Topics Discussed
After you sync your public cloud account with the Armor Management Portal (AMP), you can use the Virtual Machines screen to view the instances associated with your public cloud account.
Additionally, the Virtual Machines screen will display the security status of these instances. All instances for the synced public cloud account will be displayed; however, instances without the Anywhere agent will be labeled as Unprotected.
To sync your public cloud account with AMP, see ANYWHERE Cloud Connections.
The Cloud Connection screen simply lists the synced public cloud account; the Virtual Machines screen lists all the instances listed in that public cloud account.
To fully use this screen, you must have the following permissions assigned to your account:
- Write Virtual Machines
- View Core License
- Read Utilization
To learn how to install Armor Anywhere, see Install Armor Anywhere.
Review Virtual Machines
The Virtual Machines screen provides a high-level view of all of your virtual machines.
- In the Armor Management Portal (AMP), in the left-side navigation, click Infrastructure.
- Click Virtual Machines.
- Search by Virtual Machine, Primary IP, or Tag.
- Filter by Type, State, or Power Status.
| Field | Description |
|---|---|
| Name | This column displays the name of the instance from your public cloud account. |
| Primary IP | This column displays the the primary IP address associated with the instance. |
| Type | This column display the type of instance, specific to the offerings offered by your public cloud provider, such as EC2 instance for AWS.
|
| Date Created | This column displays the date the instance was created in your public cloud account. |
| Security Groups | This column displays the corresponding security group from your public cloud account. |
| State | This column displays the security status of the instance, in relation to the installed agent. There are three states:
|
| Power | This column displays the power status of the virtual machine:
|
| Tags | This column displays any tags that have been added to the virtual machine on the Tags + Notes screen. |
Review Details for a Specific Virtual Machine
From the Virtual Machines screen, you can access detailed information for each virtual machine.
- In the Armor Management Portal (AMP), in the left-side navigation, click Infrastructure.
- Click Virtual Machines.
- Locate and select the desired instance.
Overview
This section displays detailed information for the virtual machine.
| Column | Description |
|---|---|
| Type | This entry displays the type of instance, specific to the offerings offered by your public cloud provider, such as EC2 instance for AWS.
|
| Provider | This entry displays the public cloud provider for the instance. |
| Instance ID | This entry displays the ID associated with the instance or virtual machine. |
| Instance State | This entry displays the security status of the instance or virtual machine. |
| Original OS Version | This entry displays the original operating system for the instance or virtual machine. |
| Current OS Version | This entry displays the current operating system for the instance or virtual machine. |
| Public IP | This entry displays the public IP address associated with the instance or virtual machine. |
| Agent ID | This entry displays the unique ID associated with the Armor Agent. |
| Agent Version | This entry displays the version of the Armor Agent. |
| Last Heartbeat | This entry displays the date and time of the last successful heartbeat. |
Sub-Agent Health Table
This section displays the sub-agent health related to your Armor-protected virtual machines.
| COLUMN | DESCRIPTION |
|---|---|
| Name | This entry displays the specific service that is being checked. |
| Product | This column displays the product name associated with the sub-agent (i.e. Trend, Rapid7). |
| Sub-Agent Version | This column displays the sub-agent version. |
| State | This entry displays the status of the service, either OK, Needs Attention, or Pending.
|
| Message | If the status is Needs Attention, then this entry will display additional details on the service check results. |
Review Sub-Agent Health Details for a Virtual Machine
For each of your virtual machines, you can view sub-agent health details. You can use this information to troubleshoot agents that may be in a bad state.
- In the Armor Management Portal (AMP), in the left-side navigation, click Infrastructure.
Click Virtual Machines.
- Locate and select the desired instance.
- Locate and hover over the sub-agent that you want to view.
- Click the name of the desired sub-agent. Or, click the vertical ellipses, then click View Details.
- On the left-side of the screen, select the sub-agent that you want to view.
- The information that displays on the right-side of the screen will change based on the sub-agent that is selected.
