Preparing to Use Security Controls Agent

All agents are configured on the Security Controls console and then either push installed from the console to the desired target machines or manually installed by an administrator. The agents can be configured with any combination of patch management capabilities, asset management capabilities, and/or power management capabilities. This section provides a roadmap of tasks you must perform when preparing to use Security Controls Agent.

The agent machine hardware and software requirements are found in the System Requirements topic.

I. (Optional) Set Up and Synchronize a Distribution Server

Setting Up a Distribution Server

You have the option of setting up a distribution server that the agents can periodically access to download various files. There are a couple of reasons for using a distribution server, including:

  • If some of your agents do not have Internet access and therefore won't be able to download the latest engine components, data files and patch files from the default websites. In this case you will need to store these files on a distribution server that the agents can access.
  • If you have defined custom patches that are not available from the default websites. You must make the custom patches available by manually copying the patches to one or more distribution servers.

See Configuring Distribution Servers for detailed information on configuring a distribution server. In addition, when you configure your agent policy you should specify which distribution server your agents should use; see Configuring General Settings for details.

Synchronizing the Distribution Server

To update a distribution server with the latest patches, engine components and data files, you synchronize the server with the files contained on the console. See Synchronizing Servers for detailed information. Custom patches must be manually copied to the distribution server.

II. Create and Configure a Security Controls Agent Policy

  1. From the main menu select New >Agent Policy.
  2. Type a unique name for the policy.

There are many features you can configure within an agent policy. See Creating A New Agent Policy for complete details.

III. Install the Agent on the Desired Machines

There are a couple of ways you can push install an agent on one or more machines.

  • For machines that have been scanned at least once and are contained in the program database, you can use the Machine View right-click menu (Agents > Install/Reinstall with Policy).
  • For machines that have not been scanned and are not contained in the database, you can create a machine group containing all the machines that will run a particular agent policy and then use the Install Agent button to install an agent on those machines that are online.

See Installing Agents from the Console for detailed information on installing agents on target machines.

When performing a push install of an agent, each target machine must have a network connection to the console during the installation. This connection is required in order to exchange security information that will be used to establish an encrypted link for all future communication between the console and its agents. The agent machines must also be able to perform name resolution in order to locate the console machine.