected to Armor Management Portal (AMP) login screen.
Expand

title	Step 4: Create a Virtual Machine with a New Workload

Insert excerptESLP:Workloads and tiers (snippet)ESLP:Workloads and tiers (snippet)nopaneltrue

In the Armor Management Portal, in the left-side navigation, click Infrastructure.

Click Virtual Machines.

Hover over the plus ( + ) icon, and then click the Virtual Machine icon.If you do not have any virtual machines listed, then clickDeployNew, and then selectVirtual Machine.

Locate and select the desired operating system and operating system version.

On the right side, use the Region drop-down menu to select the data center to host your virtual machine.

Select the desired virtual machine based on your CPU and memory needs (GB).You can click High CPU or High Memory to filter the list of virtual machines. You can also click Show AllOptions to see every virtual machine offering.

Armor labels virtual machines by CPU and memory features. For instance, 2x4 indicates that the virtual machine has 2 CPU and 4 GB of memory.

In Name, enter a descriptive name for your virtual machine.

In Workload, select New Workload.

In New Workload Name, enter a descriptive name.

In New Tier Name, enter a descriptive name.

In Location, select and verify the data center to host your virtual machine.

Under Access Credentials, note your username to access the virtual machine.

In Password, enter a secure password to use to access the virtual machine.

Your password must contain:
- An upper-case letter
- A lower-case letter
- A number
- A special character: ! @ # $ % ^ * ( ) { } [ ]
You can also click Generate Password to allow Armor to create a password.

(Optional) For additional storage, under Storage Substrate and Disk Size, select your desired storage, and then click Add Disk.

On the right-side menu, review the pricing information, and then click Purchase.

When you order a virtual machine, you are also ordering Intelligence Security Model (ISM) for the virtual machine. Prices for ISM will vary based on the number of virtual machines you have ordered. IMS pricing is based on the following tiered structure:

Tier

Number of virtual machines

11 - 10211 - 25326 - 1004101- 2505251 - 5006500 +To view the status of your newly created virtual machine, in the left-side navigation, click Infrastructure, click Virtual Machines, and then search for your newly created virtual machine.
Expand

title	Step 5: Enable and Install Your SSL/VPN Access

NoteFor Account Administrators only

4: Create a Virtual Machine with a New Workload

Info
Workloads and tiers are visual tools used in the Armor Management Portal (AMP) to help you organize your virtual machines and corresponding resources. Workload refers to a container of virtual machines that live inside the Armor data center. Tiers are levels within workloads.

In the Armor Management Portal, in the left-side navigation, click Infrastructure.
Click Virtual Machines.
Hover over the plus ( + ) icon, and then click the Virtual Machine icon.
- If you do not have any virtual machines listed, then click Deploy New, and then select Virtual Machine.
Locate and select the desired operating system and operating system version.
On the right side, use the Region drop-down menu to select the data center to host your virtual machine.
Select the desired virtual machine based on your CPU and memory needs (GB).
- You can click High CPU or High Memory to filter the list of virtual machines. You can also click Show All Options to see every virtual machine offering.
- Armor labels virtual machines by CPU and memory features. For instance, 2x4 indicates that the virtual machine has 2 CPU and 4 GB of memory.
In Name, enter a descriptive name for your virtual machine.
In Workload, select New Workload.
In New Workload Name, enter a descriptive name.
In New Tier Name, enter a descriptive name.
In Location, select and verify the data center to host your virtual machine.
Under Access Credentials, note your username to access the virtual machine.
In Password, enter a secure password to use to access the virtual machine.
- Your password must contain:
  - An upper-case letter
  - A lower-case letter
  - A number
  - A special character: ! @ # $ % ^ * ( ) { } [ ]
- You can also click Generate Password to allow Armor to create a password.
(Optional) For additional storage, under Storage Substrate and Disk Size, select your desired storage, and then click Add Disk.
On the right-side menu, review the pricing information, and then click Purchase.
- When you order a virtual machine, you are also ordering Intelligence Security Model (ISM) for the virtual machine. Prices for ISM will vary based on the number of virtual machines you have ordered. IMS pricing is based on the following tiered structure:
  Tier
  Number of virtual machines
  1 1 - 10
  2 11 - 25
  3 26 - 100
  4 101- 250
  5 251 - 500
  6 500 +
To view the status of your newly created virtual machine, in the left-side navigation, click Infrastructure, click Virtual Machines, and then search for your newly created virtual machine.

