Managing Your Agents

You can use Machine View or Scan View to manage the machines that are running an agent policy. You can install an agent onto machines, you can assign a different policy to machines that already contain an agent, you can uninstall agents from machines, and you can issue a number of commands. You can also use the Agent State column in Machine View to determine which machines have Security Controls Agent installed.

All actions are performed by right-clicking the desired machines and then selecting the Agents menu.


Windows Machines


Linux Machines

Field

Description

Install / Reinstall with Policy

Installs an agent on the selected machine(s). If an agent already exists on a machine, it will reinstall the agent with the selected policy. The installation process will begin immediately.

The target machine(s) must be online and able to communicate with the console. If a machine is not online the installation will fail.

TIP: If you have target machines that are away from the corporate network and unable to contact the console, consider installing agents from the cloud.

Uninstall

Will remove the agent from the selected machine(s).

  • If an agent machine is online and configured to listen for policy updates, the agent will be uninstalled immediately.
  • If an agent machine is online but is not configured to listen for policy updates, the agent will be uninstalled the next time the agent checks in with the console.
  • If an agent machine is not currently online, the uninstall will be performed the next time the agent is online and checks in with the console or the cloud.

Assign Policy

Applies only to machines that already have agents installed. It will assign a different policy to the selected agent machines.

  • If an agent machine is online and configured to listen for policy updates, the new policy will be assigned immediately.
  • If an agent machine is online but is not configured to listen for policy updates, the new policy will be assigned the next time the agent checks in with the console.
  • If an agent machine is not currently online, the new policy will be assigned the next time the agent is online and checks in with the console or the cloud.

The advantage of Assign Policy over Install / Reinstall with Policy is that it is quicker. This is because it is only updating policy files and not installing an entire agent.

The following commands apply only to machines that already have agents installed, that are online and that are configured to be listening agents.

Check-in request

Forces the selected agent machines to immediately check-in with the console and download the latest policy.

Update patch data

Directs the agents to download the latest patch data.

Update binaries

Directs the agents to download the latest scan engines and data files.

Clear retry counts

Clears all patch counters on the agents. A unique patch counter exists for every patch an agent tries to download and for every patch an agent tries to install. A patch counter will increment whenever a patch download or a patch installation fails. Failed download and installation attempts will be recorded in the patch log. If a patch fails to download after 11 attempts or fails to install after 3 attempts the agent will stop trying to deploy that particular patch. The only way to resume the deployment of that patch is to clear the counter.

Run task from policy

Enables you to initiate any of the tasks currently defined within the selected agents. When you select a task name a confirmation dialog is displayed. If you choose to continue, the task is immediately started on the agent machines. See Creating a New Agent Policy for information on the types of tasks that may be available.