Installing Agents from the Cloud
If you are using Security Controls Cloud synchronization, you have the ability to install a Security Controls Agent from the cloud. This is particularly helpful if you have target machines that are away from the corporate network and unable to contact the console.
Show Me!
A video tutorial is available on this topic. To access the video, click the following link:
Requirements
- The target machine must have Internet access
- The Security Controls console must be registered with Security Controls Cloud
- Outgoing TCP ports 80 (http) and 443 (https) must be available when communicating with Security Controls Cloud
- The URL isec.ivanticloud.com must be accessible when communicating with Security Controls Cloud
- There must be at least one agent policy that is configured to allow synchronization with Security Controls Cloud
- You cannot install a cloud-based agent on a Security Controls console machine
- Each user that installs an agent must have administrator access on their target machine
Installation Instructions
This section describes the web-based method for creating and distributing an agent key. Another option is to create the key from the Security Controls console.
From Your Web Browser
- Go to https://isec.ivanticloud.com and log on to your account.
If you don't already have an account, click Register to quickly setup an account. - On the Registered Consoles tab, verify that your Security Controls console is registered with Security Controls Cloud.
- Select the Agent Keys tab.
- Click New.
The Create New Agent Key dialog is displayed. Use this dialog to create an activation key that can be used to install one or more agents. You also use this dialog to specify the email addresses of the users you want to receive this key. - Provide all necessary information and then click Create Key.
The agent key is created and then emailed to the specified recipients. The email message also contains a web link for downloading the agent installation program and detailed instructions on how to install the agent.
Field |
Description |
---|---|
Console Name |
Select the Security Controls console that will be used to manage the agent. TIP: If the console does not contain a user-friendly name that has some significance to other users, before proceeding you might consider changing the name within Security Controls and then re-registering the console with Security Controls Cloud. |
Policy |
Select the agent policy that you want to assign to the agent. Only those policies that are configured for synchronization with Security Controls Cloud will be available for selection. |
Max. Number of installations |
Specify the maximum number of agent installations you will allow to be performed using this agent key. Example: Assume you want to install agents on all of the machines at a remote site. You are not certain how many machines are at the site but you are confident that there are fewer than 10 machines. By specifying a maximum of 10 installations for this key, you are enabling all the machines at the remote site to install agents and yet limiting the number of license seats that can be consumed using this key. You cannot install an unlimited number of agents because the Security Controls console will not allow you to exceed your license count. |
Expires in (hours) |
Specify how long the key can be used to install new agents. For example, if you know that an administrator will be at a remote site for two days to help with the agent installations, you can specify that the key is only valid for 48 hours. This allows you to control your exposure to other people consuming license seats from the console. |
Send the agent key and activation instructions to one or more email addresses |
An email message containing the agent key will be sent to each address. Use a comma to separate each address. |
Send a copy of the agent key and setup instructions to my email address |
If you want to receive a copy of the email message that will be sent to the specified recipients, enable this check box. |
On the Target Machine
- Log on to the target machine using an administrator account.
- Open the Security Controls Cloud Sync email message that contains the agent key and the installation instructions.
- Use the instructions to install and register the agent.
You will install the agent, specify that you are connecting to the console through the cloud, paste the activation key, and then click Register. - Wait for the agent registration process to complete; this may take up to 20 minutes or more to complete.
The agent will be initially placed into a temporary provisional state while the registration is processed. During this time the Security Controls console will learn about the registration request, verify that enough license seats are available, and provide the Security Controls Cloud service with the necessary files. After the registration process is complete, at the next check-in time the agent will retrieve its assigned agent policy from the cloud and will become a fully-functional agent.
If you do not have access to the Security Controls Cloud Sync email message but you have a Security Controls Cloud account, you can create your own agent key by opening a web browser on the target machine and then following the instructions shown above in the From your web browser section. After the key is created and while you are still logged in to Security Controls Cloud, click the Download Agent link that is located to the right of the new key; this enables you to download the agent installation program to the target machine.
Tip: After the agent checks in with the console, you might consider using the Assigned Group column in Machine View to group the agent machine with other machines that share similar attributes, such as physical location or the same agent policy