Agent Package

This package installs and configures an Ivanti Device and Application Control Agent for API development purposes. The script can also be run to uninstall an existing minimal agent deployment.

Package Contents

sdk-deploy-agent.ps1

This is the PowerShell script that deploys, installs, and configures the Ivanti Device and Application Control Minimal Agent for API development. The script accepts parameters enabling the user to define installation paths and so on as defined in the PowerShell script.

sk.sys

Security Kernel Driver - enforces security rules on bootup and at runtime.

sk_ndis.sys

Security NDIS Kernel Driver - enforces additional rules on wireless connections.

skndisnetlwf.inf

Contains information needed to configure services during the NDIS installation process.

wifihlp.exe

Wifi Helper - WiFi Component Uninstall Support.

sxd-vdd.dll

Enables communication with 16-bit applications.

This file is present only on x86 deployments.

sxwmon32.dll, sxwmon64.dll, sxwmona64.dll

These DLLs implement IDACclient Extensions (injection) technology via user mode hooks.

scomc.exe

Security Command and Control - this application handles communication between the security kernel and the API agent.

7z.dll, 7z_x64.dll, 7z_a64.dll

These 7zip libraries are used to access and manage file archives as part of device control and file filtering functionality.

sxpkidll.dll, sxpkidll64.dll, sxpkidlla64.dll

This is used for public/private signing.

svolbro.exe

Secure Volume Browser - this application enables a user to encrypt and manage encrypted removable devices within the agent environment.

rtnotify.exe

The Real-Time-Notify application provides a visual representation of the current policy applied to the agent endpoint as well as enabling permitted operations on the agent. It provides a system tray notification of real time events on the endpoint device attachment, policy enforcement, policy update and so on). This is not added to Windows Startup by default, so in order to have the application start-up with the OS you must implement this separately.

The RTNotify application is not visible until a policy has been applied to an endpoint.

dcext.dll, dcext64.dll, dcexta64.dll

This dll is registered as a service and allows for shell integration with Windows Explorer. This enables the end-user to interact with the agent to perform several actions against drives in Windows Explorer (encrypt, decrypt, and so on). This is used for both x86 and x64 deployments.

The explorer components is not visible until an applicable policy has been applied to the endpoint (for example, allow encryption of removable devices).

hsdcnet.dll, hsdcnetstd.dll

This library contains the C# wrapper for the API methods, for .NET Framework 3.5 and .NET Standard 1.6.

hsdc32.dll, hsdc64.dll, hsdca64.dll

These libraries handle the architecture-specific method calls for the HSDCNet library so that the developer can be agnostic as to the underlying architecture when developing a solution.

hsdc32cmd.exe, hsdc64cmd.exe, hsdca64cmd.exe

Command line calling matching hsdc.dll, alternative to rundll32.exe call.

Deployment

To deploy this package you need to have PowerShell version 5 installed and allow for the execution of remote scripts using the PowerShell command:
Set-ExecutionPolicy RemoteSigned
You may choose to disable this after successful deployment to prevent unwanted script execution in future.

  1. Extract the package contents to an easily accessible location (for example C:\temp\).
  2. Open an elevated PowerShell session and navigate to the extracted package location.
  3. Run the sdk-deploy-agent.ps1 script and tailor the parameters as necessary according to the script.
  4. After successful deployment you will need to restart your machine (manually or follow prompt) in order for the relevant services to start and for the SK kernel to load.
  5. Following a successful reboot you should be able to see the necessary services running (SK, SCOMC, SKFS).

The script has the following parameters:

  1. CompanyName, by default **"Ivanti"**. This can be changed for OEM integration purposes.
  2. ProductName, by default **"Device and Application Control"**. This can be changed for OEM integration purposes.
  3. CompanyName, by default **"$CompanyName\$ProductName"**. This can be changed for OEM integration purposes.
  4. NoNdis, by default NDIS components are installed, this switch can be set to prevent its deployment.
  5. UserInterface, by default RTNotify and DCExt UI components are not registered, this switch registers them as Shell Extension / Systray to run at logon.
  6. Restart, a question is asked at the end of the script; this switch makes the restart silent.
  7. LoggingPath, support logs are generated in this path, defaulted to **"C:\temp"**.
  8. EnableTestSigning. switch used only if the deployment is not done with a release version of the SDK.