Before you begin, Armor recommends that you pre-installation information, including firewall rules. To learn more, see Armor Anywhere Agent 3.0 Pre-Installation.
Step 1: Locate the Armor Anywhere Agent
- In the Armor Management Portal (AMP), in the left-side navigation, click Infrastructure.
- Click Virtual Machines.
- Hover over the plus ( + ) icon, and then click the Anywhere Agent icon.
- If you don't have any agents listed, then click Add an Armor Agent.
- Copy your license key. You will need this information in a later step.
- Select your operating system (Linux or Windows).
Step 2: Install the Armor Anywhere Agent
Armor recommends installing the Armor Agent with all Security Services. Run the command to install the Armor Anywhere Agent with all Security Services.
sudo curl -sSL https://agent.armor.com/latest/armor_agent.sh | sudo bash /dev/stdin -l AAAA1-AAAA1-AAAA1-AAAA1-AAAA1 -r (region) -f
You must replace
- AAAA1-AAAA1-AAAA1-AAAA1-AAAA1 with your specific license key
Currently, all users will leverage the region: us-west-armor
The Trend Recommendation Scan is not run upon installation, but is instead scheduled to run 10 minutes after installation and then every 7 days after that.
Optional: Armor Anywhere Agent Only
If you need to install the Armor Agent and Armor Security Services one by one, Armor recommends following the specific order outlined below to utilize the benefits of Recommendation Scans.
Recommendation Scans provide a good starting point for establishing a list of rules that you should implement for FIM and IPS. During a recommendation scan, the Armor Agent scans the operating system for installed applications, the Windows registry, open ports, and more. Recommendation Scans provide the rules and policies that will be auto applied by FIM and IPS, so auto apply features for those services must be turned on. Similarly, there is nothing for FIM and IPS to auto apply unless a Recommendation Scan is run.
If you do not want to run Recommendation Scans, please review the full list of CLI commands available here.
Step 1: Run the command to install the Armor Anywhere agent only.
sudo curl -sSL https://agent.armor.com/latest/armor_agent.sh | sudo bash /dev/stdin -l AAAA1-AAAA1-AAAA1-AAAA1-AAAA1 -r (region)
You must replace
- AAAA1-AAAA1-AAAA1-AAAA1-AAAA1 with your specific license key
Currently, all users will leverage the region: us-west-armor
Step 2: Install Armor Security Services
Step 1: Install Trend Sub-Agent:
/opt/armor/armor trend install
Step 2: Turn On File Integrity Monitoring in "Auto-Apply" Mode (This automatically applies FIM rules identified in Recommendation Scans)
/opt/armor/armor fim on auto-apply-recommendations=on
Step 3: Turn On Intrusion Prevention Service in "Auto-Apply" Mode (This automatically applies IPS rules identified in Recommendation Scans)
Option 1: Detect Mode
/opt/armor/armor ips detect auto-apply-recommendations=on
Option 2: Prevent Mode
/opt/armor/armor ips prevent auto-apply-recommendations=on
Step 4: Install Malware Protection (Anti-Virus)
/opt/armor/armor av on
Step 5: Install Vulnerability Scanning*
/opt/armor/armor vuln install
*Vulnerability Scaning is a standalone service not included in the Trend Subagent
Step 6: Install Logging*
/opt/armor/armor logging install
*Logging is a standalone service not included in the Trend Subagent
Step 7: Run a Recommendation Scan (This runs the initial Recommendation Scan to apply the baseline rules for FIM and IPS)
/opt/armor/armor trend recommendation-scan
Step 8: Turn On Ongoing Recommendation Scans (This automatically runs Recommendation Scans every 7 days. All FIM and IPS rule changes are automatically applied if you followed Steps 2 and 3.)
/opt/armor/armor trend ongoing-recommendation-scan on
Step 3: Review the status of the Armor Anywhere agent
The State of each Armor Service will show Pending for two-hours after installation. After two hours, the State should accurately reflect the health of the service.
To access troubleshooting documentation for each Armor Security Service, click on the name of the service in the sub-agent health table.