Skip to main content
Skip table of contents

Armor Agent Pre-Installation

For customers migrating from another tool or platform, you can reference our documentation for uninstalling Alert Logic Endpoint Protection or Sophos Endpoint Security.

Resource Requirements

*Minimum required for installation. VMs might require more memory per your installation configuration.

Requirement

Windows Instance

Linux Instance

CPU

2 Cores

1 Core

RAM

2GB

1GB*

Disk Space

3GB

3GB

Bandwidth

Estimated 50-100Kb per minute, based on the logs generated in your system.

Cronie

For Amazon Linux 2023 only

TLS 1.2 is required to install the Armor Anywhere Agent 3.0.
For more information on TLS 1.2, please visit Microsoft's documentation.

Operating System Compatibility

Operating System

Supported Version for 64-bit Environments Only

AWS Graviton

CentOS

  • 7

  • 8

  • 8

Red Hat Enterprise Linux (RHEL)

  • 6

  • 7

  • 8

  • 9

  • 8

Ubuntu

  • 16.04

  • 18.04

  • 20.04

  • 22.04

  • 18.04

  • 20.04

Amazon Linux

  • 2015.03

  • 2015.09

  • 2016.03

  • 2016.09

  • 2017.03

  • 2017.09

  • 2018.03

  • Amazon Linux 2

  • Amazon Linux 2023 (To ensure a successful Armor agent installation, please install 'cronie')

  • Amazon Linux 2

Oracle Linux

  • 6

  • 7

  • 8

  • 9


SUSE Linux Enterprise Server

  • 12

  • 15


Windows

  • Microsoft Windows Server 2016

  • Microsoft Windows Server 2019

  • Microsoft Windows Server 2022

Installing the Armor Anywhere agent for Windows requires Powershell v.3 or higher.


Debian

  • 9

  • 10

  • 11


Alma

  • 8

  • 9


Rocky

  • 8

  • 9.0-9.1


MacOS

  • 10.13 (High Sierra)

  • 10.14 (Mojave)

  • 10.15 (Catalina)

  • 11 (Big Sur)

  • 12 (Monterey)

  • 13 (Ventura)

  • 14 (Sonoma)


For Windows users, in order to run the install script, you will need to ensure your execution policy allows for the execution of scripts.

  • You can check by executing the following command in Powershell

CODE 
Get-ExecutionPolicy -List

  • If the ExecutionPolicy is set to AllSigned or RemoteSigned for LocalMachine, let's UnBlock it for the script installation by adding the UnBlock command to the installation one-liner

CODE 
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; Invoke-WebRequest https://agent.armor.com/latest/armor_agent.ps1 -outfile armor_agent.ps1 ; Unblock-File -Path .\armor_agent.ps1 ; .\armor_agent.ps1 -license 1AAAA-AAAAA-AAAAA-AAAAA-AAAAA -region us-west


Linux Kernels Compatibility

This document lists the specific Linux kernels supported for each Linux Operating System and Architecture:

Trend Deep Security 20.0 Supported Linux Kernels

Browser Support

The Armor Management Portal (AMP) supports the current version of the following browsers:

  • Chrome

  • Firefox

  • Internet Explorer

  • Safari

Armor cannot guarantee that previous browser versions will be supported.

Firewall Rules

This topic only applies to Armor Agent for Servers (Armor Anywhere) users.

The following ports will need to be opened for each server registered with Armor.

Armor Agent Services

Traffic

Service

Port

Destination

Outbound

Armor Agent

  • 443/tcp

  • 99.83.175.90

  • 75.2.84.73

    • (agent.api.secure-prod.services)

Outbound*

Malware Protection, FIM, IDS

  • 4119/tcp

  • 4120/tcp

  • 4122/tcp



  • 35.163.135.130

  • 34.214.246.111

  • 52.13.172.208

  • 35.82.104.59

  • 44.227.116.97

  • 35.161.90.161

  • 34.208.189.161

  • 35.81.21.82

  • 35.83.143.229

DNS resolves these URLs:

  • 3a.epsec.armor.com

  • us-west-armor-2.epsec.secure-prod.services

  • us-west-armor-3.epsec.secure-prod.services


Outbound

(for Rackspace users)

Malware Protection, FIM, IDS

  • 443/tcp

  • 4120/tcp

  • 4122/tcp

  • 44.233.170.94

  • 100.20.145.224

  • 34.215.243.248

  • 35.160.62.230

  • 50.112.175.199

  • 35.80.148.233

  • 35.165.165.69

  • 34.218.94.149

  • 35.80.128.250

  • 34.211.37.216

  • 35.81.123.91

  • 52.24.37.221

DNS resolves these URLs:

  • us-west.epsec.secure-prod.services

  • us-west-2.epsec.secure-prod.services

  • us-west-3.epsec.secure-prod.services

  • us-west-4.epsec.secure-prod.services

Outbound

Vulnerability Scanning

  • 443/tcp

  • 64.39.96.0/20

    • (qagpublic.qg3.apps.qualys.com)

Outbound

Log Management (Filebeat / Winlogbeat)

  • 5516/tcp

  • 52.38.171.243

  • 52.26.92.237

  • 35.155.168.100

    • (1d.log.armor.com)

*for Armor Direct or Armor Partner customers

For Log Relay, the following additional ports will need to be opened for each server registered with Armor.

Log Relay Services

Traffic

Service

Port

Destination

Inbound

Log Relay (Logstash)

  • 5140/udp

  • 5141/tcp

  • The IP address for your virtual machine

Outbound

Log Relay (Armor's logging service (ELK))

  • 5443/tcp

  • 5400-5600/tcp (Reserved)

    Armor reserves the right to utilize this port range for future expansion or service changes.


To verify connectivity to an Armor service endpoint, use the telnet command.

The following example tests connectivity to api.armor.com over 443/tcp:

CODE 
telnet 75.2.84.73 443

For Windows systems without the telnet feature installed, you can also use PowerShell:

CODE 
new-object System.Net.Sockets.TcpClient('75.2.84.73', 443)

Remove Anti-Virus Software

If you intend to use the Anti-Virus module, you must remove any previously installed anti-virus software, such as Trend Micro, SentinelOne, McAfee, etc.

Afterwards, you must reboot your system.

After you install the agent, Armor recommends that you test the connection for each configured firewall rule.

Related Documentation

Additional Documentation for Installing Armor Anywhere with Secure Hosting

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close