Cloud Storage Security Help Docs
Release Notes
  • Introduction
  • Getting Started
    • How to Subscribe
      • Pay-As-You-Go (PAYG)
      • Bring Your Own License/GovCloud (BYOL)
      • AWS Transfer Family
    • How to Deploy
      • Steps to Deploy
      • Advanced Deployment Considerations
      • AWS Transfer Family
    • How to Configure
  • Console Overview
    • Dashboard
    • Malware Scanning
      • AWS
        • Buckets
        • Amazon EBS Volumes
        • Amazon EFS Volumes
        • Amazon FSx Volumes
        • WorkDocs Connections
      • Azure
        • Blob Containers
      • GCP
        • GCP Buckets
    • See What's Infected
      • Findings
      • Malware History
      • Results
    • Schedules
    • Monitoring
      • Error Logs
      • Bucket Settings
      • Deployment
      • Jobs
      • Notifications
      • Storage Assessment
      • Usage
    • Configuration
      • Classification Rule Sets
      • Classification Custom Rules
      • Scan Settings
      • Console Settings
      • AWS Integrations
      • Job Networking
      • API Agent Settings
      • Proactive Notifications
      • License Management
      • Event Agent Settings
    • Access Management
      • Manage Users
      • Manage Accounts
        • Linking an AWS Account
        • Linking an Azure Account
        • Linking a GCP Account
      • Manage Groups
    • Support
      • Getting Started
      • Stay Connected
      • Contact Us
      • Documentation
  • Product Updates
  • How It Works
    • Scanning Overview
      • Event Driven Scanning for New Files
      • Retro Scanning for Pre-Existing Files
      • API Driven Scanning
    • Architecture Overview
    • Deployment Details
    • Sizing Discussion
    • Integrations
      • AWS Security Hub
      • AWS CloudTrail Lake
      • AWS Transfer Family
      • Amazon GuardDuty
      • Amazon Bedrock
    • Demo Videos
    • Scanning APIs
    • SSO Integrations
      • Entra ID SSO Integration
      • Okta SSO Integration
  • Frequently Asked Questions
    • Getting Started
    • Product Functionality
    • Architecture Related
    • Supported File Types
  • Troubleshooting
    • CloudFormation Stack failures
    • Cross-Region Scanning on with private network
    • API Scanning: Could not connect to SSL/TLS (v7)
    • Password not received after deployment
    • Conflicted buckets
    • Modifying scaling info post-deployment
    • Objects show unscannable with access denied
    • Remote account objects not scanning
    • My scanning agents keep starting up and immediately shutting down
    • I cannot access the management console
    • Linked Account Out of Date
    • Rebooting the Management Console
    • Error when upgrading to the latest major version
    • I Cannot Create/Delete an API Agent
  • Release Notes
    • Latest (v8)
    • v7
    • v6 and older
  • Contact Us & Support
  • Data Processing Agreement
  • Privacy Policy
Powered by GitBook
On this page
  • Overview
  • Infrastructure Overview
  • Solution Cleanup / Uninstall
  • Types of cleanup available:
  1. Console Overview
  2. Monitoring

Deployment

The Deployment Overview page was created to give you a better understanding of the current infrastructure you've deployed.

PreviousBucket SettingsNextJobs

Last updated 11 months ago

Overview

The Deployment Overview also portrays a general protection status for the account(s) you are monitoring with the solution. At a quick glance you can see which regions have some level of protection (event scanning, scheduled scanning or an API endpoint) configured and which do not. You can also easily determine which regions you have Amazon S3 buckets in and how many are being protected.

The Deployment Overview page has a second function to it which is the ability to clean up (uninstall) parts or the entirety of the solution.

Infrastructure Overview

In the collapsed card view, as seen in the picture below, you can quickly see there are 16 regions with buckets (16 region cards appear) in the account(s) this deployment is monitoring. I can also see that 7 of the regions have current protection setup (bucket icon is not red) and 8 of the regions have or have had some level of protection enabled (8 of the 16 cards are white) indicated by the fact the Event Agent is present. We can also determine that 9 of the regions are not currently being protected (indicated by red bucket icons) and 8 of the regions have never had any level of protection configured (indicated by red cards). The red bucket icons and red cards and the fraction of buckets could be indicators for where more protection should be considered.

This can also be see in the expanded card view:

Solution Cleanup / Uninstall

There are a number of infrastructure items initially created during the CloudFormation deployment. There are additional items that are created post deployment by during console operations. This can make it challenging to clean up the solution. We wanted to make it simple for you to clean up a portion or completely uninstall when needed. There are a number of scenarios where this may make sense and we'll leave it to you to determine what that is for your situation, but here are a few:

  1. You decide you no longer want to protect buckets in a particular region so you want to scrub that region of infrastructure.

  2. You did a POC install and want to remove it now that you will be doing a fresh Prod install.

  3. The case where you tried the product and do not want to proceed with it (our least favorite).

Types of cleanup available:

Delete Event Agent (if present)

Deletes all infrastructure related to the Event Agent (Fargate service, SNS topic, SQS queue, bucket events).

Delete API Agent (if present)

Deletes all infrastructure related to the API Agent (Fargate service and Load Balancer).

Delete Retro Agent (if present)

Deletes all infrastructure related to the Retro Agent (Fargate service, SNS topic, SQS queue).

In the v5.03.000 release the Scheduled Scan and On-Demand Scan functionality was re-architected to no longer use the Retro Service. The upgrade process when going to v5.03.000 or later will automatically remove this service from all regions it had been installed.

Deactivate Region (if present)

Performs the delete functionality for the Event, API and Retro agents.

Delete Application

This cleanup type deletes all infrastructure created by the Console across all regions.

  • Security Groups will be left behind and must be manually removed.

  • Make sure to unprotect all buckets first to get rid of all S3 Event Notifications Subscription in each of them

You will have the option to keep or delete the quarantine buckets that were created to house infected files.

You can only trigger the Delete Application function through the action menu for the region your console is deployed in. Unless you chose otherwise during deployment, the default region set in the deployment template is us-east-1.

Upon completion, you will be provided with a link provided to complete the uninstall by deleting the CloudFormation Stack used during the initial deployment.

If you originally deployed using our PAYG listing, are deleting the entire application, and no longer wish to use our solution you must unsubscribe in AWS Marketplace after deleting the application. If you do not unsubscribe you will continue to be charged our base subscription.

The expanded card view gives you additional details about the deployment such as: whether or not agents are currently running and the count, the aggregate runtime hours for the agents (current month) and whether or not is enabled for that region. You will also get a count of buckets protected either by real-time protection or through a schedule.

You can expand / collapse all cards with the buttons above the cards () or individually by clicking anywhere on the particular card header.

Smart Scan
Deployment Overview collapsed
Deployment Overview callouts
Deployment Overview expanded
Delete Event Agent
Delete API Agent
Delete Retro Agent
Deactivate Region
Delete Application
expand buttons