Professional Documents
Culture Documents
Milestone Systems: Xprotect® On Aws
Milestone Systems: Xprotect® On Aws
XProtect® on AWS
Contents
Copyright, trademarks, and disclaimer 3
Overview 4
Introduction 4
Deployment 8
Subscribe 8
Connect via HTTPS using XProtect Web Client and XProtect Mobile 10
Unsubscribe 15
2 | Contents
Getting started guide - XProtect Essential+ 2020 R2 | XProtect® on AWS
Trademarks
Microsoft and Windows are registered trademarks of Microsoft Corporation. App Store is a service mark of Apple
Inc. Android is a trademark of Google Inc.
All other trademarks mentioned in this document are trademarks of their respective owners.
Disclaimer
This text is intended for general information purposes only, and due care has been taken in its preparation.
Any risk arising from the use of this information rests with the recipient, and nothing herein should be construed
as constituting any kind of warranty.
Milestone Systems A/S reserves the right to make adjustments without prior notification.
All names of people and organizations used in the examples in this text are fictitious. Any resemblance to any
actual organization or person, living or dead, is purely coincidental and unintended.
This product may make use of third-party software for which specific terms and conditions may apply. When that
is the case, you can find more information in the file 3rd_party_software_terms_and_conditions.txt located in your
Milestone system installation folder.
Overview
The guide has checklists and tasks that help you get started with the software and prepare you for working with the
system.
Introduction
Milestone XProtect Essential+ on AWS Marketplace provides the free Essential+ version of XProtect in a
CloudFormation template that you can deploy in your AWS service account. The CloudFormation stack contains an
Amazon Elastic Compute Cloud (EC2) instance and a Virtual Private Cloud (VPC) running Windows Server 2019.
The XProtect Essential+ CloudFormation AMI includes four preinstalled virtual cameras with prerecorded video
streams used to demonstrate a basic VMS installation. With XProtect Essential+ you can replace or add to the
preinstalled virtual cameras and connect up to eight cameras while using the XProtect software suite without
restriction.
If you already have an XProtect license, or if you want to deploy another Milestone XProtect
version, use the Milestone XProtect® Bring Your Own License (BYOL) 2020 R2
CloudFormation and XProtect BYOL getting started guide instead.
The XProtect Essential+ CloudFormation template creates a Virtual Private Cloud (VPC) and deploys the XProtect
VMS software on a c5.xlarge Elastic Compute Cloud (EC2) instance running Windows Server 2019. Amazon Elastic
Block Storage (EBS) is used for the EC2 instance, providing expandable storage based on your usage.
Once deployed, connect to your EC2 instance using Remote Desktop Protocol (RDP), or access the VMS via HTTPS
using the XProtect Web Client and XProtect Mobile.
This guide will explain how to deploy and use the XProtect Essential+ CloudFormation, and is divided as follows:
4 | Overview
Getting started guide - XProtect Essential+ 2020 R2 | XProtect® on AWS
l Overview – Information about this guide and an introduction to the XProtect Essential+ CloudFormation
l Requirements and considerations – Prerequisites for deploying the XProtect Essential+ CloudFormation
and a deployment checklist
l Deployment – How to configure the CloudFormation template parameters and connect to the deployed
EC2 instance
l After you deploy – Important steps to take after you have connected
5 | Overview
Getting started guide - XProtect Essential+ 2020 R2 | XProtect® on AWS
Connecting via XProtect Web Client and l Connect via HTTPS using XProtect Web Client
XProtect Mobile l Connect using XProtect Mobile
IAM users will have the appropriate permissions by default. However, you may need to
contact your IT department for account creation settings depending on the network
infrastructure of your organization.
For information about how to create a key pair using the EC2 console or to import your own
public key, see Create a key pair using Amazon EC2.
Deployment
As defined by the configuration parameters , the CloudFormation template deploys an Elastic Block Storage
(EBS) volume that contains the Windows Server 2019 operating system, XProtect Essential+ software, and a
Microsoft SQL Server Express database containing VMS logs and configuration entries.
If you meet the prerequisites you are ready to configure and deploy the CloudFormation template.
Subscribe
To deploy the CloudFormation template, you must first subscribe to XProtect Essential+ on AWS Marketplace:
8 | Deployment
Getting started guide - XProtect Essential+ 2020 R2 | XProtect® on AWS
3. Read through the Terms and Conditions and in the upper right-hand corner, select Continue to
Configuration.
4. In the Region dropdown list, select your region. In the upper right-hand corner, select Continue to
Launch.
5. In the lower right-hand corner, select Launch to open the AWS CloudFormation console.
1. In the lower right-hand corner of the Specify template screen, select Next.
2. In the Stack name field, enter a name with which to identify the CloudFormation stack.
3. In the Key Pair Name field, select a key pair with which to decrypt the EC2 instance password.
4. In the XProtect Mobile Server Ingress CIDR Block field, enter the Classless Inter-Domain Routing (CIDR)
block of inbound IP addresses used to connect to the XProtect Web Client and XProtect Mobile.
