Page tree

This document only applies to Armor Complete users who have been upgraded (or scheduled to upgrade) to Generation 4.

Before and after the upgrade process, the account administrator will need to perform some tasks to ensure a successful upgrade.

For more information, see:

Introduction to Generation 4 

Welcome to Generation 4 of Armor Complete.

If you have already upgraded or are in the process of upgrading, Armor recommends that you review the following these Frequently Asked Questions to better understand Generation 4, including new features and how the upgrade process will work.


In short, what is Generation 4? 

Generation 4 includes a variety of back-end infrastructure and platform updates, which culminates into the launch of Armor's user interface, the Armor Management Portal (AMP). In this intuitive user interface, you can perform a variety of self-service functions, review invoices, track account usage, and more.


What are my self-service options?

In the Armor Management Portal (AMP), you can perform a variety of self-service actions for your environment without having to directly contact Armor Support, including: 

  • Create (provision), configure, and remove virtual machines
  • Add additional storage to virtual machines
  • Resize a virtual machine to adjust for CPU and/or memory resources
  • Manage firewall rules
  • Manage SSL VPN access
  • Create and manage L2L VPN tunnels
  • Create and manage user accounts
  • Contact and interact with Armor Support and Armor Sales
  • Purchase and allow public IP addresses to your virtual machines

How do I create (provision) a virtual machine? And how do I select a size? 

To create a virtual machine, simply access the Virtual Machine screen in the Armor Management Portal (AMP), click the Create New button, and then make your configurations in the interactive menu. 

In this screen, you can search and select from a variety of pre-defined instance sizes, ranging from 1 - 8 CPUs and 2 - 64 GB of memory. You can also search and select a virtual machine based on your operating system needs. 

There is no need to contact Armor Support; the virtual machine will activate within AMP. 


Create a virtual machine

Create a virtual machine

Create a virtual machine

Create a virtual machine


Besides creating a virtual machine, what other features are available for a virtual machine? 

Once you have created a virtual machine, in the Armor Management Portal (AMP), you can: 

  • Add additional storage
  • Upgrade or downgrade (resize) the size of a virtual machine
  • Shut down and remove a virtual machine
  • Assign to a specific workload and tier

You can use these features (and more) in AMP without having to directly contact Armor Support. Other virtual machine features

Additionally, you can visit the Armor Marketplace to begin the purchase process for add-on products. 

When you begin the ordering process in the Armor Marketplace, some add-on products may automatically submit a support ticket. In these situations, Armor Support will communicate with you to gather specific configuration information to complete the ordering process.

Armor Marketplace

To learn more, see: 


How do I log into the Armor Management Portal (AMP)? And how do I set my password?

The Armor Management Portal (AMP) can be accessed at amp.armor.com

For first-time users, to access AMP, you will receive an email from Armor asking you to complete the account signup, where you will set up your password and configure your account for multi-factor authentication (MFA).

Every time you log into AMP, in addition to entering your login credentials, you must connect via MFA. Currently, you can configure your account to use a phone call method or a phone application method for MFA; however, for first-time users, during the account sign-up process, you must set your account to use the phone call method.

After you log into AMP, you can change your password and update your MFA preference in the User Details screen. Change a password and configure MFAAdditionally, if you forget your password, in the login screen, you can click the Forgot Your Login button to create a new password. 

The AMP login screen

You can only change your password once every 24 hours.



How do I manage my firewall rules? 

In the Armor Management Portal (AMP), you can use the Firewall screen to easily create, update, disable, and remove firewall rules.


View firewall rules

To learn more about the Firewall screen, see Firewall Rules



How do my users access the Armor Management Portal (AMP)? 

Before the upgrade to Generation 4, Armor will transfer your user accounts into the Armor Management Portal (AMP). When the transfer is complete, your users will receive an email, asking them to complete the account signup process. 

Before your users can complete the account signup process and access AMP, you must assign a role to each user.

This task is part of the pre-upgrade process.

To complete the pre-upgrade process, Armor will notify you, along with a link to the pre-upgrade documentation (Complete the pre-upgrade process (account administrators for Armor Complete)).


What support documentation do you have to explain all the features in the Armor Management Portal (AMP)?

The Armor Knowledge Base contains instructional documentation to explain all the features in AMP; each topic is designed to explain a specific task in a step-by-step process.  

