The following section describes to enable SSH and HTTPS access from the Cyber Recovery jump host to the CyberSense instance.
Perform these steps from the AWS Management Console.
- Edit the Jump Host Security Group.
- Allow SSH outbound from the jump host to the CyberSense instance, using the following parameters:
- The type is SSH.
- The protocol is TCP.
- The port range is 22.
- The destination is Custom.
- The value of the destination is the CyberSense Instance IP.
- Allow HTTPS outbound from the jump host to the CyberSense instance, using the following parameters:
- The type is HTTPS.
- The protocol is TCP.
- The port range is 443.
- The destination is Custom.
- The value of the destination is the CyberSense Instance IP.
- Edit the CyberSense Security Group.
- Allow SSH inbound from the jump host to the CyberSense instance, using the following parameters:
- The type is SSH.
- The protocol is TCP.
- The port range is 22.
- The source is Custom.
- The value of the source is the Jump Host Instance IP.
- Allow HTTPS to inbound from the jump host to the CyberSense instance, using the following parameters:
- The type is HTTPS.
- The protocol is TCP.
- The port range is 443.
- The source is Custom.
- The value of the source is the Jump Host Instance IP.
- Edit the PPCR Jump Host Subnet ACL.
- Add an inbound rule to allow ephemeral port access to the jump host subnet, using the following parameters:
- A rule number, which you provide.
- The type is Custom.
- The protocol is TCP.
- The port range is 1024 to 65535.
- The source is the CyberSense Instance IP.
- The value for Allow/Deny is Allow.
- Add an outbound rule to allow SSH from the jump host to the CyberSense instance, using the following parameters:
- A rule number, which you provide.
- The type is SSH.
- The protocol is TCP.
- The port range is 22.
- The destination is the CyberSense Instance IP.
- The value for Allow/Deny is Allow.
- Add an outbound rule to allow HTTPS from the jump host to the CyberSense instance, using the following parameters:
- A rule number, which you provide.
- The type is HTTPS.
- The protocol is TCP.
- The port range is 443.
- The destination is the CyberSense Instance IP.
- The value for Allow/Deny is Allow.