XProtect Web Client and XProtect Mobile allow you to view your XProtect VMS
without having to connect to the VPC directly. For more information about how to
connect via XProtect Web Client and XProtect Mobile after deployment, see Connect
via HTTPS.
5. In the RDP Ingress CIDR Block field, enter in the CIDR block of inbound IP addresses used to connect via
Remote Desktop Protocol (RDP).
7. In the Configure stack options screen, configure any additional options and permissions and select Next.
8. In the Review screen, verify your configuration and select Create stack.
9 | Deployment
Getting started guide - XProtect Essential+ 2020 R2 | XProtect® on AWS
Connect via HTTPS using XProtect Web Client and XProtect Mobile
The XProtect Essential+ CloudFormation allows you access XProtect Essential+ using the XProtect Web Client or
XProtect Mobile without having to do additional configuration through the VPC. To connect follow these steps:
2. Select the CloudFormation stack that you created. It is identified by the Stack name specified during
configuration.
3. In the Resources tab, you will see all of the stack elements that were created by the CloudFormation
script. Select the Physical ID link that corresponds to the EC2.
4. In the Description tab of the EC2 Instances page, locate the Instance ID and Public DNS (IPv4)
fields.
10 | Deployment
Getting started guide - XProtect Essential+ 2020 R2 | XProtect® on AWS
6. On the login screen, enter the following Name: <Custom name for the server>
credentials, using the Instance ID located
Address: <Public DNS of the EC2 instance>
above:
User name: ec2-user
User name: ec2-user
Password: <Instance ID of the EC2
Password: <Instance ID of the EC2 instance>
instance>
7. Select the login button.
9. Enable the Secure connection toggle to
You are now connected to your AWS deployment connect over HTTPS.
through XProtect Web Client.
10. Select the connection check box.
For more information about You are now connected to your AWS deployment
how to use XProtect Web through XProtect Mobile.
Client, see XProtect Web Client
user manual. For more information about
how to use XProtect Mobile,
see XProtect Mobile user
manual.
If you are having problems connecting, ensure the IP address you are accessing XProtect
Web Client or XProtect Mobile from is part of the XProtect Mobile Server Ingress CIDR
Block.
11 | Deployment
Getting started guide - XProtect Essential+ 2020 R2 | XProtect® on AWS
2. Select the CloudFormation stack that you created. It is identified by the Stack name specified during
configuration.
3. In the Resources tab, you will see all of the stack elements that were created by the CloudFormation
script. Select the Physical ID link that corresponds to the EC2.
6. The Key Name shows the name of the key pair you specified during configuration. To associate the key pair
with the Key Pair name, select Choose File and locate the key pair file on your local machine.
12 | Deployment
Getting started guide - XProtect Essential+ 2020 R2 | XProtect® on AWS
7. Select Decrypt Password to view the password for the RDP connection.
8. Select Back to return to the previous screen, then select Download Remote Desktop File.
9. Open the downloaded (.rdp) file, and select Connect on any identification warnings that may appear.
10. Enter in the password you decrypted from step 7 and select Connect.
If you are having problems connecting, ensure the IP address you are accessing the EC2
instance from is part of the RDP Ingress CIDR Block.
13 | Deployment
Getting started guide - XProtect Essential+ 2020 R2 | XProtect® on AWS
Your XProtect Essential+ license is activated automatically online after deployment. Ensure
that your deployment has internet connectivity to activate your license and use XProtect
Essential+ beyond the 30-day activation grace period.
To ensure the continued stability and security of the installation, keep your installation up to
date with the latest updates to your Windows Server 2019 version.
Install relevant Windows updates according to the security policy of your organization. Alternatively, if you restrict
online connectivity to your VPC, you can connect your XProtect Essential+ deployment to a Windows update
service without exposing the VPC to the internet.
After deployment, you should change the Windows administrator password of the EC2 instance according to the
security policy of your organization.
If you decide to deploy XProtect BYOL through AWS, it is important to unsubscribe from
XProtect Essential+ through the AWS management console and terminate any additional
services. For more information, see Unsubscribe from XProtect Essential+.
Unsubscribe
4. In the Cancel subscription dialog box, select the confirmation check box, then select Yes, cancel
subscription.
Any services you have deployed in addition to those deployed by the XProtect Essential+
CloudFormation, such as EBS storage services or EC2 instances, will not be removed by
unsubscribing from the marketplace listing and must be deleted or terminated separately.
15 | Unsubscribe
helpfeedback@milestone.dk
About Milestone
Milestone Systems is a leading provider of open platform video management software; technology that helps
the world see how to ensure safety, protect assets and increase business efficiency. Milestone Systems
enables an open platform community that drives collaboration and innovation in the development and use of
network video technology, with reliable and scalable solutions that are proven in more than 150,000 sites
worldwide. Founded in 1998, Milestone Systems is a stand-alone company in the Canon Group. For more
information, visit https://www.milestonesys.com/.