Cloud Machine Learning

This document describes how to configure AWS SageMaker for running FortiSIEM Machine Learning jobs in AWS.

• Set Up AWS SageMaker
• Configure FortiSIEM to use AWS SageMaker
• Other Tasks
  • Checking AWS SageMaker Training Job Status
  • Checking AWS SageMaker Hyperparameter Tuning Job Status
  • Checking AWS SageMaker Inference Job Status
• Implementation Notes
  • AWS Auto Mode Running Time

Set Up AWS SageMaker

To set up AWS SageMaker, take the following steps.

Step 1: Create an AWS Account

If you already have an AWS account, proceed to Step 2. Make sure you have your AWS account ID for the next step.

To create an AWS account, navigate to https://portal.aws.amazon.com/billing/signup, follow the instructions there, and record your AWS account ID for use in Step 2.

Step 2: Create an IAM Administrator User and Group

When you create an AWS account, you get a single sign-in identity that has complete access to all of the AWS services and resources in the account. This identity is called the AWS account root user. Signing in to the AWS console using the email address and password that you used to create the account gives you complete access to all of the AWS resources in your account. Fortinet strongly recommends that you not use the root user for everyday tasks, even administrative ones. Instead, adhere to the Security best practices in IAM.

To create an administrator user, follow the instructions here: Creating Your First IAM User and Administrators Group.

Step 3: Create SageMaker Execution Role and Policy

To create a SageMaker execution role and policy, take the following steps.

1. Open your IAM console at https://console.aws.amazon.com/iam/.
2. In the left pane, under Access management, select Roles, then click Create role.
3. Click on the SageMaker drop-down list, select SageMaker - Execution, then click Next to go to "Step 2 Add permissions".
4. Select Next to go to "Step 3 Name, review, and create".
   Note: The IAM managed policy, AmazonSageMakerFullAccess, is automatically attached to the role being created. To see the permissions included in this policy, click the carat next to the policy name.
5. In the Role name field, enter a name for the role, then click Create role.
6. On the Roles section of the IAM console, select the role you just created.
   Note: You can locate your role name by entering it partially in the Search field.
7. Select Add permissions, then click Create inline policy.
8. Click Choose a service.
9. In the Service field, enter "s3", then select s3.
10. Under Actions, under Access level, select List, Read and Write.
11. Under Resources, locate bucket, check the Any checkbox, then click Review policy.
12. Under Review policy, in the Name field, enter the name of your policy, then click Create policy.

Configure FortiSIEM to use AWS SageMaker

Note: Ensure Amazon SageMaker is set up first.

To configure AWS for Cloud Machine Learning, take the following steps:

1. Navigate to ADMIN > Settings > General > Cloud Machine Learning.
2. In the Access Key field, enter the Access Key for your AWS Cloud account.
3. In the Secret Access Key field, enter the Secret Access Key of your AWS Cloud account.
4. In the Region field, enter the region where your AWS resides.
5. In the S3 Bucket field, enter the S3 bucket.
6. In the SageMaker Execution Role field, enter the SageMaker Execution role.
7. Click Test.
8. If Test is successful, click Save.

Other Tasks

• Checking AWS SageMaker Training Job Status
• Checking AWS SageMaker Hyperparameter Tuning Job Status
• Checking AWS SageMaker Inference Job Status

Checking AWS SageMaker Training Job Status

To monitor your SageMaker training jobs, take the following steps.

1. Navigate to https://console.aws.amazon.com/sagemaker/.
2. In the left navigation pane, expand Training, select Training jobs, and from the center pane, choose the relevant task name.

Checking AWS SageMaker Hyperparameter Tuning Job Status

To check on the status of your SageMaker Hyperparameter tuning jobs, take the following steps.

1. Navigate to https://console.aws.amazon.com/sagemaker/.
2. In the left navigation pane, expand Training, select Hyperparameter tuning jobs, and from the center pane, choose the relevant task name.

Checking AWS SageMaker Inference Job Status

1. Navigate to https://console.aws.amazon.com/sagemaker/.
2. In the left navigation pane, expand Inference, select Batch transform jobs, and from the center pane, choose the relevant task name.

Implementation Notes

• AWS Auto Mode Running Time

AWS Auto Mode Running Time

Training time for AWS Auto mode is relatively long and only suitable for large amounts of data (e.g. more than 20K rows).