Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

Table of Contents
minLevel1
maxLevel3
outlinefalse
stylenone
typelist
printabletrue

For customers migrating from another tool or platform, you can reference our documentation for uninstalling Alert Logic Endpoint Protection or Sophos Endpoint Security.

...

Resource Requirements

...

TLS 1.2 is required to install the Armor Anywhere Agent 3.0.
For more information on TLS 1.2, please visit Microsoft's documentation

.

Info

*Minimum required for installation. VMs might require more memory per your installation configuration.

Note

Requirement

Windows Instance

Linux Instance

CPU

2 Cores

1 Core

RAM

2GB

1GB*

Disk Space

3GB

3GB

Bandwidth

Estimated 50-100Kb per minute, based on the logs generated in your system.

Cronie

For Amazon Linux 2023 only

...

Note

TLS 1.2 is required to install the Armor Anywhere Agent 3.0.
For more information on TLS 1.2, please visit Microsoft's documentation.

Operating System Compatibility

...

Operating System

Supported Version for 64-bit Environments Only

AWS Graviton

CentOS

  • 7

  • 8

  • 8

Red Hat Enterprise Linux (RHEL)

  • 6

  • 7

  • 8

  • 9

  • 8

Ubuntu

  • 16.04

  • 18.04

  • 20.04

  • 22.04

  • 18.04

  • 20.04

Amazon Linux

  • 2015.03

  • 2015.09

  • 2016.03

  • 2016.09

  • 2017.03

  • 2017.09

  • 2018.03

  • Amazon Linux 2

  • Amazon Linux 2023 (To ensure a successful Armor agent installation, please install 'cronie')

  • Amazon Linux 2

Oracle Linux

  • 6

  • 7

  • 8

  • 9


SUSE Linux Enterprise Server

  • 12

  • 15


Windows

  • Microsoft Windows Server 2016

  • Microsoft Windows Server 2019

  • Microsoft Windows Server 2022

note
Info

Installing the Armor Anywhere agent for Windows requires Powershell v.3 or higher.


Debian

  • 9

  • 10

  • 11


Alma

  • 8

  • 9


Rocky

  • 8

  • 9.0-9.1


MacOS

  • 10.13 (High Sierra)

  • 10.14 (Mojave)

  • 10.15 (Catalina)

  • 11 (Big Sur)

  • 12 (Monterey)

  • 13 (Ventura)

  • 14 (Sonoma)


Info

For Windows users, in order to run the install script, you will need to ensure your execution policy allows for the execution of scripts.

  • You can check by executing the following command in Powershell

Code Block
Get-ExecutionPolicy -List
  • If the ExecutionPolicy is set to AllSigned or RemoteSigned for LocalMachine, let's UnBlock it for the script installation by adding the UnBlock command to the installation one-liner

Code Block
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; Invoke-WebRequest https://agent.armor.com/latest/armor_agent.ps1 -outfile armor_agent.ps1 ; Unblock-File -Path .\armor_agent.ps1 ; .\armor_agent.ps1 -license 1AAAA-AAAAA-AAAAA-AAAAA-AAAAA -region us-west

...


...

Linux Kernels Compatibility

...

This document lists the specific Linux kernels supported for each Linux Operating System and Architecture:

Trend Deep Security 20.0 Supported Linux Kernels

Browser Support

...

The Armor Management Portal (AMP) supports the current version of the following browsers:

  • Chrome

  • Firefox

  • Internet Explorer

  • Safari

Note

Armor cannot guarantee that previous browser versions will be supported.

...

Firewall

...

Rules

...

Tip

This topic only applies to Armor Agent for Servers (Armor Anywhere) users.

The following ports will need to be opened for each server registered with Armor.

Armor Anywhere Agent Services

Traffic

Service

Port

Destination

Outbound

Armor Agent

  • 443/tcp

  • 99.83.175.90

  • 75.2.84.73

    • (agent.api.secure-prod.services)

Outbound*

Malware Protection, FIM, IDS

  • 4119/tcp

  • 4120/tcp

  • 4122/tcp



  • 35.163.135.130

  • 34.214.246.111

  • 52.13.172.208

  • 35.82.104.59

  • 44.227.116.97

  • 35.161.90.161

  • 34.208.189.161

  • 35.81.21.82

  • 35.83.143.229

DNS resolves these URLs:

