Page tree

This topic only applies to Armor Anywhere users.

For invited users:

Before your account was created, your account administrator decided the proper roles and permissions for your account.

Consult with your account administrator to understand what permissions you have and how you should configure your account.

You can use this document to complete the account signup process and review high-level action items to complete.

Overview

At a high-level, to install Armor Anywhere, including the agent, you must:  

  1. Review requirements, specifically the firewall rules
  2. Complete your account signup
  3. Download and install the agent
  4. Test and verify the agent's connection
  5. Configure your AMP notification preferences


Step 1: Review requirements

Operating system compatibility

Operating systemSupported version for 64-bit environments only
CentOS6.X, 7.X

Red Hat Enterprise Linux (RHEL)

6.X, 7.X

Ubuntu14.04 LTS, 16.04, 18.04
Amazon Linux

2015.03, 2015.09, 2016.03, 2016.09, 2017.03, 2017.09, 2018.03

Oracle Linux6.X, 7.X
Windows

2008, 2008 R2, 2012, 2012 R2, 2016 Standard, 2016 Datacenter, 2016 Essentials

For Windows users, PowerShell 3 and the latest version of .NET 4.X must be installed.

For Windows 2012 users, when you install the Armor Agent, the corresponding Trend Micro agent may cause your system to reboot. Trend Micro is currently researching this issue.


Browser Support

The Armor Management Portal (AMP) supports the current version of the following browsers:

  • Chrome
  • Firefox
  • Internet Explorer
  • Safari
     

Armor cannot guarantee that previous versions will be supported.


Resource requirements

RequirementWindows InstanceLinux Instance
CPU2 Cores1 Core
RAM2GB1GB
Disk Space3GB3GB
BandwidthEstimated 50-100Kb per minute, based on the logs generated in your system.


Firewall rules

The following ports will need to be opened for each server registered with Armor Anywhere.

Inbound / OutboundService / PurposePortDestination
OutboundArmor Agent443/tcp
  • 146.88.106.210  
    • (api.armor.com)
OutboundMalware Protection, FIM, IDS

4119/tcp

  • 146.88.106.197  
    • (1a.epsec.armor.com)
  • 146.88.114.197  
    • (2a.epsec.armor.com)
  • 35.163.135.130
  • 34.214.246.111
  • 52.13.172.208
    • (3a.epsec.armor.com)
OutboundDSM4120/tcp
  • 146.88.106.197
    • (1b.epsec.armor.com)
  • 146.88.114.197
    • (2b.epsec.armor.com)
  • 35.163.135.130
  • 34.214.246.111
  • 52.13.172.208
    • (3a.epsec.armor.com)
OutboundRelay4122/tcp
  • 146.88.106.197
    • (1c.epsec.armor.com)
  • 146.88.114.197
    • (2c.epsec.armor.com)
  • 35.163.135.130
  • 34.214.246.111
  • 52.13.172.208
    • (3a.epsec.armor.com)
OutboundLog Management (Filebeat / Winlogbeat)515/tcp
  • 146.88.106.196  
    • (1a.log.armor.com)
  • 146.88.144.196  
    • (2a.log.armor.com)
OutboundMonitoring8443/tcp
  • 146.88.106.200  
    • (1a.mon.armor.com)
  • 146.88.114.200  
    • (2a.mon.armor.com)
OutboundRemote Access443/tcp
  • 146.88.106.216 
    • (1a.rs.armor.com)
  • 146.88.114.216
    • (alternate)
Outbound

Vulnerability Scanning

*443/tcp
  • endpoint.ingress.rapid7.com
    • (United States)
  • ca.endpoint.ingress.rapid7.com
    • (Canada)
  • eu.endpoint.ingress.rapid7.com
    • (Europe)
  • ap.endpoint.ingress.rapid7.com
    • (Japan)
  • au.endpoint.ingress.rapid7.com
    • (Australia)
Outbound

Vulnerability Scanning

*443/tcp
  • s3.amazonaws.com
    • (United States)
  • s3.ca-central-1.amazonaws.com
    • (Canada)
  • s3.eu-central-1.amazonaws.com
    • (Europe)
  • s3.ap-northeast-1.amazonaws.com
    • (Japan)
  • s3-ap-southeast-2.amazonaws.com
    • (Australia)

* The agent will perform a lookup to the applicable DNS entry, which may resolve to one of multiple Amazon Web Services based subnets. As a result, if your firewall does not support outbound filtering by domain name, then you may need to open all outbound traffic to 443/tcp to accommodate this service.


