Getting Ready

This guide will walk you through setting up and troubleshooting the Cloudamize Agentless Data Collector. 


Minimum System Requirements

The Cloudamize Agentless Data Collector will need to be installed on a physical or virtual Windows machine meeting the following minimum requirements (based on monitoring 500 machines - please consider scaling if the Agentless Data Collector has its node limit increased):

  • 64-bit Windows Server 2012 or higher

  • .NET framework version 4.0

  • 4 CPU cores

  • 8 GB RAM

  • 5 GB persistent storage

  • Powershell v5.1 (If SQL data is required)

  

Prior to Installation

  • Setup a new Windows instance to host the agentless data collector

  • When using multiple data collectors, ensure that each individual data collector’s scope of IP ranges is unique 

  • Each data collector can, by default, assess up to a maximum of 500 instances (configurable)

  • Exclude the data collectors IP address when adding hosts


Firewall requirements


Please note the following rules for each class of machine:

Machine with Cloudamize Agentless Data Collector installed

  • TCP port 445 open inbound
  • TCP ports 443 and a proxy server port if a proxy is being used (e.g., 8080,80) open outbound to our servers at the following addresses:
    • For assessments on app.cloudamize.com: 104.197.11.97 for US and 35.198.133.35 for EU
    • For assessments on console.cloudamize.com: am.cloudamize.com (US) or am-de.cloudamize.com (EU). 

 Each Windows endpoint 

  • TCP ports 135 and the dynamic RPC port ranges open inbound, appropriate for your OS versions:
    • Windows Server 2008 and later: TCP ports 49152 to 65535 open inbound

    • Windows Server 2003 and earlier: TCP ports 1025 to 5000 open inbound

  • TCP port 445 open outbound to the machine with the Agentless Data Collector installed

 Each Linux endpoint

  • TCP port 22 open inbound

The table below lists the relevant ports for machine discovery and communication to the Cloudamize servers:

 

Protocol

Port

Usage

TCP

22

SSH to access Linux servers

TCP

135

Windows RPC

TCP

445

Microsoft-DS Active Directory and SMB, Windows shares

TCP

1025-5000

RPC dynamic port range for Windows Server 2003 and earlier

TCP

49152-65535

RPC dynamic port range for Windows Server 2008 and later

TCP

443

SSL to communicate with the Cloudamize servers

Ports relevant to the Cloudamize Agentless Data Collector

Note: ICMP/Ping is required to discover machines


 

Windows Agentless Data Collector GUI Installation

The latest version of the Cloudamize Agentless Data Collector can be downloaded from your assessment in the agent setup tab.


After downloading: Run the MSI file by double-clicking it and click "Next"


Accept the End-User License Agreement and click “Next”


Enter the customer key that was generated for the assessment. The customer key is available on the Cloudamize Agent Installation webpage. It is located by going to the Partner Dashboard here and navigating to Settings > Agent Setup > Access


To use a proxy server, enable "Use proxy" and type in HTTP proxy and port. If your proxy server needs user credentials, enable "Use proxy credential" and enter the Username and Password. Click "Next". Click Install to begin the Cloudamize Agentless Data Collector installation


Once the installation completes, click Finish to close the installer


Add and Configure Hosts

Continue on to our guide for next steps on how to Add and Configure Hosts with the Cloudamize Agentless Data Collector


Windows Troubleshooting

Account Credentials

This error occurs when a Domain name is not specified. The format for username is DomainName\Administrator


Cloudamize Agentless Data Collector is flagged by Antivirus 

Our agentless data collector may be flagged by anti-virus as the installation package includes obfuscated code to protect our Intellectual Property. When the Cloudamize agentless data collector is flagged by antivirus, re-installing on the same host is sometimes not possible due to remnants left behind during the uninstallation process. Cloudamize recommends a fresh installation of the agentless data collector on a different host that meets the prerequisites. 