Expand

title	Step 5: Enable and Install Your SSL/VPN Access

Note
For Account Administrators only.

In the Armor Management Portal (AMP), in the left-side navigation, click Infrastructure.
Click SSL VPN.
Click Members.
Click the plus ( + ) icon.
In the field, enter and select the name of the user, or their email address.
Mark the desired data center or data centers that the user can connect to.
Click Submit.
- The newly added user will appear in the table; the table is organized in alphabetical order, based on the first name of the user.
Click Client.
Click Download SSL VPN client.
- AMP will automatically detect your operating system; however, you can click Download for another platform to view other operating system options.
- When you open the client, follow the on-screen installation instructions.
- For Windows users, the client will download as a .zip file.
  - Extract the installation files to your local hard drive.
  - Launch the installer.exe file to begin the installation.
  For Mac OS users, the client will download as a .tgzfile.
  - Extract the installation files to your local hard drive.
  - Access the mac_phat_client folder, and then run the naclient.pkg installer.
  - When you run the installer, you will see an error regarding the certificate. Click Continue. (In a future release, Armor will resolve the issue.)
  - To launch the SSL VPN client, in your Applications folder, search for naclient.
  - If you run Mac OS 10.11 or higher, then please review Install SSL VPN Client.
After installation, open the client.
- In the drop-down menu, default will be listed.
  
  Image Added
Click Settings.
- To add a new connection, you must enter a Connection Alias, Hostname/IP Address, and Port, which you can find in AMP.
  
  Image Added
Return to AMP, specifically to the Client section of the SSL VPNscreen.
Use the Client Configuration table to locate the data center and corresponding information to add to the client.

Image Added
Under Client Configuration, copy the Location information, and then paste that information into Connection Alias.
Under Client Configuration, copy the HOST/FQDN information, and then paste that information into Hostname/IP Address.
Under Client Configuration, copy the Port information, and then paste that information into Port.
Click Add.
Click OK.
In the drop-down menu, select the newly created connection.
Log into the client.
- Your SSL VPN login credentials are the same credentials you use to access the Armor Management Portal (AMP).

Step 1: Create an IP Group

In the Firewall screen, each entry in the table represents a single firewall rule; however, each firewall rule can contain several IP addresses or just a single IP address.

You can combine related IP addresses into a single IP Group. For example, if you want to block traffic from three separate IP address, you do not have to create three separate firewall rules. Instead, you can combine the three separate IP addresses into a single, configurable IP Group. Then, when you create a firewall rule, you can pick the newly created IP Group as your Source or Destination IP addresses.

In the Armor Management Portal (AMP), on the left-side navigation, click Security.

Click Firewall.

If you have virtual machines in various data centers, then in the top drop-down menu, select the desired data center.

Click IP Groups.

ClickActions, and then clickNew Group. In IP Group Name, enter a descriptive name. Armor recommends that you add Source or Destination into the name of the IP Group to help you identify the IP Group as the Source or DestinationIP group.

In Add Members To Group, enter a member, and then click the plus icon.

You can enter:
- A single IP address
- A range of IP addresses
- CIDR
You must add at least one member.
You can add multiple members to a service group.

Click Apply.

The newly created IP group will appear at the bottom of the table.

Step 2: Create a Service Group

In the Firewall screen, each entry in the table represents a single firewall rule; however, each firewall rule can contain several protocols (and ports).

You can combine related protocols (and ports)into a Service Group. For example, if you want to create a firewall rule to block three types of traffic, you do not have to create three separate firewall rules. Instead, you can combine the three types of traffic (protocols and ports) into a single, configurable Service Group. Then, when you create a firewall rule, you can pick the newly created Service Group.

In the Armor Management Portal (AMP), on the left-side navigation, click Security.

Click Firewall.

If you have virtual machines in various data centers, then in the top drop-down menu, select the desired data center.

Click Service Groups.

ClickActions, and then clickNew Group.

In Service Group Name, enter a descriptive name.

In Add Members To Group, enter the service or sub-protocol, and then click the plus ( + ) icon.

You must add at least one member.

You can add multiple members to a service group.

Click Apply.

The newly created service group will appear at the bottom of the table.

For a complete list of supported services and sub-protocol, seeReview supported services and sub-protocols.

Step 3: Create a Firewall Rule

In the Armor Management Portal (AMP), on the left-side navigation, click Security.

Click Firewall.

If you have virtual machines in various data centers, then in the top menu, click the corresponding data center.

ClickActions, and then clickNew Rule. If you do not seeActions, then clickCreate a Firewall Rule.

