Faddom Help Center

Deploying Faddom through the AWS Marketplace

Prerequisites

Hardware

  Minimum requirements Recommended requirements
Instance Type t3a.small t3a.large
Disk* 10GB free disk space 40GB free disk space

* Recommended disk space varies and depends on the size of the environment and the retention time required for connection data. 

 

Software

The Faddom AMI contains everything you need to run Faddom pre-installed.

 

Permissions

See the required permissions to map an AWS environment here: Permissions required to map an AWS environment

 

Security Groups

In order to access the Faddom UI, you need to allow access to the server over port 443.

 

Installation

There are two methods to deploy Faddom through the AWS Marketplace:

  1. Amazon Machine Image
  2. CloudFormation Template

Amazon Machine Image Deployment

When deploying an Amazon Machine Image, you are creating a single server that contains everything needed to run Faddom. This will only deploy a single instance, and you will need to enable VPC Flow Logs and create the policies to allow the server to collect data from the environment.

 

CloudFormation Template

When deploying the CloudFormation template, everything will be configured for you. The template will create the Faddom instance, give it the required permissions, create an S3 bucket for flow log collection, and enable VPC Flow Logs on the VPCs that you select.

 

Configuration

Login

After deploying, you should be able to access the Faddom UI using the IP address of the server.

You will need to set an initial password for the internal Administrator user and then you can use that user to login to the UI. Additional users can be created later from the UI under Settings -> Access Control.

 

License Activation

After logging in, you will need to activate your license. See here for details: Activate Your License

 

Network Traffic Collection

If you deployed using the CloudFormation template, VPC Flow logs should already be configured for you. Otherwise, you will need to create VPC Flow Logs for the VPCs you wish to map and then configure them in the Faddom UI.

To do this, in the main dashboard or in the Getting Started wizard, go to Data Sources and select AWS.

If you have assigned an IAM role to the Faddom instance with the required credentials, you can continue using default credentials. Otherwise, you will need to create an IAM user with the required permissions, then create an access key for the user and enter it here. Multiple accounts can be mapped using a single Faddom server using access keys to access other accounts.

After setting up the AWS credentials, you need to enable collection of VPC Flow Logs which appears below the credentials. Once flow logs are configured, Faddom will start to collect dependencies from within the AWS environment.

You can also map your on-premises data centers using the same Faddom server. To do this, you can deploy a proxy ova file on VMware in your local data center. For details, go to Proxy Configuration under the Getting Started wizard in the Faddom UI. See the different options for capturing from your local data centers here: Capture Options

 

Software Updates

To update the version of the Faddom software, please see the following guide:

Upgrading the Faddom Server

 

The Faddom server uses Amazon Linux 2 as a base for the instance. In order to update the operating system, you can use the standard package manager with the command:

sudo yum update

 

Was this article helpful?
0 out of 0 found this helpful

Comments