- What is a Liongard Agent?
- Cloud Agents vs. On-Premise Agents
- Local vs. Remote Inspections
- Windows vs. Linux Agent
- Agent Service Permissions
- Rolling out On-Premise Agents
Traffic to your Network/Websites
Please note that by enabling inspections, you will see new traffic from Agent machines depending on the inspection type. In order to verify traffic you see in your network or against an external facing entity is coming from Liongard, check the IP of a specific Agent via the Admin > Agents screen on your Liongard dashboard.
More details about finding the IP address of a specific Agent in Liongard can be found here.
Liongard gathers information about your Environments and customer networks via Agents that are installed in the cloud and on customer networks.
Agents run Inspectors which are the individual queriers that gather information about various systems (the Active Directory Inspector, the SonicWall Inspector, and so forth).
Inspectors are run by Agents.
Liongard comes with a Managed Cloud Agent. This is baked into your Liongard instance, so its setup and maintenance are completely managed by us. This Agent is used to run inspections that don't require any privileged access to your customers' networks.
In Liongard, you also have the ability to deploy On-Premise Agents into your customers' network Environments. These Agents are installed on Windows servers "inside the firewall" (preferably on a Domain Controller) to perform inspections that do require access to servers and services that are not available from the public internet.
For each Environment you manage, only ONE On-premise Agent is required per network; thus, an Agent will be required per VLAN in order to communicate directly with the system it needs to inspect.
Typically, Agents are installed on the domain controller. From there, the Agent will automatically inspect the Windows Server and Active Directory. The Agent will also automatically deploy a Network Discovery Inspector. As you deploy additional Inspectors for on-premise systems, you will select this On-premise Agent to perform the inspections.
A Managed Cloud Agent is provided for you to run inspections from the cloud.
On-Premise Agents are installed by you to run inspections that require "inside the firewall" network access. For each Environment you manage, generally only ONE On-premise Agent is required per network.
Remember: Every Inspector is run by an Agent.
When you deploy an On-Premise Agent, it can run inspection jobs aimed at the machine that it's actually installed on (a "local inspection") or aimed at other servers/network devices on the same local network (a "remote inspection".)
This is good to understand for a couple of reasons:
- You don't need to install an Agent on every Windows server in your customer Environments. One (or in certain cases, a couple) of Agents running remote inspections against other servers and devices will do.
- Agents need appropriate permissions on the network to inspect target systems, sometimes via credentials put into the Liongard web application and sometimes via the user account executing the Liongard Agent service.
See the Permissions & Authentication page for a deeper dive into how permissions to complete inspections are handled.
Local inspections are when an Inspector is aimed at the server on which the Agent is installed. For example, an Agent installed on an Active Directory domain controller and running an Active Directory inspection against that domain is a "local inspection."
Remote inspections are when an Inspector is aimed at a server or device other than where the Agent is installed. In the Active Directory scenario above, if the Agent is installed on a member server in the domain and using the local network to inspect the domain controller, that's a "remote inspection".
There are two versions of the Liongard Agent, one that runs on Windows and the other that runs on Linux.
The Linux Agent is provided as one of the "Managed Cloud Agents" discussed above, and often facilitates API and CLI-based Inspectors. It typically is not deployed on-premise. Our documentation discussing the deployment and use of On-premise Agents focuses on the Windows Agent.
Liongard generally requires, at a minimum, a global "read-only" permission for our inspections. The simplest way to accomplish this is to add the user, used by the Liongard Agent, to the Domain Admins group.
If you wish to scope down the set of permissions for the Liongard Agent's user, we, at minimum, need to have Remote Management capabilities for all servers on the network. Additional information on Remote Management is available from Microsoft's Documentation.
If you would like more information, please visit our Agent Service Permissions Page.
You can deploy Windows On-Premise Agents via MSI Installer or via an RMM Script.
You can deploy a Linux On-Premise Agent via our Linux Agent installation process.
Updated about a month ago