In Name, enter a descriptive name.

In Action, select Allow to allow specified traffic to access your virtual machine or Block to block specified traffic.

UnderService,enter and select the name of the desired Service Group.

To learn how to create a Service Group, see Create a service group.

UnderSource, enter and select the name of the desired IP Group.

To learn how to create an IP Group, see Create an IP group.

Under Destinations, in the field, enter and select the name of the desired IP Group.

Click Save Rule.

After you create a rule, Armor recommends that you place the rule in the correct order.

If you are not familiar with ordering rules, contact Armor Support to help you properly order your firewall rules. It is extremely important to order rules in order to receive desired traffic.

To learn how to send a support ticket, seeArmor Support.Reorder a Rule:

Under Rule, in the numbered fields, enter a number to move the rule to a different position.

If you have more than 25 rules, the additional rules will be placed in a secondary section within the Firewallscreen. To reorder and move these additional rules into a higher position, enter a number under the Ordercolumn, and then press Enter on your keyboard.

In the top menu that appears, clickSave.Disable a Rule:

Locate and hover over the desired rule.

Click the vertical ellipses.

ClickDisable Rule.ClickDisableRuleagain.In the top menu that appears, clickSave.

In the Armor Management Portal (AMP), roles are similar to job titles that you can create and assign to your users. You can populate these roles with certain permissions. For example, you can create an Audit role, and then you can add specific permissions that will give the assigned user permission to access audit-related features.

By default, a new administrator account contains an Admin role with all the available permissions selected.

When you create a new user account, you must assign that user a role. You can assign a default role or create a new role.

Expand

title	Step 6: Create a Firewall Rule with a New IP Address Group

Step 1: Create an IP Group

In the Firewall screen, each entry in the table represents a single firewall rule; however, each firewall rule can contain several IP addresses or just a single IP address.

You can combine related IP addresses into a single IP Group. For example, if you want to block traffic from three separate IP address, you do not have to create three separate firewall rules. Instead, you can combine the three separate IP addresses into a single, configurable IP Group. Then, when you create a firewall rule, you can pick the newly created IP Group as your Source or Destination IP addresses.

In the Armor Management Portal (AMP),

in

on the left-side navigation, click

Infrastructure

Security.
Click

SSL VPN. ClickMembers.

Click the plus ( + ) icon.

In the field, enter and select the name of the user, or their email address.

Mark the desired data center or data centers that the user can connect to.

ClickSubmit.

The newly added user will appear in the table; the table is organized in alphabetical order, based on the first name of the user.

ClickClient. Click Download SSLVPN client.

AMP will automatically detect your operating system; however, you can click Download for another platform to view other operating system options.
When you open the client, follow the on-screen installation instructions.

ForWindowsusers, the client will download as a .zip file.

Extract the installation files to your local hard drive.

Launch theinstaller.exefile to begin the installation. ForMac OSusers, the client will download as a.tgzfile.

Extract the installation files to your local hard drive.

Access the mac_phat_clientfolder, and then run the naclient.pkg installer.
When you run the installer, you will see an error regarding the certificate. ClickContinue. (In a future release, Armor will resolve the issue.)To launch the SSL VPN client, in yourApplicationsfolder, search fornaclient.Ifyou run Mac OS 10.11 or higher, then please review Install SSL VPN Client for Mac OS, version 10.11 and higher. After installation, open the client.In the drop-down menu,defaultwill be listed.

Image Removed
ClickSettings.To add a new connection, you must enter aConnectionAlias,Hostname/IP Address, andPort, which you can find in AMP.

Image Removed
Return to AMP, specifically to theClientsection of theSSL VPNscreen.Use theClient Configurationtable to locate the data center and corresponding information to add to the client.

Image Removed
UnderClient Configuration, copy theLocationinformation, and then paste that information intoConnectionAlias.UnderClient Configuration, copy theHOST/FQDNinformation, and then paste that information intoHostname/IP Address.UnderClient Configuration, copy thePortinformation, and then paste that information intoPort.ClickAdd.ClickOK.

In the drop-down menu, select the newly created connection.

Log into the client.

Your SSL VPN login credentials are the same credentials you use to access the Armor Management Portal (AMP).

Expand

title	Step 6: Create a Firewall Rule with a New IP Address Group

Service or sub-protocol

Notes

Example

Services (TCP, UDP, etc.)

You must enter a port number.

These services are not case-sensitive.

tcp/80
TCP/80
Tcp/80
tCp/80

Additional services (AARP, AH, etc.)

