Deploying FortiAnalyzer in AWS

I have been playing with AWS a lot since the pandemic.  I wrote another article about adding some VIPs using Elastic IPs.  Here I will walk through deploying FAZ in my AWS lab environment.

Here is my AWS environment.  Note: I am not an AWS master yet so don’t flame me so bad because of my design 😀

AWS Console

Lets connect to your AWS console.  Once there you will need to make sure you are in the correct region.  Go to your EC2 instances.

Here you can see my VPCs.  I will be deploying this FAZ in VPC-A

Under my EC2 tab, I can see a FortiGate and an Ubuntu Desktop I use as a jump box.

Choose the Launch Instance button on the top.

In the search box, type Fortinet and hit Enter

You will see the following screen

Choose the AWS Marketplace option

Search for the BYOL option (if you are in fact bringing your license)

You will get the typical Instance Type and their associated costs.

Choose your instance type from the list.

As you can see, I chose the VPC-A from the Network drop down list.  I also chose the subnet I want to use.  In my case, I named them as priv and pub and referenced the Availability Zone

I like to add the IP Address myself and NOT use the DHCP option by AWS.  In my case, 10.100.2.30.

Next, choose Review and Launch

Here you can review your info and hit Launch

You will need to either assign an existing key pair or create a new one.  In my case, I reused one.  Now hit Launch Instances

Once finished, you can choose the instance and on the bottom half of the screen, you will see the IP address you assigned to the instance.

If you follow my VIP article, it will show you how to provision an Elastic IP.  In my case, the External subnet is 10.100.1.0/24 and the VIP is associated to an IP in that subnet.  I will then map that external IP address to my internal FAZ IP address.

Ensure you have a policy that permits HTTPS.  Also ensure that your Security Group is also permitting that traffic.  I normally have a permit of SSH from my home IP only and then open everything else up to the FortiGate.

A couple of things you will need to do.  First, register the license you received usually as a PDF for Fortinet or your partner. And the second thing is to copy the instance ID.

Once you have registered the key, you will need to enter the IP address

As this point, you should be able to download the lic file by choosing the link.

Choose the license file and choose Upload

If after a few minutes, the page does not refresh automatically, just manually refresh.

Note: Here, you will need the instance-id from your EC2 section.

This is a screenshot from my EC2 section.  Copy the Instance ID

After logging in with USERNAME admin and PASSWORD %the_instance_id% you will receive the Change Password screen.  Set your new password and click OK.

 

Hope this helps