Topics Discussed

After you sync your public cloud account with the Armor Management Portal (AMP), you can use the Virtual Machines screen to view the instances associated with your public cloud account.

Additionally, the Virtual Machines screen will display the security status of these instances. All instances for the synced public cloud account will be displayed; however, instances without the Anywhere agent will be labeled as Unprotected

To sync your public cloud account with AMP, see ANYWHERE Cloud Connections.

The Cloud Connection screen simply lists the synced public cloud account; the Virtual Machines screen lists all the instances listed in that public cloud account. 

To fully use this screen, you must have the following permissions assigned to your account:

  • Write Virtual Machines
  • View Core License
  • Read Utilization

To learn how to install Armor Anywhere, see Install Armor Anywhere.


Review Virtual Machines


The Virtual Machines screen provides a high-level view of all of your virtual machines. 

  1. In the Armor Management Portal (AMP), in the left-side navigation, click Infrastructure.
  2. Click Virtual Machines
    • Search by Virtual Machine, Primary IP, or Tag.
    • Filter by Type, State, or Power Status.
FieldDescription
NameThis column displays the name of the instance from your public cloud account.
Primary IPThis column displays the the primary IP address associated with the instance.
Type

This column display the type of instance, specific to the offerings offered by your public cloud provider, such as EC2 instance for AWS.

  • More common types are VM and Log Relay.
Date CreatedThis column displays the date the instance was created in your public cloud account.
Security GroupsThis column displays the corresponding security group from your public cloud account.
State

This column displays the security status of the instance, in relation to the installed agent. There are three states:

  • Unprotected indicates the agent is not installed in the instance.
    • Instances without an agent will be labeled as Unprotected. All instances from the public cloud account will be displayed.
  • Needs Attention indicates that the agent is installed, but has not properly communicated (heartbeated) with Armor.
  • OK indicates that the agent is installed and has communicated (hearbeated) with Armor.
Power

This column displays the power status of the virtual machine:

  • A green icon indicates that the virtual machine is powered on.
  • A red icon indicates that the virtual machine is powered off.
  • An orange icon indicates that the virtual machine is in a different (inconsistent) power state than the other virtual machines in the same vApp.
  • An infinite loop icon indicates that the virtual machine is pending installation.
TagsThis column displays any tags that have been added to the virtual machine on the Tags + Notes screen.



Review Details for a Specific Virtual Machine


From the Virtual Machines screen, you can access detailed information for each virtual machine. 

  1. In the Armor Management Portal (AMP), in the left-side navigation, click Infrastructure.
  2. Click Virtual Machines
  3. Locate and select the desired instance. 


Overview

This section displays detailed information for the virtual machine.

ColumnDescription
Type

This entry displays the type of instance, specific to the offerings offered by your public cloud provider, such as EC2 instance for AWS.

  • More common types are VM and Log Relay.
ProviderThis entry displays the public cloud provider for the instance.
Instance IDThis entry displays the ID associated with the instance or virtual machine.
Instance State

This entry displays the security status of the instance or virtual machine.

Original OS VersionThis entry displays the original operating system for the instance or virtual machine.
Current OS VersionThis entry displays the current operating system for the instance or virtual machine.
Public IPThis entry displays the public IP address associated with the instance or virtual machine.
Agent ID

This entry displays the unique ID associated with the Armor Agent.

Agent VersionThis entry displays the version of the Armor Agent.
Last Heartbeat

This entry displays the date and time of the last successful heartbeat.


Sub-Agent Health Table

This section displays the sub-agent health related to your Armor-protected virtual machines.

COLUMNDESCRIPTION
Name

This entry displays the specific service that is being checked.

ProductThis column displays the product name associated with the sub-agent (i.e. Trend, Rapid7).
Sub-Agent VersionThis column displays the sub-agent version.
State

This entry displays the status of the service, either OK, Needs Attention, or Pending.

  • The status will reflect Pending for up to two hours from the time the virtual machine or Armor agent is initially registered.
MessageIf the status is Needs Attention, then this entry will display additional details on the service check results.



Review Sub-Agent Health Details for a Virtual Machine


For each of your virtual machines, you can view sub-agent health details. You can use this information to troubleshoot agents that may be in a bad state.

  1. In the Armor Management Portal (AMP), in the left-side navigation, click Infrastructure.
  2. Click Virtual Machines.

  3. Locate and select the desired instance. 
  4. Locate and hover over the sub-agent that you want to view. 
  5. Click the name of the desired sub-agent. Or, click the vertical ellipses, then click View Details.
  6. On the left-side of the screen, select the sub-agent that you want to view.
    1. The information that displays on the right-side of the screen will change based on the sub-agent that is selected.

Armor Agent

Review specific information and troubleshooting steps for the Armor Agent service.

SECTIONDESCRIPTION
Details

This section displays the following information for the Armor agent:

Heartbeat

  • Last Heartbeat
  • Heartbeat Window
  • Steps to Remediate

Agent Version

  • Installed Version
  • Current Version
  • Steps to Remediate




File Logging

Review specific information and troubleshooting steps for the File Logging service.

SECTIONDESCRIPTION
Details

Logs

  • Last Log Received
  • Log Received Window
  • Steps to Remediate

Log Version

  • Installed Version
  • Current Version
  • Steps to Remediate
Connectivity

This section displays the script to check connectivity, along with steps to remediate.