The Armor Knowledge Base is divided into the following sections: 

To access the Armor Knowledge Base, visit docs.armor.com



Infrastructure in Generation 4

What is a Generation 4 Virtual Private Cloud? 

A virtual private cloud (VPC) is a virtual networking environment dedicated to your Armor account. It is logically isolated from other virtual networks and workloads in the Armor Complete cloud. Your Armor VPC consists of the following components: 

  • Internet Gateway 
    • This component is highly available and provides services such as routing, firewall, VPN (SSLVPN and L2L VPN), and network address translation (NAT).
  • Logical Network(s) 
    • This component is an isolated virtual network with a private IP subnet assigned by Armor. Your Generation 4 virtual machines have a virtual network interface (vNIC) connected to this network. 
  • Distributed Firewall 
    • This component provides a stateful firewall service for each vNIC on your VMs. 
    • In Generation 4, you can self-manage firewall rules in the Armor Management Portal (AMP).

What are the steps in the upgrade process to Generation 4? 

At a high-level, Armor will perform the following back-end steps: 

  1. Initialize the Generation 4 account process. 
    1. Create an account
    2. Instantiate (clone) the virtual data center
    3. Duplicate the virtual machine
    4. Install firewall rules
  2. Validate a variety of account requirements, such as operating system compatibility, administrative credential, etc. 
  3. Schedule an upgrade via a support ticket. 
  4. Perform upgrade maintenance
    1. Power off Generation 3 virtual machines.
    2. Detach Generation 3 virtual disks from Generation 3 virtual machines, and then reattach to the corresponding Generation 4 virtual machines. 
    3. Power on Generation 4 virtual machines. 
    4. Perform in-guest customization. 
    5. Perform final reboot. 
      1. During the upgrade process, your virtual machine may be rebooted a up to four times (once or twice before the upgrade, and then twice after the upgrade process). Only minimal downtime will be required per virtual machine. Post upgrade no additional impacts to your environment are anticipated.

Can I access both the Generation 3 environment and the Generation 4 environment at the same time? 

In order to avoid any compatibility issues between Generation 3 and Generation 4, Armor recommends that you do not access your Generation 3 environment during the upgrade process. 

Armor will notify you via a support ticket the timeline of the upgrade process.

After the upgrade process is complete, you will immediately receive a notification. At this point, you will only be able to access the Generation 4 portal (also known as the Armor Management Portal (AMP)). 


Will my IP addresses change?

No. Whether your Generation 3 virtual machine has one virtual network adapter (vNIC) or multiple vNICs with one or more public IP addresses assigned, those vNICs and IP addresses will be present in your Generation 4 virtual machine.

If your Generation 3 virtual machine had one or more auxiliary vNICs with private IP addresses assigned (such as for connectivity to networks hosting co-located hardware devices), those vNICs and IP addresses will be present on your Generation 4 virtual machines as well.   

All MAC addresses will change as part of the upgrade, so if your virtual machine has software installed that utilizes the MAC address as part of the license, the license will need to be updated. 

Interface names, such as eth0:1 or eth1:1, may change. If your applications and services are bound to particular interface names, you will have to verify the new interface names and update them as needed after the upgrade to Generation 4.



How do I manage SSL VPN and L2L VPN gateways? 

The upgrade process will preserve your existing SSL VPN and L2L VPN connectivity and avoid any impact to functionality; however, if you create a new virtual machine in Generation 4 (Armor Management Portal (AMP)), then you can only use a Generation 4-specific SSL VPN and L2L VPN configuration to access that virtua machine. 

SSL VPN

Similar to Generation 3, if you have virtual machines in multiple data centers, then you will need a seperate VPN connection for each data center.   

After the upgrade, when you have access to the Armor Management Portal (AMP), you can use the SSL/VPN screen to download the SSL/VPN client.


Download SSL VPN client

Download SSL VPN client

To learn more about the SSL VPN screen in AMP, see SSL VPN.



L2L VPN

After the upgrade, when you have access to the Armor Management Portal (AMP), you can use the L2L VPN screen to create and configure a Generation 4 L2L VPN tunnel.

Any L2L VPN tunnel that you created in Generation 3 (my.armor.com) will not be displayed in the Armor Management Portal (AMP). If you need to modify a Generation 3 L2L VPN tunnel, please contact Armor Support via a support ticket.

The L2L VPN screen in AMP.Create an L2L VPN tunnel

Create an L2L VPN tunnel

To learn more about the L2L VPN screen in AMP, see L2L VPN Tunnel.


