...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
Note |
---|
This topic only applies to Armor's private cloud users who are account administrators and new to the Armor Management Portal (AMP). |
As a first-time user in AMP, you must:
- Complete the onboarding / invitation process
- Access AMP
- Invite users
- Set up your infrastructure
Note |
---|
Before you begin, Armor recommends that you review pre-installation/pre-deployment information, such as virtual machine offerings and supported browsers. To learn more, see Pre-deployment considerations for Armor's private cloud. |
...
title | Step 1: Open the Account Signup Email |
---|
...
title | Step 2: Complete Your Security Information |
---|
...
Note |
---|
This topic only applies to Armor Enterprise Cloud users who are account administrators and new to the Armor Management Portal (AMP). |
As a first-time user in AMP, you must:
Complete the onboarding / invitation process
Access AMP
Invite users
Set up your infrastructure
Note |
---|
Before you begin, Armor recommends that you review pre-installation/pre-deployment information, such as virtual machine offerings and supported browsers. To learn more, see Pre-deployment considerations for Armor Enterprise Cloud. |
Expand | ||
---|---|---|
| ||
|
Expand | |||||
---|---|---|---|---|---|
| |||||
Note |
|
Expand | ||
---|---|---|
| ||
Option 1: Credit card
Option 2: ACH Bank Debit
|
Expand | ||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||||||
Note | ||||||||||||||||
Expand | ||||||||||||||||
| ||||||||||||||||
Insert excerpt | ESLP:Workloads and tiers (snippet) | ESLP:Workloads and tiers (snippet) | ||||||||||||||
nopanel | true | |||||||||||||||
Tier | Number of virtual machines | |||||||||||||||
1 | 1 - 10 | |||||||||||||||
2 | 11 - 25 | |||||||||||||||
3 | 26 - 100 | |||||||||||||||
4 | 101- 250 | |||||||||||||||
5 | 251 - 500 | |||||||||||||||
6 | 500 + | |||||||||||||||
Expand | ||||||||||||||||
|
Note |
---|
For Account Administrators only. |
In the field, enter and select the name of the user, or their email address.
Mark the desired data center or data centers that the user can connect to.
- The newly added user will appear in the table; the table is organized in alphabetical order, based on the first name of the user.
- AMP will automatically detect your operating system; however, you can click Download for another platform to view other operating system options.
- When you open the client, follow the on-screen installation instructions.
When you run the installer, you will see an error regarding the certificate. ClickContinue. (In a future release, Armor will resolve the issue.)To launch the SSL VPN client, in yourApplicationsfolder, search fornaclient.Ifyou run Mac OS 10.11 or higher, then please review Install SSL VPN Client. After installation, open the client.In the drop-down menu,defaultwill be listed.
ClickSettings.To add a new connection, you must enter aConnectionAlias,Hostname/IP Address, andPort, which you can find in AMP.
Return to AMP, specifically to theClientsection of theSSL VPNscreen.Use theClient Configurationtable to locate the data center and corresponding information to add to the client.
UnderClient Configuration, copy theLocationinformation, and then paste that information intoConnectionAlias.UnderClient Configuration, copy theHOST/FQDNinformation, and then paste that information intoHostname/IP Address.UnderClient Configuration, copy thePortinformation, and then paste that information intoPort.ClickAdd.ClickOK.
- Your SSL VPN login credentials are the same credentials you use to access the Armor Management Portal (AMP).
title | Step 6: Create a Firewall Rule with a New IP Address Group |
---|
4: Create a Virtual Machine with a New Workload |
Info |
---|
Workloads and tiers are visual tools used in the Armor Management Portal (AMP) to help you organize your virtual machines and corresponding resources. Workload refers to a container of virtual machines that live inside the Armor data center. Tiers are levels within workloads. |
In the Armor Management Portal, in the left-side navigation, click Infrastructure.
Click Virtual Machines.
Hover over the plus ( + ) icon, and then click the Virtual Machine icon.
If you do not have any virtual machines listed, then click Deploy New, and then select Virtual Machine.
Locate and select the desired operating system and operating system version.
On the right side, use the Region drop-down menu to select the data center to host your virtual machine.
Select the desired virtual machine based on your CPU and memory needs (GB).
You can click High CPU or High Memory to filter the list of virtual machines. You can also click Show All Options to see every virtual machine offering.
Armor labels virtual machines by CPU and memory features. For instance, 2x4 indicates that the virtual machine has 2 CPU and 4 GB of memory.
In Name, enter a descriptive name for your virtual machine.
In Workload, select New Workload.
In New Workload Name, enter a descriptive name.
In New Tier Name, enter a descriptive name.
