Security Controls

How the Agent Process Works

Agents are configured via the Security Controls interface and then installed on the desired machines. Once installed, each agent will periodically check in with the console, or if it is a disconnected agent it may check in with the Protect Cloud service. How often an agent checks in is a configurable item, but the check-ins typically occur at least once a day. An agent can also be configured to listen to the console for policy updates and download the new policy immediately (Windows-based machines only).

During each check-in the agent checks with the console and does the following:

The process is a bit different if you are using Protect Cloud synchronization; see Protect Cloud Synchronization Overview for details.

It refreshes its license. An agent license is valid for 45 days from the most recent check-in.

It checks if it is assigned a distribution server, and if so, which one.

It checks for any policy configuration changes. If the policy has been changed, the new policy will be pushed from the console to the agent. In addition, the agent will receive new engine and data files from either the default websites or from its assigned distribution server.

It receives any credential information it needs in order to authenticate itself to any distribution servers or proxy servers.

An agent will also download new engine and data files from the default website or from its assigned distribution server whenever a scheduled scan is performed.

The following figure illustrates the agent process.


Was this article useful?