Encrypting Root EBS Volumes for AWS Deployments

Based on your organization’s security policy and compliance requirements, you may want or need to provide additional data encryption safeguards when deploying AlienVault® USM Appliance™ in a off-premises, hosted cloud computing environment. When you deploy USM Appliance on AWS, you can encrypt the Amazon EBS-based volume from which you launch USM Appliance instances. When you create an encrypted EBS volume and attach it to your USM Appliance instance, the following types of data are encrypted:

• Data at rest inside the volume

• All data moving between the volume and the instance

• All snapshots created from the volume

The procedure found on the webpage below describes how to create an Amazon-encrypted EBS volume and attach the USM Appliance Amazon Machine Image (AMI) from which you can launch instances of USM Appliance. Read the procedure here: https://www.alienvault.com/documentation/usm-appliance/kb/2017/02/encrypting-root-volumes-for-aws-deployments.htm

 

Article written by Tyler Rathjen