These additional services are not case-sensitive.

Do not enter a port number with these additional services.

ATALK
igmp
Gre

Sub-protocols (echo-reply, redirect, etc.)

You must enter icmp, followed by the specific sub-protocol.

You must enter the sub-protocol in lower-case letters.

Do not enter a port number.

icmp/source-host-isolated
icmp/time-exceeded

Note

Expand

title	Step 7: Create a Role and Add Permissions

Note

There are three default permissions in AMP:

Admin contains every permission in AMP.
Technical contains mostly write-only permissions.
Billing contains mostly read-only permissions.

If you want to use a default role, then you can skip to Step 8: Create An User and Assign A Role.

Expand

title	Step 8: Create a User and Assign a Role

Insert excerptESLP:Invite a new user (snippet)ESLP:Invite a new user (snippet)nopaneltrue

Note
Repeat Step 8: Create An User and Assign A Role for every user you want to invite.

Expand

title	Step 9: Enable SSL/VPN Access for Your Users

Insert excerptESLP:Enable SSL/VPN for your user (snippet)ESLP:Enable SSL/VPN for your user (snippet)nopaneltrue Expand

title	Step 10: Subscribe to Data Center Notifications

Insert excerptESLP:Subscribe to data center notifications (snippet)ESLP:Subscribe to data center notifications (snippet)nopaneltrue Expand

title	Step 11: Configure Your Notification Preferences

Armor recommends that you configure your account to receive notifications forAccount, Billing, and Technical events. Note

These notification preferences do not relate to support tickets.

To update your notification preferences for support tickets, seeNotification Preferences.Account

You will receive a notification when:

A password expires in 14 days.
A password expires in 7 days.
A password expires in 24 hours.
A password has expired.

Billing

You will receive a notification when:

An invoice has posted.
An invoice is past due (2, 10, 15, 25, and 30 days).
A payment method will soon expire (1, 15, and 30 days).

You can configure a user to become the primary billing contact for an account. This user will receive billing notifications. Additionally, this user will be listed in the Bill to field in an invoice

Firewall.
If you have virtual machines in various data centers, then in the top drop-down menu, select the desired data center.
Click IP Groups.
Click Actions, and then click New Group.
In IP Group Name, enter a descriptive name.
- Armor recommends that you add Source or Destination into the name of the IP Group to help you identify the IP Group as the Source or Destination IP group.
In Add Members To Group, enter a member, and then click the plus icon.
- You can enter:
  - A single IP address
  - A range of IP addresses
  - CIDR
- You must add at least one member.
- You can add multiple members to a service group.
Click Apply.
- The newly created IP group will appear at the bottom of the table.

Step 2: Create a Service Group

In the Firewall screen, each entry in the table represents a single firewall rule; however, each firewall rule can contain several protocols (and ports).

You can combine related protocols (and ports)into a Service Group. For example, if you want to create a firewall rule to block three types of traffic, you do not have to create three separate firewall rules. Instead, you can combine the three types of traffic (protocols and ports) into a single, configurable Service Group. Then, when you create a firewall rule, you can pick the newly created Service Group.

In the Armor Management Portal (AMP), on the left-side navigation, click Security.
Click Firewall.
If you have virtual machines in various data centers, then in the top drop-down menu, select the desired data center.
Click Service Groups.
Click Actions, and then click New Group.
In Service Group Name, enter a descriptive name.

In Add Members To Group, enter the service or sub-protocol, and then click the plus ( + ) icon.

You must add at least one member.

You can add multiple members to a service group.

Service or sub-protocol

Notes

Example

Services (TCP, UDP, etc.)

You must enter a port number.

These services are not case-sensitive.

tcp/80
TCP/80
Tcp/80
tCp/80

Additional services (AARP, AH, etc.)

These additional services are not case-sensitive.

Do not enter a port number with these additional services.

ATALK
igmp
Gre

Sub-protocols (echo-reply, redirect, etc.)

You must enter icmp, followed by the specific sub-protocol.

You must enter the sub-protocol in lower-case letters.

Do not enter a port number.

icmp/source-host-isolated
icmp/time-exceeded

Click Apply.
- The newly created service group will appear at the bottom of the table.

For a complete list of supported services and sub-protocol, see Review supported services and sub-protocols.

