Overview
The Lookout Secure Private Access Connector offers a secure means for users to connect to their private applications, whether they're housed on-site or in the cloud. By exclusively establishing outbound connections to the Lookout Cloud Security Platform, it eliminates the need for inbound open ports, thus providing full concealment for the private applications while bolstering data security. This setup likely enhances protection by regulating access and scrutinizing traffic, safeguarding the private applications from potential external threats.
Using the Lookout Secure Private Access Connector AMI, customers can now confidently enable Zero Trust Network Access (ZTNA) for all their private resources within AWS environments, ensuring secure connectivity.
Lookout SSE customers can effortlessly set up ZTNA environments using the Lookout SSE management console, where they can define access to specific private applications and resources. The Lookout Secure Private Access Connector AMI can be quickly deployed from the AWS marketplace, facilitating secure connectivity between private applications and networks hosted in any AWS region and the Lookout Cloud Security Platform. This setup allows Lookout customers to provide their end users with secure Zero Trust access to privately hosted applications.
Highlights
- Provide secure authenticated connectivity between the customers' private applications in AWS and the Lookout Secure Private Access.
- Constructed with an inside-out architecture, it ensures that internal applications are never exposed to the public.
- Designed for high scalability and equipped with automatic failover mechanisms to minimize application access outages
Details
Features and programs
Financing for AWS Marketplace purchases
Pricing
Additional AWS infrastructure costs
Type | Cost |
|---|---|
EBS General Purpose SSD (gp3) volumes | $0.08/per GB/month of provisioned storage |
Vendor refund policy
Contact Lookout Support at esupport@lookout.com
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
Introducing the new Lookout SPA connector on an AWS EC2 instance using the Amazon Machine Image (AMI)
Additional details
Usage instructions
Instructions to install the SPA connector on an AWS EC2 instance using the Amazon Machine Image (AMI):
- Log in to your AWS account, open the EC2 dashboard, and select the AMI Catalog.
- In the Amazon AMI Catalog, search for Lookout Secure Private Access Connector.
- Under architecture, select the version you want: 64-bit (ARM): Graviton instance, 64-bit (x86): AMD instance.
- Click the Launch Instance with AMI button at the top.
- In the Name prompt, enter the same Node name that you entered in the Management Console while creating the Node.
- (Optional) Add any tags you want to add to your node.
- Create or choose an existing Key pair to access the connector Node. You can either use a pre-existing key or create a new key for this purpose. Make sure the Key pair is using ED25519, not RSA because the RSA SHA1 support has been deprecated and removed from Ubuntu 22.04 as it is no longer considered secure.
- Edit the Network settings and enter the VPC and Subnet details so that the node is able to make outbound connections to the Lookout Cloud Security Platform as well as to your internal applications that you want to provide access to:
- Allow outbound connection from the Secure Private Access connector on port 443.
- Allow outbound connections to register the Secure Private Access connector to the Lookout node manager service. You can view the node management URL in the Management Console.
- Set up a security group with firewall rules that will allow this node to access the Lookout Security Cloud platform as well as your internal applications that you want to provide access to. Refer to SPA Admin Guide for the ports that need to be opened to establish proper communication.
- Under Configure storage, specify adequate storage to meet the requirements. For example, 100GiB.
- Click Advanced details, select User data As text and enter the following user data in the User data (Optional field):
- Replace the data within the double-quotes with the information you copied from the Management Console when you created the node. You can find this information in the connector Configuration page of the Management Console.
- Click Launch Instance.
- You will see a Success message once the connector is installed successfully.
- Click on the instance to find its IP address and ssh into it, or you can monitor the node from the Management Console nodes list where it will show STARTING as the node starts and eventually OK and Connected when the node is completely up and running.
- In the Management Console, select Administration then Node Management.
- Locate the name of your node and verify the value in the ZTNA TUNNEL column. If the Secure Private Access tunnel was established successfully, the value reads Connected.
- You can find the new instance in the AWS EC2 Instance list.
- To SSH into the node, use the private IPv4 address that is shown in the AWS EC2 Instance information, using the key-pair you set for the instance.
Support
Vendor support
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