File Integrity Monitoring

Review specific information and troubleshooting steps for the File Integrity Monitoring (FIM) service.

SECTIONDESCRIPTION
Trend to Armor Sync

Trend

  • Host ID
  • Status
  • Last Communication

Armor

  • Host ID
  • Status
  • Last Communication

Steps to Remediate

ConnectivityThis section displays the script(s) to check connectivity, along with steps to remediate.
Errors

This section displays any known errors, along with steps to remediate.




Intrusion Detection System

Review specific information and troubleshooting steps for the Intrusion Detection System (IDS) service.

SECTIONDESCRIPTION
Trend to Armor Sync

Trend

  • Host ID
  • Status
  • Last Communication

Armor

  • Host ID
  • Status
  • Last Communication

Steps to Remediate

ConnectivityThis section displays the script(s) to check connectivity, along with steps to remediate.
Errors

This section displays any known errors, along with steps to remediate.




Malware Protection

Review specific information and troubleshooting steps for the Malware Protection service.

SECTIONDESCRIPTION
Trend to Armor Sync

Trend

  • Host ID
  • Status
  • Last Communication

Armor

  • Host ID
  • Status
  • Last Communication

Steps to Remediate

ConnectivityThis section displays the script(s) to check connectivity, along with steps to remediate.
Errors

This section displays any known errors, along with steps to remediate.




Vulnerability Scanning

Review specific information and troubleshooting steps for the Vulnerability Scanning service.

SECTIONDESCRIPTION
Registered

This section displays the following information for the Armor agent that is registered:

  • Agent ID
  • Asset ID
  • Status
  • Steps to Remediate
Scan Import

This section displays the following scan import information for the Armor agent:

  • Report Date
  • Expected Window
  • Status
  • Steps to Remediate
ConnectivityThis section displays the script(s) to check connectivity, along with steps to remediate.
Last Scan Time

This section displays the following information regarding the most recent scan:

  • Scan Time
  • Expected Window
  • Status
  • Steps to Remediate






Add Tags and Notes to a Virtual Machine


You can use the Tags + Notes section to add tags to your instance, to improve categorization and search capabilities. You can also add notes to help track changes and tasks related to an instance.

  1. In the Armor Management Portal (AMP), in the left-side navigation, click Infrastructure.
  2. Click Virtual Machines.
  3. Locate and select the desired virtual machine.
  4. Click Tags + Notes
    1. In the Tags section, enter the desired tag, then click the ( + ) symbol to add.
      1. Multiple tags may be added.

    2. In the Notes section, enter the desired note.
  5. Click Save Changes.



Remove Tags and Notes from a Virtual Machine


  1. In the Armor Management Portal (AMP), in the left-side navigation, click Infrastructure.
  2. Click Virtual Machines.
  3. Locate and select the desired virtual machine.
  4. Click Tags + Notes
    1. In the Tags section, click the "X" next to the tag that you want to remove.
    2. In the Notes section, delete or edit the note.
  5. Click Save Changes.



Enable Auto-Removal of Inactive Virtual Machines


The auto-remove feature allows you to remove your virtual machines from AMP that are no longer communicating with Armor. 

This feature does not remove your virtual machines from your cloud provider.

This setting is limited to users in the Admin role only.

  1. In the Armor Management Portal (AMP), in the left-side navigation, click Infrastructure.
  2. Click Virtual Machines
  3. Hover over the plus ( + ) icon, and then click the Virtual Machine Settings icon.
  4. Click the Auto remove VMs setting to enable the auto-remove feature.
    1. Click the setting again to disable the feature.
  5. In Remove VMs after, select the desired time frame for when your virtual machines should be removed - 7 Days, 14 Days, or 30 Days.
  6. Click Save.



Export Usage Data


  1. In the Armor Management Portal (AMP), in the left-side navigation, click Infrastructure.
  2. Click Virtual Machines
  3. Click Export Usage.
  4. In the drop-down menu, select a file type to download.
  5. Select the range of data to download.
  6. Click Export Usage.
    • A file will download to your local machine.
OptionDescription
All Usage + Summaries - 1 month maxThis option will download a .zip file every available file type:
  • Usage by Host
  • Usage by Hour
  • Usage Details
Usage Details - 1 month max

This option downloads a .zip file with the following information:

ColumnDescription
AccountIdThe ID for the Armor Account
AccountNameThe name of the Armor account
ProviderNameThe public cloud provider
ResourceNameThe name of the virtual machine (asset)
AgentIdThe ID for the Armor Anywhere agent
UsageDateTimeThe time and date for the usage, on an hourly rate
Summary Usage by Host - 6 months max

This option exports the following information:

ColumnDescription
AccountIdThe ID for the Armor Account
AccountNameThe name of the Armor account
ProviderNameThe public cloud provider
ResourceNameThe name of the virtual machine (asset)
TotalHoursThe total number of hours that the virtual machine (asset) was powered on.
Summary Usage by Hour - 6 months max

This option exports the following information:

ColumnDescription
UsageDateTimeThe hour-long interval for the selected date frame
AccountIdThe ID for the Armor Account
AccountNameThe name of the Armor account
Quantity The total usage for your hosts for the indicated hour





Was this helpful?
Your Rating: Results: 1 Star2 Star3 Star4 Star5 Star 4 rates