Do I need to update my Generation 3 L2L VPN tunnels during the upgrade process? 

No. To prepare for the upgrade process, you do not need to perform any action on your existing Generation 3 L2L VPN tunnels. However, after the upgrade, these tunnels will not be displayed in the Armor Management Portal (AMP). 

After the upgrade, if you need to modify a Generation 3 L2L VPN tunnel, please contact Armor Support. 

To learn how to send a support ticket in AMP, see Support Tickets.
Any L2L VPN tunnel that you create in Generation 4 (AMP) will be visible and configurable in AMP.



How do I manage my firewall rules? 

During the upgrade, Armor will transfer your firewall rules from the Generation 3 platform to the Generation 4 platform. 

After the upgrade, when you have access to the Armor Management Portal (AMP), Armor recommends that you review and verify that the firewall rules displayed are correct.

As part of the new features in Generation 4, you can use the Firewall screen to create, update, disable, and remove firewall rules.


Create firewall rules

To learn more about firewall rules in AMP, see Firewall rules

Will the upgrade process affect my compliance? 

No. The upgrade process is not considered a significant change when it comes to PCI or HIPPA standards, especially since the firewall rules will be transferred over to Generation 4. 

Similarly, there is no need to perform a penetration test (pen test) after the upgrade. 


What are the supported operating systems? 

Operating systemSupported version for 64-bit environments only
Windows
  • 2008 R2 Datacenter
  • 2008 R2 Standard
  • 2008 R2 Web
  • 2012 Datacenter
  • 2012 R2 Standard
  • 2012 Standard
  • 2016 Standard

For Windows, Powershell 3 and .NET 4.5 must be installed.

CentOS
  • 6.X
  • 7.X
Red Hat Enterprise Linux (RHEL)
  • 6.X
  • 7.X
Ubuntu
  • 14.04 LTS
  • 16.04 LTS


Pricing / Billing in Generation 4 

Is my monthly invoice going to increase?

In short, no, your monthly invoice will not increase. 

Although virtual machines are priced differently in Generation 4, Armor will honor the prices based on your last invoice for Generation 3.

While your Generation 4 invoice will display the updated prices for your virtual machines, the invoice will also display a discount to counteract the updated prices. This discount will only apply to virtual machines that were transferred from Generation 3 to Generation 4. 


After you upgrade to Generation 4, any additions or changes you make to your environment (including a new virtual machine) will be priced to the updated pricing structure for Generation 4.



Are resources priced differently in Generation 4?

Yes. The change includes a reduced price for common storage, compute, and memory costs, as well as a revised tiered structure for the price of Armor’s Intelligent Security Model.

Review the following table to understand how the pricing structure will change:


Small - MediumLargeExtra - Large
vCPU488
RAM83264
Disk300300600
Generation 3 Price$1,205$1,785$3,025
Generation 4 Price$1,204$1,604$2,594
Delta-$1-$181-$431
Change0%-10%-14%

When will the updated pricing be reflected in my invoice? 

After you upgrade to Generation 4, for any resource that you add or change, you will be charged to the updated pricing structure. These billing changes will not go into effect until the first day of your new billing cycle after you upgrade. 

To better understand, review the following scenario for a customer whose regular invoice date is the 15th of every month:

  • On June 1st, the Generation 3 environment is scheduled to be upgraded to Generation 4 on June 20th.  
  • On June 15th, the final invoice for Generation 3 is created, which covers the following 30 days. In other words, this invoice will include both Generation 3 activity and Generation 4 activity.   
  • On June 20th, the Generation 3 environment is upgraded to Generation 4. 
  • On July 15th, the first invoice for Generation 4 is created, which covers the following 30 days. This invoice will include any changes you have made to your Generation 4 environment, such as adding a new virtual machine. After you have upgraded to Generation 4, your account activity will be priced to the updated pricing structure. 

How will my invoice transition from Generation 3 to Generation 4?

During the month of your upgrade, you may receive two separate invoices:

  • One invoice for the monthly subscription services on the Generation 4 platform
  • One invoice for any final, outstanding usage from the Generation 3 platform that went beyond your subscription

Consider the following scenario:

  • You create a virtual machine subscription with 1 CPU and 1 GB of memory (1-1). As a result, at the beginning of each bill cycle, your account is billed for this 1-1 virtual machine subscription. 
  • At a later time, you add an additional 1 GB of memory; however, this configuration was never added to the subscription. As a result, at the beginning of each bill cycle, your account is billed for the original 1-1 virtual machine subscription, as well as a separate entry for the additional 1 GB of memory. 
  • After you upgrade to Generation 4, you will receive a Generation 4 invoice, which includes the updated virtual machine (1 CPU and 2 GB of memory). Additionally, you will receive a final Generation 3 invoice that simply lists the added 1 GB of memory. 

