Configure and deploy

The XProtect Essential+ CloudFormation stack includes a Virtual Private Cloud (VPC) and the required AWS services, to create a cloud-based VMS deployment. The XProtect Essential+ CloudFormation template uses a custom Amazon Machine Image (AMI) to configure and deploy the XProtect VMS software on a c5.xlarge Elastic Compute Cloud (EC2) instance.

The communication between the VCP route, the EC2 instance, the security group, and the internet gateway.

The XProtect Essential+ CloudFormation template deploys an Elastic Block Storage (EBS) volume that contains the Windows Server 2019 operating system, XProtect Essential+ software, and a Microsoft SQL Server Express database containing VMS logs and configuration entries.

If you meet the prerequisites then you are ready to configure and deploy the XProtect Essential+ CloudFormation template.

Subscribe

To deploy the XProtect Essential+ CloudFormation template, you must first subscribe to XProtect Essential+ in AWS Marketplace:

  1. Go to the Milestone XProtect Essential+ marketplace listing.
  2. In the upper right-hand corner, select Continue to Subscribe.
  3. Read the Terms and Conditions and in the upper right-hand corner, select Continue to Configuration.
  4. In the Region dropdown list, select your region. In the upper right-hand corner, select Continue to Launch.
  5. In the lower right-hand corner, select Launch to open the AWS CloudFormation console.

Configure and deploy XProtect Essential+ CloudFormation

After you subscribe, configure and deploy the XProtect Essential+ CloudFormation template:

  1. In the lower right-hand corner of the Specify template screen, select Next.
  2. In the Stack name field, enter a name to identify the XProtect Essential+ CloudFormation stack with.
  3. In the Key Pair Name field, select a key pair to decrypt the EC2 instance password with.
  4. In the Server Ingress CIDR Block field, enter the Classless Inter-Domain Routing (CIDR) block of inbound IP addresses used to connect to the XProtect Web Client and XProtect Mobile.

    5. Milestone recommends that you use the secure network protocol (HTTPS). Use only the non-secure network protocol (HTTP) for installations for simple test or demo scenarios.

    HTTPS uses port 8082 for the secure communication, while HTTP uses port 8081. If you use HTTPS, remove port 8081 in the Security Group for improved protection of your installation.

    XProtect Web Client and XProtect Mobile let you view your XProtect VMS without having to connect to the VPC directly. For more information about how to connect via XProtect Web Client and XProtect Mobile after deployment, see Connect via secure network protocol (HTTPS) and Connect via non-secure network protocol (HTTP).

  5. In the RDP Ingress CIDR Block field, enter in the CIDR block of inbound IP addresses used to connect via Remote Desktop Protocol (RDP).
  6. In the lower right-hand corner, select Next.
  7. In the Configure stack options screen, configure any additional options and permissions, and select Next.
  8. In the Review screen, verify your configuration and select Create stack.

Deploying the XProtect Essential+ CloudFormation stack takes about 30 minutes.