TCP mode of agent installation is suitable to manage systems that are in a LAN or for those systems that can be communicated to, by the Security Manager Plus (SMP) server over a secure VPN tunnel.
The two-way communication between the Security Manager Plus server and the agent is via a TCP connection (port to port). The agent will have a TCP port (default:9005) open in the system and talk to the server on its own TCP port (default port:9004). Data is encrypted and the communication is secured using SSL. Vulnerability management tasks are initiated from the web interface of Security Manager Plus. The SMP Server contacts the agent and assigns the tasks. SMP Agent will perform the tasks on the system and send the response back to the server on the same connection.
Consider a scenario within an enterprise network where a few systems are "highly" secured or present in a DMZ (De-Militarized Zone) - wherein remote access is not permitted, ADMIN$ shares are disabled, remote registry service is disabled or systems have a firewall enabled which blocks external access. It becomes practically impossible to manage such systems in the remote or agentless mode as they cannot be easily contacted by the Security Manager Plus Server. In such cases, installing Security Manager Plus Agents on these systems and enabling TCP port 9005 in the firewall for access by the Server will making patch management permissible.
Setting up Security Manager Plus Server in the enterprise
The Security Manager Plus Server will be installed on a high-end machine in the internal network / server data center. TCP port 9004 must be open in this machine for SMP Agents to communicate to the Server over TCP.
Administrators can login to the web interface of Security Manager Plus either from the server data center or enterprise internal network.
Setting Up Security Manager Plus Agents in the enterprise network machines
The SMP agent is available as an executable file (SecurityManagerPlusAgent.exe) in the <Server_Install_Dir>/AdventNet/SecurityManager/agent/windows directory of the Security Manager Plus Server. Copy the agent to your target machines, execute the file and follow the instructions. Choose TCP mode when prompted for during the installation.
Alternatively, you can connect to the
Security Manager Plus Server from a browser in the target machine, using the URL : https://server_name:portnumber. (e.g.
Login and visit the 'Admin' tab.
Use the 'Download Windows Agent' link from Admin tab, to download and install the Security Manager Plus agent (.exe file) in that particular system. Carry out the same step for the desired number of target machines. Choose TCP mode when prompted for during the installation.
There are some parameters that need to be configured for this mode. These are configurations are effected in any of the following ways:
From the web interface of Security Manager Plus --> Admin tab --> Agent Administration link for the agent system listed
Here are the parameters :
Do not alter Server Port value unless and until this has been changed accordingly during Security Manager Plus Server installation.