Where can I view my previous invoices for Generation 3?

After you upgrade to Generation 4, there are two ways to view a previous invoice for Generation 3:

  • If you upgraded to Generation 4 less than 30 days ago, you can still access my.armor.com to view and export the previous invoices for Generation 3.
  • If you upgraded to Generation 4 over 30 days ago, you can send a support ticket in the Armor Management Portal (AMP) and request to view a PDF version of the specified previous invoice for Generation 3.

Armor Support can only retrieve invoices from the previous 6 months.

To learn how to send a support ticket in AMP, see Support Tickets.

Where can I view my invoices for Generation 4? 

You can view and export invoices for Generation 4 in the Invoices screen in the Armor Management Portal (AMP). 

To learn more about invoices in Generation 4, see Invoices.

What will my invoices look like in Generation 4? 

Invoices in Generation 4 will be similar to the following image: 

RowDescription
Price Equalization

This row displays the discounts that relate to your upgrade to Generation 4.

Although virtual machines are priced differently in Generation 4, Armor will honor the prices based on your last invoice for Generation 3.

While your Generation 4 invoice will display the updated prices for your virtual machines, the invoice will also display a discount to counteract the updated prices. This discount will only apply to virtual machines that were upgraded from Generation 3 to Generation 4.

Persistent Storage This row displays your disk storage. Each storage tier is displayed as a single-line item. 
Virtual MachinesThis row displays your virtual machines, displayed with the CPU, RAM, ad operating system. If you have multiple virtual machines of the same type, then those same virtual machines are displayed in one entry. For example, in the above invoice, there are two 2X8 – RHEL 6 virtual machines that are displayed in one entry.
Access Control 

This row displays your SSL VPN accounts.

Network + Connectivity This row displays your IP addresses. 
Security + Support This row displays the cost associated with securing and supporting your virtual machines. 
Log ManagementThe last row (or rows) displays your add-on product purchases, such as the items listed in the Armor Marketplace. In the above invoice, the Log Management add-on product was purchased. Add-on products will be listed in separate entries. 

How do I add extra storage, and what are the corresponding prices?

You can add and configure additional storage for existing virtual machines in the Virtual Machine Details screen in the Armor Management Portal (AMP). Simply click Add Disk, and you will be taken to the New Disk screen.

Additionally, within AMP, you can view the prices before you add the extra storage.

The Virtual Machine Details screen.Add storage

Add storage

Add storage


Who should I contact for questions regarding changes in pricing or how my invoices will be affected?

Similar to Generation 3, you can contact Armor by:

  • Submitting a support ticket in the Armor Management Portal (AMP)
    • To learn more, see Create a support ticketCreate a support ticket

      Create a support ticket

      If you have not upgraded to Generation 4 and want to submit a support ticket, then in my.armor.com, click the Tickets tab, and then click Create a New Ticket.

  • Calling Armor
    • For the United States office, call +00 1 877 262 3473, option 1
    • For the United Kingdom office, call +44 0800 500 3167
  • Sending an email to the Armor Billing team
    • Contact billing@armor.com, and in the Subject line, please enter Gen4 Price Change.

Continuous Server Replication (Disaster Recovery)

What is the Continuous Server Replication (Disaster Recovery) add-on product? 

Armor, along with Zerto, provides a fully managed continuous data replication (disaster recovery) add-on product.

At a high-level, this add-on product recovers and replicates your resources into a recovery environment to help you:

  • Maintain your applications during an outage in your primary data center
  • Meet compliance requirements

What is the difference between a test failover and a live recovery? 

A test failover serves two purposes:

  • To verify that the add-on product has been fully provisioned in your environment
  • To meet compliance requirements

Additionally, a test failover does not affect your production environment.  

A live recovery serves to keep your applications available during an environment outage. You should only request a live recovery if you are unable to work through the expected environment downtime.


I had Continuous Server Replication (Disaster Recovery) in my Generation 3 (my.armor.com) environment. Do I need to order this add-on product again in my Generation 4 (amp.armor.com) environment?