Remove existing anti-virus software

Before you install the Armor Anywhere agent, you must remove any previously installed anti-virus software, such as Trend Micro, McAfee, etc. Afterwards, you must reboot your system. 


Step 2: Complete your account signup

In this step, you will add your phone number to your account. This phone number will be used for multi-factor authentication. To complete the account signup process and to log into AMP, you must be near this phone number.
  1. In the email from Armor, click the sign-up link to access the Redeem Invitation screen.
  2. Note your Armor username. 
  3. In Password and Confirm Password, create and enter an account password. 
    • Your password must be at least 12 characters in length.
    • Your password must contain an upper-case character, a lower-case character, a number, and a special character.
    • Your password cannot contain personal information, such as your name, email address, birthday, etc. For example, if your name is John Smith, then you cannot use joh or smi in your password.
    • You can only change your password once every 24 hours.
    • Passwords expire after 60 days. 
    • After 6 failed login attempts, you will be locked out of your account for an hour. To resolve this, you must contact your account administrator or contact Armor Support.
    • After 15 minutes of inactivity, you will be logged out of the Armor Management Portal (AMP).  
  4. Complete the Challenge Phrase and Challenge Response
    • If you call Armor for technical support, you will be asked the Challenge Phrase, and you must correctly answer the Challenge Response
    • Do not use inappropriate language or suggestive material. 
    • The answer must be at least five characters long. 
  5. In Phone Number, select your country code / flag, and then enter your phone number. 

    • This phone number will be used for multi-factor authentication (MFA). Every time you log into the Armor Management Portal (AMP), you will receive a phone call in order to complete the login process.
    • In Phone Number, you can enter a phone number with spaces and special characters, such as (555) 555-555. 
    • (Optional) If your phone number contains an extension, in Extension, enter the number. You cannot include spaces or special characters in this field.
  6. Click Validate
  7. You will receive a phone call. Answer the phone, and then follow the instructions.
  8. After the call, click Submit. You will be taken to the Armor Management Portal (AMP) login page.
  9. Enter your username and password, and then click Login.
  10. You will receive a phone call. Answer the phone, and then follow the instructions to access AMP.



Step 3: Locate the Armor Anywhere agent

  1. In the Armor Management Portal (AMP), in the left-side navigation, click Infrastructure
  2. Click Virtual Machines
  3. Click Deploy New Armor Agent or click the plus ( + ) icon.
  4. Copy your license key. You will need this information in a later step.
  5. Select your operating system (Windows or Linux).  
 

For Amazon Web Services users who:

  • Use Elastic Beanstalk to run their instance's applications,
  • Run Amazon Linux 2015.03, 2015.09, 2016.03, 2016.09, 2017.03, or 2017.09.

Review the following example to understand how to install the Anywhere agent. Afterwards, you can skip to the Test your connection step.

commands:
  01_install_agent:
    test: if [ $(rpm -q armor-agent | head -c11) == 'armor-agent' ]; then exit 1; else exit 0; fi
    command: |
      yum install -y https://get.core.armor.com/latest/armor-agent.rpm
      /opt/armor/armor register --license=AAAA1-A11AA-AA1AA-AAAAA-1AAA

You must replace AAAA1-A11AA-AA1AA-AAAAA-1AAA with your specific license key.

For Amazon Web Services users who:

  • Use a set hostname,
  • Use Elastic Beanstalk to run their instance's applications, and
  • Run Amazon Linux 2015.03, 2015.09, 2016.03, 2016.09, 2017.03, or 2017.09.

