Create the FortiNDR-VM instance

To create the FortiNDR-VM:

1. Go to Elastic Compute Service > Create Instance.
2. On the Basic Configurations page, configure the VM Instance details. For optimal performance, Enhance Cloud SSD is recommended.

   The minimum memory requirement is calculated using the number of vCPU x 2GB. For example, for 16 vCPU, the minimum memory requirement is 16 x 2 = 32GB; for 32 vCPU, the minimum requirement is 32 x 2 = 64GB.

   

   

3. On the Networking page, the default ENI will be the admin port with the public IP and the new the ENI will be sniffer port.

   Do not put the sniffer port and the admin port in the same VSwitch.

   Network Type	Select the VPC and VSwitch you have created. See Configure the Virtual Private Cloud.
   Network Billing Method	Enable Assign Public IP. You will access FortiNDR's GUI and CLI with this IP address. Select Pay-By-Traffic or Pay-By-Bandwidth.
   Security Group	Select the security group you created. Please refer to the FortiNDR Admin Guide for open port requirements for the admin port. See Appendix C - FortiNDR ports. Use Allow All policy for sniffer port

   

4. If you want to change the instance name, you can do so on the System Configurations (Optional) page.
5. On the Grouping (Optional) configure the VM per your requirements.
6. On the Preview page, review the instance information and check the ECS Terms of Service and Product Terms of Service.
7. Click Create Instance. Allow one to five minutes for the instance to be created.
8. Check the status of the instance. If the status is Running, you can proceed toConnecting to FortiNDR .