Consider a scenario in your enterprise network, wherein you have a number of Security Manager Plus agents installed and you want to change some agent properties globally in all agents or want to upgrade the agents to the latest version available. Carrying out these operations manually in each agent across your network is going to be tedious. To eliminate this manual procedure, Security Manager Plus has the provision to administer the agents, from the web interface of Security Manager Plus.
Visit the Admin tab and click the Agent Administration link. From here you can see the agent systems. Following are the options available in this screen.
Security Manager Plus Windows Agent settings can also be configured from the web interface of Security Manager Plus. There are a set of parameters each for both HTTPS mode and SSL/TCP mode of the agents that can be altered from the 'Configure Agent' option, available in the Actions button in the Asset Details.
These are the agent properties that can be configured from the System Configuration screen :
An e-mail can be sent to the desired e-mail ID to receive notification on the Agent Configuration task completion.
1. Agent Mode
There are 2 modes in which Security Manager Plus Agents can function - HTTPS mode & SSL/TCP mode - depending on your enterprise requirements. The mode in which the agent is installed and functioning is identified by the 'Agent Mode' parameter under the Agent Details section. You can change the mode if required and configure the associated parameter as below :
In the HTTPS Mode, you can configure the Poll Interval - the time interval in which the agent polls the SMP server for tasks to be executed. The value is in minutes and the default value is 5.
In the SSL/TCP Mode, you can configure the TCP port on the agent machine through which the SMP agent communicates with the Security Manager Plus Server. The default value is 9005.
2. Log Level
This is the severity level of the logs in the SMP agent application. The default value is : Off. The other permissible values you can choose from are: Error, Warning, Info, Debug - in the increasing order of severity.
Warning: Please exercise caution before you alter these parameters.
1. Server Name
It is the System name or IP address of the server machine to which the agent communicates.
2. Server Web Port
The web port on which the SMP server communicates to the agent. Note that the SMP server now runs in the HTTPS mode. Default 6767.
3. Server TCP Port
The TCP port on which the SMP server communicates to the agent. Default is 9004.
Upgrading the Security Manager Plus agent software 'manually' every time a new version of the agent is available in the Security Manager Plus server, is a tedious task. To eliminate this manual procedure, Security Manager Plus has the provision to automatically upgrade the agent software versions, from the web interface of Security Manager Plus.
Windows agent updates are available as a part of the vulnerability database updates. Applying updates is similar to applying a patch on the system. The update will be downloaded from the Central Repository Server and stored in Security Manager Plus. It will then be sent to the agent with instructions to upgrade itself.
When a newer version of the agent is available with the server, it will be identified (on scanning) and displayed as a missing patch in the Scan Result screen implying that the agent in a particular system needs to be updated. From here, a simple select-and-click will take care of upgrading the agent version to the latest.
Upgrading All Agents at once
This provision is available in the web interface from the Admin tab --> Agent Administration screen. The 'latest' agent version is displayed on the top of the screen in the 'Agent Update Version Info' table. All agents need to be in sync with this version to function effectively.
The system table displays the following information :
You can select the agents which have 'Update Status' showing 'Needs update', and click on the 'Upgrade Agents' button. Ensure that the system is up and the agent is running before you carry out the update. All the agents can also be simultaneously updated by selecting the entire table and clicking this button.
Once the upgrade request has been sent, revisit this screen after a while to view the status of the request. You will need to rescan a Windows systems to check if the agent update patch has been applied successfully.