In the event that hosts were added to the agentless data collector, the HostInfo.xml and HostInfoBackup.xml file should be backed up in a separate folder such as C:\Temp before uninstalling the Cloudamize agentless data collector. These files are located in: C:\Program Files\CloudamizeAgentlessDC or C:Program File (x86)\CloudamizeAgentlessDC depending on your architecture. Please note that these files can only be accessed by accounts that belong to the Administrators group.


Folder showing the location of HostInfo.xml and HostInfoBackup.xml on (x86) architecture

When the HostInfo.xml and HostInfoBackup.xml files are backed up the Cloudamize agentless data collector can be uninstalled. You can download the latest version of the data collector here:

Cloudamize Agentless Data Collector - Download

Once the download has completed, follow the instructions on screen to install the data collector. Once the installation has completed, copy the HostInfo.xml and HostInfoBackup files back into C:\Program Files\CloudamizeAgentlessDC\ or C:Program Files(x86)\CloudamizeAgentlessDC and restart the Cloudamize Watchdog and Cloudamize Agent services

Unable to resolve a node

  1. The host [IP Address] is down
  2. The account name and password are incorrect or the account does not have sufficient privileges
    • If the server is domain joined the domain controller itself may not be running
    • The Active Directory administrator group may not include the domain administrator group.
    • The user account provided may not be in the domain admin group or it may not be the local administrator account
  3. A local account on the server in use and it is a member of the administrators group but not the administrator account itself. 


Entry Key to disable UAC:

  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersio n\Policies\system\LocalAccountTokenFilterPolicy

Note: If the file path does not exist a new registry key will be required. Please note that this will require administrative privileges


Open Regedit, right click on the System folder and select “New” and “DWORD (32-bit)”

Change the name of the new registry entry to: LocalAccountTokenFilterPolicy

Right click on the registry entry and select “Modify”

 Change the value from 0 to 1 and select “OK”


5. WMI traffic is not enabled. Run the following command in an elevated command prompt:

  • netsh advfirewall set rule group=“windows management instrumentation (wmi) new enable=yes

  • 6, 7, 8, 9, 10. Windows Firewall issues. Refer to the Firewall requirements section Under Window Agentless Data Collector Setup.

Linux Troubleshooting

Creating a user

To create a new user:

  • sudo useradd [username]

Update the user password:

  • sudo passwd [username]

Root permissions

Navigate to the /etc directory:

  • cd /etc

Open the Sudoers file by entering the following command in the /etc directory:

  • sudo visudo

Navigate to root ALL=(ALL) ALL underneath the header User Privilege. Move the cursor to the end of the line and enter the letter “o”, this will create a new line. Enter the following text:

  • [username] ALL=(ALL) ALL

Press the Esc key, type “:wq!” and press Enter


Redhat

Create a new user:

  • sudo useradd [username]

Update the user password:

  • sudo passwd [username]

Navigate to the /etc directory:

  • cd /etc

Open the Sudoers file by entering the following command in the /etc directory: 

  • sudo visudo

Navigate to %wheel ALL=(ALL) ALL in the sudoers file

Note: If there is a # symbol in front of %wheel ALL=(ALL) ALL then it must be removed before editing the configuration. Remove the #, press the Esc key, type “:wq!” and press Enter


Add the user to the wheel group 

  • sudo usermod -aG wheel [username]

Verify that the [username] account has been added to the group.


Ubuntu

Create a new user:

  • sudo useradd [username]

Update the user password:

  • sudo passwd [username]

Add the user account to the sudo group: 

  • sudo usermod -aG sudo Username

To verify the user account has been added to the sudo group:

  • su - [username]

Enter the password for the account and type the following command:

  • sudo whoami


If you are still experiencing issues please send log files of the affected node(s) to helpdesk@cloudamize.com. The log files are located in C:/Program Files/Cloudamize for Windows machines, /usr/local/cloudamize/logs/ for Linux