AWS Deployment Guide
A
Written by Arick Disilva
Updated over a week ago

Teramind on AWS Overview

All Teramind solutions are available to deploy on Amazon’s distributed, highly scalable, and reliable Amazon Web Services (AWS) platform as a Private Cloud option. This deployment guide will help you discover what you can expect from your Teramind on AWS deployment and provide you with installation prerequisites, step-by-step instructions, technical and support information.

You can download a PDF version of the deployment guide by clicking the button below:

Architecture

Self-contained, Linux-based VM

Data Center

Deploy from a wide selection of data centers/regions

License

Endpoint based. Same as Teramind On-Premise. More information on licensing can be found here.

Server

Managed by you, AMI provided by Teramind

Updates

Periodic, single file, uploaded to the dashboard

Backups

Managed by you through the AWS Control Center

Scalability

Vertical/horizontal scaling with optional auto scaling

Support

Free basic infrastructure support from Amazon. Teramind support includes: installation assistance, 24/7 follow-the-sun, enterprise SLA

Additional Options

  • Manual/remote/silent agent install options

  • Active Directory/Group Policy support

  • SIEM & Project Management software integrations

After you have finished the deployment, you should update your server and apply any latest patch. Check out this article to learn how: How to update the Teramind Server and BI Classification (On-Premise / Private Cloud deployment).

Deployment Video

Benefits of Deploying Teramind on AWS

If you prefer on-premise deployments but unwilling to incur the cost and hassle of an in-house infrastructure or you want to move to the Cloud but have been concerned about compliance, security or have made the transition and already host on AWS, then Teramind on AWS is the right choice for you. With our AWS Private Cloud hosting option, enjoy the benefits of both worlds: cost and scalability comparable to a Cloud deployment and security and flexibility similar to an On-Premise solution. Here are some infrastructure benefits you can expect if you choose to deploy Teramind on AWS:

Flexible and Competitive Pricing

You only pay for the AWS resources you consume (i.e. CPU, storage, memory). Teramind’s recommended configuration for a standard deployment (m4.xlarge instance, supporting up to 100 users) costs only a few cents per hour. Note that infrastructure costs are set by Amazon and subject to change.

Easy Deployment

Create a Teramind server with a single click by launching the Teramind AMI (Amazon Machine Image) from the AWS Marketplace.

Scaling

Vertical and horizontal scaling with optional auto-scaling that adjusts capacity based on demand.

Optimized Environment

Choose the region, OS, storage, database, etc. For example, you can use an Amazon S3 storage for Teramind’s session recordings and Amazon RDS databases for session logs that are highly optimized for performance on AWS.

Reliability

Support for High Availability (HA), redundancy with multi-geo replications, on-demand backup, and disaster recovery.

Central Management Console

Configure and manage all your deployments from one central location.

Security and Compliance

Firewall, encryption at rest, SSL encryption, VLAN, SSH tunnels, 2FA, IP whitelisting, and encrypted disks allowing for easy regulatory compliance for HIPAA, GDPR, PCI DSS, and more make it ideal for Teramind customers in government, healthcare, finance, and other regulated industries.

Primary Server Requirements

Deployments for under 1,000 concurrent users can be hosted on one all-inclusive server, in most cases. EC2 instance(s) should be provisioned based on the expected number of concurrent monitored sessions, according to the following table:

Concurrent Users*

Server Requirements

Up to 100

1 Teramind Master Server (VM):

  • EC2 Instance: m4.xlarge

Up to 500

1 Teramind Master Server (VM):

  • EC2 Instance: m4.2xlarge

Up to 1, 000

1 Teramind Master Server (VM):

  • EC2 Instance: m4.4xlarge

Larger deployments:
1,000 or more concurrent users

1 Teramind Master Server (VM):

  • EC2 Instance: m4.4xlarge

1 Teramind App Server (VM) per 1,000 concurrent users:

  • EC2 Instance: m4.4xlarge

1 Teramind BI Server (VM):

  • EC2 Instance: m4.4xlarge

*The requirements are applicable for a typical user who works on a single computer with Full HD (1920x1080) screen resolution, doing regular office work. If the users have multiple screens, higher-resolution screens, or have an unusual work pattern (e.g., watching many videos) then the requirements will be higher.

