I’ve been looking at Trend Micro’s Deep Security because I’m running OpenEMR on a Windows(comfortable supporting windows) Server 2012 R2. Since I’m running everything on a micro instance I’m concerned the agent will consume too much resources. Anyone with experience using it or maybe have a cheap agentless alternative?
On AWS you could look into using an Application Load Balancer + WAF + GuardDuty in order to not tax the server. Eventually I am going to write an article on doing exactly this.
Why not just move the box up one level to a Small? Trend Micro doesn’t require a lot, but I’m kind of surprised you got just Windows running on a Micro server.
Also no matter what you do I would recommend GuardDuty. It will cost you maybe $0.20 a month (at most) and provide lots of good info.