Step 3: Create a Firewall Rule

In the Armor Management Portal (AMP), on the left-side navigation, click Security.
Click Firewall.
If you have virtual machines in various data centers, then in the top menu, click the corresponding data center.
Click Actions, and then click New Rule.
- If you do not see Actions, then click Create a Firewall Rule.
In Name, enter a descriptive name.
In Action, select Allow to allow specified traffic to access your virtual machine or Block to block specified traffic.
Under Service, enter and select the name of the desired Service Group.
- To learn how to create a Service Group, see Create a service group.
Under Source, enter and select the name of the desired IP Group.
- To learn how to create an IP Group, see Create an IP group.
Under Destinations, in the field, enter and select the name of the desired IP Group.
Click Save Rule.

After you create a rule, Armor recommends that you place the rule in the correct order.

Note

If you are not familiar with ordering rules, contact Armor Support to help you properly order your firewall rules. It is extremely important to order rules in order to receive desired traffic.

To learn how to send a support ticket, see Armor Support.

Reorder a Rule:

Under Rule, in the numbered fields, enter a number to move the rule to a different position.
- If you have more than 25 rules, the additional rules will be placed in a secondary section within the Firewall screen. To reorder and move these additional rules into a higher position, enter a number under the Order column, and then press Enter on your keyboard.
In the top menu that appears, click Save.

Disable a Rule:

Locate and hover over the desired rule.
Click the vertical ellipses.
Click Disable Rule.
Click Disable Rule again.
In the top menu that appears, click Save.

Expand

title	Step 7: Create a Role and Add Permissions

In the Armor Management Portal (AMP), roles are similar to job titles that you can create and assign to your users. You can populate these roles with certain permissions. For example, you can create an Audit role, and then you can add specific permissions that will give the assigned user permission to access audit-related features.

By default, a new administrator account contains an Admin role with all the available permissions selected.

When you create a new user account, you must assign that user a role. You can assign a default role or create a new role.

Note

There are three default permissions in AMP:

Admin contains every permission in AMP.
Technical contains mostly write-only permissions.
Billing contains mostly read-only permissions.

If you want to use a default role, then you can skip to Step 8: Create An User and Assign A Role.

Expand

title	Step 8: Create a User and Assign a Role

In the Armor Management Portal (AMP), in the left-side navigation, click Account.
Click Users.
Click the plus ( + ) icon.
Complete the First Name, Last Name, and Email Address fields.
- The email address you enter will be the username.
Select a role for this user.
- You must assign a role to the user.
- You can assign multiple roles to the user.
- You can assign a default role (Admin, Technical, Billing).
  - Admin contains every permission in AMP.
  - Technical contains mostly write-only permissions.
  - Billing contains mostly read-only permissions
- To learn about Roles and Permissions, see Roles and Permissions.
Click Create User. An email will be sent to the user. After 96 hours, the sign-up link in the email will expire.
- If the link expires, you can resend the user invitation. In the Users screen, hover over the desired user, click the vertical ellipses, and then select Resend Invitation.
- If you want to remove this newly created / invited user from your account, see Remove a newly created / invited user from your account.

Note
Repeat Step 8: Create An User and Assign A Role for every user you want to invite.

Expand

title	Step 9: Enable SSL/VPN Access for Your Users

Before an invited user can download and install their SSL VPN, the account administrator must add the following permissions to their account:

Write SSL VPN Devices and Users
Read SSL VPN Devices and Users
Read Virtual Data Centers

Additionally, the account administrator must enable the account to access the SSL VPN client:

In the Armor Management Portal (AMP), in the left-side navigation, click Infrastructure.
Click SSL VPN.
Click Members.
In the top bar, select the data center that corresponds to your virtual machine.
- If you have virtual machines in multiple data centers, then you must configure the user for each data center. (Also, you must download the client for every data center you use.)
Under Active Members, type and select the desired username.
- The user can now access to AMP to download their SSL VPN client.

Expand

title	Step 10: Subscribe to Data Center Notifications

Insert excerpt

	Account Administrators
	Account Administrators
name	Subscribe to Data Center Notifications
nopanel	true

Expand

title	Step 11: Configure Your Notification Preferences

Armor recommends that you configure your account to receive notifications for Account, Billing, and Technical events.

Note

These notification preferences do not relate to support tickets.

To update your notification preferences for support tickets, see Notification Preferences.

Account

You will receive a notification when:

A password expires in 14 days.
A password expires in 7 days.
A password expires in 24 hours.
A password has expired.

Billing

You will receive a notification when:

An invoice has posted.
An invoice is past due (2, 10, 15, 25, and 30 days).
A payment method will soon expire (1, 15, and 30 days).