Database Server Requirements

Concurrent Users*

Server Type

CPU/RAM/Disk

Up to 100

db.t3.medium

  • CPU: 2 vCPU

  • RAM: 4 GB

  • Disk: 100 GB**

Up to 500

db.t3.xlarge

  • CPU: 4 vCPU

  • RAM: 16 GB

  • Disk: 500 GB**

Up to 1, 000

db.t3.2xlarge

  • CPU: 8 vCPU

  • RAM: 32 GB

  • Disk: 1 TB**

Larger deployments:
1,000 or more concurrent users

db.m4.4xlarge or more

  • CPU: 16 vCPU

  • RAM: 64 GB

  • Disk: 1 TB or more**

*The requirements are applicable for a typical user who works on a single computer with Full HD (1920x1080) screen resolution, doing regular office work. If the users have multiple screens, higher-resolution screens, or have an unusual work pattern (e.g., watching many videos) then the requirements will be higher.

**Disk size is estimated for 1 year of average usage and may vary depending on monitored data, monitoring profiles, etc.

OCR Server Requirements

You need to set up at least one OCR Database Node and one Mining Node for the OCR features to work.

No of Users*

Server Requirements

Less than 200 users

1 OCR Database Node:

  • EC2 Instance: m4.xlarge

1 OCR Mining Node:

  • EC2 Instance: m4.4xlarge

Larger deployments of 200 or more users

1 OCR Database Node:

  • EC2 Instance: m4.xlarge

  • Disk: 100 GB

1 OCR Mining Node per 200 users:

  • EC2 Instance: m4.4xlarge

  • Disk: 24 GB

*The requirements are applicable for a typical user who works on a single computer with Full HD (1920x1080) screen resolution, doing regular office work. If the users have multiple screens, higher-resolution screens, or have an unusual work pattern (e.g., watching many videos) then the requirements will be higher.

You will need to adjust the disk size as you add or remove video recordings over time. See the Storage Requirements section below for more information.

Storage Requirements

Primary Storage

The Teramind virtual appliance comes with a primary volume of 50 GB by default. This volume contains the Teramind server application and database. The size of this volume can be increased at a later point in time.

Teramind requires the primary volume to be on SSD or equivalently fast storage for deployments above 500 users.

BI Classifications needs about 5GB of disk space plus additional disk space equivalent to about 20% of your current DB size. So for example, if you have a database of 100GB the BI deployment will need 20GB+5GB = 25GB space. Check out this article to learn how to update your BI classifications.

Storage for Screen Recordings

The simplest way to add scalable storage is to use AWS S3 Storage. For instruction on how to do so, check out Step 3: Adding an S3 Storage.

S3 Storage is mandatory if you have a multi-server deployment (a deployment that has more than one Teramind App Server).

Agent Requirements

Detailed agent specifications can be found here.

Installation Prerequisites

  • An AWS account

  • Your Teramind license key, available from Teramind Self-Hosted portal at: https://www.teramind.co/portal

  • An SSH client like Putty if you are using Windows

Step 1: Creating an AWS Instance and Accessing it with SSH

1.1 Accessing the Teramind on AWS Portal

mceclip0.png

Visit: https://www.teramind.co/deployment/aws and click the Check out Teramind on Amazon Marketplace button. which will take you to the Overview tab on Teramind’s deployment page on AWS.

Once there, click the Continue to Subscribe button on the top right corner.

1.2 Subscribing to the Teramind Offer

mceclip1.png

On the Subscribe tab, click the Accept Terms button.

1.3 Accessing the Offer Configurations

mceclip2.png

Click the Continue to Configuration button on the Subscribe tab.

1.4 Configuring the Software

mceclip3.png

On the Configure tab, you can choose the Delivery Method, Software Version, and the Region. Be sure to select a region closest to you for better performance.

Click the Continue to Launch button when done.

1.5 Launching the Software Setup Wizard

mceclip4.png

On the Launch tab, click the Choose Action pull-down menu and select Launch through EC2.

