Getting Ready

This guide will walk you through setting up and troubleshooting the Cloudamize Agentless Data Collector. 

Minimum System Requirements

• 64-bit Windows Server 2012 R2 or higher

• Microsoft .NET Framework Version 4.0

• 4 Core CPU

• 5 GB RAM

• 2 GB Persistent Storage

• Powershell v5.1 (If SQL data is required)

Prior to Installation

• Setup a new Windows instance to host the agentless data collector

• When using multiple data collectors, ensure that each individual data collector’s scope of IP ranges is unique 

• Each data collector can, by default, assess up to a maximum of 500 instances (configurable)

• Exclude the data collectors IP address when adding hosts

Firewall requirements

Please note the following rules for each class of machine:

Machine with Cloudamize Agentless Data Collector installed

• TCP port 445 open inbound
• TCP ports 443 and a proxy server port if a proxy is being used (e.g., 8080,80) open outbound to our servers at the following addresses:
  • For assessments on app.cloudamize.com: 104.197.11.97 for US and 35.198.133.35 for EU
  • For assessments on console.cloudamize.com: am.cloudamize.com (US) or am-de.cloudamize.com (EU). 

    • If your system locally caches DNS resolution, you may need to resolve am.cloudamize.com to 35.171.170.26 or am-de.cloudamize.com to 18.194.12.63 to allow egress traffic.

 Each Windows endpoint 

• TCP ports 135 and the dynamic RPC port ranges open inbound, appropriate for your OS versions:

  • Windows Server 2008 and later: TCP ports 49152 to 65535 open inbound

  • Windows Server 2003 and earlier: TCP ports 1025 to 5000 open inbound

• TCP port 445 open outbound to the machine with the Agentless Data Collector installed

 Each Linux endpoint

• TCP port 22 open inbound

The table below lists the relevant ports for machine discovery and communication to the Cloudamize servers:

Ports relevant to the Cloudamize Agentless Data Collector

Note: ICMP/Ping is required to discover machines

Windows Agentless Data Collector GUI Installation

The latest version of the Cloudamize Agentless Data Collector can be downloaded from your assessment in the agent setup tab.

After downloading: Run the MSI file by double-clicking it and click "Next"

Accept the End-User License Agreement and click “Next”

Enter the customer key that was generated for the assessment. The customer key is available on the Cloudamize Agent Installation webpage. It is located by going to the Partner Dashboard here and navigating to Settings > Agent Setup > Access

To use a proxy server, enable "Use proxy" and type in HTTP proxy and port. If your proxy server needs user credentials, enable "Use proxy credential" and enter the Username and Password. Click "Next". Click Install to begin the Cloudamize Agentless Data Collector installation

Once the installation completes, click Finish to close the installer

Add and Configure Hosts

Continue on to our guide for next steps on how to Add and Configure Hosts with the Cloudamize Agentless Data Collector

Windows Troubleshooting

Account Credentials

This error occurs when a Domain name is not specified. The format for username is DomainName\Administrator

Cloudamize Agentless Data Collector is flagged by Antivirus 

Our agentless data collector may be flagged by anti-virus as the installation package includes obfuscated code to protect our Intellectual Property. When the Cloudamize agentless data collector is flagged by antivirus, re-installing on the same host is sometimes not possible due to remnants left behind during the uninstallation process. Cloudamize recommends a fresh installation of the agentless data collector on a different host that meets the prerequisites. 

In the event that hosts were added to the agentless data collector, the HostInfo.xml and HostInfoBackup.xml file should be backed up in a separate folder such as C:\Temp before uninstalling the Cloudamize agentless data collector. These files are located in: C:\Program Files\CloudamizeAgentlessDC or C:Program File (x86)\CloudamizeAgentlessDC depending on your architecture. Please note that these files can only be accessed by accounts that belong to the Administrators group.

Folder showing the location of HostInfo.xml and HostInfoBackup.xml on (x86) architecture

When the HostInfo.xml and HostInfoBackup.xml files are backed up the Cloudamize agentless data collector can be uninstalled. You can download the latest version of the data collector here:

Cloudamize Agentless Data Collector - Download

Once the download has completed, follow the instructions on screen to install the data collector. Once the installation has completed, copy the HostInfo.xml and HostInfoBackup files back into C:\Program Files\CloudamizeAgentlessDC\ or C:Program Files(x86)\CloudamizeAgentlessDC and restart the Cloudamize Watchdog and Cloudamize Agent services

Unable to resolve a node

1. The host [IP Address] is down
2. The account name and password are incorrect or the account does not have sufficient privileges
   • If the server is domain joined the domain controller itself may not be running
   • The Active Directory administrator group may not include the domain administrator group.
   • The user account provided may not be in the domain admin group or it may not be the local administrator account
3. A local account on the server in use and it is a member of the administrators group but not the administrator account itself. 

Entry Key to disable UAC:

• HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersio n\Policies\system\LocalAccountTokenFilterPolicy

Note: If the file path does not exist a new registry key will be required. Please note that this will require administrative privileges

Open Regedit, right click on the System folder and select “New” and “DWORD (32-bit)”

Change the name of the new registry entry to: LocalAccountTokenFilterPolicy

Right click on the registry entry and select “Modify”

 Change the value from 0 to 1 and select “OK”

5. WMI traffic is not enabled. Run the following command in an elevated command prompt:

• netsh advfirewall set rule group=“windows management instrumentation (wmi) new enable=yes

• 6, 7, 8, 9, 10. Windows Firewall issues. Refer to the Firewall requirements section Under Window Agentless Data Collector Setup.

Linux Troubleshooting

Creating a user

To create a new user:

• sudo useradd [username]

Update the user password:

• sudo passwd [username]

Root permissions

Navigate to the /etc directory:

• cd /etc

Open the Sudoers file by entering the following command in the /etc directory:

• sudo visudo

Navigate to root ALL=(ALL) ALL underneath the header User Privilege. Move the cursor to the end of the line and enter the letter “o”, this will create a new line. Enter the following text:

• [username] ALL=(ALL) ALL

Press the Esc key, type “:wq!” and press Enter

Redhat

Create a new user:

• sudo useradd [username]

Update the user password:

• sudo passwd [username]

Navigate to the /etc directory:

• cd /etc

Open the Sudoers file by entering the following command in the /etc directory: 

• sudo visudo

Navigate to %wheel ALL=(ALL) ALL in the sudoers file

Note: If there is a # symbol in front of %wheel ALL=(ALL) ALL then it must be removed before editing the configuration. Remove the #, press the Esc key, type “:wq!” and press Enter

Add the user to the wheel group 

• sudo usermod -aG wheel [username]

Verify that the [username] account has been added to the group.

Ubuntu

Create a new user:

• sudo useradd [username]

Update the user password:

• sudo passwd [username]

Add the user account to the sudo group: 

• sudo usermod -aG sudo Username

To verify the user account has been added to the sudo group:

• su - [username]

Enter the password for the account and type the following command:

• sudo whoami

If you are still experiencing issues please send log files of the affected node(s) to helpdesk@cloudamize.com. The log files are located in C:/Program Files/Cloudamize for Windows machines, /usr/local/cloudamize/logs/ for Linux