Cloud Storage Security Help Docs
Release Notes
  • Introduction
  • Getting Started
    • How to Subscribe
      • Pay-As-You-Go (PAYG)
      • Bring Your Own License/GovCloud (BYOL)
      • AWS Transfer Family
    • How to Deploy
      • Steps to Deploy
      • Advanced Deployment Considerations
      • AWS Transfer Family
    • How to Configure
  • Console Overview
    • Dashboard
    • Malware Scanning
      • AWS
        • Buckets
        • Amazon EBS Volumes
        • Amazon EFS Volumes
        • Amazon FSx Volumes
        • WorkDocs Connections
      • Azure
        • Blob Containers
      • GCP
        • GCP Buckets
    • See What's Infected
      • Findings
      • Malware History
      • Results
    • Schedules
    • Monitoring
      • Error Logs
      • Bucket Settings
      • Deployment
      • Jobs
      • Notifications
      • Storage Assessment
      • Usage
    • Configuration
      • Classification Rule Sets
      • Classification Custom Rules
      • Scan Settings
      • Console Settings
      • AWS Integrations
      • Job Networking
      • API Agent Settings
      • Proactive Notifications
      • License Management
      • Event Agent Settings
    • Access Management
      • Manage Users
      • Manage Accounts
        • Linking an AWS Account
        • Linking an Azure Account
        • Linking a GCP Account
      • Manage Groups
    • Support
      • Getting Started
      • Stay Connected
      • Contact Us
      • Documentation
  • Product Updates
  • How It Works
    • Scanning Overview
      • Event Driven Scanning for New Files
      • Retro Scanning for Pre-Existing Files
      • API Driven Scanning
    • Architecture Overview
    • Deployment Details
    • Sizing Discussion
    • Integrations
      • AWS Security Hub
      • AWS CloudTrail Lake
      • AWS Transfer Family
      • Amazon GuardDuty
      • Amazon Bedrock
    • Demo Videos
    • Scanning APIs
    • SSO Integrations
      • Entra ID SSO Integration
      • Okta SSO Integration
  • Frequently Asked Questions
    • Getting Started
    • Product Functionality
    • Architecture Related
    • Supported File Types
  • Troubleshooting
    • CloudFormation Stack failures
    • Cross-Region Scanning on with private network
    • API Scanning: Could not connect to SSL/TLS (v7)
    • Password not received after deployment
    • Conflicted buckets
    • Modifying scaling info post-deployment
    • Objects show unscannable with access denied
    • Remote account objects not scanning
    • My scanning agents keep starting up and immediately shutting down
    • I cannot access the management console
    • Linked Account Out of Date
    • Rebooting the Management Console
    • Error when upgrading to the latest major version
    • I Cannot Create/Delete an API Agent
  • Release Notes
    • Latest (v8)
    • v7
    • v6 and older
  • Contact Us & Support
  • Data Processing Agreement
  • Privacy Policy
Powered by GitBook
On this page
  • Architecture
  • Console EBS Protection Page
  • Setting up your VPC and Subnets for the regions you are protecting EBS volumes in
  • Creating an EBS volume scan or classification schedule
  • Volume Schedule Statuses
  • On-demand antivirus scanning and data classification
  1. Console Overview
  2. Malware Scanning
  3. AWS

Amazon EBS Volumes

PreviousBucketsNextAmazon EFS Volumes

Last updated 1 month ago

Architecture

  1. The Console Service creates an EC2 instance in the EBS Volume region as a Scanning Agent

  2. The Agent creates an EBS Snapshot

  3. The EBS Snapshot is scanned by the Scanning Agent

  4. Results are sent to CloudWatch

  5. Job status and other scan details are sent to DyanamoDB

  6. The Console service ingests details from CloudWatch and DyanamoDB, and when the scan is done, scanning architecture and the EBS Snapshot are torn down

Console EBS Protection Page

The EBS Protection page will show you any EBS volumes that are associated with the account that you have deployed our solution in, as well as volumes from any accounts linked to your console. Here you'll be able to create Antivirus scanning and Data Classification schedules for EBS Volumes.

Setting up your VPC and Subnets for the regions you are protecting EBS volumes in

Creating an EBS volume scan or classification schedule

  1. Select the EBS volume(s) you want to protect through a schedule

  2. Click actions and select either Create AV Schedule or Create DC Schedule

  3. You can select any additional EBS volumes and add EFS volumes or S3 buckets to the schedule through the schedule popup

  4. Once you have all of the resources you want to add to a schedule selected, click on the Create Schedule tab

  5. Name your schedule, add the scan period and make any additional changes you need

  6. Click Save once you're done

After your schedule is created you'll want to go to the Schedules page and activate the schedule.

Now your schedule will run per the scan period that you originally configured. If you need to add or remove volumes, or make any other configuration changes you can always edit the schedule on the Schedules page.

Volume Schedule Statuses

The schedule icons shown below will reflect whether a bucket is associated with a schedule and whether that schedule is active or not.

On-demand antivirus scanning and data classification

In addition to scheduled scans, you can select and perform on-demand AV and DC scanning for EBS volumes.

If you do not have a VPC and subnets staged in the region your EBS Volumes exist in, you will be asked to set a VPC and subnets when activating the schedule. You can learn more about staging regions in the page.

You can create a schedule within the , or you can create a schedule for EBS volumes directly from the EBS Volumes page.

Protected by Active Schedule -

Part of an Inactive Schedule -

Not a Part of any Schedule -

Schedules page
Event Agent Settings
VPC and Subnets
Create your Schedule
Activate your Schedule
EBS On-demand Scanning
Green clock
Red clock
Red clock