Versions Compared

Version Old Version 111 New Version 112
Changes made by

Aaron Gabriel (Deactivated)

Catie G.

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


Topics Discussed

Table of Contents
maxLevel4
minLevel3

...

  1. In the Armor Management Portal (AMP), in the left-side navigation, click Infrastructure.

  2. Click Virtual Machines.

  3. Locate and select the desired instance.

Overview

This section displays detailed information for the virtual machine.

COLUMN

DESCRIPTION

Type

This entry displays the type of instance, specific to the offerings offered by your public cloud provider, such as EC2 instance for AWS.

  • More common types are VM and Log Relay.

Provider

This entry displays the public cloud provider for the instance.

Instance ID

This entry displays the ID associated with the instance or virtual machine.

Instance State

This entry displays the security status of the instance or virtual machine.

Original OS Version

This entry displays the original operating system for the instance or virtual machine.

Current OS Version

This entry displays the current operating system for the instance or virtual machine.

Public IP

This entry displays the public IP address associated with the instance or virtual machine.

Agent ID

This entry displays the unique ID associated with the Armor Agent.

Agent Version

This entry displays the version of the Armor Agent.

Last Heartbeat

This entry displays the date and time of the last successful heartbeat.

Sub-Agent Health Table

This section displays the sub-agent health related to your Armor-protected virtual machines.

...

Anchor
Review-Sub-Agent-Health-for-a-Virtual-Machine
Review-Sub-Agent-Health-for-a-Virtual-Machine
Review Sub-Agent Health Details for a Virtual Machine

...

For each of your virtual machines, you can view sub-agent health details. You can use this information to troubleshoot agents that may be in a bad state.

  1. In the Armor Management Portal (AMP), in the left-side navigation, click Infrastructure.

  2. Click Virtual Machines.

  3. Locate and select the desired instance.

  4. Locate and hover over the sub-agent that you want to view.

  5. Click the name of the desired sub-agent. Or, click the vertical ellipses, then click View Details.

  6. On the left-side of the screen, select the sub-agent that you want to view.

    1. The information that displays on the right-side of the screen will change based on the sub-agent that is selected.

...

SECTION

DESCRIPTION

Trend to Armor Sync

Trend

  • Host ID

  • Status

  • Last Communication

Armor

  • Host ID

  • Status

  • Last Communication

Steps to Remediate

Connectivity

This section displays the script(s) to check connectivity, along with steps to remediate.

Errors

This section displays any known errors, along with steps to remediate.

Vulnerability Scanning

Review specific information and troubleshooting steps for the Vulnerability Scanning service.

SECTION

DESCRIPTION

Registered

This section displays the following information for the Armor agent that is registered:

  • Agent ID

  • Asset ID

  • Status

  • Steps to Remediate

Scan Import

This section displays the following scan import information for the Armor agent:

  • Report Date

  • Expected Window

  • Status

  • Steps to Remediate

Connectivity

This section displays the script(s) to check connectivity, along with steps to remediate.

Last Scan Time

This section displays the following information regarding the most recent scan:

  • Scan Time

  • Expected Window

  • Status

  • Steps to Remediate

...

Note

This feature does not remove your virtual machines from your cloud provider.

Note

This setting is limited to users in the Admin role only.

  1. In the Armor Management Portal (AMP), in the left-side navigation, click Infrastructure.

  2. Click Virtual Machines.

  3. Hover over the plus ( + ) icon, and then click the Virtual Machine Settings icon.

  4. Click the Auto remove VMs setting to enable the auto-remove feature.

    1. Click the setting again to disable the feature.

  5. In Remove VMs after, select the desired time frame for when your virtual machines should be removed - 7 Days, 14 Days, or 30 Days.

  6. Click Save.


Anchor
Export-usage-data
Export-usage-data
Export Usage Data

...

Users running commands using either Command Line Interface (CLI) or the Armor Toolbox can review the results of commands invoked on a given machine using the CLI Results tab.

...

Column Name

Description

Vulnerability Name

Name of the vulnerability detected

CVSS Score

This columns displays the Common Vulnerability Scoring System (CVSS) score assigned to the vulnerability.

The breakdown of CVSS Scores aligns with the Severity types.

Severity

This column displays the severity level of the vulnerability.

There are four severity types, based on the vulnerability's CVSS:

  • Critical vulnerabilities receive a score of 10.

  • High vulnerabilities receive a score of 7-10.

  • Medium vulnerabilities receive a score of 4-7.

  • Low vulnerabilities receive a score of 0-4.

    Info
    There is an additional severity type calledInfo. AlthoughInfois listed as a severity type, in reality,Infosimplydisplays activity information for corresponding plugins from third-party vendors.

Vulnerability Type

Designation of the vulnerability

Category

The category of the vulnerability

First Found

Time stamp of the first detection of the vulnerability

Last Found

time stamp of the last detection of the vulnerability

...