Click the Launch button.

1.6 Choosing an Instant Type

mceclip5.png

On the Choose an Instance Type screen, select an instance type from the list of available instances.

Once done, click the Review and Launch button at the bottom of the page.

For more information on the instance requirements, check out the Primary Server Requirements section on this guide.

1.7 Reviewing and Launching the Instance

mceclip6.png

The Review Instance Launch screen shows all the details associated with your selected instance. You can edit any configuration if needed.

Click Launch to accept the configurations and launch the instance.

1.8 Creating a New Key Pair

mceclip7.png

Once the instance is ready, a window will pop up where you can select an existing key pair or create a new pair.

From the first pull-down menu, select Create a new key pair and give it a name.

Click the Download Key Pair button and save the file in a secure place. You will need it in Step 1.16: Accessing the Teramind Server with SSH.

Once done saving, click Launch Instances.

The instance will be initialized in a few moments

1.9 Viewing Your Instance

mceclip8.png

On the Launch Status window, click the View Instances button at the bottom to see your newly created instance(s).

1.10 Assigning an Elastic IP to Your Instance

mceclip9.png

We now need to assign an elastic IP to the instance. Otherwise, each time you restart the instance, it’s going to assign a new IP address causing the Teramind Agent to lose connection.

To assign an elastic IP, click the Elastic IPs (under Network & Security) from the left sidebar. Then click the Allocate Elastic IP address button on the top-right side of the screen.

1.11 Allocating the Address Pool

mceclip10.png

We will use the default settings on the Allocate Elastic IP address screen.

Click the Allocate button.

1.12 Selecting the Elastic IP

mceclip11.png

Once the IP is allocated, click the IP address or the checkmark in front to select it.

1.13 Associating the Elastic IP Address to Your Instance

mceclip12.png

Click the Actions menu on top and select Associate Elastic IP address from the pull-down menu.

1.14 Selecting the Instance to Associate

mceclip13.png

On the Associate Elastic IP address screen, make sure Instance is selected as the Resource type.

Click the Instance box. You will see a list of available instances.

Select the instance you created earlier and then click the Associate button.

1.15 Copying the Public DNS Address of Your Instance

mceclip14.png

Go back to the Instance menu.

Copy or write down the Public IPv4 DNS address for the instance you created. You will need it in the next step.

1.16 Accessing the Teramind Server with SSH

mceclip15.png

Launch an SSH session. If you are on Windows, you can use a tool like Putty or a similar utility for the SSH. Make sure you have administrative access.

Type:

ssh -i "<pem file>" admin@<DNS>

Where<pem file>is the full path of the key pair file you downloaded in Step 1.8: Creating a New Key Pair.

<DNS> is the Public IPv4 DNS address you copied in the previous step.

Press Enter. The server will be ready in a few minutes.

1.17 Getting Ready for the Next Step

mceclip16.png

Once the server is ready, you will see this message, ‘Welcome to Teramind!’. Under the message you will be given options to assign roles for the nodes/hosts, beginning with the Master role. However, before you can assign a role, you will need to finish the rest of the steps.

Keep this command window open as you will use it to finalize the setup at a later stage.

Step 2: Creating an RDS Database

Before you proceed any further with the setup process, you will need to determine if you want to use external databases or storage with the instance. External databases or storage are not mandatory. However, you may want to use Amazon RDS as the database, and Amazon S3 for screen and audio recordings. Using RDS and S3 will improve the scalability of your platform and is recommended for deployments over 100 concurrent users.

This guide will show you how to use an external database and storage using an AWS RDS database and the AWS S3 storage service. First, it will show you how to create an RDS database. If you already know how to create an RDS database, you can skip the next section.

2.1 Adding a RDS Database Service

mceclip0.png

From your EC2 Management Console, click Services from the top left-hand side. A Few options will show up.

Type RDS in the search field.

Select the RDS under the Database category.

2.2 Creating the Database

mceclip1.png

Select Databases from the left-hand sidebar.

Then, click the Create database button on the top-right corner of the screen.