In short, no. As part of the upgrade process, any virtual machine that was subscribed to Continuous Server Replication (Disaster Recovery) in Generation 3 will retain that service in Generation 4.  

For any Generation 3 virtual machine that did not have Continuous Server Replication (Disaster Recovery), or for newly created Generation 4 virtual machines, you must order Continuous Server Replication (Disaster Recovery) in AMP. 

To learn how to order, see Continuous Server Replication (Disaster Recovery) for upgraded users


How do I order Continuous Server Replication (Disaster Recovery) and request a test failover?  

You can order the Continuous Server Replication (Disaster Recovery) add-on product in the Armor Management Portal (AMP). Once this add-on product has been fully provisioned, you can submit a support ticket to request a test failover. Armor Support will coordinate with you to establish expectations and timelines. 

To learn how to order Continuous Server Replication (Disaster Recovery), as well as request a test failover, see Continuous Server Replication (Disaster Recovery) for upgraded users


If my primary environment is experiencing an outage, does Armor automatically perform a live recovery? 

Armor will never perform a live recovery without an authorized user's request.  

Although Armor will notify you about an environment outage, you are still responsible for communicating a live recovery request to Armor.

Similarly, while Armor will notify you about the end of an environment outage, you must contact Armor to request a restoration to your primary environment. 

To learn how to send a support ticket, see Support Tickets

Who can request a live recovery? 

Armor Support will only perform a live recovery when an authorized user has made the request to Armor.

As a result, when you order Continuous Server Replication (Disaster Recovery), Armor Support will ask via a support ticket the names of your authorized users. In the future, only these users can submit a support ticket to request a live recovery.


If I make a change in my live recovery environment, will that change be reflected in my primary environment after a restoration?  

Any change that you make in the Armor Management Portal (AMP) will not be reflected in the primary environment after a live recovery and restoration. For example, any change to your firewall rules will not be replicated in the primary environment.

However, any change in the backend (outside of AMP) will be replicated, such as a change to your database. 


How do I end the live recovery process and restore to my primary environment?   

You must send a support ticket and indicate your interest to restore to your primary environment. 

To learn how to send a support ticket, see Support Tickets

During a live recovery and restoration, how are the primary and live recovery virtual machines displayed in AMP?

Live recovery

In a live recovery, only the live recovery virtual machine will be displayed in AMP, with the exception of the Log Management screen.

  • Both the primary virtual machine and the live recovery virtual machine will be displayed in the Log Management screen.

The live recovery virtual machine will contain the same name as the primary virtual machine, along with a yellow icon. 


Live restoration

In a live restoration, only the primary virtual machine will be displayed in AMP, with the exception of the Log Management

  • Both the primary virtual machine and the live recovery virtual machine will be displayed in the Log Management screen.

During a test failover, how are the primary and test failover virtual machines displayed in AMP?

In a test failover, both the primary virtual machine and the test failover virtual machine will be displayed. 

The name of the test failover virtual machine will be the same name as the primary virtual machine, along with a - Test.

For example, if the name of your primary virtual machine is My Company, then the name of the test failover virtual machine will be My Company - Test.

After a test failover, the test failover virtual machine will be removed from AMP.


How do I access a live recovery virtual machine? 

Similar to accessing a primary virtual machine, to access a live recovery virtual machine, you must download and install the SSL/VPN client for Generation 4. You must download the client that corresponds to the correct recovery environment:

  • If your primary environment is DFW01, then you should download the client for the PHX01-Recovery environment.
  • If your primary environment is PHX01, then you should download the client for the DFW01-Recovery environment.

To access a live recovery virtual machine, you cannot use the Generation 3 (my.armor.com) SSL/VPN client. You can only use the Generation 4 (amp.armor.com) SSL/VPN client.

To learn how to download and install an SSL/VPN client in Generation 4, see SSL VPN.



Will a live recovery and restoration affect my DNS? 

A test failover will not affect your DNS; however, a live recovery will affect your DNS.

In a live recovery, your primary environment will be replicated in a live recovery environment, which will change the IP address.

  • If Armor manages your DNS, then Armor will automatically handle your DNS configurations during the recovery and restoration process.  
  • If Armor does not handle your DNS, then you must update your DNS after the live recovery, as well as after the restoration. 



In this topic



Have a suggestion for the Armor Knowledge Base? Send a message to kb@armor.com.