This topic only applies to users who run:

  • Windows 2012 Datacenter
  • Windows 2012 R2 Standard
  • Windows 2012 Standard
  • Windows 2016 Full Desktop

Before you begin, Armor recommends that you review the pre-installation information, including firewall rules. To learn more, see ANYWHERE Pre-Installation.

For Windows 2012 users, when you install the Armor Agent, the corresponding Trend Micro agent may cause your system to reboot. Trend Micro is currently researching this issue.

Before you install the Armor Anywhere agent, you must remove any previously installed anti-virus software, such as Trend Micro, McAfee, etc. Afterwards, you must reboot your system. 


Step 1: Locate the Armor Anywhere agent

  1. In the Armor Management Portal (AMP), in the left-side navigation, click Infrastructure
  2. Click Virtual Machines
  3. Hover over the plus ( + ) icon, and then click the Anywhere Agent  icon.
    • If you don't have any agents listed, then click Deploy New Armor Agent. 
  4. Copy your license key. You will need this information in a later step.
  5. Select your operating system (Linux or Windows).  
 

For Amazon Web Services users who:

  • Use Elastic Beanstalk to run their instance's applications, and
  • Run Windows 2012 R2,

Review the following example to understand how to install the Anywhere agent. Afterwards, you can skip to the Test your connection step.

files:
  "c:\\Windows\\Temp\\armor-setup.exe":
    source: https://get.core.armor.com/latest/armor-setup.exe
commands:
  armoragentinstall:
    test: if not exist 'c:\\.armor\\opt\\armor.exe' exit 0
    command: c:\\Windows\\Temp\\armor-setup.exe /verysilent /license=AAAA1-A11AA-AA1AA-AAAAA-1AAAA
    ignoreErrors: false
    waitAfterCompletion: 5

You must replace AAAA1-A11AA-AA1AA-AAAAA-1AAA with your specific license key.


Step 2: Download and install the Armor Anywhere agent

There are three types of scripts that you can use to install the agent. 

Script type

Description

Pre-Installation

You can use these scripts to verify that your environment is compatible with Armor Anywhere. These scripts will not install the agent.

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; Invoke-WebRequest https://get.core.armor.com/latest/armor_agent.ps1 -outfile armor_agent.ps1 ; .\armor_agent.ps1
Pre-Installation and Installation

You can use these scripts to:

  • Verify that your environment is compatible with Armor Anywhere
  • Install the agent
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; Invoke-WebRequest https://get.core.armor.com/latest/armor_agent.ps1 -outfile armor_agent.ps1 ; .\armor_agent.ps1 -license AAAA1-A11AA-AA1AA-AAAAA-1AAA
Installation

You can use these scripts to install the agent. These scripts will not verify your environment for compatibility. 

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; Invoke-WebRequest https://get.core.armor.com/latest/armor_agent.ps1 -outfile armor_agent.ps1 ; .\armor_agent.ps1 -license AAAA1-A11AA-AA1AA-AAAAA-1AAA -silent


Step 3: Test your connection

After you install the agent, Armor recommends that you test the connection for each configured firewall rule.

To verify connectivity to an Armor service endpoint, use the telnet command.

The following example tests connectivity to api.armor.com over 443/tcp:

telnet 146.88.106.210 443


For Windows systems without the telnet feature installed, you can also use PowerShell:

new-object System.Net.Sockets.TcpClient('146.88.106.210', 443)

You can configure a custom location and provider to be displayed via API. This information is currently not available in AMP. 

To add this option, edit the Armor Anywhere - Security agent configuration file on each host.

  • In Windows, the configuration file is located at C:\.armor\etc\armor.cfg
  • In Linux, the configuration is located at /etc/armor/armor.cfg

 The options in the configuration file are PROVIDER and LOCATION. 


Step 4: Review the status of the Armor Anywhere agent 

  1. In the Armor Management Portal (AMP), in the left-side navigation, click Infrastructure
  2. Click Virtual Machines
  3. Review the corresponding Status column. The Status column contains a green or red status to indicate if the server's agent has registered a heartbeat to Armor.
    • A green status indicates the server's agent has registered a heartbeat in the past hour. 
    • A red status indicates the server's agent has not registered a heartbeat in the past hour. 
      • After four hours without a registered heartbeat, the API will close all service endpoints (firewall ports).




Was this helpful?
Your Rating: Results: 1 Star2 Star3 Star4 Star5 Star 4 rates