You can deploy new MOVEit WAF instances through the AWS Marketplace.

To start an instance, follow the steps below:

Note: Note that it is also possible to deploy MOVEit WAF using a different flow using the AWS Marketplace. Configure the same settings as outlined below, in particular – ensure to select a VPC as the network.
  1. Log in to the AWS console.

  2. Click Services and EC2.

  3. Click Instances.

  4. Click Launch Instance.

  5. Select AWS Marketplace.
  6. Search for MOVEit WAF.
  7. Click Select for the relevant version to be deployed.
  8. Select the desired Instance Type.
    Note: All Nitro Instances are supported on MOVEit WAF. For further information on Nitro instances, refer to the following Amazon link: Amazon EC2 Nitro.

    Note: For further information on instance types, refer to the following Amazon link: Amazon EC2 Instance Types.

    vCPU and RAM allocation can be assigned based on your requirements due to the uncapped performance available, but consider using a larger instance size for heavy workloads. For production, consider allocating at least 8 vCPU and 16 GiB RAM.

  9. Click Next: Configure Instance Details.

  10. Ensure to select the correct item (a VPC) in the Network drop-down list.
    Note: If multiple MOVEit WAF instances on multiple networks are needed, choose the different networks as required. If more networks need to be created, contact your AWS administrator to add them. The Create new VPC link can be used to add more networks if needed.
  11. Ensure that the Auto-assign Public IP option is set to Enable.
  12. Configure any other setting as needed.
  13. Click Next: Add Storage.
  14. Keep the defaults and click Next: Add Tags.
    Note: AWS tags allow you to categorize resources in different ways. You can categorize by application, owner, purpose, or any custom tag.

  15. Enter tags.
  16. Click Next: Configure Security Groups.
  17. Select the security group of your choosing or create a new security group.
  18. The following rules are needed in the security group:

    • Custom TCP Rule with the Port Range 8443 for the WUI

    • SSH for the SSH management interface

    • HTTPS (443) for secure web traffic
    • FTP(S) (21) for file transfer traffic if this service is deployed and in use
      Note: Select the relevant source option from the drop-down list and enter the custom IP addresses as needed.
  19. It is recommended that management services only be allowed using trusted IP addresses. You should also add rules for any services you intend on creating. You can always revisit this security group later if additional services become necessary.
  20. Click Review and Launch.
  21. Click Launch.

  22. Select the appropriate key pair for your environment. This is the key pair that was created in the Create a New Key Pair section. This key pair is needed to connect using SSH.
  23. Select the check box.
  24. Click Launch Instances.

  25. Click View Instances. The Public IP address or Public DNS address can be used to connect to the instance using HTTPS on port 8443.
  26. After your instance state is Running , you can connect to your MOVEit WAF instance.