2.3 Selecting the Database Creation Method and Engine

mceclip2.png

On the Create database screen, select Standard create under the Choose a database creation method.

Select PostgreSQL under the Engine options section.

Select the latest Version for the database.

Scroll down until you reach the Templates section.

2.4 Choosing the Database Template

mceclip4.png

Under the Templates section, select either Production or Dev/Test depending on what you want to do. In this case, we will use the Dev/Test option.

Scroll down until you reach the Settings section.

2.5 Configuring the DB Instance Settings and Credentials

mceclip5.png

Under the Settings section, type a name in the DB instance identifier field. Assign a Master user name and a password.

Scroll down until you reach the DB instance class section.

2.6 Configuring the DB Instance Class

mceclip6.png

Under the DB instance class section, select the Standard classes option.

Scroll down until you reach the Connectivity section.

2.7 Configuring the DB Connectivity

DB_connectivity.png

Under the Connectivity section, you can configure various connectivity options according to your needs.

For this tutorial’s purposes we will use the following settings:

Select Default VPC for the Virtual private cloud (VPC) option.

Select Yes for the Public access option.

Select Choose existing for the VPC security group option.

Under Additional configurations, assign a port in the Database port field. This TCP/IP port should be open so that your applications can use the database.

Scroll down until you reach the Database authentication section.

2.8 Configuring the Database Authentication

DB_authentication.png

Under the Database authentication section, select Password authentication for the Database authentication options.

Under the Additional configurations section, you can specify additional options such as encryption, backup, enhanced monitoring, etc. For this tutorial’s purposes, we will keep them to their default settings.

Under the Estimated monthly costs section, you will be able to see the cost breakdown for your database.

Once ready, click the Create database button at the bottom to create the database.

Step 3: Adding an S3 Storage

Teramind does not need external storage. However, Teramind can utilize a file storage system for screen and audio recordings, captured attachments, printer documents, and metadata such as user images. AWS S3 is an efficient, secure, scalable, and redundant solution to store objects like these. The S3 storage will improve the scalability of your platform and is recommended for deployments of over 100 concurrent monitored users.

For more information on external storage, check out the Storage Requirements section on this guide.

To use the AWS S3 storage, you will need to attach an Identity and Access Management or IAM profile to your storage instance. IAM enables you to manage access to your AWS services and resources securely. Using IAM, you can create and manage AWS users and groups and control user permissions.

This guide will show you how to create an IAM profile and attach it to your S3 instance. If you already know how to create one, you can skip this section.

If you already know how to create an IAM profile, you can skip this step.

3.1 Launching the IAM Role Setup Wizard

mceclip7.png

Go to the Instances screen from your EC2 Management Console. Make sure the instance you want to use is selected.

Click the Actions button near the top-right corner. From the pull-down menu, select Security > Modify IAM Role.

3.2 Creating a New IAM Role

mceclip8.png

On the Modify IAM Role screen, click the Create new IAM role link.

3.3 Viewing the IAM Role Overview

mceclip9.png

On the Roles screen, you will see an explanation of the IAM roles and links to some resources and documentations.

Click the Create role button to continue.

3.4 Selecting the Trusted Entity

mceclip10.png

Select the default AWS service as the type for the trusted entity.

Click the Next: Permissions button.

3.5 Attaching the Permission Policies to the Role

mceclip11.png

From the list of permission policies, select the one named AmazonS3FullAccess (you can quickly locate it using the Search field).

Click the Next: Tags button to continue.

3.6 Adding Tags to the Storage

mceclip12.png

Tages are optional and we will not use any in this tutorial. You can still add some tags if you want.

Click the Next: Review button to go to the next screen.

3.7 Reviewing and Creating the IAM Role

mceclip13.png

On the Review screen, give the role a name and click the Create role button.

3.8 Modifying the IAM Role

mceclip14.png

Go back to the Instances screen from your EC2 Management Console. Make sure the instance you want to use is selected.

Click the Actions near the top-right corner. From the pull-down menu, select Security > Modify IAM Role.

3.9 Attaching the IAM Role to the S3 Instance

mceclip15.png

On the Modify IAM Role screen, click the Choose IAM role field and select the IAM role you created in Step 3.7: Reviewing and Creating the IAM Role.