In Location, select and verify the data center to host your virtual machine.
Under Access Credentials, note your username to access the virtual machine.
In Password, enter a secure password to use to access the virtual machine.
Your password must contain:
An upper-case letter
A lower-case letter
A number
A special character: ! @ # $ % ^ * ( ) { } [ ]
You can also click Generate Password to allow Armor to create a password.
(Optional) For additional storage, under Storage Substrate and Disk Size, select your desired storage, and then click Add Disk.
On the right-side menu, review the pricing information, and then click Purchase.
When you order a virtual machine, you are also ordering Intelligence Security Model (ISM) for the virtual machine. Prices for ISM will vary based on the number of virtual machines you have ordered. IMS pricing is based on the following tiered structure:
Tier
Number of virtual machines
1 1 - 10 2 11 - 25 3 26 - 100 4 101- 250 5 251 - 500 6 500 +
To view the status of your newly created virtual machine, in the left-side navigation, click Infrastructure, click Virtual Machines, and then search for your newly created virtual machine.
Expand | ||
---|---|---|
| ||
|
Expand | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| |||||||||||||||
Step 1: Create an IP GroupIn the Firewall screen, each entry in the table represents a single firewall rule; however, each firewall rule can contain several IP addresses or just a single IP address. You can combine related IP addresses into a single IP Group. For example, if you want to block traffic from three separate IP address, you do not have to create three separate firewall rules. Instead, you can combine the three separate IP addresses into a single, configurable IP Group. Then, when you create a firewall rule, you can pick the newly created IP Group as your Source or Destination IP addresses.
Step 2: Create a Service GroupIn the Firewall screen, each entry in the table represents a single firewall rule; however, each firewall rule can contain several IP addresses or just a single IP addressprotocols (and ports). You can combine related IP addresses protocols (and ports)into a single IP Service Group. For example, if you want to create a firewall rule to block traffic from three separate IP address, you do not have to create three separate firewall rules. Instead, you can combine the three separate IP addresses into a single, configurable IP Group. Then, when you create a firewall rule, you can pick the newly created IP Group as your Source or Destination IP addresses. In the Armor Management Portal (AMP), on the left-side navigation, click Security. Click Firewall. If you have virtual machines in various data centers, then in the top drop-down menu, select the desired data center.
three types of traffic, you do not have to create three separate firewall rules. Instead, you can combine the three types of traffic (protocols and ports) into a single, configurable Service Group. Then, when you create a firewall rule, you can pick the newly created Service Group.
Step 2: Create a Service GroupIn the Firewall screen, each entry in the table represents a single firewall rule; however, each firewall rule can contain several protocols (and ports). You can combine related protocols (and ports)into a Service Group. For example, if you want to create a firewall rule to block three types of traffic, you do not have to create three separate firewall rules. Instead, you can combine the three types of traffic (protocols and ports) into a single, configurable Service Group. Then, when you create a firewall rule, you can pick the newly created Service Group.
For a complete list of supported services and sub-protocol, see Review supported services and sub-protocols. Step 3: Create a Firewall Rule
Service or sub-protocol Notes Example | |||||||||||||||
Services (TCP, UDP, etc.) | You must enter a port number. These services are not case-sensitive. |
| |||||||||||||
Additional services (AARP, AH, etc.) | These additional services are not case-sensitive. Do not enter a port number with these additional services. |
| |||||||||||||
Sub-protocols (echo-reply, redirect, etc.) | You must enter icmp, followed by the specific sub-protocol. You must enter the sub-protocol in lower-case letters. Do not enter a port number. |
| |||||||||||||
Note | |||||||||||||||
Expand | |||||||||||||||
| |||||||||||||||
In the Armor Management Portal (AMP), roles are similar to job titles that you can create and assign to your users. You can populate these roles with certain permissions. For example, you can create an Audit role, and then you can add specific permissions that will give the assigned user permission to access audit-related features. By default, a new administrator account contains an Admin role with all the available permissions selected. When you create a new user account, you must assign that user a role. You can assign a default role or create a new role. Note | There are three default permissions in AMP:
After you create a rule, Armor recommends that you place the rule in the correct order.
|
Expand | ||
---|---|---|
| ||
In the Armor Management Portal (AMP), roles are similar to job titles that you can create and assign to your users. You can populate these roles with certain permissions. For example, you can create an Audit role, and then you can add specific permissions that will give the assigned user permission to access audit-related features. By default, a new administrator account contains an Admin role with all the available permissions selected. When you create a new user account, you must assign that user a role. You can assign a default role or create a new role.
|
Expand | ||
---|---|---|
| ||
|
Expand | ||||
---|---|---|---|---|
|
Note |
---|
Repeat Step 8: Create An User and Assign A Role for every user you want to invite. |
title | Step 9: Enable SSL/VPN Access for Your Users |
---|
Before an invited user can download and install their SSL VPN, the account administrator must add the following permissions to their account:
- Write SSL VPN Devices and Users
- Read SSL VPN Devices and Users
- Read Virtual Data Centers
Additionally, the account administrator must enable the account to access the SSL VPN client:
- In the Armor Management Portal (AMP), in the left-side navigation, click Infrastructure.
