Installing a Windows Agent

Agent Deployment via MSI

The following document can be used to install Liongard's On-premises, Self-Hosted, and Endpoint Agents.

Please review our Agents Overview documentation before proceeding.

Minimum Agent Requirements

❗️

Windows Server OS Before 2012 R2

We currently do not support Windows Server older than 2012 R2 because the Liongard Agent has a dependency on a software package called NodeJS. The Agent needs a specific minimum version of that software package to work and Windows Server 2008 R2 and below do not support it.

To run the Windows Agent, the following system resources are required:

  • Operating System: Windows Server 2012 R2 or higher or Windows 10 or higher
  • Memory: 1 GB of usable RAM
  • Disk Space: 50 MB of free disk space
  • .NET Framework Version 4.6.2

To maximize system performance, we recommend the following system requirements:

  • Memory: 16 GB
  • Disk Space: 32 GB

For Virtual Machines, we recommend a minimum of 2 processors

Step 1: Record a Liongard Access Key ID and Secret

🚧

Access Tokens

Liongard Access Key Tokens and Secrets can be reused when installing Agents, or you can generate a new Access Key Token and Secret every time.

If you do decide to reuse the Access Key and Secret, it should be secured as you would any other sensitive password.

Our Access Tokens are used only to register an Agent. It is not something that the Agent stores, so if a token gets deleted, nothing will happen to Agents that were installed using that token.

  1. In Liongard, navigate to Your Name > Account Settings > Access Tokens
  • If you have an existing Access Token, you may use it to deploy the Agent.
  • If you need to generate a new token, select Generate New Token then select Agent Install Token.
  • Note: Users must be a member of the Global Admin, Global Environment Manager, or Global System Integrators groups to see the Agent Install Token option.
  1. Record a Liongard Access Key ID and Secret as you will need them in the next steps.
17951795

Step 2: Download the MSI

📘

Agent Type

Liongard will determine the Agent Type being installed based on the operating system of the Agent machine.

  1. Navigate to Admin > Agents > Hover over "Download Agent Installer" > Select Windows
  2. Copy the MSI link or download the MSI
19161916

Step 3: Run the MSI

  1. Open the MSI > Select Next
  2. Check "I accept the terms in the License Agreement" > Select Next
  3. Complete the following fields:
  • Your Liongard URL (e.g., "us1.app.liongard.com"): Enter the core of your Liongard URL. Do NOT include "https://"
  • Liongard Access Key ID and Secret: Enter the Access Key ID and Secret generated in Liongard from Step 1 above.
  1. Review the following field:
  • Agent Name: The Agent Name must be unique. Liongard will populate this field using the hostname of the device the Agent is being installed on.

🚧

Naming Your Agent

At the moment, the Agent name cannot accept =, <, >, (, ), {, }, [, ] characters. Please avoid using them in the Agent name.

If you choose to use a script to deploy Agents, include a unique identifier for the Agent name.

  1. If desired, complete the following fields:
  • Liongard Agent Description: This field is optional, but can be used to give the Agent a description inside of Liongard.
  • Liongard Environment: This field is optional, but if skipped the Environment must be assigned in Liongard on the Admin > Agents screen. For more information review our Agent Management documentation.
435435
  1. Select Next
  2. For Service Account Type, select SYSTEM

❗️

Service Account Type

Liongard recommends using the SYSTEM service account for Agent installation.

For partners who would like to use individual local or a standard domain user account in accordance with Least Privilege best practices, they should select the CUSTOM option which allows for the use of unique accounts. If doing so, please follow our Least Privileges for Windows-based On-Premises Agents and Inspectors documentation.

If performing remote inspections, please review the Windows/Active Directory Authentication section of our Permissions & Authentication documentation.

493493
  1. Select Next > Select Install > Select Finish

The Agent is now successfully installed. Return to Liongard and follow our Agent Management documentation for next steps:

Agent Auto-Discovery

In order for Liongard to perform auto-discovery and auto-activation processes, an Agent Type and Environment must be assigned. When you roll out an Agent, Liongard will determine the Agent Type based on the operating system of the Agent machine. This can be changed, if necessary, by following our Agent Management documentation.

After an Agent Type and Environment are assigned, auto-discovery functionality will complete as detailed below.

Auto-Discovery for On-Premises Agents

  1. An On-premises Agent will auto-discover a Windows Server Inspector for the local Windows server
  2. After the Windows Server Inspector is activated and runs, it will auto-discover an Active Directory Inspector
  3. Once the Active Directory Inspector is activated and runs successfully, the Active Directory Inspector will auto-discover Inspectors for any additional Windows servers within its domain
  4. Once activated and successfully run, the Windows Server Inspectors will auto-discover any Inspectors for Hyper-V and/or SQL Server
  5. After the first Windows Server Inspector runs, it will also auto-discover a Network Discovery Inspector
  6. After the Network Discovery Inspector is activated and runs, it will auto-discover Inspectors for several makes/models of network devices. See our Network Discovery Inspector documentation for more information.

For Endpoint Agents

An Endpoint Agent will auto-discover and auto-activate a Windows Workstation Inspector for the local Windows Workstation.

Additional Resources