Skip to content

Deployment

Overview

The Deployment Overview page was created to give you a better understanding of the current infrastructure related to the Antivirus for Amazon S3 solution. The Deployment Overview also portrays a general protection status for the account(s) you are monitoring with the solution. At a quick glance you can see which regions have some level of protection (event scanning or retro scanning) configured and which do not. You can also easily determine which regions you have Amazon S3 buckets in and how many are being protected.

The Deployment Overview page has a second function to it which is the ability to clean up (uninstall) parts or the entirety of the solution.

Deployment Overview collapsed

Infrastructure Overview

In the collapsed card view, as seen in the picture below, you can quickly see there are 16 regions with buckets (16 region cards appear) in the account(s) this deployment is monitoring. I can also see that 7 of the regions have current protection setup (bucket icon is not red) and 8 of the regions have or have had some level of protection enabled (8 of the 16 cards are white) indicated by the fact the Event Agent is present. We can also determine that 9 of the regions are not currently being protected (indicated by red bucket icons) and 8 of the regions have never had any level of protection configured (indicated by red cards). The red bucket icons and red cards and the fraction of buckets could be indicators for where more protection should be considered.

Deployment Overview callouts

This can also be see in the expanded card view:

Deployment Overview expanded

The expanded card view gives you additional details about the deployment such as: whether or not agents are currently running and the count, the aggregate runtime hours for the agents (current month) and whether or not Smart Scan is enabled for that region. You will also get a count of buckets protected either by real-time protection or through a schedule.

You can expand / collapse all cards with the buttons above the cards (expand buttons) or individually by clicking anywhere on the particular card header.

Solution Cleanup / Uninstall

There are a number of infrastructure items initially created during the CloudFormation deployment. There are additional items that are created post deployment by during console operations. This can make it challenging to clean up the solution. We wanted to make it simple for you to clean up a portion or completely uninstall when needed. There are a number of scenarios where this may make sense and I'll leave it to you to determine what that is for your situation, but here are a few: decide no longer want to protect buckets in a particular region so you want to scrub that region of infrastructure, you did a POC install and want to remove it now that you will be doing a fresh Prod install and the case where you tried the product and do not want to proceed with it (our least favorite).

Types of cleanup available:

  • Delete Event Agent (if present)
    • Deletes all infrastructure related to the Event Agent (Fargate service, SNS topic, SQS queue, bucket events)
      Delete Event Agent
  • Delete Retro Agent (if present)

    • Deletes all infrastructure related to the Retro Agent (Fargate service, SNS topic, SQS queue)
      Delete Retro Agent

      Retro Agent removed in v5.03.000

      In the v5.03.000 release the Scheduled Scan and On-Demand Scan functionality was re-architected to no longer use the Retro Service. The upgrade process when going to v5.03.000 or later will automatically remove this service from all regions it had been installed.

  • Deactivate Region (if present)

    • Performs the delete functionality for both the Event and Retro agents
      Deactivate Region
  • Delete Application
    • Deletes all infrastructure created by the Console across all regions
    • Upon completion, you will be informed with a link provided to complete the uninstall by deleting the CloudFormation Stack used during the initial deployment Uninstall Solution
      Delete Application will be triggered only from the Console region action menu

Note

Security Groups will be left behind and must be manually removed.


You will have the option to keep or delete the quarantine buckets that were created to house infected files.


Last update: June 10, 2021