  • 3a.epsec.armor.com

  • us-west-armor-2.epsec.secure-prod.services

  • us-west-armor-3.epsec.secure-prod.services


Outbound

(for Rackspace users)

Malware Protection, FIM, IDS

  • 443/tcp

  • 4120/tcp

  • 4122/tcp

  • 44.233.170.94

  • 100.20.145.224

  • 34.215.243.248

  • 35.160.62.230

  • 50.112.175.199

  • 35.80.148.233

  • 35.165.165.69

  • 34.218.94.149

  • 35.80.128.250

  • 34.211.37.216

  • 35.81.123.91

  • 52.24.37.221

DNS resolves these URLs:

  • us-west.epsec.secure-prod.services

  • us-west-2.epsec.secure-prod.services

  • us-west-3.epsec.secure-prod.services

  • us-west-4.epsec.secure-prod.services

Outbound

Vulnerability Scanning

  • 443/tcp

  • 64.39.96.0/20

    • (qagpublic.qg3.apps.qualys.com)

Outbound

Log Management (Filebeat / Winlogbeat)

  • 5516/tcp

  • 52.38.171.243

  • 52.26.92.237

  • 35.155.168.100

    • (1d.log.armor.com)

*for Armor Direct or Armor Partner customers

...

For Log Relay, the following additional ports will need to be opened for each server registered with Armor.

Log Relay Services

Traffic

Service

Port

Destination

Inbound

Log Relay (Logstash)

  • 5140/udp

  • 5141/tcp

  • The IP address for your virtual machine

Outbound

Log Relay (Armor's logging service (ELK))

  • 5443/tcp

  • 5400-5600/tcp (Reserved)

    Note

    Armor reserves the right to utilize this port range for future expansion or service changes.


...

Tip

Remove Anti-Virus Software

If you intend to use the Anti-Virus module, you must remove any previously installed anti-virus software, such as Trend Micro, McAfee, etc. Afterwards, you must reboot your system.

Related Documentation

Additional Documentation for Installing Armor Anywhere with Secure Hosting

Topics Discussed

Table of Contents
maxLevel3
minLevel3

For customers migrating from another tool or platform, you can reference our documentation for uninstalling Alert Logic Endpoint Protection or Sophos Endpoint Security.

...

Requirement

...

Windows Instance

...

Linux Instance

...

CPU

...

2 Cores

...

1 Core

...

RAM

...

2GB

...

1GB*

...

Disk Space

...

3GB

...

3GB

...

Bandwidth

...

Estimated 50-100Kb per minute, based on the logs generated in your system.

...

Cronie

...

For Amazon Linux 2023 only

...

*Minimum required for installation. VMs might require more memory per your installation configuration.

Note

TLS 1.2 is required to install the Armor Anywhere Agent 3.0.
For more information on TLS 1.2, please visit Microsoft's documentation.

...

Operating System

...

Supported Version for 64-bit Environments Only

...

AWS Graviton

...

CentOS

...

  • 7

  • 8

...

  • 8

...

Red Hat Enterprise Linux (RHEL)

...

  • 6

  • 7

  • 8

  • 9

...

  • 8

...

Ubuntu

...

  • 16.04

  • 18.04

  • 20.04

  • 22.04

...

  • 18.04

  • 20.04

...

Amazon Linux

...

  • 2015.03

  • 2015.09

  • 2016.03

  • 2016.09

  • 2017.03

  • 2017.09

  • 2018.03

  • Amazon Linux 2

  • Amazon Linux 2023 (To ensure a successful Armor agent installation, please install 'cronie')

...

  • Amazon Linux 2

...

Oracle Linux

...

  • 6

  • 7

  • 8

  • 9

...

SUSE Linux Enterprise Server

...

  • 12

  • 15

...

Windows

  • Microsoft Windows Server 2008 R2

  • Microsoft Windows Server 2012

  • Microsoft Windows Server 2012 R2

  • Microsoft Windows Server 2016

  • Microsoft Windows Server 2019

  • Microsoft Windows Server 2022

Note

Installing the Armor Anywhere agent for Windows requires Powershell v.3 or higher.

...

Debian

...

  • 9

  • 10

  • 11

...

Alma

...

  • 8

  • 9

...

Rocky

...

  • 8

  • 9.0-9.1

...

MacOS

...

  • 10.13 (High Sierra)

  • 10.14 (Mojave)

  • 10.15 (Catalina)

  • 11 (Big Sur)

  • 12 (Monterey)

  • 13 (Ventura)

  • 14 (Sonoma)

...

