AppGuard Enterprise Agent Installation Guide This report contains a guide to installing the AppGuard Enterprise agent. This also provides you with information about AppGuard and its functionality. 1|Page CONFIDENTIAL Contents Executive Summary .......................................................................................................................................................... 3 AppGuard Enterprise Agent Install ...................................................................................................................... 3 AppGuard Enterprise Agent Options .................................................................................................................6 About… ..................................................................................................................................................................................... 6 Help ............................................................................................................................................................................................ 6 View Log ................................................................................................................................................................................. 7 Send Log ................................................................................................................................................................................ 7 Log Severity .........................................................................................................................................................................8 View Policy............................................................................................................................................................................8 Refresh Policy.....................................................................................................................................................................8 View AppGuard Activity Monitor .......................................................................................................................8 Suspending AppGuard Protection .................................................................................................................. 9 Uninstalling the Agent ............................................................................................................................................... 9 Private & Confidential RESTRICTED USE WARNING The information contained in this report is strictly confidential and intended solely for the use of the recipient. Any other use and any communication, publication or reproduction of the report or any portion of its contents without the written consent of the authors is strictly forbidden. The recipient agrees to indemnify and hold harmless against any damages or claims resulting from such unauthorised use. AppGuard Enterprise Agent Installation Guide 2 CONFIDENTIAL Executive Summary AppGuard is completely different from traditional cybersecurity solutions. It’s not anti-virus, it doesn’t detect and respond, it simply PREVENTS all attacks at the kernel level and it prevents everything; zero day, memory scraping, code injection, weaponised documents, etc. We are pleased to be able to offer you the AppGuard Enterprise agent to be able to demonstrate how easy it really is to move your organisation from continually “Reacting” to security events to reach the goal of being “Proactive” and blocking malicious activity immediately. The additional intelligence that an organisation can get from AppGuard also shows the Indicators of Attack (IoA) which can be fused with your existing technology stack to enrich your situational awareness. AppGuard Enterprise Agent Install IMPORTANT Please ensure that you have allowed the following through your firewall Outbound: Ports: TCP 443 Destination IP (UK) 20.68.105.157 and 52.151.90.21 Destination IP (USA) 13.90.209.89 and 13.64.66.31 Step1: Save the Installer File You will receive your Installation Agent in the form of an executable installation package (.exe) or an Microsoft Installer (.msi), please save this file to your device. Step 2: Run the file To install the AppGuard Enterprise Agent please right click the installation file and select “Run as administrator”. AppGuard Enterprise Agent Installation Guide 3 CONFIDENTIAL You may get a User Account Control (UAC) window appear. If you do then please click Yes to continue. Step 3: Agent Install Wizard You will now get the Installation Wizard start which will take you through the rest of the setup. Please click Next when ready. Step 4: End User Licence You will now be presented with the AppGuard Enterprise End User Licence Agreement. Please read through and when happy select the “I accept the terms in the licence agreement” option and click Next. Step 5: Install Software You are now ready to install the AppGuard Enterprise Software. Please click Install to continue. AppGuard Enterprise Agent Installation Guide 4 CONFIDENTIAL Step 6: Install Complete Once the installation has finished you will get the Install Wizard Completed. To finish the installation and close the wizard please click Finish. AppGuard Enterprise Agent Installation Guide 5 CONFIDENTIAL AppGuard Enterprise Agent Options Once the installation is complete the AppGuard Agent icon will appear in your taskbar. To access the AppGuard Agent options please “Right Click” the icon. About… This will show you the information about the agent that you have installed. Help This provides access to the AppGuard Agent Help and Troubleshooting files. AppGuard Enterprise Agent Installation Guide 6 CONFIDENTIAL View Log This option under the ‘advanced operations’ tab will show you all the AppGuard log information that has been collected but not yet sent to the Managed Service Provider. This can be useful when identifying blocked applications or software. Send Log This will send the current collected logs straight to the managed service provider. This is located in the ‘advanced operations’ dropdown. AppGuard Enterprise Agent Installation Guide 7 CONFIDENTIAL Log Severity This option changes the logging level of the agent. This should be kept at Level 4 unless instructed to change as part of investigations. This is also located in the ‘advanced operations’ dropdown. View Policy This option allows you to view the raw policy file that is applied to the agent. This is also located in the ‘advanced operations’ dropdown. Refresh Policy This option allows you to manually refresh your policy. This will connect and download the latest policy version available. This is used if a policy change has been made and the normal time to refresh is required to be immediate. View AppGuard Activity Monitor This option will show you the status of the agent as well as the policy version and administration functions. AppGuard Enterprise Agent Installation Guide 8 CONFIDENTIAL Suspending AppGuard Protection If you require to disable or suspend protection to install software, then click the Suspend AppGuard Protection button. To activate administration mode then you can either enter the “Break Glass” password in the Pass Phrase box or you can enter your Windows Logon and Password (This option requires you to be a local administrator) Please ensure you tick the relevant box and then click Enable. AppGuard is now in Administration Mode and you can install software. The icon in your taskbar will have also changed. This mode will timeout after 15 minutes and revert to fully protected or you can click Disable. Uninstalling the Agent To uninstall an agent that is in the protected mode first click the Suspend AppGuard Protection button and then click Disable self-protection (TamperGuard) button. After this enter admin mode using one of the methods described above. The AppGuard agent can now be uninstalled using the windows Add or Remove Program in the control panel. AppGuard Enterprise Agent Installation Guide 9