Click the Save button to attach the IAM role to your instance.

Step 4: Finishing the Deployment

As the last step of the server deployment process, you will need to assign the external database and storage to your master instance, setup the Teramind Server using the SSH and finally, configure your account settings on the Teramind Dashboard.

After you finish the deployment, you should update your server and apply any latest patch. Check out this article: How to update the Teramind Server and BI Classification (On-Premise / Private Cloud deployment).

4.3 Adding the RDS Database

mceclip16.png

Go back to the command prompt window you left open in Step 1.17: Getting Ready for the Next Step.

Enter a name at the Role (master) prompt.

At the Use external database? prompt enter Yes.

Supply the RDS database IP / hostname, username, and password you created before. Press Enter when done.

Teramind will initialize the database, tables, and required indexes automatically.

4.4 Adding the S3 Storage and Finishing the SSH Session

mceclip17.png

After Teramind has finished the database initializations, it will ask, Use S3 for storing data?. Type Yes.

Type Yes at the Create new buckets? prompt. You will be prompted to enter names for three buckets: one for screen recordings, one for user content i.e. attachments or printer docs, and the third one for application objects. Give unique names to each bucket.

Please see the S3 Bucket Naming Requirements below for information on rules related to the naming of the buckets.

Once you have entered the bucket Teramind will set up the servers. Finally, you will be provided with a link to your dashboard. Click the link or enter it on your browser to continue.

S3 Bucket Naming Rules


The S3 buckets must have names that conform with the naming requirements for non-US Standard regions. Amazon S3 defines a bucket name as a series of one or more labels, separated by periods, that must adhere to the following rules:

  • The bucket name can be between 3 and 63 characters long, and can contain only lower-case characters, numbers, periods and dashes.

  • Each label in the bucket name must start with a lowercase letter or number.

  • The bucket name cannot contain underscores, end with a dash, have consecutive periods or use dashes adjacent to periods.

  • The bucket name cannot be formatted as an IP address, i.e. 198.51.100.24.

4.5 Accessing the Teramind Server from the Browser

mceclip18.png

When you open the Teramind Server link in the browser, you might see a warning message on your browser saying the connection is not private or secure. This is normal. The warning is shown because you haven’t assigned any SSL certificate to your server. You can upload your own certificate later from the Teramind Dashboard (for more information, check out the Settings > Security > SSL section of the User Guide).

If you are using Google Chrome, you can click the Advanced button on the warning page and then click the Proceed to… link to continue. Other browsers have similar options to bypass the warning.

4.6 Agreeing to the EULA

mceclip19.png

When you enter the Teramind Dashboard for the first time, you will see the End-User License Agreement screen.

Scroll down and click the Accept & Continue button.

4.7 Setting the Language and Timezone

mceclip20.png

On the Welcome to Teramind screen, select your language and timezone and click CONTINUE.

4.8 Setting Up Your Admin Account

mceclip21.png

On the Lets secure your Teramind installation screen, enter an email and a password for your Admin account.

4.9 Getting Your License Key

mceclip0.png

Open a new browser tab and go to: https://www.teramind.co/portal. Login with the admin email and password.

Click the Licenses tab.

From the list of licenses, click the Key link under the Actions column. A pop-up will display the license key.

Copy the license key or write it down.

4.10 Entering the License Key

mceclip23.png

Go back to your Teramind Dashboard. Enter the license key and click the CONTINUE button.

4.11 Finishing the Server Setup

mceclip24.png

At this stage, you can install the Teramind agent and start monitoring the targeted computer(s). Or, you can do it later.

To install the agent, click one of the options under Install agents. If you need help installing the agent, check out this article. You can also watch this short video: Downloading and Installing Teramind's Hidden Agent

To install the agent at a later time, click the SKIP TO DASHBOARD button.

You are done setting up your Teramind Server. If you want to use the OCR feature, continue to Step 5: Setting Up the OCR below.

Step 5: Setting Up the OCR (optional)

If you want to use the OCR feature, you will need to setup two VMs/nodes in addition to a master node.