For Windows users, in order to run the install script, you will need to ensure your execution policy allows for the execution of scripts.

  • You can check by executing the following command in Powershell

Code Block
Get-ExecutionPolicy -List
  • If the ExecutionPolicy is set to AllSigned or RemoteSigned for LocalMachine, let's UnBlock it for the script installation by adding the UnBlock command to the installation one-liner

Code Block
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; Invoke-WebRequest https://agent.armor.com/latest/armor_agent.ps1 -outfile armor_agent.ps1 ; Unblock-File -Path .\armor_agent.ps1 ; .\armor_agent.ps1 -license 1AAAA-AAAAA-AAAAA-AAAAA-AAAAA -region us-west

...

The Armor Management Portal (AMP) supports the current version of the following browsers:

  • Chrome

  • Firefox

  • Internet Explorer

  • Safari

Note

Armor cannot guarantee that previous versions will be supported.

...

The following ports will need to be opened for each server registered with Armor.

Armor Anywhere Agent Services

...

Traffic

...

Service

...

Port

...

Destination

...

Outbound

...

Armor Agent

...

  • 443/tcp

...

  • 99.83.175.90

  • 75.2.84.73

    • (agent.api.secure-prod.services)

...

Outbound*

...

Malware Protection, FIM, IDS

  • 4119/tcp

  • 4120/tcp

  • 4122/tcp

  • 35.163.135.130

  • 34.214.246.111

  • 52.13.172.208

  • 35.82.104.59

  • 44.227.116.97

  • 35.161.90.161

  • 34.208.189.161

  • 35.81.21.82

  • 35.83.143.229

DNS resolves these URLs:

  • 3a.epsec.armor.com

  • us-west-armor-2.epsec.secure-prod.services

  • us-west-armor-3.epsec.secure-prod.services

...

Outbound

(for Rackspace users)

...

Malware Protection, FIM, IDS

...

  • 443/tcp

  • 4120/tcp

  • 4122/tcp

...

  • 44.233.170.94

  • 100.20.145.224

  • 34.215.243.248

  • 35.160.62.230

  • 50.112.175.199

  • 35.80.148.233

  • 35.165.165.69

  • 34.218.94.149

  • 35.80.128.250

  • 34.211.37.216

  • 35.81.123.91

  • 52.24.37.221

DNS resolves these URLs:

  • us-west.epsec.secure-prod.services

  • us-west-2.epsec.secure-prod.services

  • us-west-3.epsec.secure-prod.services

  • us-west-4.epsec.secure-prod.services

...

Outbound

...

Vulnerability Scanning

...

  • 443/tcp

...

  • 64.39.96.0/20

    • (qagpublic.qg3.apps.qualys.com)

...

Outbound

...

Log Management (Filebeat / Winlogbeat)

...

  • 5516/tcp

...

  • 52.38.171.243

  • 52.26.92.237

  • 35.155.168.100

    • (1d.log.armor.com)

*for Armor Direct or Armor Partner customers

For Log Relay, the following additional ports will need to be opened for each server registered with Armor.

Log Relay Services

...

Traffic

...

Service

...

Port

...

Destination

...

Inbound

...

Log Relay (Logstash)

...

  • 5140/udp

  • 5141/tcp

...

  • The IP address for your virtual machine

...

Outbound

...

Log Relay (Armor's logging service (ELK))

  • 5443/tcp

  • 5400-5600/tcp (Reserved)

Note

Armor reserves the right to utilize this port range for future expansion or service changes.

...

Insert excerptESLP:Test your connection (snippet)ESLP:Test your connection (snippet)nopaneltrueTo verify connectivity to an Armor service endpoint, use the telnet command.

The following example tests connectivity to api.armor.com over 443/tcp:

Code Block
telnet 75.2.84.73 443

For Windows systems without the telnet feature installed, you can also use PowerShell:

Code Block
new-object System.Net.Sockets.TcpClient('75.2.84.73', 443)
Tip

Remove Anti-Virus Software

If you intend to use the Anti-Virus module, you must remove any previously installed anti-virus software, such as Trend Micro, SentinelOne, McAfee, etc.

Afterwards, you must reboot your system.

After you install the agent, Armor recommends that you test the connection for each configured firewall rule.

Related Documentation

Additional Documentation for Installing Armor Anywhere with Secure Hosting

Topics Discussed

...