- Click SSL VPN.
- Click Members.
- In the top bar, select the data center that corresponds to your virtual machine.
- If you have virtual machines in multiple data centers, then you must configure the user for each data center. (Also, you must download the client for every data center you use.)
- Under Active Members, type and select the desired username.
- The user can now access to AMP to download their SSL VPN client.
title | Step 10: Subscribe to Data Center Notifications |
---|
You can use Armor's StatusHub page to review the status of Armor's infrastructure, as well as other Armor services, such as the Armor Management Portal (AMP).
Additionally, you can use StatusHub to receive notifications and updates regarding infrastructure outages.
- Access Armor's StatusHub page.
- In the top menu, click Subscribe.
- Select your desired notification method (Email, SMS, Slack, or Webhook), and then enter the corresponding information, such as your email address for the Email tab.
- Select a notification type. There are two options.
- To receive information about every Armor service, click All services. This option will send you information about:
- All data centers
- Armor API
- Armor Management Portal
- To receive information about specific Armor services, click Selected Services.
- Next to Choose services, click Select.
- Click the desired data center, and then click Select to receive information for every infrastructure component for that data center.
- To receive information about every Armor service, click All services. This option will send you information about:
- During an unexpected outage (or incident), you may receive multiple updates regarding the status of an outage.
- To receive multiple updates during an outage, select OFF for Do not notify on intermediate incident updates.
- To simply receive one notification regarding the beginning of an outage, and then one notification regarding the completion of an outage, select ON for Do not notify on intermediate incident updates.
- Click Subscribe.
title | Step 11: Configure Your Notification Preferences |
---|
These notification preferences do not relate to support tickets.
To update your notification preferences for support tickets, seeNotification Preferences.You will receive a notification when:
- A password expires in 14 days.
- A password expires in 7 days.
- A password expires in 24 hours.
- A password has expired.
You will receive a notification when:
- An invoice has posted.
- An invoice is past due (2, 10, 15, 25, and 30 days).
- A payment method will soon expire (1, 15, and 30 days).
9: Enable SSL/VPN Access for Your Users |
Before an invited user can download and install their SSL VPN, the account administrator must add the following permissions to their account:
Write SSL VPN Devices and Users
Read SSL VPN Devices and Users
Read Virtual Data Centers
Additionally, the account administrator must enable the account to access the SSL VPN client:
In the Armor Management Portal (AMP), in the left-side navigation, click Infrastructure.
Click SSL VPN.
Click Members.
In the top bar, select the data center that corresponds to your virtual machine.
If you have virtual machines in multiple data centers, then you must configure the user for each data center. (Also, you must download the client for every data center you use.)
Under Active Members, type and select the desired username.
The user can now access to AMP to download their SSL VPN client.
Expand | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||
|
Expand | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||
Armor recommends that you configure your account to receive notifications for Account, Billing, and Technical events.
|
Expand | ||
---|---|---|
| ||
An organization allows you to specify when a group of users should be added to a specific support ticket, based on the subject matter of the ticket. For instance, for a billing-related ticket, you can indicate that members of the Billing organization should be notified. When a support ticket is shared with an organization, all users within the organization will receive an initial email notification.
| ||
Technical | You will receive a notification when:
|
Note |
---|
You can only change the notification preferences for your own account. You cannot change the notification preferences for other user accounts. |
the desired organization.
To add a user, enter and select the name of the user.
The change will be automatically saved.
Note |
---|
For more information on setting up access to Support Tickets, see Organizations. |
Excerpt | ||||
---|---|---|---|---|
| ||||
You can use Armor's StatusHub page to review the status of Armor's infrastructure, as well as other Armor services, such as the Armor Management Portal (AMP) , in the top, right corner, click the vertical ellipses.
| ||||
Expand | ||||
| ||||
An organization allows you to specify when a group of users should be added to a specific support ticket, based on the subject matter of the ticket. For instance, for a billing-related ticket, you can indicate that members of the Billing organization should be notified. When a support ticket is shared with an organization, all users within the organization will receive an initial email notification.
Note | . Additionally, you can use StatusHub to receive notifications and updates regarding infrastructure outages.
|