5.1 Creating the OCR Nodes

mceclip25.png

Create the master VM as usual.

Then, create two additional VMs. The first node will store the OCR videos. In Teramind, we will refer to it as teracv. The second node is for the OCR database. In Teramind, we will refer to it as elastic.

Make sure all the nodes are in the same Security Group.

For more information on the OCR server requirements, check out the OCR Server Requirements section on this guide.

5.2 Copying the Public IPv4 DNS Address of the OCR Node

mceclip26.png

From your AWS portal’s Instances page, copy the Public IPv4 DNS address for the teracv instance.

5.3 Logging into the OCR Database Node

mceclip27.png

Launch an SSH session. If you are on Windows, you can use a tool like Putty or a similar utility for the SSH. Make sure you have administrative access.

Type:

ssh -i "<pem file>" admin@<DNS>

Where <pem file> is the full path of the key pair file you downloaded when creating the teracv VM.

<DNS> is the Public IPv4 DNS you copied in the previous step (Step 5.2: Copying the Public IPv4 DNS Address of the OCR Node).

If prompted to confirm the connection, enter yes.

Press Enter. The server will be ready in a few minutes.

5.4 Copying the Private IP Address of the Master Node

mceclip28.png

On the AWS portal’s Instances page, select the master instance.

At the bottom of the screen, you will notice a Description panel is shown.

Copy or write down the Private IP address from the Description panel.

5.5 Assigning the Role for the OCR Node

mceclip29.png

Go back to the command prompt window.

When asked, enter teracv at the Role (Master) prompt.

Paste the Private IP address you copied in the previous step (Step 5.4: Copying the Private IP Address of the Master Node).

It will take a few minutes for Teramind to set up the teracv node.

5.6 Copying the Public DNS Address of the OCR Database Node

mceclip30.png

From your AWS portal’s Instances page, copy the Public IPv4 DNS address for the elastic instance.

5.7 Accessing the Teramind Server Again with SSH

mceclip31.png

Launch an SSH session. If you are on Windows, you can use a tool like Putty or a similar utility for the SSH. Make sure you have administrative access.

Type:

ssh -i "<pem file>" admin@<DNS>

Where <pem file> is the full path of the key pair file you downloaded when creating the elastic VM.

<DNS> is the Public IPv4 DNS address you copied in the previous step (Step 5.6: Copying the Public DNS Address of the OCR Database Node).

If prompted to confirm the connection, enter yes.

Press Enter. The server will be ready in a few minutes.

5.8 Assigning the Role for the OCR Database Node

mceclip32.png

When asked, enter elastic at the Role (Master) prompt.

Paste the Private IP address of the master node you copied in Step 5.4: Copying the Private IP Address of the Master Node.

It will take a few minutes for Teramind to set up the elastic node.

5.9 Accessing the Teramind Settings

mceclip33.png

We will now need to approve the two nodes on the Teramind Dashboard.

Login to your Teramind Dashboard on the master server.

Click the Cog Wheel icon near the top-right corner of the dashboard and select Settings from the pull-down menu.

5.10 Approving the Nodes

Screenshot_9_marker.png

From the Settings screen, click the Server management tab.

Turn on the ENABLE MULTI-NODE DEPLOYMENT option under the Security settings section.

Under the Nodes section, you will notice the Screen mining database node and the Screen mining node.

Approve both nodes by clicking the APPROVE buttons.

You are now all set up for the OCR.

Step 6: Installing the Teramind Agent

Teramind Agent can be installed both locally and remotely. Check out this article to learn how to download and install the agent: How to download and install the Teramind Agent.

Firewall & Proxy Considerations

In most cases, you should not have to change any settings to get Teramind to work. By default, the Teramind Agents communicate with the Teramind server on two ports: 443, and 10000.

The Teramind management interface is entirely web driven and runs over HTTPS (port 443). This means that most proxies will allow the traffic through, provided you properly installed your SSL certificates.

For live and recorded screen playback, as well as live sessions listing, Teramind uses WebSocket. Although the WebSocket operates as HTTPS over port 443, some older proxies may not recognize this protocol. In either case, if you are experiencing trouble accessing your Teramind dashboard, try to disable your proxy temporarily to isolate the cause.