Armor Agent
Review specific information and troubleshooting steps for the Armor Agent service.
| SECTION | DESCRIPTION |
|---|---|
| Details | This section displays the following information for the Armor agent: Heartbeat
Agent Version
|
File Logging
Review specific information and troubleshooting steps for the File Logging service.
| SECTION | DESCRIPTION |
|---|---|
| Details | Logs
Log Version
|
| Connectivity | This section displays the script to check connectivity, along with steps to remediate. |
File Integrity Monitoring
Review specific information and troubleshooting steps for the File Integrity Monitoring (FIM) service.
| SECTION | DESCRIPTION |
|---|---|
| Trend to Armor Sync | Trend
Armor
Steps to Remediate |
| Connectivity | This section displays the script(s) to check connectivity, along with steps to remediate. |
| Errors | This section displays any known errors, along with steps to remediate. |
Intrusion Detection System
Review specific information and troubleshooting steps for the Intrusion Detection System (IDS) service.
| SECTION | DESCRIPTION |
|---|---|
| Trend to Armor Sync | Trend
Armor
Steps to Remediate |
| Connectivity | This section displays the script(s) to check connectivity, along with steps to remediate. |
| Errors | This section displays any known errors, along with steps to remediate. |
Malware Protection
Review specific information and troubleshooting steps for the Malware Protection service.
| SECTION | DESCRIPTION |
|---|---|
| Trend to Armor Sync | Trend
Armor
Steps to Remediate |
| Connectivity | This section displays the script(s) to check connectivity, along with steps to remediate. |
| Errors | This section displays any known errors, along with steps to remediate. |
Vulnerability Scanning
Review specific information and troubleshooting steps for the Vulnerability Scanning service.
| SECTION | DESCRIPTION |
|---|---|
| Registered | This section displays the following information for the Armor agent that is registered:
|
| Scan Import | This section displays the following scan import information for the Armor agent:
|
| Connectivity | This section displays the script(s) to check connectivity, along with steps to remediate. |
| Last Scan Time | This section displays the following information regarding the most recent scan:
|
Add Tags and Notes to a Virtual Machine
You can use the Tags + Notes section to add tags to your instance, to improve categorization and search capabilities. You can also add notes to help track changes and tasks related to an instance.
- In the Armor Management Portal (AMP), in the left-side navigation, click Infrastructure.
- Click Virtual Machines.
- Locate and select the desired virtual machine.
- Click Tags + Notes.
- In the Tags section, enter the desired tag, then click the ( + ) symbol to add.
Multiple tags may be added.
- In the Notes section, enter the desired note.
- In the Tags section, enter the desired tag, then click the ( + ) symbol to add.
- Click Save Changes.
Remove Tags and Notes from a Virtual Machine
- In the Armor Management Portal (AMP), in the left-side navigation, click Infrastructure.
- Click Virtual Machines.
- Locate and select the desired virtual machine.
- Click Tags + Notes.
- In the Tags section, click the "X" next to the tag that you want to remove.
- In the Notes section, delete or edit the note.
- Click Save Changes.
Enable Auto-Removal of Inactive Virtual Machines
The auto-remove feature allows you to remove your virtual machines from AMP that are no longer communicating with Armor.
This feature does not remove your virtual machines from your cloud provider.
This setting is limited to users in the Admin role only.
- In the Armor Management Portal (AMP), in the left-side navigation, click Infrastructure.
- Click Virtual Machines.
- Hover over the plus ( + ) icon, and then click the Virtual Machine Settings icon.
- Click the Auto remove VMs setting to enable the auto-remove feature.
- Click the setting again to disable the feature.
- In Remove VMs after, select the desired time frame for when your virtual machines should be removed - 7 Days, 14 Days, or 30 Days.
- Click Save.
Export Usage Data
- In the Armor Management Portal (AMP), in the left-side navigation, click Infrastructure.
- Click Virtual Machines.
- Click Export Usage.
- In the drop-down menu, select a file type to download.
- Select the range of data to download.
- Click Export Usage.
- A file will download to your local machine.
| Option | Description | ||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| All Usage + Summaries - 1 month max | This option will download a .zip file every available file type:
| ||||||||||||||
| Usage Details - 1 month max | This option downloads a .zip file with the following information:
| ||||||||||||||
| Summary Usage by Host - 6 months max | This option exports the following information:
| ||||||||||||||
| Summary Usage by Hour - 6 months max | This option exports the following information:
|
Was this helpful?
| Your Rating: |
|
Results: |
|
4 | rates |
