Armor Anywhere - Security
Defend
Data Anywhere
ARMOR AGENT OVERVIEW
Protect valuable workloads
and cloud environments — no
matter where they’re located.
Defend Your Cloud Workloads
Security Operations
Organizations want the benefits of the cloud but are required
to piece together an effective security program to protect cloud
data and stop malicious actors before they enter your Virtual
Machine and become a true compromise. Armor Anywhere
- Security allows you to secure your data without additional
headcount or overburdening your team.
Security results from the Armor Agent provide valuable
data to Armor’s Security Operations Center, where our
experts manage and secure your systems and workloads
– monitoring both inbound and outbound traffic at the host
– and identify malicious threats in real-time to enable quick
response and containment before larger issues occur.
Obtain the benefits of Armor’s powerful cloud expertise,
proactive security team and advanced threat intelligence
without the complexity of hiring a security operations task force.
Our Security Operations Center and the processes they
use are organized to ensure the highest level of security to
our customers. The Threat Resistance Unit (TRU) collects,
enriches and disseminates threat intelligence, to ensure
that our experts stay ahead of threats that could impact
customer environments.
The Armor Agent
Armor Anywhere - Security operates through the Armor
Agent installed on your server. The Armor Agent applies a
suite of security services to public, on-premise, private and
hybrid workloads.
The Armor Agent also establishes a connection to the Armor
Management Portal (AMP), allowing visibility of all instances of
the Armor Agent you have installed on any cloud.
Our Indications and Warnings (I&W) team monitors customer
environments for anomalies around the clock. The incident
Response and Forensics (IRF) team focuses on mitigating
and responding to potential points of compromise. Each of
the teams in our Security Operations Center work together
to constantly improve processes and fine-tune our tools –
staying ahead of threats.
Secure
Any Cloud
Real-Time Security
Dashboard via AMP
Automated
Installation
Supports MultiCloud Strategies
armor.com (US)+1 844 682 2858 (UK)+44 800 500 3167
@armor
Armor Anywhere - Security
ARMOR AGENT OVERVIEW
How It Works
Security Services
Once the quick and easy installation is complete,
the Armor Agent registers with Armor’s API
service endpoints via open outbound network
ports or port-forwarding services. All data in
transit is encrypted using TLS 1.2.
Intrusion Detection
With visibility to inbound and outbound activity at the host, Armor inspects
anomalous traffic against predefined policies – detecting attacks like generic
SQL injections, generic XSS attacks, DoS and generic web app effects.
Malware
Protection
Armor protects your environment from harmful malware and botnets deployed
to capture your data, monitor your activity or leverage your servers for illicit
activity. In the event an alert is created, Armor’s threat analysts begin an
in-depth investigation.
With a secure connection established, the security
scan results and activity logs are sent to the
Armor Management Portal (AMP). The security
results and logs also feed into Armor’s Security
Operations Center (SOC) and data is translated
into security policies applied to your environment.
OS File
Integrity Monitoring
Monitor critical operating system (OS) files for changes that may allow threat
actors to control your environment. File integrity monitoring (FIM) utilizes
OS-specific policies and provides Armor log visibility to assist in reviewing
security events.
This crowd-sourced intelligence loop, combined
with multiple channels of threat intelligence,
blends to enhance the overall security protecting
you from the latest threats.
Log & Event
Management
Document, analyze and report all activity via Armor’s proactive log
management controls. Armor captures log events from specific OS locations to
determine validity and severity.
Patch
Monitoring
Consistent patch monitoring is a cornerstone of maintaining a strong security
posture. An outdated OS can lead to compromise. Armor provides you visibility
to your environment running the Armor Agent so you can ensure your OS is
consistently up to date.
Vulnerability Scans
Armor scans for potential points of risk to help reduce the surface area of
attack. Weekly scheduled scans provide you a visible audit report to identify the
vulnerabilities that attackers could use to penetrate your network so you can
develop your remediation plan.
armor.com (US)+1 844 682 2858 (UK)+44 800 500 3167
@armor
Armor Anywhere - Security
ARMOR AGENT OVERVIEW
Armor Management Portal
AMP is your window into all of your instances where the Armor Agent is installed. AMP allows you to monitor and manage
your security posture through a single pane of glass.
Real-Time Updates
Armor Management Portal (AMP) Features
Easily Secure
Additional Instances
Add the Armor CORE Agent to other instances quickly and easily.
Malware Protection
Service Health
View state of malware service engine and review previously
detected malware items.
OS Patching
Updates
View number of OS-level patches and whether a reboot is required.
OS FIM
Service Status View current state of FIM service, and review previous FIM scan results.
Log & Event
Management
View up to 90 days of log events, or, select an option to access
13 months for regulatory requirements.
ARMOR AGENT
ARMOR MANAGEMENT PORTAL
The Armor Agent reports to the Armor
Management Portal for the latest updates.
Simple Account
Support
AMP is your primary method to contact the Armor support team.
Vulnerability
Scanning
View Vulnerability Scanning scan results to identify risks and determine
appropriate next steps to reduce your threat vectors.
armor.com (US)+1 844 682 2858 (UK)+44 800 500 3167
@armor
Armor Anywhere - Security
ARMOR AGENT OVERVIEW
Supported Operating Systems
• RHEL 6 & 7
• CENTOS 6 & 7
• UBUNTU 12.04, 14.04 & 16.04
• Amazon Linux 2015.09, 2015.03, 2016.03, & 2016.09
• Windows 2008, 2008 R2, 2012, 2012 R2, & 2016
Minimum System Requirements
Onboarding & Installation
Remote Access
When you are ready for installation, Armor’s onboarding
team will walk you through an introduction to AMP
and provide step-by-step guidance on installing the
Armor Agent on your server. After installation, Armor’s
onboarding team will review AMP with the instances
populated and connect you with support, should you
need further assistance
To provide the highest level of support in the event of
a security incident, Armor may require remote access
to your environment. The customer retains all rights
and access to their own environments, giving them
the ability to disable services, connectivity or user
accounts for any portion of our stack. However, doing
so prevents Armor from delivering the remediation
portion of our services and from offering timely support to real security matters.
Additionally, installs and updates of any of the software
packages may have an impact on system resources
during the installation process. Please consider any
existing access controls, maintenance plans or critical
applications prior to implementation.
Windows:
• 2GB RAM,
• 2 CPU minimum,
• 3GB of free disk space minimum
Linux:
• 1GB RAM,
• 1 CPU minimum,
• 3GB of free disk space minimum
Network & Firewall Requirements
Specific network connectivity is required on an ongoing
basis to provide Armor services. All connectivity required
for Armor Security is outbound unless stated otherwise.
These requirements will be made available to you within
an onboarding ticket or and are accessible via the Armor
Knowledge Base.
armor.com (US)+1 844 682 2858 (UK)+44 800 500 3167
@armor