Deploy SDP Private Gateway with an AMI
This section guides you how to deploy a Private Secure IT Access Gateway with an AMI
- Find the most recent gateway AMI for your region:
| MetaDefender IT-OT Access Tenant | Available AMI |
|---|---|
| Tenant B Console: console.metaaccess-b.opswat.com |
|
| Tenant EU Console: console.metaaccess-eu.opswat.com |
|
Launch a new AMI. Make sure to configure the following properties:
- The gateway instance should be at least a t2.medium (2 CPU cores and 4 GB of memory).
- Initial configuration requires SSH access to the EC2 instance. This means giving it a public IP address, or accessing it using its private IP address from another device within the same VPC. Note that you should not enable SSH access to the gateway from any source. It’s a good idea to lock down SSH (port 22) to just those sites you want to configure the gateway from (e.g. your organization’s home office).
- AWS will request that you provide an SSH key, and this is required in order to connect to the gateway.
- Fill in the registration code from the MA UI in the User data section and set an appropriate stage. The User data should be formatted:
{ "accountName": "*", "stage": "*" }. Available “stage” enumerations areUSorEUThe selected stage will determine which MetaDefender IT-OT Access Tenant the user connects to. You can get the registration code from the MA UI in Settings > Global > Account.
Once the AMI is available, login to the instance with SSH. The default username is ec2-user.
Accept and activate the gateway.
- Login into MetaDefender IT-OT Access console.
- Navigate to Secure Access > Access Methods.
- Click Accept on the pending gateway, and check off Activate the gateway to have the gateway provisioned and ready.
Was this page helpful?