Review the following example to understand how to install the Anywhere agent. Afterwards, you can skip to the Test your connection step.

commands:
  01_install_agent:
    test: if [ $(rpm -q armor-agent | head -c11) == 'armor-agent' ]; then exit 1; else exit 0; fi
    command: |
      echo "<host_name>$(date +%Y%m%d%H%M%S)" > /proc/sys/kernel/hostname
      sed -i "s/HOSTNAME=.*/HOSTNAME=$(cat /proc/sys/kernel/hostname)/g" /etc/sysconfig/network
      yum install -y https://get.core.armor.com/latest/armor-agent.rpm
      /opt/armor/armor register --license=AAAA1-A11AA-AA1AA-AAAAA-1AAA

You must replace:

  • AAAA1-A11AA-AA1AA-AAAAA-1AAA with your specific license key
  • HOSTNAME and hostname with your specific hostname.


Step 4: Download and install the Armor Anywhere agent

There are three types of scripts that you can use to install the agent:

Script typeDescription
Pre-installation

You can use these scripts to verify that your environment is compatible with Armor Anywhere. These scripts will not install the agent.

sudo curl -sSL https://get.core.armor.com/latest/armor_agent.sh | bash /dev/stdin
Pre-installation and installation

You can use these scripts to:

  • Verify that your environment is compatible with Armor Anywhere
  • Install the agent
sudo curl -sSL https://get.core.armor.com/latest/armor_agent.sh | bash /dev/stdin -l AAAA1-A11AA-AA1AA-AAAAA-1AAA
Installation

You can use these scripts to install the agent. These scripts will not verify your environment for compatibility. 

sudo curl -sSL https://get.core.armor.com/latest/armor_agent.sh | bash /dev/stdin -l AAAA1-A11AA-AA1AA-AAAAA-1AAA -s

In the above scripts, replace AAAA1-A11AA-AA1AA-AAAAA-1AAA with your specific license key.


Step 5: Test your connection

After you install the agent, Armor recommends that you test the connection for each configured firewall rule.

To verify connectivity to an Armor service endpoint, use the telnet command.

The following example tests connectivity to api.armor.com over 443/tcp:Troubleshooting:

telnet 146.88.106.210 443

For Windows systems without the telnet feature installed, you can also use PowerShell:

new-object System.Net.Sockets.TcpClient('146.88.106.210', 443)


Step 6: Review the status of the Armor Anywhere agent 

  1. In the Armor Management Portal (AMP), in the left-side navigation, click Infrastructure
  2. Click Virtual Machines
  3. Review the corresponding Status column. The Status column contains a green or red status to indicate if the server's agent has registered a heartbeat to Armor.
    • A green status indicates the server's agent has registered a heartbeat in the past hour. 
    • A red status indicates the server's agent has not registered a heartbeat in the past hour. 
      • After four hours without a registered heartbeat, the API will close all service endpoints (firewall ports).


Step 7: Configure your notification preferences

Armor recommends that you configure your account to receive notifications for TicketAccount, Billing, and Technical events.

Ticket

You will receive a notification when:

  • There is an update on a ticket you submitted.
  • There is an update on a ticket that you have been added to.
Account

You will receive a notification when:

  • A password expires in 14 days.
  • A password expires in 7 days.
  • A password expires in 24 hours.
  • A password has expired.
Billing

You will receive a notification when:

  • An invoice has posted. 
  • An invoice is past due (2, 10, 15, 25, and 30 days).
  • A payment method will soon expire (1, 15, and 30 days).

You can configure a user to become the primary billing contact for an account. This user will receive billing notifications. Additionally, this user will be listed in the Bill to field in an invoice. 

  1. In the Armor Management Portal (AMP), in the left-side navigation, click Account.
  2. Click Users
  3. Locate and hover over the desired user. 
  4. Click the vertical ellipses. 
  5. Select Set as Primary Billing Contact
  6. Click OK
TechnicalYou will receive a notification when a virtual machine will be deleted or downgraded.

You can only change the notification preferences for your own account. You cannot change the notification preferences for other user accounts.

  1. In the Armor Management Portal (AMP), in the top, right corner, click the vertical ellipses.
  2. Click Settings
  3. Click Notification Preferences.
  4. Use the slider to make your desired changes.
    • Select Alert to receive notifications in the top bar in the Armor Management Portal (AMP). 
    • Select Email to receive notifications through email. 
    • You can select both notification options.
  5. Click Update Notification Preference to save your changes. 



In this topic



Have a suggestion for the Armor Knowledge Base? Send a message to kb@armor.com.