Also note that, if audio recording is enabled, Teramind Agent will connect to the server on a random UDP ports in the range 1000-65535 to send the audio recordings. Make sure UDP ports in that range are enabled and open from the endpoint to the server.

If you encounter any issues with your firewall or proxy, check out this troubleshooting article for help: Firewall and proxy issues.

Antivirus Considerations

Teramind Agent and its drivers come digitally signed with an extended-validation certificate. We’ve made every effort to coordinate our signature with the major antivirus vendors, and as a result, Teramind should work normally with the vast majority of antivirus software.

If you encounter any issues, check out the Antivirus Configuration Guide for help.

AWS Additional Configurations

Once you have installed Teramind successfully, you can configure other aspects of the server, agent and other settings entirely from the web-based dashboard.

Changing the License Key

Updating the Server

Setting Up the Active Directory / LDAP Integration

Check out the Settings > Active Directory section on the Teramind User Guide to learn how to setup an Active Directory / LDAP integration.

SMTP Email

Check out this article for help: SMTP Configurations (On-Premise).

SSL Certificate

Check out the Settings > Security > SSL section on the Teramind User Guide to learn how to setup the SSL certificates. You can also create your own SSL certificates for use with your on-premise deployments. To learn how to generate such self-signed certificates, check out this article.

AWS Architecture

architecture-AWS.png

1. Teramind Agent asks Management Server for an Application Server IP and port

Teramind on AWS is available on the following data centers/regions (subject to change). We recommend you choose a region closest to you for faster service and lower latency:

  • US East (N. Virginia)

  • US East (Ohio)

  • US West (N. California)

  • US West (Oregon)

  • Canada (Central)

  • EU (Frankfurt)

  • EU (Ireland)

  • EU (London)

  • EU (Paris)

  • Asia Pacific (Singapore)

  • Asia Pacific (Sydney)

  • Asia Pacific (Seoul)

  • Asia Pacific (Tokyo)

  • Asia Pacific (Mumbai)

  • South America (São Paulo)

2. Management Server responds

3. Teramind Agent connects to the assigned Application Server

A. OCR Miner talks to the Management Server and asks for a record to process

B. Management Server fetches a screen file from the S3 Screen & Audio Storage and sends it to the OCR Miner Node

C. Once OCR is done, the OCR Miner sends results as text to the Management Server

D. Management Server writes the OCR result text to Elasticsearch

The Management Server serves the admin dashboard, load balances agents, and provides data to the OCR Miner Nodes. Teramind Agent connects to an Application Server via an always-on, TLS-encrypted connection, using our own protocol based on Google Protocol Buffers. OCR Miners are stateless and work with spot instances.

AWS Technical Specifications, Licensing and Support

Regions / Data Centers

Teramind on AWS is available on the following data centers/regions (subject to change). We recommend you choose a region closest to you for faster service and lower latency:

  • US East (N. Virginia)

  • US East (Ohio)

  • US West (N. California)

  • US West (Oregon)

  • Canada (Central)

  • EU (Frankfurt)

  • EU (Ireland)

  • EU (London)

  • EU (Paris)

  • Asia Pacific (Singapore)

  • Asia Pacific (Sydney)

  • Asia Pacific (Seoul)

  • Asia Pacific (Tokyo)

  • Asia Pacific (Mumbai)

  • South America (São Paulo)

OS

64-bit Linux/Unix, Debian 12 AMI.

Databases

EBS volume by default. Optionally S3, RDS/Postgres can be used as screen/audio recording storage.

Instances

Teramind supports various EC2 instances types (m4, t2, t3, m3 etc.) for difference sizes (micro, large, extra large etc.). Please check out the Primary Server Requirements / OCR Server Requirements / Storage Requirements sections for more information.

License

BYOL (bring your own Teramind license). Click here to try or subscribe to Teramind On-Premise/Private Cloud offer.

Support

Basic infrastructure support is available for free from Amazon. Teramind support is included as part of the Teramind subscription.

Did this answer your question?