You can configure a user to become the primary billing contact for an account. This user will receive billing notifications. Additionally, this user will be listed in the Bill to field in an invoice.

In the Armor Management Portal (AMP), in the left-side navigation, click Account.
Click Users.
Locate and hover over the desired user.
Click the vertical ellipses.
Select Set as Primary Billing Contact.
Click OK.

Technical

You will receive a notification when:

A virtual machine will be deleted or downgraded.
CPU, disk, and memory utilization is at more than 90% for 5 minutes.
Ping, SSH (Linux), or RDP (Windows) fails for 5 minutes.

Note
You can only change the notification preferences for your own account. You cannot change the notification preferences for other user accounts.

In the Armor Management Portal (AMP), in the

...

top, right corner, click the vertical ellipses.
Click Settings.
Click

...

Notification Preferences.

...

You will receive a notification when:

A virtual machine will be deleted or downgraded.
CPU, disk, and memory utilization is at more than 90% for 5 minutes.
Ping, SSH (Linux), or RDP (Windows) fails for 5 minutes.

Use the slider to make your desired changes.
- Select Alert to receive notifications in the top bar in the Armor Management Portal (AMP).
- Select Email to receive notifications through email.
- You can select both notification options.
Click Update Notification Preference to save your changes.

Expand

title	Step 12: Add a User to an Organization

An organization allows you to specify when a group of users should be added to a specific support ticket, based on the subject matter of the ticket. For instance, for a billing-related ticket, you can indicate that members of the Billing organization should be notified. When a support ticket is shared with an organization, all users within the organization will receive an initial email notification.

In the Armor Management Portal (AMP), in

the top, right corner, click the vertical ellipses.

Click Settings.

ClickNotification Preferences.Use the slider to make your desired changes.
Select Alert to receive notifications in the top bar in

the left-side navigation, click Support.
Click Tickets.
Click Manage Organizations or Organizations.
Select the desired organization.
To add a user, enter and select the name of the user.
- The change will be automatically saved.

Note
For more information on setting up access to Support Tickets, see Organizations.

An organization allows you to specify when a group of users should be added to a specific support ticket, based on the subject matter of the ticket. For instance, for a billing-related ticket, you can indicate that members of the Billing organization should be notified. When a support ticket is shared with an organization, all users within the organization will receive an initial email notification.

n the Armor Management Portal (AMP), in the left-side navigation, click Support.

Click Tickets.

Click Manage Organizations or Organizations.
Select the desired organization.
To add a user, enter and select the name of the user.
The change will be automatically saved.

Excerpt

hidden	true
name	Subscribe to Data Center Notifications

You can use Armor's StatusHub page to review the status of Armor's infrastructure, as well as other Armor services, such as the Armor Management Portal (AMP).

Select Email

Additionally, you can use StatusHub to receive notifications

through email.

You can select both notification options.

Click Update Notification Preference to save your changes.

Expand

title	Step 12: Add a User to an Organization

Note
For more information on setting up access to Support Tickets, see Organizations.

...

and updates regarding infrastructure outages.

Access Armor's StatusHub page.
In the top menu, click Subscribe.
Select your desired notification method (Email, SMS, Slack, or Webhook), and then enter the corresponding information, such as your email address for the Email tab.
Select a notification type. There are two options.
1. To receive information about every Armor service, click All services. This option will send you information about:
  1. All data centers
  2. Armor API
  3. Armor Management Portal
2. To receive information about specific Armor services, click Selected Services.
  1. Next to Choose services, click Select.
  2. Click the desired data center, and then click Select to receive information for every infrastructure component for that data center.
During an unexpected outage (or incident), you may receive multiple updates regarding the status of an outage.
- To receive multiple updates during an outage, select OFF for Do not notify on intermediate incident updates.
- To simply receive one notification regarding the beginning of an outage, and then one notification regarding the completion of an outage, select ON for Do not notify on intermediate incident updates.
Click Subscribe.

Versions Compared

Old Version 71

New Version Current

Key

Option 1: Credit card

Option 2: ACH Bank Debit

Option 1: Credit card

Option 2: ACH Bank Debit

Step 1: Create an IP Group

Step 2: Create a Service Group

Step 3: Create a Firewall Rule

Step 1: Create an IP Group

Step 2: Create a Service Group

Step 3: Create a Firewall Rule

Tier	Number of virtual machines
1	1 - 10
2	11 - 25
3	26 - 100
4	101- 250
5	251 - 500
6	500 +