Setup Guide (Amazon S3)
Get started with bucketAV in 15 minutes. Follow this Setup Guide to:
- Subscribe to and install bucketAV.
- Scan your Amazon S3 buckets when new files arrive (optional).
- Scan your Amazon S3 buckets periodically (optional).
- Configure a weekly report (optional).
Do you have any questions? Please read the documentation and frequently asked questions, or email us.
The video shows how to install bucketAV powered by ClamAV®. However, setting up bucketAV powered by Sophos® works the same.
Create an EC2 key pair (#)
bucketAV requires an EC2 Key Pair. To create a key pair:
- Go to the EC2 Management Console and navigate to Key Pairs.
- Click on Create key pair.
- Set a Name (e.g.,
bucketav
). - Select the Private key file format that fits your SSH client (
.ppk
for PuTTY; otherwise,.pem
). - Click on Create key pair.
Subscribe to bucketAV in AWS Marketplace (#)
bucketAV supports two engines: Sophos® and ClamAV®. The following table compares the two engines. Pick the engine, that fits your needs and click on the Go to AWS Marketplace
button.
bucketAV for Amazon S3 powered by Sophos® | bucketAV for Amazon S3 powered by ClamAV® |
---|---|
Commercial antivirus engine | Open-source antivirus engine |
Immediate zero-day protection | |
High performance | Medium performance |
Maximum file size 5 TB | Maximum file size 2 GB |
Priority support via email | Standard support via email |
$0.025 per vCPU hour $0.20 per scanned GB | $0.025 per vCPU hour |
Go to AWS Marketplace | Go to AWS Marketplace |
After you selected the engine, that fits your need by clicking one of the Go to AWS Marketplace
links, proceed with the following steps.
- Click on Continue to Subscribe.
- Click on Accept Terms.
- The subscription is now
Pending
. - Wait until the subscription is active and click on Continue to Configuration.
- We provide three Delivery Methods:
Delivery Method Description Architecture Dedicated public VPC
(recommended)The recommended and cost-efficient option where the network setup is included. Open diagram Dedicated private VPC The EC2 instances run in private subnets (additional traffic charges apply). We recommend this option only if your internal security guidelines require it. Open diagram Existing VPC Deploy bucketAV into an existing VPC. Deploying bucketAV into an existing VPC increases the setup effort and the complexity. Read the Existing VPC Network Guide to prepare your VPC configuration. Open diagram - The Region you select must match the region of your S3 buckets. If you use S3 buckets in multiple regions, repeat the setup for each region.
- Click on Continue to Launch.
- Choose the Action
Launch CloudFormation
and click on Launch. - You are redirected to CloudFormation.
Install bucketAV (#)
bucketAV is managed and configured via CloudFormation.
- Click on Next.
- Set a Stack name (e.g.,
bucketav
). - Under Required Parameters, set the KeyName configuration parameter to an EC2 Key Pair name.
- Review the rest of the configuration parameters and go with the defaults (recommended).
- Scroll to the bottom of the page and click on Next.
- Scroll to the bottom of the page and click on Next.
- Scroll to the bottom of the page, enable I acknowledge that AWS CloudFormation might create IAM resources, and click on Create.
- The stack status is CREATE_IN_PROGRESS. Reload the table from time to time and …
- … wait until the CloudFormation stack status switches to CREATE_COMPLETE.
bucketAV is now up and running.
Update bucketAV regularly to keep the product secure.
Receive a monthly digest of security updates, new capabilities, and best practices.
Continue to connect your S3 buckets.
Configure your S3 buckets (#)
- Visit the AWS CloudWatch Management Console.
- Navigate to Dashboards.
- Select the dashboard starting with the name
bucketav
followed by the name of the AWS region—for example,bucketav-eu-west-1
. - Find the Buckets tile. Enable real-time file scanning for each bucket you want by clicking the Enable button.
- Enable scheduled bucket scanning for each bucket you want by clicking the Enable button.
Optionally, follow these steps to test your real-time scanning configuration:
- Upload a file to one of your S3 buckets enabled for real-time scanning.
- Click on the uploaded file.
- Scroll down to the Tags box. Within a few seconds, the
bucketav
tag is added with the scan result (reload the page if needed). - To simulate an infected file, we recommend using the EICAR test file.
Continue to configure reporting and open the dashboard.
Reporting & Visibility (#)
Install the Reporting Add-On to receive a daily/weekly/monthly email report.
Check out the dashboard for complete visibility into bucketAV.
Request 14-day free trial (#)
Share your use case with us and receive a 14-day free trial.
The free trial covers the bucketAV software costs. Please note that AWS infrastructure and Amzon S3 API costs are not covered.
Do you have any questions? (#)
Check out the frequently asked questions, or send us an email.